cindyclarice.com Open in urlscan Pro
52.38.223.55  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cindyclarice.com/	17 KB 7 KB	2084ms 1692ms	Document text/html	52.38.223.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cindyclarice.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.38.223.55 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-38-223-55.us-west-2.compute.amazonaws.com Software openresty / Resource Hash 58e936418592559b72895fd483a4fe9aff3655441098325c06126cab4de03ade Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 20 Apr 2023 18:50:49 GMT server openresty
GET H2	200	app.css cindyclarice.com/css/	183 KB 39 KB	355ms 354ms	Stylesheet text/css	52.38.223.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cindyclarice.com/css/app.css?id=779f9dbf2ce235146272 Requested by Host: cindyclarice.com URL: https://cindyclarice.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.38.223.55 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-38-223-55.us-west-2.compute.amazonaws.com Software openresty / Resource Hash 6d1e51fef0cc2248d449150e076081944e6701a962712a654bb8126dbdc3c87f Request headers accept-language de-DE,de;q=0.9 Referer https://cindyclarice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 18:50:49 GMT content-encoding gzip last-modified Tue, 09 Aug 2022 23:05:40 GMT server openresty etag W/"62f2e844-2da7a" content-type text/css
GET H2	200	app.js Show response cindyclarice.com/js/	1 MB 400 KB	531ms 530ms	Script application/javascript	52.38.223.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cindyclarice.com/js/app.js?id=0286195379507a96bd09 Requested by Host: cindyclarice.com URL: https://cindyclarice.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.38.223.55 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-38-223-55.us-west-2.compute.amazonaws.com Software openresty / Resource Hash d8a7e31c226a59b510b6c4dee8f1900c188bea125808e5246e10f47aef6b878d Request headers accept-language de-DE,de;q=0.9 Referer https://cindyclarice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 18:50:49 GMT content-encoding gzip last-modified Tue, 09 Aug 2022 23:05:40 GMT server openresty etag W/"62f2e844-147557" content-type application/javascript; charset=UTF-8
GET H2	200	css fonts.googleapis.com/	5 KB 978 B	126ms 47ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito:200,400,600 Requested by Host: cindyclarice.com URL: https://cindyclarice.com/css/app.css?id=779f9dbf2ce235146272 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1d99bf93f16ba8b881b1b58656ac9df85ca70925eecb35b24285268efef068de Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cindyclarice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 20 Apr 2023 18:50:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 20 Apr 2023 18:50:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 20 Apr 2023 18:50:50 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	107 KB 29 KB	23ms 7ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: cindyclarice.com URL: https://cindyclarice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cindyclarice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 20 Apr 2023 18:50:50 GMT document-policy force-load-at-top content-security-policy-report-only default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27967 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug S0+i/574cL/ts2mXUOHuLwcMzVVsOQp4QpSCvF1deb5XNlb7I1IUgZ4hzGuWolt/qYfPs5rcw5c7Soc4vdEYyA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	xfbml.customerchat.js Show response connect.facebook.net/en_US/sdk/	320 KB 91 KB	28ms 12ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js Requested by Host: cindyclarice.com URL: https://cindyclarice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 565f77ce7b3126909656356797c5dcb88a93a5dcc84db3926914454d0fea5b7a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://cindyclarice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Thu, 20 Apr 2023 18:50:50 GMT content-md5 iR5xTPSG2me8EN4vuUkyvg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 92480 x-fb-rlafr 0 x-fb-debug jQ1qS47KBBKGkmCqYjIJ++aak9JWwdXxVf4vpSKnQrXrkYMmFwX/ByDSRYZMq4P3PZCG1MZW/c9Dp14dpjIvZw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 686109401 x-fb-content-md5 d56d1eefc50a66ef572f53701fc220dd cross-origin-opener-policy same-origin-allow-popups etag "b5fe8bcbe3137cacd87424a35aaea10f" vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 x-frame-options DENY timing-allow-origin * expires Thu, 20 Apr 2023 18:58:46 GMT
