urlscan.io logo urlscan.io
SecurityTrails logo

epromopartners.com Open in urlscan Pro
163.171.128.172  Public Scan

Go To Rescan Add Verdict Report
URL: https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
Submission Tags: falconsandbox
Submission: On November 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 35 HTTP transactions. The main IP is 163.171.128.172, located in Germany and belongs to QUANTILNETWORKS, US. The main domain is epromopartners.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on March 16th 2021. Valid for: a year.
This is the only time epromopartners.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    163.171.128.172 (Germany)

ASN54994 (QUANTILNETWORKS, US)
epromopartners.com
securechargevault.com
frlysglmt.com
3    2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    147.75.87.177 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k3-shared-ingress3
geoip.esignonsecure.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
9 frlysglmt.com epromopartners.com
frlysglmt.com
9 epromopartners.com epromopartners.com
4 fonts.googleapis.com frlysglmt.com
3 fonts.gstatic.com fonts.googleapis.com
3 use.typekit.net epromopartners.com
use.typekit.net
2 www.googletagmanager.com frlysglmt.com
1 www.google-analytics.com www.googletagmanager.com
1 ajax.aspnetcdn.com frlysglmt.com
1 code.jquery.com frlysglmt.com
1 geoip.esignonsecure.com frlysglmt.com
1 p.typekit.net use.typekit.net
1 securechargevault.com 1 redirects
35 12

This site contains no links.

Subject Issuer Validity Valid
www.epromopartners.com
AlphaSSL CA - SHA256 - G2		 2021-03-16 -
2022-04-17		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
www.frlysglmt.com
AlphaSSL CA - SHA256 - G2		 2021-04-09 -
2022-05-11		 a year crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-16 -
2022-07-21		 a year crt.sh
*.esignonsecure.com
AlphaSSL CA - SHA256 - G2		 2021-04-09 -
2022-05-11		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
Frame ID: 64030DAB953F8F7544ADDECC1470A155
Requests: 13 HTTP requests in this frame

Frame: https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
Frame ID: D2FB90364D7EC8FE6302960540C6B086
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My Flirt Chat!

