urlscan.io logo urlscan.io
SecurityTrails logo

cloudme02.infosalons.biz Open in urlscan Pro
52.28.28.73  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
Effective URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Submission: On October 26 via manual from SA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 15 domains to perform 44 HTTP transactions. The main IP is 52.28.28.73, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cloudme02.infosalons.biz.
TLS certificate: Issued by R3 on September 30th 2021. Valid for: 3 months.
This is the only time cloudme02.infosalons.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 204.13.202.92 3561 (CENTURYLI...)
1 172.217.16.138 15169 (GOOGLE)
1 1 67.199.248.10 396982 (GOOGLE-PR...)
1 1 104.26.4.9 13335 (CLOUDFLAR...)
1 52.28.28.73 16509 (AMAZON-02)
20 143.204.98.3 ()
1 18.202.182.154 ()
3 142.250.186.168 ()
2 185.60.216.19 ()
1 142.250.186.46 ()
1 142.250.74.194 ()
1 2.16.186.26 ()
44 11
5    204.13.202.92 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: aip-92.trustwave.com
scanmail.trustwave.com
1    172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net
ajax.googleapis.com
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    104.26.4.9 (United States)

ASN13335 (CLOUDFLARENET, US)
www.gulfoodmanufacturing.com
1    52.28.28.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-28-73.eu-central-1.compute.amazonaws.com
cloudme02.infosalons.biz
20    143.204.98.3 (None, )

ASN- ()
static.infosalons.ae
1    18.202.182.154 (None, )

ASN- ()
app.webreg.me
3    142.250.186.168 (None, )

ASN- ()
www.googletagmanager.com
2    185.60.216.19 (None, )

ASN- ()
connect.facebook.net
1    142.250.186.46 (None, )

ASN- ()
www.google-analytics.com
1    142.250.74.194 (None, )

ASN- ()
www.googleadservices.com
1    2.16.186.26 (None, )

ASN- ()
snap.licdn.com
Domain Requested by
20 static.infosalons.ae cloudme02.infosalons.biz
5 scanmail.trustwave.com scanmail.trustwave.com
ajax.googleapis.com
3 www.googletagmanager.com cloudme02.infosalons.biz
www.googletagmanager.com
2 connect.facebook.net scanmail.trustwave.com
connect.facebook.net
1 snap.licdn.com scanmail.trustwave.com
1 www.googleadservices.com www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 app.webreg.me cloudme02.infosalons.biz
1 cloudme02.infosalons.biz scanmail.trustwave.com
1 www.gulfoodmanufacturing.com 1 redirects
1 bit.ly 1 redirects
1 ajax.googleapis.com scanmail.trustwave.com
0 d2gu4aerpfiddr.cloudfront.net Failed app.webreg.me
0 googleads.g.doubleclick.net Failed www.googleadservices.com
0 p.teads.tv Failed www.googletagmanager.com
44 15

This site contains no links.

Subject Issuer Validity Valid
scanmail.trustwave.com
Trustwave Organization Validation SHA256 CA, Level 1		 2021-10-05 -
2022-10-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
cloudme02.infosalons.biz
R3		 2021-09-30 -
2021-12-29		 3 months crt.sh
*.infosalons.ae
Amazon		 2021-09-29 -
2022-10-27		 a year crt.sh
*.webreg.me
Amazon		 2021-01-14 -
2022-02-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Frame ID: C333BC683CFD5770A6966F87570F31FF
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2e... Page URL
  2. https://bit.ly/2XfEL57 HTTP 301
    https://www.gulfoodmanufacturing.com/register?utm_source=Social&utm_medium=Post&utm_campaign=gfm21&utm_content=al... HTTP 302
    https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM Page URL