GET H2	200	XRXV3I6Li01BKofINeaB.woff2 fonts.gstatic.com/s/nunito/v25/	35 KB 36 KB	115ms 36ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito:200,400,600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cindyclarice.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 03:27:37 GMT x-content-type-options nosniff age 55393 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35904 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:34:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 19 Apr 2024 03:27:37 GMT
GET H2	200	1119284601462688 Show response connect.facebook.net/signals/config/	380 KB 108 KB	109ms 108ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1119284601462688?v=2.9.102&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash eeaee85224dbede03257aee81912d65b9ac2e062133a3f0fa686471dae43ef89 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cindyclarice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 20 Apr 2023 18:50:50 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug Ix/TluQh/PmF3GcwFtzxet+nscKdVP8IacrRMoZ7EH9Co1Xa9NsNkfK1MjFnbzgV0douViy0dc6E/+uZvUOcDw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	95ms 7ms	Image text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1119284601462688&ev=PageView&dl=https%3A%2F%2Fcindyclarice.com%2F&rl=&if=false&ts=1682016650402&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682016650401.1511254486&it=1682016650261&coo=false&rqm=GET Requested by Host: cindyclarice.com URL: https://cindyclarice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://cindyclarice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 20 Apr 2023 18:50:50 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	elastic Show response api.perfectstormnow.com/properties/	115 KB 116 KB	545ms 544ms	XHR application/json	13.57.143.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.perfectstormnow.com/properties/elastic?status=A&propertyType=SF&minBeds=3&minBaths=2&photo=1&sort=days&queryString=status%3DA%26propertytype%3DSF%26minbeds%3D3%26minbaths%3D2%26photo%3D1%26sort%3Ddays&board=41&token=t-Vb1smw9ft0Fwr4PAgalJRCFN&limit=25&count=0 Requested by Host: cindyclarice.com URL: https://cindyclarice.com/js/app.js?id=0286195379507a96bd09 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.57.143.63 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-57-143-63.us-west-1.compute.amazonaws.com Software nginx / Resource Hash a5b1d534f021c1aeee29f0f447b86d44fa1d7f5d93270f13ee94ed8b5f8baa71 Request headers Accept application/json, text/plain, */* Referer https://cindyclarice.com/ X-Requested-With XMLHttpRequest X-CSRF-TOKEN w1NqOQerpIiMu921iYWJK3Pr8AjsR1h1g4yz5nam accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 18:50:51 GMT server nginx access-control-allow-methods DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT content-type application/json access-control-allow-origin * cache-control no-cache, private access-control-allow-credentials true x-robots-tag noindex access-control-allow-headers Authorization, X-Requested-With, X-Auth-Token, Content-Type
POST H2	200	popular-locations Show response api.perfectstormnow.com//site/	649 B 936 B	543ms 542ms	XHR application/json	13.57.143.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.perfectstormnow.com//site/popular-locations Requested by Host: cindyclarice.com URL: https://cindyclarice.com/js/app.js?id=0286195379507a96bd09 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.57.143.63 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-57-143-63.us-west-1.compute.amazonaws.com Software nginx / Resource Hash fad79d95fd332d71162b7b56d280e98f91523eacc2c0a8a7a3e705e0c65ae482 Request headers Accept application/json, text/plain, */* Referer https://cindyclarice.com/ X-Requested-With XMLHttpRequest X-CSRF-TOKEN w1NqOQerpIiMu921iYWJK3Pr8AjsR1h1g4yz5nam accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type application/json Response headers date Thu, 20 Apr 2023 18:50:51 GMT server nginx access-control-allow-methods DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT content-type application/json access-control-allow-origin * cache-control no-cache, private access-control-allow-credentials true x-robots-tag noindex access-control-allow-headers Authorization, X-Requested-With, X-Auth-Token, Content-Type