Page Statistics

35
Requests

100 %
HTTPS

70 %
IPv6

11
Domains

12
Subdomains

10
IPs

3
Countries

690 kB
Transfer

1214 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://securechargevault.com/process/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11 HTTP 302
  • https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
epromopartners.com/campaigns/mfc/unk4hj/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
9edbca9cef2e580ec4b246bd184d6461310c8bd671b8e109f2e4acd0aea5b89b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 01 Nov 2021 01:45:08 GMT
content-type
text/html; charset=UTF-8
server
waf/4.26.6-3.el6
content-encoding
gzip
x-via
1.1 lsh190:7 (Cdn Cache Server V2.0), 1.1 kf230:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc95:15 (Cdn Cache Server V2.0)
x-ws-request-id
617f46a4_localhost_32106-10708
bootstrap-4.2.1.css
epromopartners.com/campaigns/mfc/unk4hj/css/ 		185 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/campaigns/mfc/unk4hj/css/bootstrap-4.2.1.css
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
e54df3f4adcfd7b70a8066315d0039ac164ee440e3bbe960b571baa035cd6cd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:08 GMT
content-encoding
gzip
last-modified
Fri, 03 Sep 2021 17:58:46 GMT
server
waf/4.26.6-3.el6
etag
W/"61326256-2e246"
x-ws-request-id
617f46a4_localhost_32106-10720
x-via
1.1 lsh190:5 (Cdn Cache Server V2.0), 1.1 kf230:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc95:12 (Cdn Cache Server V2.0)
content-type
text/css
main.css
epromopartners.com/campaigns/mfc/unk4hj/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/campaigns/mfc/unk4hj/css/main.css
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
b0bd539092aefb705d141210c47a9131047b26525c0087c1313f4fb6ecbc3bb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:08 GMT
last-modified
Fri, 03 Sep 2021 17:58:46 GMT
server
waf/4.26.6-3.el6
etag
"61326256-1aec"
x-ws-request-id
617f46a4_localhost_32106-10721
x-via
1.1 lsh190:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:7 (Cdn Cache Server V2.0)
accept-ranges
bytes
content-type
text/css
content-length
6892
amm4pjh.css
use.typekit.net/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/amm4pjh.css
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a97fa6c5345a87072309ff180413cb6cf929427bd98bd1f529f4715c060143be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://epromopartners.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Mon, 01 Nov 2021 01:45:08 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1319
logo.png
epromopartners.com/campaigns/mfc/unk4hj/media/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epromopartners.com/campaigns/mfc/unk4hj/media/logo.png
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
753df6231c564f6e99347da3dacf266d06e6036a8f57450bf7380ee060f1f52e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:08 GMT
last-modified
Fri, 03 Sep 2021 17:58:47 GMT
server
waf/4.26.6-3.el6
etag
"61326257-a9fd"
x-ws-request-id
617f46a4_localhost_32106-10726
x-via
1.1 lsh190:4 (Cdn Cache Server V2.0), 1.1 kf230:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc95:10 (Cdn Cache Server V2.0)
accept-ranges
bytes
content-type
image/png
content-length
43517
jquery-3.3.1.min.js
epromopartners.com/campaigns/mfc/unk4hj/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/campaigns/mfc/unk4hj/js/jquery-3.3.1.min.js
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:09 GMT
last-modified
Fri, 03 Sep 2021 17:58:47 GMT
server
waf/4.26.6-3.el6
etag
"61326257-1538e"
x-ws-request-id
617f46a4_localhost_32106-10722
x-via
1.1 lsh190:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:6 (Cdn Cache Server V2.0)
accept-ranges
bytes
content-type
application/javascript
content-length
86926
bootstrap-4.2.1.js
epromopartners.com/campaigns/mfc/unk4hj/js/ 		123 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/campaigns/mfc/unk4hj/js/bootstrap-4.2.1.js
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
2b42a46918757ecfd461f29c9f304af46fd7ec7833b9a7952358493d2f12c6ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:08 GMT
last-modified
Fri, 03 Sep 2021 17:58:47 GMT
server
waf/4.26.6-3.el6
etag
"61326257-1ec5c"
x-ws-request-id
617f46a4_localhost_32106-10723
x-via
1.1 lsh190:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:2 (Cdn Cache Server V2.0)
accept-ranges
bytes
content-type
application/javascript
content-length
126044
iframeResizer.min.js
epromopartners.com/common/js/iframeResizer/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/common/js/iframeResizer/iframeResizer.min.js
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:08 GMT
last-modified
Fri, 03 Sep 2021 17:51:59 GMT
server
waf/4.26.6-3.el6
age
1
etag
"613260bf-2e17"
x-ws-request-id
617f46a4_localhost_32106-10724
content-type
application/javascript
accept-ranges
bytes
content-length
11799
x-via
1.1 lsh190:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:13 (Cdn Cache Server V2.0)
main.js
epromopartners.com/campaigns/mfc/unk4hj/js/ 		640 B
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/campaigns/mfc/unk4hj/js/main.js
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
368f402edd0d4866a32588ea6401f5ac20ff7c389133d95191822f521c4be087

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:08 GMT
last-modified
Fri, 03 Sep 2021 17:52:19 GMT
server
waf/4.26.6-3.el6
etag
"613260d3-280"
x-ws-request-id
617f46a4_localhost_32106-10725
x-via
1.1 lsh190:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:7 (Cdn Cache Server V2.0)
accept-ranges
bytes
content-type
application/javascript
content-length
640
/
frlysglmt.com/dofadd/ Frame D2FB
Redirect Chain
  • https://securechargevault.com/process/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
  • https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/mfc/unk4hj/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
e74e9dc1ab2273b649e7fd7216f18ef9a739e53c654cf4bdb3ce268ed54bdc01

