urlscan.io logo urlscan.io
SecurityTrails logo

www.temptationstouch.com Open in urlscan Pro
198.54.116.24  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.temptationstouch.com/booknow/Lewis
Submission: On November 16 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 47 HTTP transactions. The main IP is 198.54.116.24, located in United States and belongs to NAMECHEAP-NET, US. The main domain is www.temptationstouch.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 16th 2023. Valid for: a year.
This is the only time www.temptationstouch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

21    198.54.116.24 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server210-4.web-hosting.com
www.temptationstouch.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    207.120.33.34 (United States)

ASN3356 (LEVEL3, US)
secureesignon.com
9    207.120.33.45 (United States)

ASN3356 (LEVEL3, US)
slmtstfrs.com
8    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    207.120.33.41 (United States)

ASN3356 (LEVEL3, US)
geoip.esignonsecure.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
3    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
21 temptationstouch.com
www.temptationstouch.com
1 MB
9 slmtstfrs.com
slmtstfrs.com
53 KB
8 gstatic.com
fonts.gstatic.com
207 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
190 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
ajax.googleapis.com — Cisco Umbrella Rank: 364
33 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2220
12 KB
1 esignonsecure.com
geoip.esignonsecure.com
455 B
1 secureesignon.com
secureesignon.com
492 B
47 9
Domain Requested by
21 www.temptationstouch.com www.temptationstouch.com
9 slmtstfrs.com www.temptationstouch.com
slmtstfrs.com
ajax.googleapis.com
8 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com slmtstfrs.com
www.googletagmanager.com
2 fonts.googleapis.com www.temptationstouch.com
slmtstfrs.com
1 www.google-analytics.com www.googletagmanager.com
1 ajax.aspnetcdn.com slmtstfrs.com
1 ajax.googleapis.com slmtstfrs.com
1 geoip.esignonsecure.com slmtstfrs.com
1 secureesignon.com 1 redirects
47 10

This site contains no links.

Subject Issuer Validity Valid
temptationstouch.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-16 -
2024-06-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
slmtstfrs.com
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.esignonsecure.com
AlphaSSL CA - SHA256 - G4		 2022-12-08 -
2024-01-09		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.temptationstouch.com/booknow/Lewis
Frame ID: ED01A2AB47BDE3562558C479E6600DA9
Requests: 25 HTTP requests in this frame

Frame: https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
Frame ID: EA75687578CCD03071A6C35B4DB90CB1
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Temptations touch

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

9
IPs

2
Countries

1759 kB
Transfer

2731 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://secureesignon.com/process/J-MNemoSubAcct/?dofid=p36:o1490:aJ-MNemoSubAcct:b735ba7f0:c121 HTTP 302
  • https://slmtstfrs.com/dofadd/?dofid=p36%3Ao1490%3AaJ-MNemoSubAcct%3Ab735ba7f0%3Ac121&dof_click_id=A3U9x8Cez7KbY3Cbj3J653f0c78eVd16U&rtid=499001429

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Lewis
www.temptationstouch.com/booknow/ 		24 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
7f887b38bd567598b261ab9c97d17e91069cef8b92b6bdb83102d9ace2642987