Page Statistics

44
Requests

82 %
HTTPS

0 %
IPv6

15
Domains

15
Subdomains

11
IPs

2
Countries

1650 kB
Transfer

2309 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57 Page URL
  2. https://bit.ly/2XfEL57 HTTP 301
    https://www.gulfoodmanufacturing.com/register?utm_source=Social&utm_medium=Post&utm_campaign=gfm21&utm_content=allsociaposts HTTP 302
    https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
scanmail.trustwave.com/ 		16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.13.202.92 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
aip-92.trustwave.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
21266d27f4e223b05e97cae044d98ef5af2ec58719f82c5dfbec0ee79c6cd130

Request headers

:method
GET
:authority
scanmail.trustwave.com
:scheme
https
:path
/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
pragma
no-cache
content-type
text/html; charset=utf-8
expires
-1
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=iw2aykckqbxuqnaavbmx5uuw; path=/; HttpOnly; SameSite=Lax
x-aspnetmvc-version
5.2
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Tue, 26 Oct 2021 11:27:29 GMT
content-length
15902
bootstrap.min.css
scanmail.trustwave.com/Content/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scanmail.trustwave.com/Content/bootstrap.min.css
Requested by
Host: scanmail.trustwave.com
URL: https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.13.202.92 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
aip-92.trustwave.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
19ab1d3cb975864cd242379956c8b80be894a234abe57ff2d301868a94ca5d78

Request headers

:path
/Content/bootstrap.min.css
pragma
no-cache
cookie
ASP.NET_SessionId=iw2aykckqbxuqnaavbmx5uuw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
scanmail.trustwave.com
referer
https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 11:27:30 GMT
content-encoding
gzip
last-modified
Fri, 23 Jul 2021 04:33:51 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8061b4ef7b7fd71:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
6731
bootstrap-theme.css
scanmail.trustwave.com/Content/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://scanmail.trustwave.com/Content/bootstrap-theme.css
Requested by
Host: scanmail.trustwave.com
URL: https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.13.202.92 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
aip-92.trustwave.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3af77f2fe575858e48c6307ca090a67df93171eb49d229dc1d8a228107df5fff

Request headers

:path
/Content/bootstrap-theme.css
pragma
no-cache
cookie
ASP.NET_SessionId=iw2aykckqbxuqnaavbmx5uuw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
scanmail.trustwave.com
referer
https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 11:27:30 GMT
last-modified
Fri, 23 Jul 2021 04:33:51 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"38e429f07b7fd71:0"
content-type
text/css
accept-ranges
bytes
content-length
1721
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: scanmail.trustwave.com
URL: https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://scanmail.trustwave.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 10:06:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Tue, 25 Oct 2022 10:06:12 GMT
loading.gif
scanmail.trustwave.com/Content/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scanmail.trustwave.com/Content/images/loading.gif
Requested by
Host: scanmail.trustwave.com
URL: https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.13.202.92 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
aip-92.trustwave.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
63db0fc1fe425969ee071e2e86822dcd20b2d04a3df48620ea72d1afb5b0a505

Request headers

:path
/Content/images/loading.gif
pragma
no-cache
cookie
ASP.NET_SessionId=iw2aykckqbxuqnaavbmx5uuw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
scanmail.trustwave.com
referer
https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 11:27:30 GMT
last-modified
Fri, 23 Jul 2021 04:33:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"f5ce54f07b7fd71:0"
content-type
image/gif
accept-ranges
bytes
content-length
10176
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7634d9bfb7c73fc3e4acce0de9bc134d20311d1dd6687237c90fd9b772ede8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
Validate
scanmail.trustwave.com/ 		249 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scanmail.trustwave.com/Validate
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.13.202.92 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
aip-92.trustwave.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
79bfaaf0486b2a7becefa7bc9fda46462a85681b2cd5cf534ff0952c8cd5e04d