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://epromopartners.com/

Response headers

date
Mon, 01 Nov 2021 01:45:11 GMT
content-type
text/html; charset=UTF-8
server
waf/4.26.6-3.el6
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding
gzip
x-via
1.1 lsh190:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:3 (Cdn Cache Server V2.0)
x-ws-request-id
617f46a6_localhost_32872-2665

Redirect headers

date
Mon, 01 Nov 2021 01:45:09 GMT
content-type
text/html; charset=UTF-8
server
waf/4.26.6-3.el6
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
x-via
1.1 lsh190:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:7 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1eq94:13 (Cdn Cache Server V2.0)
x-ws-request-id
617f46a4_localhost_32106-10730
p.css
p.typekit.net/ 		5 B
162 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=amm4pjh&ht=tk&f=39347.39348.39349.45710.45713.45717.45720.45724.45727.45731.45734.45745.45748.45703.45706.45738.45741&a=86561230&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/amm4pjh.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:08 GMT
last-modified
Thu, 05 Nov 2020 13:49:42 GMT
server
nginx
etag
"5fa402f6-5"
content-type
text/css
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
icon.svg
epromopartners.com/campaigns/mfc/unk4hj/media/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epromopartners.com/campaigns/mfc/unk4hj/media/icon.svg
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/mfc/unk4hj/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
6883279f2d2d0bb7e58a4fb77327bc353c856d51269a780665c2f2505b9932ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://epromopartners.com/campaigns/mfc/unk4hj/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:09 GMT
last-modified
Fri, 03 Sep 2021 17:58:47 GMT
server
waf/4.26.6-3.el6
etag
"61326257-440"
x-ws-request-id
617f46a4_localhost_32106-10736
x-via
1.1 lsh190:0 (Cdn Cache Server V2.0), 1.1 kf230:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:15 (Cdn Cache Server V2.0)
accept-ranges
bytes
content-type
image/svg+xml
content-length
1088
l
use.typekit.net/af/6161d4/00000000000000007735ba1e/30/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6161d4/00000000000000007735ba1e/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/amm4pjh.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c0fbc9f23855a242577ef2a4316f7e268c3356fd815767cde865c586cfa577a6

Request headers

Referer
https://use.typekit.net/amm4pjh.css
Origin
https://epromopartners.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:08 GMT
server
nginx
etag
"06761d2320c8306282dc96486a005ef254ce0efb"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31820
l
use.typekit.net/af/b89a53/00000000000000007735ba1d/30/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/b89a53/00000000000000007735ba1d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/amm4pjh.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
678567486a9b14df7f7cc4c0f9e365ad004519fc7c88c22f1ea3040b34112228