GET H2	200	testimonials Show response api.perfectstormnow.com/	14 KB 14 KB	502ms 502ms	XHR application/json	13.57.143.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.perfectstormnow.com/testimonials?id[]=1142&id[]=1143&id[]=1144&id[]=1145&id[]=1146&id[]=1147&id[]=1148&id[]=1149&id[]=1150&id[]=1151&id[]=1152&id[]=1153&id[]=1154&id[]=1155&id[]=1156&id[]=1157&id[]=1158&id[]=1159&id[]=1160&id[]=1161&id[]=1162&id[]=1163&id[]=1164&id[]=1165&id[]=1166&id[]=1167&token=t-Vb1smw9ft0Fwr4PAgalJRCFN Requested by Host: cindyclarice.com URL: https://cindyclarice.com/js/app.js?id=0286195379507a96bd09 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.57.143.63 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-57-143-63.us-west-1.compute.amazonaws.com Software nginx / Resource Hash 0561df4b2161d2fb4d65297f60f7f30e5778056af4634126d9c65242c6a0ec56 Request headers Accept application/json, text/plain, */* Referer https://cindyclarice.com/ X-Requested-With XMLHttpRequest X-CSRF-TOKEN w1NqOQerpIiMu921iYWJK3Pr8AjsR1h1g4yz5nam accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 18:50:51 GMT server nginx access-control-allow-methods DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT content-type application/json access-control-allow-origin * cache-control no-cache, private access-control-allow-credentials true x-robots-tag noindex access-control-allow-headers Authorization, X-Requested-With, X-Auth-Token, Content-Type
GET H2	200	companylogo-611d46c713faa.jpeg leads.perfectstormnow.com/image/site/432/	6 KB 6 KB	748ms 156ms	Image image/jpeg	52.53.143.88 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://leads.perfectstormnow.com/image/site/432/companylogo-611d46c713faa.jpeg Requested by Host: cindyclarice.com URL: https://cindyclarice.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.53.143.88 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-53-143-88.us-west-1.compute.amazonaws.com Software nginx / Resource Hash 44cca7890f39ef726a164b7c3fa6a70d186ebdc7b36af26aa9c0b779b9a8c77e Request headers accept-language de-DE,de;q=0.9 Referer https://cindyclarice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 18:50:51 GMT last-modified Wed, 18 Aug 2021 17:43:35 GMT server nginx etag "611d46c7-161f" content-type image/jpeg accept-ranges bytes x-robots-tag noindex content-length 5663
GET H2	200	maris.jpeg properties.perfectstormnow.com/41/logo/	6 KB 6 KB	255ms 24ms	Image image/jpeg	143.204.215.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://properties.perfectstormnow.com/41/logo/maris.jpeg Requested by Host: cindyclarice.com URL: https://cindyclarice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-129.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash ee85414db2136b39fee5e011f5e198a01741c3cd14e14df4d090ec3d3836c418 Request headers accept-language de-DE,de;q=0.9 Referer https://cindyclarice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 15:03:11 GMT via 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront) last-modified Fri, 13 Aug 2021 16:15:40 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 age 13661 etag "456d70dfaaee2584c9999ed3af742036" x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 5969 x-amz-cf-id FVnMRAs4ER_jaj_zpvNzK5KXvjjzx8kuTdf-1SneDm5VCgrUHFMJag==
GET H2	200	disclaimer-611d474868404.png leads.perfectstormnow.com/image/site/432/	28 KB 28 KB	904ms 312ms	Image image/png	52.53.143.88 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://leads.perfectstormnow.com/image/site/432/disclaimer-611d474868404.png Requested by Host: cindyclarice.com URL: https://cindyclarice.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.53.143.88 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-53-143-88.us-west-1.compute.amazonaws.com Software nginx / Resource Hash 233faf9e79d6532bbc8e4a27ebf8e2346c9849007973b3248a2dd2a3f712681b Request headers accept-language de-DE,de;q=0.9 Referer https://cindyclarice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 18:50:51 GMT last-modified Wed, 18 Aug 2021 17:45:44 GMT server nginx etag "611d4748-6e75" content-type image/png accept-ranges bytes x-robots-tag noindex content-length 28277
OPTIONS H2	200	elastic api.perfectstormnow.com/properties/	0 0	548ms 196ms	Preflight text/html	13.57.143.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.perfectstormnow.com/properties/elastic?status=A&propertyType=SF&minBeds=3&minBaths=2&photo=1&sort=days&queryString=status%3DA%26propertytype%3DSF%26minbeds%3D3%26minbaths%3D2%26photo%3D1%26sort%3Ddays&board=41&token=t-Vb1smw9ft0Fwr4PAgalJRCFN&limit=25&count=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.57.143.63 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-57-143-63.us-west-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers x-csrf-token,x-requested-with Access-Control-Request-Method GET Origin https://cindyclarice.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers x-csrf-token,x-requested-with access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 20 Apr 2023 18:50:51 GMT server nginx x-robots-tag noindex