Request headers

sec-fetch-mode
cors
origin
https://scanmail.trustwave.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
ASP.NET_SessionId=iw2aykckqbxuqnaavbmx5uuw
content-length
106
:path
/Validate
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
scanmail.trustwave.com
referer
https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 26 Oct 2021 11:27:32 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
cache-control
private
content-length
249
Primary Request Cookie set Demographics
cloudme02.infosalons.biz/reg/GFM21DU/Registration/
Redirect Chain
  • https://bit.ly/2XfEL57
  • https://www.gulfoodmanufacturing.com/register?utm_source=Social&utm_medium=Post&utm_campaign=gfm21&utm_content=allsociaposts
  • https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
100 KB
101 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Requested by
Host: scanmail.trustwave.com
URL: https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.28.28.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-28-73.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
191833cc934b5e7ea83e808689098782ec3b8eb7ea7174a0cc92beb77dba6886
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Host
cloudme02.infosalons.biz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Pragma
no-cache
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Expires
-1
Server
Microsoft-IIS/8.5
Set-Cookie
.AspNetCore.Mvc.CookieTempDataProvider=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/reg/GFM21DU; samesite=lax; httponly .AspNetCore.Session=CfDJ8K61N7RwL%2B9Pg%2BRortwIqOkCnT0cyJJ6n1%2FxsVwaGf0lXcPVG1S5PdE%2FDkHMfh3ImRlgfJWWk%2BByc4crk4S6MwzI5s9GD7Du8bulQZChXaf5CHnbTVNh%2F6Z2VNpRFtHN62bjOlkHZJY8Esk6Vak1Zl%2Ftq8OjBLou8WFa26cmnjwl; path=/; secure; samesite=lax; httponly
X-Powered-By
ASP.NET
strict-transport-security
max-age=31536000; includeSubdomains
Date
Tue, 26 Oct 2021 11:27:25 GMT