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
24342
date
Thu, 16 Nov 2023 00:46:51 GMT
last-modified
Wed, 21 Jun 2023 23:02:08 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
css
fonts.googleapis.com/ 		23 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Open+Sans:300,300i,400,400i,700,700i
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
499204d061fc926cd849f6f7e2a8d5db36a9736fe3e1c2448c77015aa58f64c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Nov 2023 00:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 00:46:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Nov 2023 00:46:51 GMT
aos.css
www.temptationstouch.com/booknow/assets/vendor/aos/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.temptationstouch.com/booknow/assets/vendor/aos/aos.css
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
content-encoding
br
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1539
expires
Thu, 23 Nov 2023 00:46:51 GMT
bootstrap.min.css
www.temptationstouch.com/booknow/assets/vendor/bootstrap/css/ 		160 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.temptationstouch.com/booknow/assets/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
f7a57062e993737efc0af2b377250b855aed80b41d546f70973bdca790f507fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
content-encoding
br
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
21233
expires
Thu, 23 Nov 2023 00:46:51 GMT
bootstrap-icons.css
www.temptationstouch.com/booknow/assets/vendor/bootstrap-icons/ 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.temptationstouch.com/booknow/assets/vendor/bootstrap-icons/bootstrap-icons.css
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
content-encoding
br
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
8224
expires
Thu, 23 Nov 2023 00:46:51 GMT
glightbox.min.css
www.temptationstouch.com/booknow/assets/vendor/glightbox/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.temptationstouch.com/booknow/assets/vendor/glightbox/css/glightbox.min.css
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
9c300b6fbfe6d373e1f53b2f0d33cf9df86d9310cc60531ad231cee97aca2bf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
content-encoding
br
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
2396
expires
Thu, 23 Nov 2023 00:46:51 GMT
style.css
www.temptationstouch.com/booknow/assets/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.temptationstouch.com/booknow/assets/css/style.css
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
342495e921ff8915bf30875bc990500c1aa2e7cea8e09184699836b6340ce7fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
content-encoding
br
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
4259
expires
Thu, 23 Nov 2023 00:46:51 GMT
about-img.jpg
www.temptationstouch.com/booknow/assets/img/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.temptationstouch.com/booknow/assets/img/about-img.jpg
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
b06a86599832f648585d2ebe512663f94692284c92268b7059a1deb76a83e3c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
154615
expires
Thu, 23 Nov 2023 00:46:51 GMT
1.jpg
www.temptationstouch.com/booknow/assets/img/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.temptationstouch.com/booknow/assets/img/1.jpg
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
a65b0eab33d131d4a212179c226b2e62d8a9ca74cc48cedce8759bff7fe0a62b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
113277
expires
Thu, 23 Nov 2023 00:46:51 GMT
2.jpg
www.temptationstouch.com/booknow/assets/img/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.temptationstouch.com/booknow/assets/img/2.jpg
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
4dbd246dba3c5030da3d31864f11088f6ee21a346eef6d556d8c857996cde5a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
18317
expires
Thu, 23 Nov 2023 00:46:51 GMT
3.jpg
www.temptationstouch.com/booknow/assets/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.temptationstouch.com/booknow/assets/img/3.jpg
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
33b75aeae52ce02696ed653b27e19bd93f5a6c01f56aa686c75818824d2fadaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
6586
expires
Thu, 23 Nov 2023 00:46:51 GMT
4.jpg
www.temptationstouch.com/booknow/assets/img/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.temptationstouch.com/booknow/assets/img/4.jpg
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
a8d5deeccdfdc30a3f88a93c6c00828ab6e4d9e1e1780c326bbe90dba45460de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
50841
expires
Thu, 23 Nov 2023 00:46:51 GMT
5.jpeg
www.temptationstouch.com/booknow/assets/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.temptationstouch.com/booknow/assets/img/5.jpeg
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
b7a2615bf23020dcde296a452b44c7de13adfefa9573d741633afa7c6c2b5b0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
15878
expires
Thu, 23 Nov 2023 00:46:51 GMT
6.jpg
www.temptationstouch.com/booknow/assets/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.temptationstouch.com/booknow/assets/img/6.jpg
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
5a652ee3c9c5ad4bf7d5b0e19b28311df56c9979c4e1667c17670f6be615e9e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
22203
expires
Thu, 23 Nov 2023 00:46:51 GMT
advanced-feature-2.png
www.temptationstouch.com/booknow/assets/img/ 		634 KB
634 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.temptationstouch.com/booknow/assets/img/advanced-feature-2.png
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
7f32155416d5d275545db4f66974a6edf4d1d56573b329e8806ce82f2508c86f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
649124
expires
Thu, 23 Nov 2023 00:46:51 GMT
aos.js
www.temptationstouch.com/booknow/assets/vendor/aos/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.temptationstouch.com/booknow/assets/vendor/aos/aos.js
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
content-encoding
br
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
4420
expires
Thu, 23 Nov 2023 00:46:51 GMT
bootstrap.bundle.min.js
www.temptationstouch.com/booknow/assets/vendor/bootstrap/js/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.temptationstouch.com/booknow/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
c8b344ccb7e63d18ef422bfd771a348bfba32a4d8729df1cebf91ced39728d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
content-encoding
br
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
22192
expires
Thu, 23 Nov 2023 00:46:51 GMT
glightbox.min.js
www.temptationstouch.com/booknow/assets/vendor/glightbox/js/ 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.temptationstouch.com/booknow/assets/vendor/glightbox/js/glightbox.min.js
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
2049cd47bf42ca8cca34024a661a566426dc11105daeb657b3d932be0267c0c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
content-encoding
br
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
14887
expires
Thu, 23 Nov 2023 00:46:51 GMT
validate.js
www.temptationstouch.com/booknow/assets/vendor/php-email-form/ 		3 KB
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.temptationstouch.com/booknow/assets/vendor/php-email-form/validate.js
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
b80e5a78eb469d0d5b2da30363037d34c41f0d1d383d2107931e621a2ee60b6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
content-encoding
br
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
789
expires
Thu, 23 Nov 2023 00:46:51 GMT
main.js
www.temptationstouch.com/booknow/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.temptationstouch.com/booknow/assets/js/main.js
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
deb5f6ef44f432004f2527a056035f7a026a5aa363d12e4c6a55893a9e3d8a7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/Lewis
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:51 GMT
content-encoding
br
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1192
expires
Thu, 23 Nov 2023 00:46:51 GMT
/
slmtstfrs.com/dofadd/ Frame EA75
Redirect Chain
  • https://secureesignon.com/process/J-MNemoSubAcct/?dofid=p36:o1490:aJ-MNemoSubAcct:b735ba7f0:c121
  • https://slmtstfrs.com/dofadd/?dofid=p36%3Ao1490%3AaJ-MNemoSubAcct%3Ab735ba7f0%3Ac121&dof_click_id=A3U9x8Cez7KbY3Cbj3J653f0c78eVd16U&rtid=499001429
341 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://slmtstfrs.com/dofadd/?dofid=p36%3Ao1490%3AaJ-MNemoSubAcct%3Ab735ba7f0%3Ac121&dof_click_id=A3U9x8Cez7KbY3Cbj3J653f0c78eVd16U&rtid=499001429
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.45 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
eb36fe7e6c1ab0bd28e2b35b5134a1d95229b67f3ecca95e29f7c964ebd0df55

