incoming-document-viig7.daftpage.com Open in urlscan Pro
76.76.21.123  Malicious Activity! Public Scan

Submitted URL: https://www.dashboard.gglme.com/redirect_link_to/?keyword=MFA&link=https://incoming-document-viig7.daftpage.com/
Effective URL: https://incoming-document-viig7.daftpage.com/
Submission: On July 27 via manual from US — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 29 HTTP transactions. The main IP is 76.76.21.123, located in United States and belongs to AMAZON-02, US. The main domain is incoming-document-viig7.daftpage.com.
TLS certificate: Issued by R3 on July 27th 2022. Valid for: 3 months.
This is the only time incoming-document-viig7.daftpage.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sharepoint (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 164.68.109.83 51167 (CONTABO)
19 76.76.21.123 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 54.231.161.41 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
29 5
Apex Domain
Subdomains
Transfer
19 daftpage.com
incoming-document-viig7.daftpage.com
544 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72
6 KB
2 gstatic.com
fonts.gstatic.com
58 KB
2 amazonaws.com
daftpage.s3.amazonaws.com
226 KB
1 gglme.com
www.dashboard.gglme.com
363 B
29 5
Domain Requested by
19 incoming-document-viig7.daftpage.com incoming-document-viig7.daftpage.com
6 fonts.googleapis.com incoming-document-viig7.daftpage.com
2 fonts.gstatic.com fonts.googleapis.com
2 daftpage.s3.amazonaws.com incoming-document-viig7.daftpage.com
1 www.dashboard.gglme.com 1 redirects
29 5

This site contains links to these domains. Also see Links.

Domain
daftpage.com
desert-faithful-guava.glitch.me
Subject Issuer Validity Valid
*.daftpage.com
R3
2022-07-27 -
2022-10-25
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.s3.amazonaws.com
Amazon
2021-12-15 -
2022-12-03
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://incoming-document-viig7.daftpage.com/
Frame ID: 14BA2AA7963C6FE4B46476528B3B01DC
Requests: 30 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.dashboard.gglme.com/redirect_link_to/?keyword=MFA&link=https://incoming-document-viig7.daftpage.... HTTP 302
    https://incoming-document-viig7.daftpage.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

29
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

833 kB
Transfer

2320 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.dashboard.gglme.com/redirect_link_to/?keyword=MFA&link=https://incoming-document-viig7.daftpage.com/ HTTP 302
    https://incoming-document-viig7.daftpage.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
incoming-document-viig7.daftpage.com/
Redirect Chain
  • https://www.dashboard.gglme.com/redirect_link_to/?keyword=MFA&link=https://incoming-document-viig7.daftpage.com/
  • https://incoming-document-viig7.daftpage.com/
23 KB
5 KB
Document
General
Full URL
https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Next.js
Resource Hash
b23152823d91b78293a46a42ed10e8345b703bae2c7e63d608d5eade46ed9327
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21596
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-type
text/html
date
Wed, 27 Jul 2022 17:54:45 GMT
etag
W/"5dab-vktGe3F6kEnaCfzHDgsD5LpdNqE"
server
Vercel
strict-transport-security
max-age=63072000
x-matched-path
/_sites/[site]
x-powered-by
Next.js
x-vercel-cache
STALE
x-vercel-id
fra1::iad1::tp467-1658966081310-bafc11e96a04