Redirect headers

date
Tue, 26 Oct 2021 11:27:34 GMT
content-type
text/html; charset=utf-8
cache-control
private
location
https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
set-cookie
ASP.NET_SessionId=xcgq30ilz3243wovncawe3zg; path=/; HttpOnly; SameSite=Lax
strict-transport-security
max-age=31536000
content-security-policy
'self' https://ajax.googleapis.com
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
same-origin
x-permitted-cross-domain-policies
none
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtmKBOug8vRyxx5gP5tXzN1qSjL8qr8Koyt5oWlqMw2sPEHM2wA4s6ABNWR%2F%2FPhXh4V88XjyIFAXnD9lfHk5g9A4sYguKi6rTI3QNDQxWoK4vqC9VF1Xk5Jk3JfJ7We%2Fvya5yu%2FT%2BYWXdF70VrE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a43560e9c7e2778-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
app.css
static.infosalons.ae/GFM21DU/css/ 		167 KB
167 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.infosalons.ae/GFM21DU/css/app.css
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34909522794d7b8ffee96e6df727a53c6f4715e57c303704b3ea1e7511ae101f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:31 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:47 GMT
server
AmazonS3
age
1984
etag
"cbf90b0575cf6d7094d7843ca76bec6a"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
170842
x-amz-cf-id
x-K2dwbXF3N3sREMW6amxiTOJbdWpAQSj3Gq396cWkk6LdNwmrRXfA==
intlTelInput.min.css
static.infosalons.ae/GFM21DU/js/vendors/tel-input-v17.0.12/css/ 		19 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.infosalons.ae/GFM21DU/js/vendors/tel-input-v17.0.12/css/intlTelInput.min.css
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c36e1735ec471e1d213fe0b7acb4880c573f8b5d2ebcfcd8e998705146b78b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:31 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:48 GMT
server
AmazonS3
age
1984
etag
"f9a6752ff0378844b5d8067a0bc3e509"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
19169
x-amz-cf-id
BD1n5ZzYezpurqJ3SyoUD5zOfSJX3AdhBckOHt9YBiby5EFRZcrCoA==
formValidation.min.css
static.infosalons.ae/GFM21DU/js/vendors/form-validation/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.infosalons.ae/GFM21DU/js/vendors/form-validation/formValidation.min.css
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47094e420aef0d41656fb731edf58a384604de3a01c6d567f19f696ec8ae7c5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:31 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:48 GMT
server
AmazonS3
age
1984
etag
"a4bd6562016f8104983f0dc7cc7dc39a"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1916
x-amz-cf-id
KEePbCG-wIi1LeaqsJQNVVkziT7n8FJM9Zc_2vx3og9olc2WzqCZFQ==
select2.css
static.infosalons.ae/GFM21DU/js/vendors/select2/ 		18 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.infosalons.ae/GFM21DU/js/vendors/select2/select2.css
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
444bfc4fbb5fe0dbde27a2c126ff09883e3d0282a750a72af0e05421af8324c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:31 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:48 GMT
server
AmazonS3
age
1984
etag
"3dbcd7348e6344779e32019a8db2a87c"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
18922
x-amz-cf-id
osrDOkQrMADO4qw8sHCxJx2Afdj5gQ4GQA-XIQqR2L0Y8ZCvJ3VXDg==
GFMBanner.jpg
static.infosalons.ae/GFM21DU/images/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.infosalons.ae/GFM21DU/images/GFMBanner.jpg
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1cbc83d730a9526ee3e41aa4016ede7fae0e520718aaf4423e8fcdab2f99a55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:47 GMT
server
AmazonS3
age
1983
etag
"326c68696e3ee4945f292984313f1ea5"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
148800
x-amz-cf-id
_n4RFV3JaMYNWHkwJHH4U6mV6OsAszkeUmPDEwcz31SHXc-wwGGOaQ==
social_links_form.js
app.webreg.me/communities/c27543efed53/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.webreg.me/communities/c27543efed53/social_links_form.js
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.182.154 -, , ASN (),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 11:27:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.10.3 (Ubuntu)
X-Frame-Options
SAMEORIGIN
P3P
CP="We are working on this, in the mean time you can find our policy here https://app.webreg.me/privacy_policy"
X-Request-Id
38b512d1-9c9f-4bec-b507-863798819d44
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
2618
X-XSS-Protection
1; mode=block
X-Runtime
0.042142
Expires
Fri, 01 Jan 1990 00:00:00 GMT
GFM.jpg
static.infosalons.ae/GFM21DU/images/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.infosalons.ae/GFM21DU/images/GFM.jpg
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
