penfedo.click Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request offer.php Show response penfedo.click/	246 KB 50 KB	257ms 120ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78df5f24178554a8d4ad485cbc69f75beae04fc02c2893f98e86d9dbe5519f93 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 771ccc704f93b846-AMS Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 29 Nov 2022 16:42:47 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQp7cMUmJVQr7EZQsN0qcdeaD%2BCv%2F3qhhokGP8%2Bikxkz6lIdeT4Wy0fMfj%2BK3Xh27a54u58V3UK62wFSaQelxLmiQn9LD05HR4roLKZL4RxPPqP9%2BwOEP9eUU3Nsdo3UWPJaIyC12E1mhTeF"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	di.js Show response penfedo.click/offer_files/	199 KB 75 KB	320ms 121ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://penfedo.click/offer_files/di.js Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b16443e8e0999f2493990335fcde397ae30c76fb1dc849e98b3d2f8aa1d4a9db Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:48 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Thu, 20 Oct 2022 14:29:28 GMT Server cloudflare ETag W/"63515b48-31b40" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6Y15YVmYSsKW%2FwO1W086O%2BRKNmFt2n%2F4iUBUoFiHAU2JvoxpyOrUB226rfYYs0kKBuzNhQf4ihUh1tpuhupGEAVsP7a9Bdm6glNJG9kZNMYOaSOVrHtVazhok2ZGj9%2BjqUogHyHgduYU9wu"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=43200 CF-RAY 771ccc724cce0a67-AMS Expires Wed, 30 Nov 2022 04:42:48 GMT
GET H/1.1	200 OK	16dea5f7544712a1_complete.js Show response penfedo.click/offer_files/	191 KB 82 KB	164ms 117ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://penfedo.click/offer_files/16dea5f7544712a1_complete.js Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2fefa9cd45cd9ce5158a2f97c97dc55fb355ad9323766eee05683c43be6d7e0 Request headers Referer http://penfedo.click/offer.php Origin http://penfedo.click accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:47 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Thu, 20 Oct 2022 14:29:28 GMT Server cloudflare ETag W/"63515b48-2fd0e" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95WAluOyZtWibzENe5Q%2FXlGWOGtoDyhvefEoPkuNz7YKcw7fqEvedeITSPOhWKFrR7w18Ogi%2FMQIGtW7VfXx30r21EroCIuQ0eQaRvw9%2FiucY2Afkb1Wz4byY%2Bz0xJIPiedGVsELqW%2F6GGd8"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=43200 CF-RAY 771ccc715af70a67-AMS Expires Wed, 30 Nov 2022 04:42:47 GMT
GET H2	200	di.js Show response cdn.decibelinsight.net/i/13557/67144/	198 KB 77 KB	118ms 39ms	Script text/javascript	13.225.78.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.decibelinsight.net/i/13557/67144/di.js Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.68 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-68.fra2.r.cloudfront.net Software nginx / Resource Hash 78e9242706862d412828d0500ef156ff86f6c533408d5e79257a65a05f311670 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 16:42:48 GMT strict-transport-security max-age=31536000 content-encoding gzip via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 server nginx etag W/000066171-184A832D1FF access-control-allow-methods GET, POST, OPTIONS content-type text/javascript; charset=utf-8 cache-control private, max-age=5400 access-control-allow-credentials true timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override x-amz-cf-id yoR5KIRXS2j3leK1Vt3aaLPuCy7nRLPc70nL5hI8C60RiRla-Nb2gQ==
GET H/1.1	200 OK	app.css penfedo.click/offer_files/	982 KB 155 KB	183ms 180ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://penfedo.click/offer_files/app.css Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc8fb46b90b0744251f5851cd56a8621dc7539349396d1ca2bef3fe7671b8081 Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:48 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Thu, 20 Oct 2022 14:30:53 GMT Server cloudflare ETag W/"63515b9d-f591b" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKfdYl0ndS6ioPY7p4pQf%2F6y%2F1MQEoeX6%2Bo208TNU3siinD6PlagRM0azICgoM3hp3WsmNB7waoDyMEYbpMrBmdvsC%2F9dPxPEgJqKSYbUMmmG9ykEOtOxdBy5zl1mFzEX%2BinOZi0DssmA4mg"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 CF-RAY 771ccc713d900bb6-AMS Expires Wed, 30 Nov 2022 04:42:47 GMT