Redirect headers

content-length
60
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline'
content-type
text/html
date
Wed, 27 Jul 2022 23:54:40 GMT
location
https://incoming-document-viig7.daftpage.com/
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload max-age=604800,includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/
15 KB
760 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Josefin+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
393c97dc4fa93d168c376aef134d9430420d2eceeaaad15e7cb5c39b119fa2d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 23:54:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 27 Jul 2022 23:54:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Jul 2022 23:54:41 GMT
css2
fonts.googleapis.com/
27 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
03f814d2efcea1ba44a88a4de85f6f71e5342bc9aa1315e657cbb7b17ebb0192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 23:54:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 27 Jul 2022 23:54:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Jul 2022 23:54:41 GMT
css2
fonts.googleapis.com/
17 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfb6aa04fe174f86ed5fb8b8614b34eb5baa2c018efce8d0e0315c682059a65e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 23:49:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 27 Jul 2022 23:54:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Jul 2022 23:54:41 GMT
css2
fonts.googleapis.com/
22 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff8faea81a89cefaf5dc866fc12c33eea0de39c3e63f9355c44818951223e677
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 23:42:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 27 Jul 2022 23:54:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Jul 2022 23:54:41 GMT
css2
fonts.googleapis.com/
7 KB
665 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 22:43:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 27 Jul 2022 23:54:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Jul 2022 23:54:41 GMT
css2
fonts.googleapis.com/
19 KB
981 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2458c6e69ec960015408bcff5b6e3c679da9a9e7cb3149cc810ef75158c0acf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 23:42:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 27 Jul 2022 23:54:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 27 Jul 2022 23:54:41 GMT
29c21ae94ab7ae95.css
incoming-document-viig7.daftpage.com/_next/static/css/
170 KB
32 KB
Stylesheet
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/static/css/29c21ae94ab7ae95.css
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
bfe656a9f28e453c98af761ba4eae7d8d6ec470d8419a77ae96845d5c26db6b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:41 GMT
content-encoding
br
server
Vercel
age
50690
x-matched-path
/_next/static/css/29c21ae94ab7ae95.css
etag
W/"b17f81751d29f754a50ec8eb712db3ff"
x-vercel-id
fra1:fra1::tp467-1658966081860-4ffeacf9e47f
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="29c21ae94ab7ae95.css"
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
c72c533aca924c1e.css
incoming-document-viig7.daftpage.com/_next/static/css/
20 KB
4 KB
Stylesheet
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/static/css/c72c533aca924c1e.css
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
24cf272f68a3c186317cbbc866ef441d2aaa14f60921dd8e6dab16c78ee4b1df
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:41 GMT
content-encoding
br
server
Vercel
age
50690
x-matched-path
/_next/static/css/c72c533aca924c1e.css
etag
W/"88a0a05c09280d5d29b11053c4e8d774"
x-vercel-id
fra1:fra1::tp467-1658966081863-6e26a99be85b
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="c72c533aca924c1e.css"
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
webpack-c46bd53b3301cb26.js
incoming-document-viig7.daftpage.com/_next/static/chunks/
4 KB
2 KB
Script
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/static/chunks/webpack-c46bd53b3301cb26.js
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4fd199bffd107e7f486613f7dfa6a430e691ca89f5e5bb6d110e712daf841534
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:41 GMT
content-encoding
br
server
Vercel
age
50690
x-matched-path
/_next/static/chunks/webpack-c46bd53b3301cb26.js
etag
W/"6b9d0b85cffb8cd80e6bb5131cc853fc"
x-vercel-id
fra1:fra1::tp467-1658966081903-f61b8a8a4a88
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="webpack-c46bd53b3301cb26.js"
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
framework-fc1f2e8247ad02c2.js
incoming-document-viig7.daftpage.com/_next/static/chunks/
127 KB
43 KB
Script
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/static/chunks/framework-fc1f2e8247ad02c2.js
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
3f8ed02f16405e37169b029190b7dcd581cf91509fe05d2e5b65ae14e59c46c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:41 GMT
content-encoding
br
server
Vercel
age
50690
x-matched-path
/_next/static/chunks/framework-fc1f2e8247ad02c2.js
etag
W/"97a3673c125714676dceb94853b4633a"
x-vercel-id
fra1:fra1::tp467-1658966081906-e4a642568381
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="framework-fc1f2e8247ad02c2.js"
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
main-de9a4cc9a544ed23.js
incoming-document-viig7.daftpage.com/_next/static/chunks/
118 KB
36 KB
Script
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/static/chunks/main-de9a4cc9a544ed23.js
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
73413560550e08bbd1f5e412e892e0829d49305c7ecffff3e8ce26c1f0bf42f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:41 GMT
content-encoding
br
server
Vercel
age
50690
x-matched-path
/_next/static/chunks/main-de9a4cc9a544ed23.js
etag
W/"2db8458e401a031b8c3d02dcc85c2117"
x-vercel-id
fra1:fra1::tp467-1658966081909-5539e5be9287
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="main-de9a4cc9a544ed23.js"
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
_app-347ba4445431941f.js
incoming-document-viig7.daftpage.com/_next/static/chunks/pages/
1 KB
793 B
Script
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/static/chunks/pages/_app-347ba4445431941f.js
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
493226137c06402a4a94720a930a7d5c026fdbd0cd652d3c95620e14495e6daf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:42 GMT
content-encoding
br
server
Vercel
age
50690
x-matched-path
/_next/static/chunks/pages/_app-347ba4445431941f.js
etag
W/"85c117e124e28252299ab58a4542eae4"
x-vercel-id
fra1:fra1::tp467-1658966081912-fb69fdcad851
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_app-347ba4445431941f.js"
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
3f43c12b-f18aaa400465754a.js
incoming-document-viig7.daftpage.com/_next/static/chunks/
117 KB
36 KB
Script
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/static/chunks/3f43c12b-f18aaa400465754a.js