faebd618814dcffa9c3e99ca6b1537c9c6dcfda4f12656db20330971ebafa3d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:47 GMT
server
AmazonS3
age
1983
etag
"b9ddeaad11330ef0830530166e51e4a9"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
116846
x-amz-cf-id
SIxXByTn0HPEIJY0xtPDlGiIh26uLjjAzAsL37IEs60_ecQejfDqXw==
burns.jpg
static.infosalons.ae/GFM21DU/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.infosalons.ae/GFM21DU/images/burns.jpg
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
055ab1c48194e5fd3c73f22eaceee1bf99cab547de50b89045438799690dbe33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:47 GMT
server
AmazonS3
age
1983
etag
"0dafc45289b666ec4dd06208abf7a3c4"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
23335
x-amz-cf-id
DalXpt1COpXvu-sUDE7JQ1ByqHBTw-FU2R5W55-M_weeXJUtiFBppA==
BadgePrevHeader.jpg
static.infosalons.ae/GFM21DU/images/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.infosalons.ae/GFM21DU/images/BadgePrevHeader.jpg
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
956945e835733dc0b6ff9df2657de50a96d9705c8c5266a4dd23ef93f3b3c4df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:47 GMT
server
AmazonS3
age
1983
etag
"c9d30acc6f6f9bd251b3ff25155e05c3"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
34297
x-amz-cf-id
cM09uiMuTMpvVxFtM5eM0DUahqQyNao6KKFSl4qGcS2-jklibejl0Q==
BadgePrevFooter.jpg
static.infosalons.ae/GFM21DU/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.infosalons.ae/GFM21DU/images/BadgePrevFooter.jpg
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a700cf1d8f966c842d2f7cfa5d6e503def2827f9bcc50babdf47d031b23217ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:47 GMT
server
AmazonS3
age
1983
etag
"5cb5c7d650c16b24ba0abfb84c7a4e4a"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
24054
x-amz-cf-id
RnrEE6Q7KkaWj3h9iE70iHbaxSoQeCHY5sy3oFHGQHWopT2IQkBF4w==
polyfill.min.js
static.infosalons.ae/GFM21DU/js/vendors/ 		28 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infosalons.ae/GFM21DU/js/vendors/polyfill.min.js
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f07a5cc71380911831fd7b8108dd9b0d03347803572cfd9b719a4bd01b410dbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:48 GMT
server
AmazonS3
age
1983
etag
"db8012fbe266725d632ab01dd7272d03"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
29063
x-amz-cf-id
HMNbsbjh9kNiaE6sUHouocySZr-0Ys42HSGpEQjo_SGl1ed4lSR8uQ==
jquery.min.js
static.infosalons.ae/GFM21DU/js/vendors/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infosalons.ae/GFM21DU/js/vendors/jquery.min.js
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:48 GMT
server
AmazonS3
age
1983
etag
"f03e5a3bf534f4a738bc350631fd05bd"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
95992
x-amz-cf-id
rOWXP5C679JKCeyvcktwSUzvvVEd7ur6T6xvQXr3QZ8xSJAe7bjB_A==
bootstrap.min.js
static.infosalons.ae/GFM21DU/js/vendors/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infosalons.ae/GFM21DU/js/vendors/bootstrap.min.js
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:48 GMT
server
AmazonS3
age
1983
etag
"5869c96cc8f19086aee625d670d741f9"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
37045
x-amz-cf-id
Qo04B7rvD5N0H501Um8OU2HYBk7nCmhz2y1BBwZBCLDug8FqAe_I-A==
formValidation.min.js
static.infosalons.ae/GFM21DU/js/vendors/form-validation/ 		74 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infosalons.ae/GFM21DU/js/vendors/form-validation/formValidation.min.js
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24872b6f4d95efb2133b4673e5535c672a0957995077c3c90ad3dbc4d51b934f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:48 GMT
server
AmazonS3
age
1983
etag
"a9f8f55bd0c17edf54a47fa4be59241d"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
75561
x-amz-cf-id
3vonJtQ8UqSe738gRZO5ShGJCctXs041YAOioWIl_Ob6qsXUUYgjpw==
Bootstrap3.min.js
static.infosalons.ae/GFM21DU/js/vendors/form-validation/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infosalons.ae/GFM21DU/js/vendors/form-validation/Bootstrap3.min.js
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7a3ba3861a88f9cff01a6f76678f61e87cf314f35c6121072e46b3c8954a4c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:48 GMT
server
AmazonS3
age
1983
etag
"bdc791aecf2dd3bd9c9cf437ca1c82fd"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2190
x-amz-cf-id
HQ5VzP3QTbjYm36tFX1d4vZcObJh11fuuYcwgeayW-JODxO1YQYWcw==
countries.js
static.infosalons.ae/GFM21DU/js/app/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infosalons.ae/GFM21DU/js/app/countries.js
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb9b20758ca8ca432b8f30a9899850337955638798c106c4e97f821862f61320