Request headers

Referer
https://www.temptationstouch.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-length
277
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 00:46:52 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
section-io-cache
Miss
section-io-id
58517d444a6e0bec9af24a38bc7719a0
vary
Accept-Encoding
via
1.1 varnish-84f56c8bcd-dg8mz (Varnish/7.2)
x-varnish
5473419

Redirect headers

age
0
cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 00:46:52 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://slmtstfrs.com/dofadd/?dofid=p36%3Ao1490%3AaJ-MNemoSubAcct%3Ab735ba7f0%3Ac121&dof_click_id=A3U9x8Cez7KbY3Cbj3J653f0c78eVd16U&rtid=499001429
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
section-io-cache
Miss
section-io-id
fed752aab229bc83bc68dbaf0db06795
via
1.1 varnish-84f56c8bcd-dg8mz (Varnish/7.2)
x-varnish
5473417
hero-bg.jpeg
www.temptationstouch.com/booknow/assets/img/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.temptationstouch.com/booknow/assets/img/hero-bg.jpeg
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
b9f26d286df9cb0a3f838a141f489104de820d7c78caf2f440319a3f3859b549

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.temptationstouch.com/booknow/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:52 GMT
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
40088
expires
Thu, 23 Nov 2023 00:46:52 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Open+Sans:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.temptationstouch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:41:35 GMT
x-content-type-options
nosniff
age
97517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Nov 2024 21:41:35 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Open+Sans:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.temptationstouch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:29:28 GMT
x-content-type-options
nosniff
age
469044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 14:29:28 GMT
bootstrap-icons.woff2
www.temptationstouch.com/booknow/assets/vendor/bootstrap-icons/fonts/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.temptationstouch.com/booknow/assets/vendor/bootstrap-icons/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/assets/vendor/bootstrap-icons/bootstrap-icons.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.24 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server210-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Request headers

Referer
https://www.temptationstouch.com/booknow/assets/vendor/bootstrap-icons/bootstrap-icons.css
Origin
https://www.temptationstouch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:52 GMT
last-modified
Wed, 21 Jun 2023 23:01:56 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
90528
expires
Thu, 23 Nov 2023 00:46:52 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v36/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700|Open+Sans:300,300i,400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.temptationstouch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:30:13 GMT
x-content-type-options
nosniff
age
177399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50368
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:04:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 23:30:13 GMT
/
slmtstfrs.com/dofadd/ Frame EA75 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
Requested by
Host: www.temptationstouch.com
URL: https://www.temptationstouch.com/booknow/Lewis
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.45 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
26de8f1fa984a2c29098873f63ca814409fc44305d03e9e2e699b694452079d9