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
00ea5932bb1d578af1f186da1dbe175e6aed09c8e5fe67750ec68cd6ba64a1ee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:41 GMT
content-encoding
br
server
Vercel
age
50690
x-matched-path
/_next/static/chunks/3f43c12b-f18aaa400465754a.js
etag
W/"710ba4ccda30390c830efefa66f442ab"
x-vercel-id
fra1:fra1::tp467-1658966081915-04bf7e0feb0e
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="3f43c12b-f18aaa400465754a.js"
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
c2f04ad0-e42808f1064aeceb.js
incoming-document-viig7.daftpage.com/_next/static/chunks/
88 KB
29 KB
Script
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/static/chunks/c2f04ad0-e42808f1064aeceb.js
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0ebecadafbad88e07dbeaec1ba83d0ef6bb8a97dabdfec783d5628257b2ef4c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:41 GMT
content-encoding
br
server
Vercel
age
50690
x-matched-path
/_next/static/chunks/c2f04ad0-e42808f1064aeceb.js
etag
W/"bbfb10c4857fd8a86146fe40b3cf7311"
x-vercel-id
fra1:fra1::tp467-1658966081917-b1ddd0ff623c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="c2f04ad0-e42808f1064aeceb.js"
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
726-015eedaa849d8fd6.js
incoming-document-viig7.daftpage.com/_next/static/chunks/
1 MB
308 KB
Script
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/static/chunks/726-015eedaa849d8fd6.js
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
07eedc7db7b489454d20d1a243fcf3e47c8a4af9f0cd47b6e6cde8373a09fe50
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:41 GMT
content-encoding
br
server
Vercel
age
50689
x-matched-path
/_next/static/chunks/726-015eedaa849d8fd6.js
etag
W/"298a2751e79bde31cfbd9546a10ae00a"
x-vercel-id
fra1:fra1::tp467-1658966081921-e74e35e32941
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="726-015eedaa849d8fd6.js"
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
400-20f78fa92180be42.js
incoming-document-viig7.daftpage.com/_next/static/chunks/
129 KB
33 KB
Script
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/static/chunks/400-20f78fa92180be42.js
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
01ff05c7fd4f7916ebde54a554717c869280f9f146f71884a0282de206326910
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:42 GMT
content-encoding
br
server
Vercel
age
50690
x-matched-path
/_next/static/chunks/400-20f78fa92180be42.js
etag
W/"a0f49d7cf61235847531e0cf235c2af4"
x-vercel-id
fra1:fra1::tp467-1658966081925-a959bdb54e02
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="400-20f78fa92180be42.js"
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
344-81998dc2f51e6170.js
incoming-document-viig7.daftpage.com/_next/static/chunks/
9 KB
3 KB
Script
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/static/chunks/344-81998dc2f51e6170.js
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
a79fbff29b1a21f505eb9536c830a661aba8390f0aac14d0a84cc367f9ee7192
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:41 GMT
content-encoding
br
server
Vercel
age
50690
x-matched-path
/_next/static/chunks/344-81998dc2f51e6170.js
etag
W/"e144b4ae741e28a206e343fe4b8e94ee"
x-vercel-id
fra1:fra1::tp467-1658966081928-b33c6be8053d
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="344-81998dc2f51e6170.js"
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
%5Bsite%5D-ec502eecd32894ab.js
incoming-document-viig7.daftpage.com/_next/static/chunks/pages/_sites/
478 B
662 B
Script
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/static/chunks/pages/_sites/%5Bsite%5D-ec502eecd32894ab.js
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f5d114abe30e55e11543cfe3ef731731e10623cc6da498ab0ed26bf00439ea2c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:41 GMT
server
Vercel
age
50690
x-matched-path
/_next/static/chunks/pages/_sites/%5Bsite%5D-ec502eecd32894ab.js
etag
"601b7cdc4094345220d51e4ec7f0c438"
x-vercel-id
fra1:fra1::tp467-1658966081932-dc73c2a98cb5
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="[site]-ec502eecd32894ab.js"
strict-transport-security
max-age=63072000
accept-ranges
bytes
x-vercel-cache
HIT
content-length
478
_buildManifest.js
incoming-document-viig7.daftpage.com/_next/static/lBkqJc1aJshbLWZXcTpnj/
1 KB
713 B
Script
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/static/lBkqJc1aJshbLWZXcTpnj/_buildManifest.js
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0dc8dace4241b24511af042c46543ccee50e23d327a76262a58ef728363bc614
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:41 GMT
content-encoding
br
server
Vercel
age
50690
x-matched-path
/_next/static/lBkqJc1aJshbLWZXcTpnj/_buildManifest.js
etag
W/"13f6a439cd277be3fe3a0660339132cc"
x-vercel-id
fra1:fra1::tp467-1658966081936-b0671c69106c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_buildManifest.js"
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
_ssgManifest.js
incoming-document-viig7.daftpage.com/_next/static/lBkqJc1aJshbLWZXcTpnj/
283 B
448 B
Script
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/static/lBkqJc1aJshbLWZXcTpnj/_ssgManifest.js
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
1760e7eef9f42da62ffb7994497e42bcab6c37c5dd32c2f1de1cec942524c5c7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:42 GMT
server
Vercel
age
50690
x-matched-path
/_next/static/lBkqJc1aJshbLWZXcTpnj/_ssgManifest.js
etag
"9f165d07fcf0510e4120d85f0f1dc167"
x-vercel-id
fra1:fra1::tp467-1658966081938-dd510fae3880
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_ssgManifest.js"
strict-transport-security
max-age=63072000
accept-ranges
bytes
x-vercel-cache
HIT
content-length
283
index-udqwct.png
daftpage.s3.amazonaws.com/projects/cl63up8db004n09mo6ouhcxnd/assets/
3 KB
4 KB
Image
General
Full URL
https://daftpage.s3.amazonaws.com/projects/cl63up8db004n09mo6ouhcxnd/assets/index-udqwct.png
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.161.41 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ed518261972445f0ec39ea427d6d083ed69fffbc5e601d2b8f12cc659ef1d87e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 23:54:43 GMT
Last-Modified
Wed, 27 Jul 2022 17:05:19 GMT
Server
AmazonS3
x-amz-request-id
7Q42SXESXYCEVQHP
ETag
"a12c6571a7a73afdb8338bf201be858a"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3464
x-amz-id-2
Jql8Wg6xU+OUD7IsqY9UlObWcNgXRUOi0F6nFc7Ahcx72dFyzlxC0tyGf3J9j7TQ+MvqwKWgznA=
screen-shot-2022-07-22-at-8-81jot0.png
daftpage.s3.amazonaws.com/projects/cl63up8db004n09mo6ouhcxnd/assets/
222 KB
222 KB
Image
General
Full URL
https://daftpage.s3.amazonaws.com/projects/cl63up8db004n09mo6ouhcxnd/assets/screen-shot-2022-07-22-at-8-81jot0.png
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.161.41 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7ce2a6072bfcfdf1aedecf58f7fcf1b46ca8fb11719dec63d81e842298990def