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:48 GMT
server
AmazonS3
age
1983
etag
"006cc12aadd75867c49a82c0f25af729"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
8494
x-amz-cf-id
lmRRX-4CCfOYuBs0UFYeVAz3UIhW-cXvE1xLV_fjQSgdR3LARHZmEw==
account.js
static.infosalons.ae/GFM21DU/js/app/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infosalons.ae/GFM21DU/js/app/account.js
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
808244d4197473d3c1be0cb0d01532cf5edbf7b5c8bc2deaaad4dc229b3216b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:48 GMT
server
AmazonS3
age
1983
etag
"a7cef46d466fd60cccde7ed71160ff1c"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
4870
x-amz-cf-id
DFEQUEhQA3rLi9w0H8RBaeZ6eaDpzEmyrApKqCWaUUkzwfAE9ePuWw==
intlTelInput-jquery.min.js
static.infosalons.ae/GFM21DU/js/vendors/tel-input-v17.0.12/js/ 		28 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infosalons.ae/GFM21DU/js/vendors/tel-input-v17.0.12/js/intlTelInput-jquery.min.js
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc78d794441e224557389600f54628526a23e55112d69f9baf7edaadd0aac615

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:48 GMT
server
AmazonS3
age
1983
etag
"5da86dd5bcf18e28082c8ac1f4efd296"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
28936
x-amz-cf-id
MSgW1rA4UvZn2AIheGe6fI53_JNOU5qRySRRK4BuBmNOZDu-EK_v_Q==
utils.js
static.infosalons.ae/GFM21DU/js/vendors/tel-input-v17.0.12/js/ 		248 KB
249 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infosalons.ae/GFM21DU/js/vendors/tel-input-v17.0.12/js/utils.js
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aeb6bc2ecd957d24b8bb08c9ebd6248835fbf6bbed3eeb1ac61d403eed193f56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:48 GMT
server
AmazonS3
age
1983
etag
"d7edffac89162cc0beb2a0af258da5bf"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
254079
x-amz-cf-id
SW1OSCT-AvuQQn-DANyV-5s68InLbNE5M_Cn-RFdv7x-71AakCGUlw==
select2.min.js
static.infosalons.ae/GFM21DU/js/vendors/select2/ 		79 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infosalons.ae/GFM21DU/js/vendors/select2/select2.min.js
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd308c7f77c59df34c9cc8cbd4f6dbbbf40bfbb933bf9692dcd632933bc30e7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:48 GMT
server
AmazonS3
age
1983
etag
"e211ffb7bb247b336afe47fe1b22ec39"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
81000
x-amz-cf-id
AGkcgF1gDKLENHP-J3-_GReoKcCCYBDTVt5UudHKmgXQvAdqh2BYcw==
demographics.js
static.infosalons.ae/GFM21DU/js/app/ 		43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infosalons.ae/GFM21DU/js/app/demographics.js
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.3 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ec6f42468d9871695585d88d529e5c27c54e6fea80e0070f112ec102b4e7fbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 10:54:32 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 10:17:48 GMT
server
AmazonS3
age
1983
etag
"cccdb8fd19216aa9e83d94ecbb40b2d6"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
44055
x-amz-cf-id
E2-pauj-mTptkKG4wtWzLjmgEt_HbLWcHH4-kPBEOwoTGHIHMLK5IA==
gtm.js
www.googletagmanager.com/ 		175 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PG9V3WB
Requested by
Host: cloudme02.infosalons.biz
URL: https://cloudme02.infosalons.biz/reg/GFM21DU/Registration/Demographics?showCode=GFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1d966b37b44a313a44b80bf7943217426c093a4eb3a6ede463ca47fcf00bd97d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 11:27:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
59881
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Oct 2021 11:27:34 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: scanmail.trustwave.com
URL: https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
Rm6H7izDXLaCUVO+rw228xT7G0KicqMMro1AXaMQnXD2l+DE4s7qoEkGeMZWcurq2ddBc6dkdO1q1zbgL5XIqw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Tue, 26 Oct 2021 11:27:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-708394402
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG9V3WB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 11:27:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39214