GET H/1.1	200 OK	fonts.css penfedo.click/offer_files/	0 770 B	96ms 93ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://penfedo.click/offer_files/fonts.css Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:47 GMT CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 0 Last-Modified Thu, 20 Oct 2022 14:33:06 GMT Server cloudflare ETag "63515c22-0" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OagOGIlBaN84VZZkbyoTRtq16vCOfkYIOb0%2BwTcNJWg1%2FL2tZg4SPaGtra%2BH7cVbEbv5fvjQcvk4cuNAwsSS%2FMecvlSEB3CDfIYGAckcSKN2LRhahB8mPl8%2FT0HsxEpthLl8vYsgovajyIAB"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 Accept-Ranges bytes CF-RAY 771ccc713f021c83-AMS Expires Wed, 30 Nov 2022 04:42:47 GMT
GET H/1.1	200 OK	resources.js Show response penfedo.click/offer_files/	26 KB 9 KB	104ms 96ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://penfedo.click/offer_files/resources.js Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e78d16cff9c9aff96aa0d683ae47df7639c987662d09fa387b57e4c679aa367 Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:47 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Thu, 20 Oct 2022 14:29:28 GMT Server cloudflare ETag W/"63515b48-697d" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FshtoYzATWZ8h0gJeLxHpTEQuuRuFiG5Qqq9hQneWJqmfsdVq2KJx3I67ehmr1alHHOwJW0BXtXPo0WaX2fO3QxRsI93l0RLBldXQk3T56C0od%2B%2Fbyny2sFJ9hT3hEllVO9uwKQcZGfW3%2Fi"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=43200 CF-RAY 771ccc715b5eb878-AMS Expires Wed, 30 Nov 2022 04:42:47 GMT
GET H/1.1	200 OK	aura_prod.js Show response penfedo.click/offer_files/	796 KB 283 KB	144ms 118ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://penfedo.click/offer_files/aura_prod.js Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86a0902ef90c9391a2b8030d061f3fcf5ddfe77bb739ae2d0d764e02e3b30fb4 Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:48 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Thu, 20 Oct 2022 14:29:28 GMT Server cloudflare ETag W/"63515b48-c71c2" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dp6tgE6wp8vcEBZkbxiTs48Ysxua11EGXQd35G8QTBgMy%2BgKIc1jeRc4APvNNS%2FwhXPx0qnBgaWWzp8E0cvzJRcM%2F0Hyl74fy7Jh6wtoAAEkX4SXth%2Bw4smM9wjQGc8HxvdSNTzPz%2FA7bjmr"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=43200 CF-RAY 771ccc717fabb8cc-AMS Expires Wed, 30 Nov 2022 04:42:47 GMT
GET H/1.1	200 OK	app.js Show response penfedo.click/offer_files/	2 MB 623 KB	188ms 110ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://penfedo.click/offer_files/app.js Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b8b3c480e3fc3f88fa050c5e7e9f01a5d8bbd98ee4eefc903c9daf4b13da30d Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:48 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Thu, 20 Oct 2022 14:29:28 GMT Server cloudflare ETag W/"63515b48-276542" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdwqgCihNzKEiwHbou0U1Ma%2BpV1mBnQ8BSRouT1XpJuXB8kkWDdUEwVnOTrtR6hnrmWUrI0b0dznML1vb22642OQsQ88C6%2FGOEdyuq8NTIXdaOj0dRGEPY2PiCKnP4hCJ9vlHUemnYh5RwRk"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=43200 CF-RAY 771ccc71c8161c83-AMS Expires Wed, 30 Nov 2022 04:42:48 GMT