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 23:54:43 GMT
Last-Modified
Wed, 27 Jul 2022 17:02:28 GMT
Server
AmazonS3
x-amz-request-id
7Q464NH6D2A4FPX6
ETag
"cbfeb9cfd2292ba42eb5035a2281d6db"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
227025
x-amz-id-2
nh1g2pFTQXlWbI03E1BZOqhhFt5dFBs0fnhmfT0I+1WIWcgnqEIw8h0r/7PYJn3OijsIWa4F0qM=
L0x5DF4xlVMF-BfR8bXMIjhLq38.woff2
fonts.gstatic.com/s/robotomono/v22/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotomono/v22/L0x5DF4xlVMF-BfR8bXMIjhLq38.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da80f73637bedd2bf9178ee852d8a14b8a9d9a1f16349ccd839a293bd79a8342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://incoming-document-viig7.daftpage.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 22:18:34 GMT
x-content-type-options
nosniff
age
5767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32444
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 22:18:34 GMT
Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v25/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Josefin+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://incoming-document-viig7.daftpage.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:51:45 GMT
x-content-type-options
nosniff
age
295377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26592
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:56:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 24 Jul 2023 13:51:45 GMT
truncated
/
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/webp
index.json
incoming-document-viig7.daftpage.com/_next/data/lBkqJc1aJshbLWZXcTpnj/
12 KB
2 KB
Fetch
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/data/lBkqJc1aJshbLWZXcTpnj/index.json?site=incoming-document-viig7
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/_next/static/chunks/main-de9a4cc9a544ed23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0421a786a247d27d82829496c02e408142031f615a17d748c38748c4628d16c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