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Oct 2021 11:27:34 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG9V3WB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
5188
date
Tue, 26 Oct 2021 10:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Tue, 26 Oct 2021 12:01:06 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG9V3WB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 11:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14435
x-xss-protection
0
server
cafe
etag
3499052782129861849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 11:27:34 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: scanmail.trustwave.com
URL: https://scanmail.trustwave.com/?c=11229&d=ytz34SBfkboaH4Ok0YhI5Wpcpt6IswtrJNSsN343pg&u=https%3a%2f%2fbit%2ely%2f2XfEL57
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.26 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 26 Oct 2021 11:27:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=27766
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
js
www.googletagmanager.com/gtag/ 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-9676038
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG9V3WB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 11:27:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35574
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Oct 2021 11:27:34 GMT
teads-fellow.js
p.teads.tv/ 		0
0
734453796976874
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/734453796976874?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cloudme02.infosalons.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
89120
x-xss-protection
0
pragma
public
x-fb-debug
FtpDROq7+/01eV1tbe1/0YpsKlJmmA/WB/++zcHoVcFo0+y0muYrK/ATuMFfwi8Qt2sSM2NyWS0iqOYRjAaXJQ==
x-frame-options
DENY
date
Tue, 26 Oct 2021 11:27:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/835653254/ 		0
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/708394402/ 		0
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/835653206/ 		0
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/373414212/ 		0
0
collect
www.google-analytics.com/j/ 		0
0
utilities.0.1-f00fc396961e874b4b6a1c7820915bc604746314bc575f56e3192a19351f146d.js
d2gu4aerpfiddr.cloudfront.net/assets/widgets/ 		0
0
1015318385928983
connect.facebook.net/signals/config/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p.teads.tv
URL
https://p.teads.tv/teads-fellow.js
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/835653254/?random=1635247654789&cv=9&fst=1635247654789&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FGFM21DU%2FRegistration%2FDemographics%3FshowCode%3DGFM&tiba=Demographics%20%7C%20Gulfood%20Manufacturing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/708394402/?random=1635247654794&cv=9&fst=1635247654794&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaak0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FGFM21DU%2FRegistration%2FDemographics%3FshowCode%3DGFM&tiba=Demographics%20%7C%20Gulfood%20Manufacturing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/835653206/?random=1635247654795&cv=9&fst=1635247654795&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FGFM21DU%2FRegistration%2FDemographics%3FshowCode%3DGFM&tiba=Demographics%20%7C%20Gulfood%20Manufacturing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/373414212/?random=1635247654796&cv=9&fst=1635247654796&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FGFM21DU%2FRegistration%2FDemographics%3FshowCode%3DGFM&tiba=Demographics%20%7C%20Gulfood%20Manufacturing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=7926620&t=pageview&_s=1&dl=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FGFM21DU%2FRegistration%2FDemographics%3FshowCode%3DGFM&ul=en-us&de=UTF-8&dt=Demographics%20%7C%20Gulfood%20Manufacturing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1279363790&gjid=834609403&cid=27049888.1635247655&tid=UA-2007556-38&_gid=802313854.1635247655&_r=1&gtm=2wgak0PG9V3WB&z=797329119
Domain
d2gu4aerpfiddr.cloudfront.net
URL
https://d2gu4aerpfiddr.cloudfront.net/assets/widgets/utilities.0.1-f00fc396961e874b4b6a1c7820915bc604746314bc575f56e3192a19351f146d.js
Domain
connect.facebook.net
URL
https://connect.facebook.net/signals/config/1015318385928983?v=2.9.47&r=stable