Request headers

Referer
https://slmtstfrs.com/dofadd/?dofid=p36%3Ao1490%3AaJ-MNemoSubAcct%3Ab735ba7f0%3Ac121&dof_click_id=A3U9x8Cez7KbY3Cbj3J653f0c78eVd16U&rtid=499001429
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 00:46:53 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
section-io-cache
Miss
section-io-id
5f3ecc40c668ea49f376e3b75c400745
vary
Accept-Encoding
via
1.1 varnish-84f56c8bcd-dg8mz (Varnish/7.2)
x-varnish
5473421
/
geoip.esignonsecure.com/ Frame EA75 		399 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip.esignonsecure.com/?v=1
Requested by
Host: slmtstfrs.com
URL: https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.41 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
06498f3ae298a83a8f1ddb35cd6171b3b5270aa7b3939f25a15f1866b734688f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://slmtstfrs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 00:46:53 GMT
via
1.1 varnish-84f56c8bcd-vlnhn (Varnish/7.2)
content-encoding
gzip
age
0
vary
Accept-Encoding
x-varnish
4064927
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
section-io-cache
Miss
section-io-id
40b562f7367c0533f65ebdf494704eb1
expires
0
cleanstep3gld.css
slmtstfrs.com/common_tpls/compact/css/ Frame EA75 		141 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://slmtstfrs.com/common_tpls/compact/css/cleanstep3gld.css
Requested by
Host: slmtstfrs.com
URL: https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.45 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
3032a9f25ccdce78bbf59f0a47c51ba9fb36eb93c88dfe43333afb614af48da5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:53 GMT
content-encoding
gzip
section-io-cache-id
f008ca9751a484419d9889dc2e75e7a5
last-modified
Thu, 22 Aug 2019 14:19:19 GMT
age
2124
etag
W/"5d5ea467-233d7"
vary
Accept-Encoding
content-type
text/css
x-varnish
5178501 1715130
via
1.1 varnish-84f56c8bcd-vlnhn (Varnish/7.2)
accept-ranges
bytes
section-io-cache
Hit
section-io-id
e93fad91b0e3f7f6ecef66f766b78dd7
content-length
28188
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame EA75 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: slmtstfrs.com
URL: https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://slmtstfrs.com/
Origin
https://slmtstfrs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 22:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Nov 2024 22:17:13 GMT
bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/ Frame EA75 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
Requested by
Host: slmtstfrs.com
URL: https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AF) /
Resource Hash
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://slmtstfrs.com/
Origin
https://slmtstfrs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11464252
x-cache
HIT
content-length
12247
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:09:58 GMT
server
ECAcc (ama/48AF)
etag
"194598e6cb33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
form_support.js
slmtstfrs.com/common_tpls/js/ Frame EA75 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slmtstfrs.com/common_tpls/js/form_support.js?v=1516308712
Requested by
Host: slmtstfrs.com
URL: https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.45 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:53 GMT
via
1.1 varnish-84f56c8bcd-dg8mz (Varnish/7.2)
section-io-cache-id
d56f51fcec9b5b5b7a72df6662618822
last-modified
Fri, 18 Nov 2022 21:23:38 GMT
age
9848
etag
W/"6377f7da-ed7"
vary
Accept-Encoding
x-varnish
7570649 879642
content-type
application/javascript
content-encoding
gzip
section-io-cache
Hit
section-io-id
dbc6591eaf0e07b18af67c1df763921a
validate_form_v2.js
slmtstfrs.com/common_tpls/js/ Frame EA75 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slmtstfrs.com/common_tpls/js/validate_form_v2.js?jsv=24
Requested by
Host: slmtstfrs.com
URL: https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.45 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
b3f9ad8a6b5ee12a78a32d898be23898f6d340765e340873e0253feb3b0e8825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:53 GMT
via
1.1 varnish-84f56c8bcd-vlnhn (Varnish/7.2)
section-io-cache-id
25317543caddb46159f76fa83989b08f
last-modified
Thu, 19 Oct 2023 00:24:58 GMT
age
9848
etag
W/"6530775a-6590"
vary
Accept-Encoding
x-varnish
4064926 1321501
content-type
application/javascript
content-encoding
gzip
section-io-cache
Hit
section-io-id
6f2533cd7f89379c2cf6b99d0600097e
ajax-loader.gif
slmtstfrs.com/common_tpls/images/ Frame EA75 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slmtstfrs.com/common_tpls/images/ajax-loader.gif
Requested by
Host: slmtstfrs.com
URL: https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.45 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:53 GMT
via
1.1 varnish-84f56c8bcd-dg8mz (Varnish/7.2)
section-io-cache-id
018407e3147edcbe8c9884aafd749654
last-modified
Mon, 07 Oct 2013 22:49:23 GMT
age
10620
etag
"52533a73-c88"
x-varnish
5997671 3788950
content-type
image/gif
accept-ranges
bytes
section-io-cache
Hit
section-io-id
885cc1ccea971d0daee807d084dfb03e
content-length
3208
profile-dark.png
slmtstfrs.com/common_tpls/compact/img/cleanstep3gld/ Frame EA75 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slmtstfrs.com/common_tpls/compact/img/cleanstep3gld/profile-dark.png
Requested by
Host: slmtstfrs.com
URL: https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.45 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