GET H/1.1	200 OK	bootstrap.js Show response penfedo.click/offer_files/	644 KB 149 KB	204ms 117ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://penfedo.click/offer_files/bootstrap.js Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7ae7b56cd03a644fa5c117f87c3f33b87291a049e660fa3ab09931dcc9021bf Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:48 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Thu, 20 Oct 2022 14:29:28 GMT Server cloudflare ETag W/"63515b48-a0f6d" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hg65f9V5kU%2BFKI5695M4VNqXN9Z3DJEeKAn83QuLRAJF2P1BQ76B4VuDl%2B4J7IbzMppTfg4AiDUdsff4pTie74tkwPwvygv4RhxIfp74Oxno8XTAt34dW8puHrJwU%2BUfoZdQckdK31sMqkff"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=43200 CF-RAY 771ccc71d950b846-AMS Expires Wed, 30 Nov 2022 04:42:48 GMT
GET H/1.1	200 OK	LAkB Show response penfedo.click/offer_files/	198 KB 199 KB	202ms 98ms	Script application/octet-stream	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://penfedo.click/offer_files/LAkB Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 053f9342774a9105e06d3fde9fc9560375d7a0e130f69f4e1d92832585427580 Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:48 GMT CF-Cache-Status DYNAMIC Last-Modified Thu, 20 Oct 2022 14:29:28 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag "63515b48-31849" Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zotIq8fwJR02%2Foi%2FzjOgll1UaTr%2Bi2l7NRiA1TXA25wl2TJ%2F4el48V25bGnP8UFofEIJY%2FcB04MrxMDIoyDUSqI%2FVc29D%2FUpQKMC1CIb98NIRE9pyGhW0qrhhD1QpjSqA98CnEi92dAmAH1P"}],"group":"cf-nel","max_age":604800} Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes CF-RAY 771ccc71fc34b878-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 202825
GET H/1.1	200 OK	sec-3-8.css penfedo.click/offer_files/	2 KB 1 KB	86ms 85ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://penfedo.click/offer_files/sec-3-8.css Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25a7a102a22ad70761585350775304dd658ec1b2d79cfcba77d17ae70010a7c3 Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:47 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Thu, 20 Oct 2022 14:29:28 GMT Server cloudflare ETag W/"63515b48-669" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PgLAv30z2KaA3Z3pdcYwfGME5HVcwB7U9FvpU1KhQqoAGja4%2BUOGYd6E0T5S7Op%2BeqodKUMSisqATF8OygNAf1458wjGcWz1oc5OVsYUpQrxiUhNT8cHKhFtrZcGH2YvVZuyEorFpwCoXn5"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=43200 CF-RAY 771ccc7148a2b846-AMS Expires Wed, 30 Nov 2022 04:42:47 GMT
GET H/1.1	200 OK	sec-cpt-3-8.js Show response penfedo.click/offer_files/	10 KB 5 KB	89ms 88ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://penfedo.click/offer_files/sec-cpt-3-8.js Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eeae64bcb49af43d3afd4f1e456aa82175e56b920636d83b229dda5e130e048e Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:48 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Thu, 20 Oct 2022 14:29:28 GMT Server cloudflare ETag W/"63515b48-29ae" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oott%2Boy%2F4%2FkXHt%2FN3eorX1vXI%2FkvL0mCaghfzjGsIn8OC%2F7L7JdRFjdEb7Nsb2Qw7CNL7BQAKjR8neoDLt39M4Pbw91W6fDi9vV0lptHQypMo2jvQXnmXAun1TPW%2FajC1Xrpr6YodP7ZMQlC"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=43200 CF-RAY 771ccc730ad6b846-AMS Expires Wed, 30 Nov 2022 04:42:48 GMT
GET H2	200	penfed.svg www.penfed.org/content/dam/SSIPApplicationFiles/icons/	9 KB 4 KB	208ms 45ms	Image image/svg+xml	2a02:26f0:1300::5f65:e651 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.penfed.org/content/dam/SSIPApplicationFiles/icons/penfed.svg Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1300::5f65:e651 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash ee6b4ab395818dec010961d8334bcbc3edad41e0e339ac150e4478cc842fdc1c Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 16:42:48 GMT content-encoding gzip last-modified Fri, 08 Mar 2019 21:37:52 GMT etag "5203c6-gzip" vary Accept-Encoding content-type image/svg+xml cache-control max-age=3600 content-disposition attachment; filename="penfed.svg" server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes content-length 3436 expires Tue, 29 Nov 2022 17:42:48 GMT