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
scanmail.trustwave.com/ Name: ASP.NET_SessionId
Value: iw2aykckqbxuqnaavbmx5uuw
.bit.ly/ Name: _bit
Value: l9qbry-478d0f4e92ed07ccd8-00F
www.gulfoodmanufacturing.com/ Name: ASP.NET_SessionId
Value: xcgq30ilz3243wovncawe3zg
cloudme02.infosalons.biz/ Name: .AspNetCore.Session
Value: CfDJ8K61N7RwL%2B9Pg%2BRortwIqOkCnT0cyJJ6n1%2FxsVwaGf0lXcPVG1S5PdE%2FDkHMfh3ImRlgfJWWk%2BByc4crk4S6MwzI5s9GD7Du8bulQZChXaf5CHnbTVNh%2F6Z2VNpRFtHN62bjOlkHZJY8Esk6Vak1Zl%2Ftq8OjBLou8WFa26cmnjwl

1 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG9V3WB(Line 346)
Message:
Refused to load the script 'https://p.teads.tv/teads-fellow.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' *.doubleclick.net https://static.infosalons.ae https://static.uat.infosalons.ae *.infosalons.biz *.cloudfront.net *.webreg.me *.jsdelivr.net *.google.com *.adobedtm.com *.googletagmanager.com *.ingo.me *.heatmap.it *.nakanohito.jp *.google-analytics.com *.en25.com *.facebook.com *.facebook.net *.hotjar.com *.licdn.com *.googleapis.com *.googleadservices.com https://iirexhibitionslimite.tt.omtrdc.net https://googleads.g.doubleclick.net". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.webreg.me
bit.ly
cloudme02.infosalons.biz
connect.facebook.net
d2gu4aerpfiddr.cloudfront.net
googleads.g.doubleclick.net
p.teads.tv
scanmail.trustwave.com
snap.licdn.com
static.infosalons.ae
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
www.gulfoodmanufacturing.com
connect.facebook.net
d2gu4aerpfiddr.cloudfront.net
googleads.g.doubleclick.net
p.teads.tv
www.google-analytics.com
104.26.4.9
142.250.186.168
142.250.186.46
142.250.74.194
143.204.98.3
172.217.16.138
18.202.182.154
185.60.216.19
2.16.186.26
204.13.202.92
52.28.28.73
67.199.248.10
055ab1c48194e5fd3c73f22eaceee1bf99cab547de50b89045438799690dbe33
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
191833cc934b5e7ea83e808689098782ec3b8eb7ea7174a0cc92beb77dba6886
19ab1d3cb975864cd242379956c8b80be894a234abe57ff2d301868a94ca5d78
1d966b37b44a313a44b80bf7943217426c093a4eb3a6ede463ca47fcf00bd97d
21266d27f4e223b05e97cae044d98ef5af2ec58719f82c5dfbec0ee79c6cd130
24872b6f4d95efb2133b4673e5535c672a0957995077c3c90ad3dbc4d51b934f
34909522794d7b8ffee96e6df727a53c6f4715e57c303704b3ea1e7511ae101f
3af77f2fe575858e48c6307ca090a67df93171eb49d229dc1d8a228107df5fff
444bfc4fbb5fe0dbde27a2c126ff09883e3d0282a750a72af0e05421af8324c5
47094e420aef0d41656fb731edf58a384604de3a01c6d567f19f696ec8ae7c5f
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
63db0fc1fe425969ee071e2e86822dcd20b2d04a3df48620ea72d1afb5b0a505
79bfaaf0486b2a7becefa7bc9fda46462a85681b2cd5cf534ff0952c8cd5e04d
808244d4197473d3c1be0cb0d01532cf5edbf7b5c8bc2deaaad4dc229b3216b8
956945e835733dc0b6ff9df2657de50a96d9705c8c5266a4dd23ef93f3b3c4df
9c36e1735ec471e1d213fe0b7acb4880c573f8b5d2ebcfcd8e998705146b78b6
9ec6f42468d9871695585d88d529e5c27c54e6fea80e0070f112ec102b4e7fbe
a700cf1d8f966c842d2f7cfa5d6e503def2827f9bcc50babdf47d031b23217ed
a7634d9bfb7c73fc3e4acce0de9bc134d20311d1dd6687237c90fd9b772ede8d
aeb6bc2ecd957d24b8bb08c9ebd6248835fbf6bbed3eeb1ac61d403eed193f56
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
bc78d794441e224557389600f54628526a23e55112d69f9baf7edaadd0aac615
cb9b20758ca8ca432b8f30a9899850337955638798c106c4e97f821862f61320
d1cbc83d730a9526ee3e41aa4016ede7fae0e520718aaf4423e8fcdab2f99a55
dd308c7f77c59df34c9cc8cbd4f6dbbbf40bfbb933bf9692dcd632933bc30e7d
f07a5cc71380911831fd7b8108dd9b0d03347803572cfd9b719a4bd01b410dbb
f7a3ba3861a88f9cff01a6f76678f61e87cf314f35c6121072e46b3c8954a4c2
faebd618814dcffa9c3e99ca6b1537c9c6dcfda4f12656db20330971ebafa3d8