a369af4c2598ddf183b730a26f5fead06652578da5033b079bb1de12239c983a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:53 GMT
via
1.1 varnish-84f56c8bcd-vlnhn (Varnish/7.2)
section-io-cache-id
bf4e5a201c5fd23c97cf0d278c81b3d6
last-modified
Thu, 15 Aug 2019 19:02:43 GMT
age
3852
etag
"5d55ac53-c9b"
x-varnish
5211704 1696739
content-type
image/png
accept-ranges
bytes
section-io-cache
Hit
section-io-id
2dd2e517e43f630285ada1df0d6dba9e
content-length
3227
iframeResizer.contentWindow.min.js
slmtstfrs.com/common_tpls/js/ Frame EA75 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://slmtstfrs.com/common_tpls/js/iframeResizer.contentWindow.min.js
Requested by
Host: slmtstfrs.com
URL: https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.45 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:53 GMT
via
1.1 varnish-84f56c8bcd-dg8mz (Varnish/7.2)
section-io-cache-id
635abb61838c231e1966051c7076222c
last-modified
Thu, 04 Feb 2016 15:06:03 GMT
age
10754
etag
W/"56b368db-3445"
vary
Accept-Encoding
x-varnish
6293462 3821692
content-type
application/javascript
content-encoding
gzip
section-io-cache
Hit
section-io-id
8d30ba8ad15813581e58b2097b890684
js
www.googletagmanager.com/gtag/ Frame EA75 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-208203304-1
Requested by
Host: slmtstfrs.com
URL: https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb7d3c42c37e66f29e50edddb8e8acb7c0b3d6202e6aa640c3ccb95302cd2d8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://slmtstfrs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68595
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Nov 2023 00:46:53 GMT
css
fonts.googleapis.com/ Frame EA75 		11 KB
906 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Requested by
Host: slmtstfrs.com
URL: https://slmtstfrs.com/common_tpls/compact/css/cleanstep3gld.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5b43c13f29156b87b601565e8abe066f9dc7ef32d856deeee11f099f1807748
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://slmtstfrs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Nov 2023 00:46:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 23:25:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Nov 2023 00:46:53 GMT
gtm.js
www.googletagmanager.com/ Frame EA75 		112 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WRR93BC
Requested by
Host: slmtstfrs.com
URL: https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e1b6fe6ff75a2c8f7e2c55bbb0c416e88afc3782015c60eea9c3decea549def
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://slmtstfrs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44346
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Nov 2023 00:46:53 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EA75 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://slmtstfrs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 14:45:25 GMT
x-content-type-options
nosniff
age
208888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 14:45:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EA75 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://slmtstfrs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:30:11 GMT
x-content-type-options
nosniff
age
177402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 23:30:11 GMT
js
www.googletagmanager.com/gtag/ Frame EA75 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q6VC2CW99V&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-208203304-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f0a9fc793a3d15e01ee5f4cff66a2a3cb30f25bac3a0962fe2ac0ff837b40acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://slmtstfrs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 00:46:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80999
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 Nov 2023 00:46:53 GMT
analytics.js
www.google-analytics.com/ Frame EA75 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-208203304-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://slmtstfrs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Nov 2023 23:49:41 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3432
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 16 Nov 2023 01:49:41 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EA75 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://slmtstfrs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:22:55 GMT
x-content-type-options
nosniff
age
465838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 15:22:55 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EA75 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://slmtstfrs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 04:28:14 GMT
x-content-type-options
nosniff
age
418719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Nov 2024 04:28:14 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EA75 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://slmtstfrs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:31:44 GMT
x-content-type-options
nosniff
age
245709
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 04:31:44 GMT
/
slmtstfrs.com/dofadd/trk/ Frame EA75 		21 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://slmtstfrs.com/dofadd/trk/?rtid=499001429
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.45 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
2cb743dd81d278180510d4c1212613a1e9327155293e66908bfcfdb147652024