GET H2	200	phone_icon_outline.svg www.penfed.org/content/dam/SSIPApplicationFiles/icons/	2 KB 1 KB	223ms 60ms	Image image/svg+xml	2a02:26f0:1300::5f65:e651 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.penfed.org/content/dam/SSIPApplicationFiles/icons/phone_icon_outline.svg Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1300::5f65:e651 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash ef7de51345cf85d5d8ff2c59514bbd82a960dc336d071cf6ab86a8cb349e29a3 Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 16:42:48 GMT content-encoding gzip last-modified Fri, 08 Mar 2019 21:39:08 GMT etag "3c06b7-gzip" vary Accept-Encoding content-type image/svg+xml cache-control max-age=3600 content-disposition attachment; filename="phone_icon_outline.svg" server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes content-length 1032 expires Tue, 29 Nov 2022 17:42:48 GMT
GET H2	200	lock_icon_12x16.svg www.penfed.org/content/dam/SSIPApplicationFiles/icons/	2 KB 983 B	230ms 68ms	Image image/svg+xml	2a02:26f0:1300::5f65:e651 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.penfed.org/content/dam/SSIPApplicationFiles/icons/lock_icon_12x16.svg Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1300::5f65:e651 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash c2ee6fc75756707c74ffb9866c93bdd04b7953c10bdec1f44a6857963a80471d Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 16:42:48 GMT content-encoding gzip last-modified Fri, 08 Mar 2019 21:39:07 GMT etag "3c0e97-gzip" vary Accept-Encoding content-type image/svg+xml cache-control max-age=3600 content-disposition attachment; filename="lock_icon_12x16.svg" server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes content-length 722 expires Tue, 29 Nov 2022 17:42:48 GMT
GET H2	200	NCUA_logo.svg www.penfed.org/content/dam/SSIPApplicationFiles/icons/	210 KB 59 KB	239ms 78ms	Image image/svg+xml	2a02:26f0:1300::5f65:e651 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.penfed.org/content/dam/SSIPApplicationFiles/icons/NCUA_logo.svg Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1300::5f65:e651 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e1073ff5ae7e73332830e0b08e08b6e016727ce8e872e4c6a7a9fb5485e286e3 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 16:42:48 GMT content-encoding gzip last-modified Fri, 08 Mar 2019 21:39:07 GMT etag "3c06bb-gzip" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control no-cache content-disposition attachment; filename="NCUA_logo.svg" server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes content-length 60074 expires Tue, 29 Nov 2022 16:42:48 GMT
GET H2	200	Norton_logo.png www.penfed.org/content/dam/SSIPApplicationFiles/icons/	16 KB 16 KB	249ms 88ms	Image image/png	2a02:26f0:1300::5f65:e651 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.penfed.org/content/dam/SSIPApplicationFiles/icons/Norton_logo.png Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1300::5f65:e651 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 2de2a13c9a7f8191c6834433fe3d4caa07e65f5934fa5b49a899c24df5d136ee Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 16:42:48 GMT last-modified Fri, 08 Mar 2019 21:39:06 GMT content-type image/png cache-control max-age=3600 content-disposition attachment server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes content-length 16524 expires Tue, 29 Nov 2022 17:42:48 GMT