x-nextjs-data
1
Referer
https://incoming-document-viig7.daftpage.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:42 GMT
x-nextjs-matched-path
/_sites/incoming-document-viig7
x-nextjs-rewrite
/_sites/incoming-document-viig7?site=incoming-document-viig7
server
Vercel
age
0
x-matched-path
/_next/data/lBkqJc1aJshbLWZXcTpnj/_sites/[site].json
etag
W/"2f46-MhUt7ejVjBSdD3jteXdfaTLfGsU"
x-vercel-id
fra1::iad1::tp467-1658966082221-02528e8798da
content-type
application/json
content-encoding
br
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
index.json
incoming-document-viig7.daftpage.com/_next/data/lBkqJc1aJshbLWZXcTpnj/
12 KB
2 KB
Fetch
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/data/lBkqJc1aJshbLWZXcTpnj/index.json
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/_next/static/chunks/main-de9a4cc9a544ed23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0421a786a247d27d82829496c02e408142031f615a17d748c38748c4628d16c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

purpose
prefetch
Referer
https://incoming-document-viig7.daftpage.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-nextjs-data
1

Response headers

date
Wed, 27 Jul 2022 23:54:42 GMT
x-nextjs-matched-path
/_sites/incoming-document-viig7
x-nextjs-rewrite
/_sites/incoming-document-viig7
server
Vercel
age
0
x-matched-path
/_next/data/lBkqJc1aJshbLWZXcTpnj/_sites/[site].json
etag
W/"2f46-MhUt7ejVjBSdD3jteXdfaTLfGsU"
x-vercel-id
fra1::iad1::tp467-1658966082311-6ce978411076
content-type
application/json
content-encoding
br
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
c72c533aca924c1e.css
incoming-document-viig7.daftpage.com/_next/static/css/
20 KB
4 KB
Fetch
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/static/css/c72c533aca924c1e.css
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/_next/static/chunks/main-de9a4cc9a544ed23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
24cf272f68a3c186317cbbc866ef441d2aaa14f60921dd8e6dab16c78ee4b1df
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://incoming-document-viig7.daftpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:54:42 GMT
content-encoding
br
server
Vercel
age
50690
x-matched-path
/_next/static/css/c72c533aca924c1e.css
etag
W/"88a0a05c09280d5d29b11053c4e8d774"
x-vercel-id
fra1:fra1::tp467-1658966082393-12e50e53be01
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="c72c533aca924c1e.css"
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
index.json
incoming-document-viig7.daftpage.com/_next/data/lBkqJc1aJshbLWZXcTpnj/
0
0
Fetch
General
Full URL
https://incoming-document-viig7.daftpage.com/_next/data/lBkqJc1aJshbLWZXcTpnj/index.json?site=incoming-document-viig7
Requested by
Host: incoming-document-viig7.daftpage.com
URL: https://incoming-document-viig7.daftpage.com/_next/static/chunks/main-de9a4cc9a544ed23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