Request headers

Accept
*/*
Referer
https://slmtstfrs.com/dofadd/?SID=e4d2a5b225ba24f2708eafe22411b200
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 00:46:53 GMT
via
1.1 varnish-84f56c8bcd-dg8mz (Varnish/7.2)
age
0
content-type
text/json;charset=UTF-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish
4556649
cache-control
no-store, no-cache, must-revalidate
section-io-cache
Miss
section-io-id
f72e714a63f579d49cde619f89b2eaf3
content-length
21
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture number| currentTab function| showTab function| nextPrev function| validateForm function| fixStepIndicator object| AOS number| uidEvent object| bootstrap function| GLightbox

2 Cookies

Domain/Path Name / Value
secureesignon.com/ Name: PHPSESSID
Value: c2ae68b06f81363ca399e5bb15c82ad4
slmtstfrs.com/ Name: PHPSESSID
Value: e4d2a5b225ba24f2708eafe22411b200

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
geoip.esignonsecure.com
secureesignon.com
slmtstfrs.com
www.google-analytics.com
www.googletagmanager.com
www.temptationstouch.com
152.199.19.160
198.54.116.24
2001:4860:4802:34::178
207.120.33.34
207.120.33.41
207.120.33.45
2a00:1450:4001:809::2008
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:82b::200a
06498f3ae298a83a8f1ddb35cd6171b3b5270aa7b3939f25a15f1866b734688f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
2049cd47bf42ca8cca34024a661a566426dc11105daeb657b3d932be0267c0c1
26de8f1fa984a2c29098873f63ca814409fc44305d03e9e2e699b694452079d9
2cb743dd81d278180510d4c1212613a1e9327155293e66908bfcfdb147652024
3032a9f25ccdce78bbf59f0a47c51ba9fb36eb93c88dfe43333afb614af48da5
33b75aeae52ce02696ed653b27e19bd93f5a6c01f56aa686c75818824d2fadaa
342495e921ff8915bf30875bc990500c1aa2e7cea8e09184699836b6340ce7fb
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
499204d061fc926cd849f6f7e2a8d5db36a9736fe3e1c2448c77015aa58f64c6
4dbd246dba3c5030da3d31864f11088f6ee21a346eef6d556d8c857996cde5a8
5a652ee3c9c5ad4bf7d5b0e19b28311df56c9979c4e1667c17670f6be615e9e5
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7f32155416d5d275545db4f66974a6edf4d1d56573b329e8806ce82f2508c86f
7f887b38bd567598b261ab9c97d17e91069cef8b92b6bdb83102d9ace2642987
8e1b6fe6ff75a2c8f7e2c55bbb0c416e88afc3782015c60eea9c3decea549def
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9c300b6fbfe6d373e1f53b2f0d33cf9df86d9310cc60531ad231cee97aca2bf0
a246c4de8a0f1f1fdb6ee52565018dc341063aa9efe8481034bc3ef7d697e334
a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0
a369af4c2598ddf183b730a26f5fead06652578da5033b079bb1de12239c983a
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
a65b0eab33d131d4a212179c226b2e62d8a9ca74cc48cedce8759bff7fe0a62b
a8d5deeccdfdc30a3f88a93c6c00828ab6e4d9e1e1780c326bbe90dba45460de
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b06a86599832f648585d2ebe512663f94692284c92268b7059a1deb76a83e3c1
b3f9ad8a6b5ee12a78a32d898be23898f6d340765e340873e0253feb3b0e8825
b7a2615bf23020dcde296a452b44c7de13adfefa9573d741633afa7c6c2b5b0e
b80e5a78eb469d0d5b2da30363037d34c41f0d1d383d2107931e621a2ee60b6a
b9f26d286df9cb0a3f838a141f489104de820d7c78caf2f440319a3f3859b549
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c8b344ccb7e63d18ef422bfd771a348bfba32a4d8729df1cebf91ced39728d94
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
d5b43c13f29156b87b601565e8abe066f9dc7ef32d856deeee11f099f1807748
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb5f6ef44f432004f2527a056035f7a026a5aa363d12e4c6a55893a9e3d8a7f
eb36fe7e6c1ab0bd28e2b35b5134a1d95229b67f3ecca95e29f7c964ebd0df55
eb7d3c42c37e66f29e50edddb8e8acb7c0b3d6202e6aa640c3ccb95302cd2d8f
f0a9fc793a3d15e01ee5f4cff66a2a3cb30f25bac3a0962fe2ac0ff837b40acc
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7a57062e993737efc0af2b377250b855aed80b41d546f70973bdca790f507fd
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355