GET H2	200	EHL_logo_white.svg www.penfed.org/content/dam/SSIPApplicationFiles/icons/	10 KB 3 KB	230ms 68ms	Image image/svg+xml	2a02:26f0:1300::5f65:e651 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.penfed.org/content/dam/SSIPApplicationFiles/icons/EHL_logo_white.svg Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1300::5f65:e651 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash ad4f52393cadebcb08be2814aafc96f2a43d0b6c3ac2dd503cd440e2f3b33a5d Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 16:42:48 GMT content-encoding gzip last-modified Sat, 13 Apr 2019 14:24:54 GMT etag "5203ce-gzip" vary Accept-Encoding content-type image/svg+xml cache-control max-age=3600 content-disposition attachment; filename="EHL_logo_white.svg" server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes content-length 2757 expires Tue, 29 Nov 2022 17:42:48 GMT
GET H/1.1	200 OK	penfed.svg penfedo.click/offer_files/	9 KB 4 KB	93ms 93ms	Image image/svg+xml	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://penfedo.click/offer_files/penfed.svg Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee6b4ab395818dec010961d8334bcbc3edad41e0e339ac150e4478cc842fdc1c Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:48 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Thu, 20 Oct 2022 14:29:28 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag W/"63515b48-2467" Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMw5eo6RCEp782r71UchMHF4FDx0T%2FR1lutW93Fo72TG5lUgj1Gp1PwOxkzCHYPXFxEAkseX3zrKLKQ16omBUjNDIkNpxaaFdVl3ANl9Sx8OUHlzKEuoy644lGsdZrLWNB16b6AafvstMeMC"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 771ccc731aedb8cc-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	NCUA_logo.svg penfedo.click/offer_files/	210 KB 59 KB	167ms 166ms	Image image/svg+xml	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://penfedo.click/offer_files/NCUA_logo.svg Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e1073ff5ae7e73332830e0b08e08b6e016727ce8e872e4c6a7a9fb5485e286e3 Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:48 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Thu, 20 Oct 2022 14:29:28 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag W/"63515b48-34775" Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StiHKE4Zm8IZYk83wKyDiunVJKlTs2hPGihScNt0ZJn%2B7865eOfhCgAjvSj5hZP0oQNitEZWeEAT%2F7iA23SgSV%2FDSAZ6e3A6NlvmFdyIY%2FEY8V3kJVcESiVPbp1VzJFR2VuCymImta3AVf%2FA"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 771ccc732eb00a67-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	Norton_logo.png penfedo.click/offer_files/	16 KB 17 KB	106ms 105ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://penfedo.click/offer_files/Norton_logo.png Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2de2a13c9a7f8191c6834433fe3d4caa07e65f5934fa5b49a899c24df5d136ee Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:48 GMT CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 16524 Last-Modified Thu, 20 Oct 2022 14:29:28 GMT Server cloudflare ETag "63515b48-408c" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMtcfBc%2B5lz4%2FC9OoXeXW4kZq2OIgtJEufn2Una4sVeteJCAnHOO2LLlEJQ%2FbGtRNgADnLNbLKFWrFfWmgvhIEj97JsAY0dOMRWqFkM4%2BvjczkqP5jzUhCAAf5WX6ILjZkX%2FUBxDwo6s1Yot"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=2592000 Accept-Ranges bytes CF-RAY 771ccc738b501c83-AMS Expires Thu, 29 Dec 2022 16:42:48 GMT
GET H/1.1	200 OK	EHL_logo_white.svg penfedo.click/offer_files/	10 KB 3 KB	84ms 84ms	Image image/svg+xml	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://penfedo.click/offer_files/EHL_logo_white.svg Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad4f52393cadebcb08be2814aafc96f2a43d0b6c3ac2dd503cd440e2f3b33a5d Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:48 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Thu, 20 Oct 2022 14:29:28 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag W/"63515b48-26f6" Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RteGQKJK9H3KYP0DuNyVmZM9ZuBNHGgtxts63abXEFO8JxBEf4sD%2BkOotBJ79764YI4XRcSs85dRdEetPZoSXaBpW6HqOgSEWfhcDUv4T8GOCWod%2BhpISqnf7PFHHi%2FSdDrIsITjyg76o2mN"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 771ccc739b5ab846-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/	87 KB 