x-nextjs-data
1
Referer
https://incoming-document-viig7.daftpage.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 17:58:00 GMT
x-nextjs-matched-path
/_sites/[site]
etag
"2f46-MhUt7ejVjBSdD3jteXdfaTLfGsU"
server
Vercel
age
21401
x-matched-path
/_next/data/lBkqJc1aJshbLWZXcTpnj/_sites/[site].json
x-vercel-cache
STALE
x-vercel-id
fra1::iad1::tp467-1658966082445-20961abc68d5
content-type
application/json
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=63072000
x-nextjs-rewrite
/_sites/incoming-document-viig7?site=incoming-document-viig7
content-length
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sharepoint (Online)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| webpackChunk_N_E object| regeneratorRuntime function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| _GIPHY_SDK_HEADERS_ string| giphyRandomId object| __framePainter function| __NEXT_PRELOADREADY function| hotkeys object| __MIDDLEWARE_MANIFEST function| __BUILD_MANIFEST_CB object| __BUILD_MANIFEST object| __SSG_MANIFEST

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

daftpage.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
incoming-document-viig7.daftpage.com
www.dashboard.gglme.com
164.68.109.83
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2003
54.231.161.41
76.76.21.123
00ea5932bb1d578af1f186da1dbe175e6aed09c8e5fe67750ec68cd6ba64a1ee
01ff05c7fd4f7916ebde54a554717c869280f9f146f71884a0282de206326910
03f814d2efcea1ba44a88a4de85f6f71e5342bc9aa1315e657cbb7b17ebb0192
0421a786a247d27d82829496c02e408142031f615a17d748c38748c4628d16c9
07eedc7db7b489454d20d1a243fcf3e47c8a4af9f0cd47b6e6cde8373a09fe50
0dc8dace4241b24511af042c46543ccee50e23d327a76262a58ef728363bc614
0ebecadafbad88e07dbeaec1ba83d0ef6bb8a97dabdfec783d5628257b2ef4c3
1760e7eef9f42da62ffb7994497e42bcab6c37c5dd32c2f1de1cec942524c5c7
2458c6e69ec960015408bcff5b6e3c679da9a9e7cb3149cc810ef75158c0acf1
24cf272f68a3c186317cbbc866ef441d2aaa14f60921dd8e6dab16c78ee4b1df
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
393c97dc4fa93d168c376aef134d9430420d2eceeaaad15e7cb5c39b119fa2d8
3f8ed02f16405e37169b029190b7dcd581cf91509fe05d2e5b65ae14e59c46c1
493226137c06402a4a94720a930a7d5c026fdbd0cd652d3c95620e14495e6daf
4fd199bffd107e7f486613f7dfa6a430e691ca89f5e5bb6d110e712daf841534
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
73413560550e08bbd1f5e412e892e0829d49305c7ecffff3e8ce26c1f0bf42f5
7ce2a6072bfcfdf1aedecf58f7fcf1b46ca8fb11719dec63d81e842298990def
a79fbff29b1a21f505eb9536c830a661aba8390f0aac14d0a84cc367f9ee7192
b23152823d91b78293a46a42ed10e8345b703bae2c7e63d608d5eade46ed9327
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bfe656a9f28e453c98af761ba4eae7d8d6ec470d8419a77ae96845d5c26db6b3
da80f73637bedd2bf9178ee852d8a14b8a9d9a1f16349ccd839a293bd79a8342
dfb6aa04fe174f86ed5fb8b8614b34eb5baa2c018efce8d0e0315c682059a65e
ed518261972445f0ec39ea427d6d083ed69fffbc5e601d2b8f12cc659ef1d87e
f5d114abe30e55e11543cfe3ef731731e10623cc6da498ab0ed26bf00439ea2c
ff8faea81a89cefaf5dc866fc12c33eea0de39c3e63f9355c44818951223e677