Request headers

Referer
https://use.typekit.net/amm4pjh.css
Origin
https://epromopartners.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:08 GMT
server
nginx
etag
"27dad9ace82adc4403691523f222aa1c784525bb"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31320
/
geoip.esignonsecure.com/ Frame D2FB 		393 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip.esignonsecure.com/?v=1
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.87.177 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress3
Software
/
Resource Hash
d2b9ee363e9a994c75e6b9bb488db7c0813e28c558b6b33f33e2b62c412a523c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:45:11 GMT
via
1.1 varnish (Varnish/6.3)
content-type
application/javascript
age
0
vary
Accept-Encoding
x-varnish
732798
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
section-io-id
5e466c9607721066f6f29f4dbcaab2ac
section-io-cache
Miss
expires
0
cleanstep.css
frlysglmt.com/common_tpls/compact/css/ Frame D2FB 		178 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://frlysglmt.com/common_tpls/compact/css/cleanstep.css
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
a737a566540fe1ddce0e3dc53778bcb29de07b8672f473d839409e699f9828b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:11 GMT
content-encoding
gzip
last-modified
Tue, 16 Jun 2020 16:45:05 GMT
server
waf/4.26.6-3.el6
etag
W/"5ee8f711-2c8c4"
x-ws-request-id
617f46a7_localhost_32872-2696
x-via
1.1 lsh190:7 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc95:6 (Cdn Cache Server V2.0)
content-type
text/css
jquery-3.4.1.min.js
code.jquery.com/ Frame D2FB 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://frlysglmt.com/
Origin
https://frlysglmt.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:11 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-15851"
vary
Accept-Encoding
x-hw
1635731111.dop208.fr8.t,1635731111.cds278.fr8.hn,1635731111.cds261.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/ Frame D2FB 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FEA) /
Resource Hash
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://frlysglmt.com/
Origin
https://frlysglmt.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9249064
x-cache
HIT
content-length
9409
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:09:58 GMT
server
ECAcc (frc/8FEA)
etag
"02729e6cb33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
form_support.js
frlysglmt.com/common_tpls/js/ Frame D2FB 		977 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frlysglmt.com/common_tpls/js/form_support.js?v=1516308712
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
f2648f83e8bb78db15ffc5d01dcbc53fb6b8c585dcfabbb88bd0471b8399ca00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:11 GMT
last-modified
Tue, 19 Jan 2021 00:12:19 GMT
server
waf/4.26.6-3.el6
etag
"600623e3-3d1"
x-ws-request-id
617f46a7_localhost_32872-2697
x-via
1.1 lsh190:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:3 (Cdn Cache Server V2.0)
accept-ranges
bytes
content-type
application/javascript
content-length
977
validate_form_v2.js
frlysglmt.com/common_tpls/js/ Frame D2FB 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frlysglmt.com/common_tpls/js/validate_form_v2.js?jsv=20
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
89d4b7e60391fb802c7bfae97619f5b13a212f1d318bf3944d7667412c6ec20a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:11 GMT
last-modified
Wed, 06 Oct 2021 14:04:56 GMT
server
waf/4.26.6-3.el6
etag
"615dad08-5927"
x-ws-request-id
617f46a7_localhost_32872-2698
x-via
1.1 lsh190:7 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:10 (Cdn Cache Server V2.0)
accept-ranges
bytes
content-type
application/javascript
content-length
22823
ajax-loader.gif
frlysglmt.com/common_tpls/images/ Frame D2FB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://frlysglmt.com/common_tpls/images/ajax-loader.gif
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:11 GMT
last-modified
Mon, 07 Oct 2013 22:49:23 GMT
server
waf/4.26.6-3.el6
etag
"52533a73-c88"
x-ws-request-id
617f46a7_localhost_32872-2715
x-via
1.1 lsh190:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:0 (Cdn Cache Server V2.0)
accept-ranges
bytes
content-type
image/gif
content-length
3208
j1-line-3@2x.png
frlysglmt.com/common_tpls/compact/img/cleanstep/ Frame D2FB 		156 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://frlysglmt.com/common_tpls/compact/img/cleanstep/j1-line-3@2x.png
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
1302fb6dfb8906ee779abaf947b3100d4b102551b9f16abf5cc4d8f0fcdc473a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:11 GMT
last-modified
Thu, 25 Apr 2019 00:49:07 GMT
server
waf/4.26.6-3.el6
etag
"5cc10403-9c"
x-ws-request-id
617f46a7_localhost_32872-2719
x-via
1.1 lsh190:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:6 (Cdn Cache Server V2.0)
accept-ranges
bytes
content-type
image/png
content-length
156
j1-line-2@2x.png
frlysglmt.com/common_tpls/compact/img/cleanstep/ Frame D2FB 		177 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://frlysglmt.com/common_tpls/compact/img/cleanstep/j1-line-2@2x.png
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
61d3d1af48dc7b4ab9b54fe266b6527adce310f6ec03ea4424d0673b079cbc9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:11 GMT
last-modified
Thu, 25 Apr 2019 00:49:07 GMT
server
waf/4.26.6-3.el6
etag
"5cc10403-b1"
x-ws-request-id
617f46a7_localhost_32872-2720
x-via