28 KB	92ms 38ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin http://penfedo.click accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 16:42:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 46347 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27938 last-modified Tue, 02 Mar 2021 18:58:36 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "603e8adc-15d9d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thSGdeEgzyZayTOfTX2TIWQSWtpzPkobAvOT5eMyJ042sDzI6wJAkoXBMUCOuI9ZeJLW4voyw%2FmEVvScZx3PF79HudpDoR4bEsvXEtxerKhd39bcqWNbgL3XIml1bEO%2FCCfSs21T2QWAfo57mEpQGTdX"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 771ccc72dc7a1cb0-AMS expires Sun, 19 Nov 2023 16:42:48 GMT
GET H2	200	jquery.loading.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-easy-loading/1.3.0/	3 KB 2 KB	85ms 31ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-easy-loading/1.3.0/jquery.loading.min.js Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 981ab63a9bbe045c3f301626f60359b861b6ddd96b5edec8277fc571e1d3d1ef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin http://penfedo.click accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 16:42:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 456444 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1112 last-modified Mon, 25 May 2020 21:19:49 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5ecc3675-d60" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Se8E66n4A%2FG5AQX8XNwrEM6e2y9VK%2BhoFTkSJ1xShmBaqwq%2Ft9vBVyKTiOmZ2ipBpK70NxVVUZTRucI4O7P%2FM89GeNmJX3QvrSZwtkaTAc7%2BKJS9%2FABSa%2FrYvqNO5CDsrFZq03NlMnIl9wVmWCEi4%2Bs"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 771ccc72dc7c1cb0-AMS expires Sun, 19 Nov 2023 16:42:48 GMT
GET H/1.1	200 OK	MontserratFont.woff penfedo.click/offer_files/	23 KB 24 KB	111ms 111ms	Font font/woff	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://penfedo.click/offer_files/MontserratFont.woff Requested by Host: penfedo.click URL: http://penfedo.click/offer.php Protocol HTTP/1.1 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60cebea4c9183f51fbd323f14dd729e18768be4f6395467013216ae36526cf9c Request headers Referer http://penfedo.click/offer.php Origin http://penfedo.click accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 16:42:48 GMT CF-Cache-Status MISS Last-Modified Thu, 20 Oct 2022 14:37:08 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag "63515d14-5bb8" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ahols3kKexbRL9Xk0y7KvIFStenhCLxh01iw06l1TlJxhAJwUtkwLXy4HSfL4xVZEsz%2Fq1XszdIKKwmmXkJ5ptSKjmJx3oJGzG%2B89DSDOrtvYHSRTnGZPl%2BnBVIWmAfTJtIccFXZ%2BVB0lkbP"}],"group":"cf-nel","max_age":604800} Content-Type font/woff Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 771ccc740d2eb8cc-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 23480
GET H2	200	pfd Show response server.usa-a.co/create/	14 B 561 B	1466ms 1346ms	XHR text/html	2606:4700:3034::ac43:c975 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://server.usa-a.co/create/pfd Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:c975 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 696b3468fb0164b58d7a43a6a59d397e9a77dd22f712a7aa7f80cf1bbb3304de Request headers Accept */* Referer http://penfedo.click/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 16:42:49 GMT ratelimit-reset 58 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCDF6bPUbk1ALbi2Ui6PpL2r2zjxAimc5xp955c86xStFsrj5f3dsri2QthcaHeFCm3ez6PmEJa26yDBcrAwkrIi2jAtHpDPFjMg4GRWORQ1c70%2BdGf%2BrndbcwYVFbkM0tVjqGirIfch8hK6ljU%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin http://penfedo.click ratelimit-limit 3 cf-ray 771ccc755be26d7f-MUC ratelimit-remaining 2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET BLOB	200 OK	4e2abdba-20f3-4b9f-a895-0c331b80cb0f http://penfedo.click/	15 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:http://penfedo.click/4e2abdba-20f3-4b9f-a895-0c331b80cb0f Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 6de75c9f575d9d4874faeddafc13659ce1ffc99dc5f0edd3aedddb70aeeaa229 Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Content-Length 15521 Content-Type application/javascript
