urlscan.io logo urlscan.io
SecurityTrails logo

khvan.de Open in urlscan Pro
130.255.79.215  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.equinet.ru/link-redirect?link=//facebook.com@@@pinktro.com/?ODAwNjM4MjY9MzY3ODEmMjk3NjY5NT0yNDImMzU9Y2xpY2s...
Effective URL: https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
Submission Tags: 6907672
Submission: On December 31 via api from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 6 countries across 11 domains to perform 29 HTTP transactions. The main IP is 130.255.79.215, located in Germany and belongs to BKVG-AS, DE. The main domain is khvan.de.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 18th 2020. Valid for: 3 months.
This is the only time khvan.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 194.58.98.80 197695 (AS-REG)
1 1 31.207.33.114 16347 (RMI-FITECH)
1 103.157.224.101 132925 (IDEASTACK...)
1 2 72.11.134.188 8100 (ASN-QUADR...)
1 5 130.255.79.215 29141 (BKVG-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
14 65.9.67.172 16509 (AMAZON-02)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
6 85.13.149.2 34788 (NMM-AS D)
29 7
1    194.58.98.80 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: equinet.ru
www.equinet.ru
1    31.207.33.114 (Cergy, France)

ASN16347 (RMI-FITECH, FR)
PTR: pinktro.com
pinktro.com
1    103.157.224.101 (None, )

ASN132925 (IDEASTACK-AS-IN Ideastack Solutions Private Limited, IN)
bpoled.com
2    72.11.134.188 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
giftcardmission.com
5    130.255.79.215 (Germany)

ASN29141 (BKVG-AS, DE)
PTR: server-redlemon01.virtualhosts.de
www.exklusive-preise.de
khvan.de
www.rlcontrol.de
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
14    65.9.67.172 (Seattle, United States)

ASN16509 (AMAZON-02, US)
rlmgws-data.s3-accelerate.amazonaws.com
2    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
6    85.13.149.2 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd31026.kasserver.com
rltools.de
www.rltools.de
Domain Requested by
14 rlmgws-data.s3-accelerate.amazonaws.com khvan.de
rlmgws-data.s3-accelerate.amazonaws.com
5 www.rltools.de rlmgws-data.s3-accelerate.amazonaws.com
3 khvan.de giftcardmission.com
rlmgws-data.s3-accelerate.amazonaws.com
khvan.de
2 maxcdn.bootstrapcdn.com khvan.de
maxcdn.bootstrapcdn.com
2 giftcardmission.com 1 redirects bpoled.com
1 www.rlcontrol.de khvan.de
1 rltools.de khvan.de
1 cdn.onesignal.com khvan.de
1 www.exklusive-preise.de 1 redirects
1 bpoled.com
1 pinktro.com 1 redirects
1 www.equinet.ru 1 redirects
29 12

This site contains links to these domains. Also see Links.

Domain
de.iqos.com
blueleads.online
odoki.de
my-promobox.de
www.rlcontrol.de
Subject Issuer Validity Valid
www.bpoled.com
Go Daddy Secure Certificate Authority - G2		 2020-10-28 -
2021-11-29		 a year crt.sh
giftcardmission.com
R3		 2020-12-09 -
2021-03-09		 3 months crt.sh
www.khvan.de
Let's Encrypt Authority X3		 2020-11-18 -
2021-02-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
*.s3-accelerate.amazonaws.com
Amazon		 2020-05-19 -
2021-04-20		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
rltools.de
R3		 2020-12-03 -
2021-03-03		 3 months crt.sh
www.rlcontrol.de
Let's Encrypt Authority X3		 2020-11-18 -
2021-02-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
Frame ID: 2C72F9A6D27F3D684B375A15D416CD83
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.equinet.ru/link-redirect?link=//facebook.com@@@pinktro.com/?ODAwNjM4MjY9MzY3ODEmMjk3NjY... HTTP 302
    http://pinktro.com/?ODAwNjM4MjY9MzY3ODEmMjk3NjY5NT0yNDImMzU9Y2xpY2smOHRxZDB5PTEmbGlkPTM2ODM= HTTP 302
    https://bpoled.com/fee72f4cb2ddaf3000//242_31.207.33.114_35_82.102.20.235/80063826_2976695_3683 Page URL
  2. https://giftcardmission.com/r/1edf5a19-ddfc-4ff0-8f5f-3cbca63a2183/470213/979708654/ Page URL
  3. https://giftcardmission.com/r2/1edf5a19-ddfc-4ff0-8f5f-3cbca63a2183/470213/979708654//d9f268f9-d536-4bc8... HTTP 302
    https://www.exklusive-preise.de/de,flexfancy,responsive_753.html?idPartner=370&idCampaignAd=0&subId=17S&subI... HTTP 302
    https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de& Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
  • script /\/Chart(?:\.bundle)?(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /moment(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