1.1 lsh190:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:13 (Cdn Cache Server V2.0)
accept-ranges
bytes
content-type
image/png
content-length
177
j1-profile@2x.png
frlysglmt.com/common_tpls/compact/img/cleanstep/ Frame D2FB 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://frlysglmt.com/common_tpls/compact/img/cleanstep/j1-profile@2x.png
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
16777add811e11a9033f75085192576c334df315c52f938ab8cc39d2ecef230d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:11 GMT
last-modified
Thu, 25 Apr 2019 00:49:07 GMT
server
waf/4.26.6-3.el6
etag
"5cc10403-1185"
x-ws-request-id
617f46a7_localhost_32872-2721
x-via
1.1 lsh190:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:2 (Cdn Cache Server V2.0)
accept-ranges
bytes
content-type
image/png
content-length
4485
iframeResizer.contentWindow.min.js
frlysglmt.com/common_tpls/js/ Frame D2FB 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frlysglmt.com/common_tpls/js/iframeResizer.contentWindow.min.js
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.6-3.el6 /
Resource Hash
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:11 GMT
last-modified
Thu, 04 Feb 2016 15:05:04 GMT
server
waf/4.26.6-3.el6
etag
"56b368a0-3445"
x-ws-request-id
617f46a7_localhost_32872-2711
x-via
1.1 lsh190:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1eq94:5 (Cdn Cache Server V2.0)
accept-ranges
bytes
content-type
application/javascript
content-length
13381
js
www.googletagmanager.com/gtag/ Frame D2FB 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-208203304-1
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c17f24945b018cf08fbeafbb307b1abdc52e5fb69d75fdaa53b903843891440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35742
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 01 Nov 2021 01:45:11 GMT
css
fonts.googleapis.com/ Frame D2FB 		5 KB
734 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,800
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/common_tpls/compact/css/cleanstep.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9007b90c51bfb0f57be458dc4bb2a5206797930758e1e240a31b3ee71ec7ec3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 31 Oct 2021 23:46:38 GMT
server
ESF
date
Mon, 01 Nov 2021 01:45:11 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 01 Nov 2021 01:45:11 GMT
css
fonts.googleapis.com/ Frame D2FB 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700,900
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/common_tpls/compact/css/cleanstep.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf96e6cb8d94e5b4f374adc08b303442b519da6faa5ed138b2ae5d7a6a7e7b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 01:27:53 GMT
server
ESF
date
Mon, 01 Nov 2021 01:45:11 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 01 Nov 2021 01:45:11 GMT
css
fonts.googleapis.com/ Frame D2FB 		2 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/common_tpls/compact/css/cleanstep.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f51c09f7389cdc5cfdbd249cc66f95f51480041e42da46e5adf088e7bea9a686
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 01:12:05 GMT
server
ESF
date
Mon, 01 Nov 2021 01:45:11 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 01 Nov 2021 01:45:11 GMT
css
fonts.googleapis.com/ Frame D2FB 		2 KB
611 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/common_tpls/compact/css/cleanstep.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 00:11:14 GMT
server
ESF
date
Mon, 01 Nov 2021 01:45:11 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 01 Nov 2021 01:45:11 GMT
gtm.js
www.googletagmanager.com/ Frame D2FB 		73 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WRR93BC
Requested by
Host: frlysglmt.com
URL: https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cbdbe28ed9d4f4ccfeb2657c889bc53bc0885680cf9c1311328f83c757212685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:45:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29445
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 01 Nov 2021 01:45:11 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame D2FB 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://frlysglmt.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 16:19:14 GMT
x-content-type-options
nosniff
age
293157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 16:19:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D2FB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://frlysglmt.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:31:41 GMT
x-content-type-options
nosniff
age
378810
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 27 Oct 2022 16:31:41 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ Frame D2FB 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://frlysglmt.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 02:46:58 GMT
x-content-type-options
nosniff
age
255493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 29 Oct 2022 02:46:58 GMT
analytics.js
www.google-analytics.com/ Frame D2FB 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-208203304-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://frlysglmt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
6277
date
Mon, 01 Nov 2021 00:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 01 Nov 2021 02:00:34 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery object| bootstrap function| iFrameResize object| el function| scrollToElem function| respondToSubmit function| respondToJ2Load