OPTIONS H2	200	popular-locations api.perfectstormnow.com//site/	0 0	521ms 197ms	Preflight text/html	13.57.143.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.perfectstormnow.com//site/popular-locations Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.57.143.63 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-57-143-63.us-west-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-csrf-token,x-requested-with Access-Control-Request-Method POST Origin https://cindyclarice.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-csrf-token,x-requested-with access-control-allow-methods POST access-control-allow-origin * cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 20 Apr 2023 18:50:51 GMT server nginx x-robots-tag noindex
OPTIONS H2	200	testimonials api.perfectstormnow.com/	0 0	520ms 197ms	Preflight text/html	13.57.143.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.perfectstormnow.com/testimonials?id[]=1142&id[]=1143&id[]=1144&id[]=1145&id[]=1146&id[]=1147&id[]=1148&id[]=1149&id[]=1150&id[]=1151&id[]=1152&id[]=1153&id[]=1154&id[]=1155&id[]=1156&id[]=1157&id[]=1158&id[]=1159&id[]=1160&id[]=1161&id[]=1162&id[]=1163&id[]=1164&id[]=1165&id[]=1166&id[]=1167&token=t-Vb1smw9ft0Fwr4PAgalJRCFN Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.57.143.63 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-57-143-63.us-west-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers x-csrf-token,x-requested-with Access-Control-Request-Method GET Origin https://cindyclarice.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers x-csrf-token,x-requested-with access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 20 Apr 2023 18:50:51 GMT server nginx x-robots-tag noindex
GET H2	206	showcase-one.mp4 clientwebsite.perfectstormnow.com/video/	88 KB 0	114ms 22ms	Media video/mp4	52.222.236.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://clientwebsite.perfectstormnow.com/video/showcase-one.mp4 Requested by Host: cindyclarice.com URL: https://cindyclarice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-71.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Referer https://cindyclarice.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Range bytes=0- Response headers date Thu, 20 Apr 2023 15:59:51 GMT via 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront) last-modified Wed, 07 Nov 2018 20:49:20 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 10260 etag "97b68764efdbab67b482ba103f6547ff" vary Accept-Encoding x-cache Hit from cloudfront content-type video/mp4 Content-Range bytes 0-47273330/47273331 accept-ranges bytes x-amz-cf-id TLMa1-BkpJFhcxgRK7FX1oNeLIkRpnJFfg6ykH38Cn5lm7ZjGPv2sA== Content-Length 47273331
GET H2	200	/ www.facebook.com/tr/	0 31 B	7ms 7ms	Image text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1119284601462688&ev=Microdata&dl=https%3A%2F%2Fcindyclarice.com%2F&rl=&if=false&ts=1682016650907&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22RE%2FMAX%20Platinum%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22RE%2FMAX%20Platinum%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fleads.perfectstormnow.com%2Fimage%2Fsite%2F432%2Fcompanylogo-611d46c713faa.jpeg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.102&r=stable&ec=1&o=30&fbp=fb.1.1682016650401.1511254486&it=1682016650261&coo=false&es=automatic&tm=3&rqm=GET Requested by Host: cindyclarice.com URL: https://cindyclarice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://cindyclarice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 20 Apr 2023 18:50:50 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	206	showcase-one.mp4 clientwebsite.perfectstormnow.com/video/	21 KB 22 KB	36ms 36ms	Media video/mp4	52.222.236.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://clientwebsite.perfectstormnow.com/video/showcase-one.mp4 Requested by Host: cindyclarice.com URL: https://cindyclarice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-71.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash b40374706d6a623c0687feac00bf932c0badc272fb5f133a898dd90c3f6a9468 Request headers Referer https://cindyclarice.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Range bytes=47251456- Response headers date Thu, 20 Apr 2023 15:59:51 GMT via 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront) last-modified Wed, 07 Nov 2018 20:49:20 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 10261 etag "97b68764efdbab67b482ba103f6547ff" vary Accept-Encoding x-cache Hit from cloudfront content-type video/mp4 Content-Range bytes 47251456-47273330/47273331 accept-ranges bytes x-amz-cf-id uJArJ76W66Adtkbc11k642WM3UX4Iw6BMbYO9fxJM0NLHsek-h-4BA== Content-Length 21875