GET BLOB	200 OK	62b5c343-0f1f-483b-be93-a0f6e0f00eec http://penfedo.click/	15 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:http://penfedo.click/62b5c343-0f1f-483b-be93-a0f6e0f00eec Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 0f7bc246475201fc73f9363f95e8ebee78c19a3df9a377c0f6a39e30fbf76cba Request headers accept-language nl-NL,nl;q=0.9 Referer http://penfedo.click/offer.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Content-Length 15521 Content-Type application/javascript
GET H2	200	pfd Show response server.usa-a.co/create/	14 B 333 B	1326ms 1325ms	XHR text/html	2606:4700:3034::ac43:c975 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://server.usa-a.co/create/pfd Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:c975 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 696b3468fb0164b58d7a43a6a59d397e9a77dd22f712a7aa7f80cf1bbb3304de Request headers Accept */* Referer http://penfedo.click/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 16:42:51 GMT ratelimit-reset 57 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2B9iXqO6WEDfvWTARfcm7JbvWF5bE59nJFPJ9JnILxw%2F68KvOWvBzOBLksJV6Dtd7KMNiyMJF6hkYmBjWclzGNdLaVesc5fASNpmWqfRhEcTnEJ6KPuOQXQIQhNSXeqyNMNqzmMGXv9MlQPRqGE%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin http://penfedo.click ratelimit-limit 3 cf-ray 771ccc7ddf8a6d7f-MUC ratelimit-remaining 1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	200	781a841c-1a09-49dc-af61-79b6a831b803 Show response dynatracesg.penfed.org/bf/	751 B 1 KB	348ms 170ms	XHR text/plain	2a02:26f0:1300::5f65:e660 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://dynatracesg.penfed.org/bf/781a841c-1a09-49dc-af61-79b6a831b803?type=js3&sn=v_4_srv_-2D65_sn_F85AFS8FTB5KERC3368MC3CVQ37I1GMS&svrid=-65&flavor=cors&vi=SOHKCHAFMMMAMVRGJRFLULMFLQRCUVFB-0&modifiedSince=1666150948899&rf=http%3A%2F%2Fpenfedo.click%2Foffer.php&bp=3&app=16dea5f7544712a1&crc=1438522516&en=9z56v6le&end=1 Requested by Host: penfedo.click URL: http://penfedo.click/offer_files/16dea5f7544712a1_complete.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1300::5f65:e660 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 782dd3ea76eec4e90a29dab4189340fde5349042e02cceed11172ead09028011 Request headers Referer http://penfedo.click/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin http://penfedo.click date Tue, 29 Nov 2022 16:42:50 GMT cache-control no-cache server-timing cdn-cache; desc=MISS, edge; dur=108, origin; dur=19 content-length 751 content-type text/plain;charset=utf-8
POST H2	200	781a841c-1a09-49dc-af61-79b6a831b803 dynatracesg.penfed.org/bf/	207 B 862 B	176ms 176ms	XHR text/plain	2a02:26f0:1300::5f65:e660 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://dynatracesg.penfed.org/bf/781a841c-1a09-49dc-af61-79b6a831b803?type=js3&sn=v_4_srv_21_sn_F85AFS8FTB5KERC3368MC3CVQ37I1GMS_app-3A16dea5f7544712a1_1_ol_0_perc_100000_mul_1&svrid=21&flavor=cors&vi=SOHKCHAFMMMAMVRGJRFLULMFLQRCUVFB-0&modifiedSince=1669717477995&rf=http%3A%2F%2Fpenfedo.click%2Foffer.php&bp=3&app=16dea5f7544712a1&crc=1550461664&en=9z56v6le&end=1 Requested by Host: penfedo.click URL: http://penfedo.click/offer_files/16dea5f7544712a1_complete.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1300::5f65:e660 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers Referer http://penfedo.click/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin http://penfedo.click date Tue, 29 Nov 2022 16:42:52 GMT cache-control no-cache server-timing cdn-cache; desc=MISS, edge; dur=113, origin; dur=19 content-length 207 content-type text/plain;charset=utf-8