3 Cookies

Domain/Path Name / Value
epromopartners.com/ Name: HMF_CI
Value: fc94403f48ec4fe96bcd7b20c2d848308d2c200ae56ad4703516aafe233abb7b72
securechargevault.com/ Name: PHPSESSID
Value: e59272b6055943d723bc20e0b2976125
frlysglmt.com/ Name: PHPSESSID
Value: ca30041f03cec4081746c62d18aba21a

1 Console Messages

Source Level URL
Text
deprecation warning URL: https://frlysglmt.com/dofadd/?dofid=p36%3Ao594%3Awcxf&a_aid=5ce3b037d0f48&a_bid=a09aa645&chan=code11&dof_click_id=06h4M91dtcneQag6ge0fh826Efj938S29(Line 280)
Message:
Triggering window.alert from cross origin iframes has been deprecated and will be removed in the future.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
code.jquery.com
epromopartners.com
fonts.googleapis.com
fonts.gstatic.com
frlysglmt.com
geoip.esignonsecure.com
p.typekit.net
securechargevault.com
use.typekit.net
www.google-analytics.com
www.googletagmanager.com
147.75.87.177
152.199.19.160
163.171.128.172
2001:4de0:ac18::1:a:3a
2a00:1450:4001:800::200e
2a00:1450:4001:803::2003
2a00:1450:4001:809::2008
2a00:1450:4001:831::200a
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba0a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1302fb6dfb8906ee779abaf947b3100d4b102551b9f16abf5cc4d8f0fcdc473a
16777add811e11a9033f75085192576c334df315c52f938ab8cc39d2ecef230d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2b42a46918757ecfd461f29c9f304af46fd7ec7833b9a7952358493d2f12c6ce
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33
368f402edd0d4866a32588ea6401f5ac20ff7c389133d95191822f521c4be087
5c17f24945b018cf08fbeafbb307b1abdc52e5fb69d75fdaa53b903843891440
61d3d1af48dc7b4ab9b54fe266b6527adce310f6ec03ea4424d0673b079cbc9c
678567486a9b14df7f7cc4c0f9e365ad004519fc7c88c22f1ea3040b34112228
6883279f2d2d0bb7e58a4fb77327bc353c856d51269a780665c2f2505b9932ba
753df6231c564f6e99347da3dacf266d06e6036a8f57450bf7380ee060f1f52e
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89d4b7e60391fb802c7bfae97619f5b13a212f1d318bf3944d7667412c6ec20a
9007b90c51bfb0f57be458dc4bb2a5206797930758e1e240a31b3ee71ec7ec3b
9edbca9cef2e580ec4b246bd184d6461310c8bd671b8e109f2e4acd0aea5b89b
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a737a566540fe1ddce0e3dc53778bcb29de07b8672f473d839409e699f9828b1
a97fa6c5345a87072309ff180413cb6cf929427bd98bd1f529f4715c060143be
b0bd539092aefb705d141210c47a9131047b26525c0087c1313f4fb6ecbc3bb3
bf96e6cb8d94e5b4f374adc08b303442b519da6faa5ed138b2ae5d7a6a7e7b5d
c0fbc9f23855a242577ef2a4316f7e268c3356fd815767cde865c586cfa577a6
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
cbdbe28ed9d4f4ccfeb2657c889bc53bc0885680cf9c1311328f83c757212685
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d2b9ee363e9a994c75e6b9bb488db7c0813e28c558b6b33f33e2b62c412a523c
e54df3f4adcfd7b70a8066315d0039ac164ee440e3bbe960b571baa035cd6cd6
e74e9dc1ab2273b649e7fd7216f18ef9a739e53c654cf4bdb3ce268ed54bdc01
f2648f83e8bb78db15ffc5d01dcbc53fb6b8c585dcfabbb88bd0471b8399ca00
f51c09f7389cdc5cfdbd249cc66f95f51480041e42da46e5adf088e7bea9a686
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355