GET H2	206	showcase-one.mp4 clientwebsite.perfectstormnow.com/video/	35 MB 0	12ms 12ms	Media video/mp4	52.222.236.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://clientwebsite.perfectstormnow.com/video/showcase-one.mp4 Requested by Host: cindyclarice.com URL: https://cindyclarice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-71.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Referer https://cindyclarice.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Range bytes=65536- Response headers date Thu, 20 Apr 2023 15:59:51 GMT via 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront) last-modified Wed, 07 Nov 2018 20:49:20 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 10261 etag "97b68764efdbab67b482ba103f6547ff" vary Accept-Encoding x-cache Hit from cloudfront content-type video/mp4 Content-Range bytes 65536-47273330/47273331 accept-ranges bytes x-amz-cf-id BEeeDlzbqookurE7pKpeOmqdDGHpGUO7_fTPWjT3OXvxAEyK0HRg3g== Content-Length 47207795
GET H2	200	maris.jpeg properties.perfectstormnow.com/41/logo/	6 KB 6 KB	11ms 10ms	Image image/jpeg	143.204.215.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://properties.perfectstormnow.com/41/logo/maris.jpeg Requested by Host: cindyclarice.com URL: https://cindyclarice.com/js/app.js?id=0286195379507a96bd09 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-129.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash ee85414db2136b39fee5e011f5e198a01741c3cd14e14df4d090ec3d3836c418 Request headers accept-language de-DE,de;q=0.9 Referer https://cindyclarice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 15:03:11 GMT via 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront) last-modified Fri, 13 Aug 2021 16:15:40 GMT server AmazonS3 x-amz-cf-pop FRA53-C1 age 13662 etag "456d70dfaaee2584c9999ed3af742036" x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 5969 x-amz-cf-id hcn_MAIC5hsu0gfubH8B9qTi_FQRRo2KMmt3p9iD6dbrcbMBAA3eTw==

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| fbq function| _fbq object| ps object| FB object| webpackChunk object| FontAwesomeConfig object| ___FONT_AWESOME___ function| bugsnag function| _ object| querystring function| flickity function| Cookies function| moment function| Popper object| smoothscroll function| jQuery function| $ object| bugsnagClient function| axios object| bugsnagVue object| Base64 object| regeneratorRuntime

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cindyclarice.com/	1970-01-20 11:53:55	Name: XSRF-TOKEN Value: eyJpdiI6IlJReHhFc3A5emZNWmRyeThwbGdUdmc9PSIsInZhbHVlIjoiYTBSWENYZVdSSXMwTUM2bHpxZndSNno2YVg0K283dXlacEhEL3d5M05ZR0hxTGttRlJpUlZBWlVXRFdzdjNLQVNFejFKTFlsSGlkOWdWcWJoQWVvL2IzOG81a3dRMU42ZTMydHJYa3YxaEF2UjlaMUd6dFVUa25yQlQ2c3hHWXoiLCJtYWMiOiIwMTgzMGIxNTUwZTE0YjY0YzY4Y2IwYWJhNjk5OGVmMzFmOWE2ODIxZjA2YWRlZmFiZGRlZjEwODBhYTcwM2JmIiwidGFnIjoiIn0%3D
			cindyclarice.com/	1970-01-20 11:53:55	Name: perfect_storm_client_website_session Value: eyJpdiI6IlFUbWNqV3lIaTRsOXk1ZW9DaEpVbnc9PSIsInZhbHVlIjoiYTRWQXIxQVRobGF0bEFoNEdNTWVmL1RMQVV6TTNaZnpYcnF3UFdyS1JIL0xiK3JoaitHNnF5UWpMZm9EYXBHelFaS1drK3o2MGtQejdkb282QTdwTTBFb21IUDhGbWRRdGdqUTZLUDcrRUkzWjB6Wk9GS2YwR0s5c3BYLzJaRXEiLCJtYWMiOiJmNWUxMDM3OWVlNmNmYmI3NjhlYmIwZGIxNTI4ZGY0ZTFiMTAwZGJkZWRjOThiOTljY2QzMGU1ZWE5YzFkMmNmIiwidGFnIjoiIn0%3D
			.cindyclarice.com/	1970-01-20 13:23:12	Name: _fbp Value: fb.1.1682016650401.1511254486

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.perfectstormnow.com
cindyclarice.com
clientwebsite.perfectstormnow.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
leads.perfectstormnow.com
properties.perfectstormnow.com
www.facebook.com
13.57.143.63
143.204.215.129
2a00:1450:4001:806::2003
2a00:1450:4001:82b::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.222.236.71
52.38.223.55
52.53.143.88
0561df4b2161d2fb4d65297f60f7f30e5778056af4634126d9c65242c6a0ec56
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
1d99bf93f16ba8b881b1b58656ac9df85ca70925eecb35b24285268efef068de
233faf9e79d6532bbc8e4a27ebf8e2346c9849007973b3248a2dd2a3f712681b
44cca7890f39ef726a164b7c3fa6a70d186ebdc7b36af26aa9c0b779b9a8c77e
565f77ce7b3126909656356797c5dcb88a93a5dcc84db3926914454d0fea5b7a
58e936418592559b72895fd483a4fe9aff3655441098325c06126cab4de03ade
6d1e51fef0cc2248d449150e076081944e6701a962712a654bb8126dbdc3c87f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
a5b1d534f021c1aeee29f0f447b86d44fa1d7f5d93270f13ee94ed8b5f8baa71
b40374706d6a623c0687feac00bf932c0badc272fb5f133a898dd90c3f6a9468
d8a7e31c226a59b510b6c4dee8f1900c188bea125808e5246e10f47aef6b878d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee85414db2136b39fee5e011f5e198a01741c3cd14e14df4d090ec3d3836c418
eeaee85224dbede03257aee81912d65b9ac2e062133a3f0fa686471dae43ef89
fad79d95fd332d71162b7b56d280e98f91523eacc2c0a8a7a3e705e0c65ae482