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| escape function| unescape object| _da_ string| DecibelInsight function| decibelInsight object| dT_ object| dtrum object| picassoSPA string| comm__attrVariationKey number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura object| _cf object| bmak string| _sdTrace object| _di_max_id object| _da_crcTable function| $ function| jQuery function| _0x18d4 function| _0x1e5b object| ak_chlge function| encode function| decode string| _id undefined| _question undefined| _login undefined| _pass number| counter undefined| message string| url boolean| decibelInsight_initiated

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.decibelinsight.net/i/13557/	1970-01-20 16:34:36	Name: da_lid Value: -4A27C1BF9A79EA1AA0BBBB99F290771CE5|0|0|0
			.decibelinsight.net/i/13557/	1970-01-20 07:49:01	Name: da_sid Value: 7914F28C8E39AE8135EAAA13B0923D1756.1|3|0|3
			.penfedo.click/	1969-12-31 23:59:59	Name: rxVisitor Value: 16697401680420K2UPSV3HP7ANM235O20I80O9K0N14UB
			.penfedo.click/	1969-12-31 23:59:59	Name: dtLatC Value: 69
			.penfedo.click/	1969-12-31 23:59:59	Name: dtSa Value: -
			.penfedo.click/	1969-12-31 23:59:59	Name: rxvt Value: 1669741968429|1669740168046
			.penfedo.click/	1969-12-31 23:59:59	Name: dtPC Value: -65$540168037_712h-vSOHKCHAFMMMAMVRGJRFLULMFLQRCUVFB-0e0
			.penfedo.click/	1970-01-20 07:49:01	Name: da_sid Value: 7914F28C8E39AE8135EAAA13B0923D1756.1|3|0|3
			.penfedo.click/	1970-01-20 16:34:36	Name: da_lid Value: 4A27C1BF9A79EA1AA0BBBB99F290771CE5|0|0|0
			.penfedo.click/	1970-01-20 07:49:01	Name: da_intState Value:
			.penfedo.click/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_21_sn_F85AFS8FTB5KERC3368MC3CVQ37I1GMS_app-3A16dea5f7544712a1_1_ol_0_perc_100000_mul_1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.decibelinsight.net
cdnjs.cloudflare.com
dynatracesg.penfed.org
penfedo.click
server.usa-a.co
www.penfed.org
13.225.78.68
2606:4700:3034::ac43:c975
2606:4700::6811:180e
2a02:26f0:1300::5f65:e651
2a02:26f0:1300::5f65:e660
2a06:98c1:3120::3
053f9342774a9105e06d3fde9fc9560375d7a0e130f69f4e1d92832585427580
0f7bc246475201fc73f9363f95e8ebee78c19a3df9a377c0f6a39e30fbf76cba
25a7a102a22ad70761585350775304dd658ec1b2d79cfcba77d17ae70010a7c3
2de2a13c9a7f8191c6834433fe3d4caa07e65f5934fa5b49a899c24df5d136ee
4e78d16cff9c9aff96aa0d683ae47df7639c987662d09fa387b57e4c679aa367
60cebea4c9183f51fbd323f14dd729e18768be4f6395467013216ae36526cf9c
696b3468fb0164b58d7a43a6a59d397e9a77dd22f712a7aa7f80cf1bbb3304de
6b8b3c480e3fc3f88fa050c5e7e9f01a5d8bbd98ee4eefc903c9daf4b13da30d
6de75c9f575d9d4874faeddafc13659ce1ffc99dc5f0edd3aedddb70aeeaa229
782dd3ea76eec4e90a29dab4189340fde5349042e02cceed11172ead09028011
78df5f24178554a8d4ad485cbc69f75beae04fc02c2893f98e86d9dbe5519f93
78e9242706862d412828d0500ef156ff86f6c533408d5e79257a65a05f311670
86a0902ef90c9391a2b8030d061f3fcf5ddfe77bb739ae2d0d764e02e3b30fb4
981ab63a9bbe045c3f301626f60359b861b6ddd96b5edec8277fc571e1d3d1ef
ad4f52393cadebcb08be2814aafc96f2a43d0b6c3ac2dd503cd440e2f3b33a5d
b16443e8e0999f2493990335fcde397ae30c76fb1dc849e98b3d2f8aa1d4a9db
c2ee6fc75756707c74ffb9866c93bdd04b7953c10bdec1f44a6857963a80471d
c2fefa9cd45cd9ce5158a2f97c97dc55fb355ad9323766eee05683c43be6d7e0
cc8fb46b90b0744251f5851cd56a8621dc7539349396d1ca2bef3fe7671b8081
d7ae7b56cd03a644fa5c117f87c3f33b87291a049e660fa3ab09931dcc9021bf
e1073ff5ae7e73332830e0b08e08b6e016727ce8e872e4c6a7a9fb5485e286e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee6b4ab395818dec010961d8334bcbc3edad41e0e339ac150e4478cc842fdc1c
eeae64bcb49af43d3afd4f1e456aa82175e56b920636d83b229dda5e130e048e
ef7de51345cf85d5d8ff2c59514bbd82a960dc336d071cf6ab86a8cb349e29a3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e