29
Requests

100 %
HTTPS

22 %
IPv6

11
Domains

12
Subdomains

7
IPs

6
Countries

941 kB
Transfer

1060 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.equinet.ru/link-redirect?link=//facebook.com@@@pinktro.com/?ODAwNjM4MjY9MzY3ODEmMjk3NjY5NT0yNDImMzU9Y2xpY2smOHRxZDB5PTEmbGlkPTM2ODM= HTTP 302
    http://pinktro.com/?ODAwNjM4MjY9MzY3ODEmMjk3NjY5NT0yNDImMzU9Y2xpY2smOHRxZDB5PTEmbGlkPTM2ODM= HTTP 302
    https://bpoled.com/fee72f4cb2ddaf3000//242_31.207.33.114_35_82.102.20.235/80063826_2976695_3683 Page URL
  2. https://giftcardmission.com/r/1edf5a19-ddfc-4ff0-8f5f-3cbca63a2183/470213/979708654/ Page URL
  3. https://giftcardmission.com/r2/1edf5a19-ddfc-4ff0-8f5f-3cbca63a2183/470213/979708654//d9f268f9-d536-4bc8-9b6b-68d897e8ea3d/?red_param_1=https%3A%2F%2Fbpoled.com%2Ffee72f4cb2ddaf3000%2F%2F242_31.207.33.114_35_82.102.20.235%2F80063826_2976695_3683&fctr=0 HTTP 302
    https://www.exklusive-preise.de/de,flexfancy,responsive_753.html?idPartner=370&idCampaignAd=0&subId=17S&subIdentifier=d9f268f9-d536-4bc8-9b6b-68d897e8ea3d&rlmset=paypal_ff_de HTTP 302
    https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.equinet.ru/link-redirect?link=//facebook.com@@@pinktro.com/?ODAwNjM4MjY9MzY3ODEmMjk3NjY5NT0yNDImMzU9Y2xpY2smOHRxZDB5PTEmbGlkPTM2ODM= HTTP 302
  • http://pinktro.com/?ODAwNjM4MjY9MzY3ODEmMjk3NjY5NT0yNDImMzU9Y2xpY2smOHRxZDB5PTEmbGlkPTM2ODM= HTTP 302
  • https://bpoled.com/fee72f4cb2ddaf3000//242_31.207.33.114_35_82.102.20.235/80063826_2976695_3683

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set 80063826_2976695_3683
bpoled.com/fee72f4cb2ddaf3000//242_31.207.33.114_35_82.102.20.235/
Redirect Chain
  • http://www.equinet.ru/link-redirect?link=//facebook.com@@@pinktro.com/?ODAwNjM4MjY9MzY3ODEmMjk3NjY5NT0yNDImMzU9Y2xpY2smOHRxZDB5PTEmbGlkPTM2ODM=
  • http://facebook.com%40%40@pinktro.com/?ODAwNjM4MjY9MzY3ODEmMjk3NjY5NT0yNDImMzU9Y2xpY2smOHRxZDB5PTEmbGlkPTM2ODM=
  • https://bpoled.com/fee72f4cb2ddaf3000//242_31.207.33.114_35_82.102.20.235/80063826_2976695_3683
147 B
440 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bpoled.com/fee72f4cb2ddaf3000//242_31.207.33.114_35_82.102.20.235/80063826_2976695_3683
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.157.224.101 -, , ASN132925 (IDEASTACK-AS-IN Ideastack Solutions Private Limited, IN),
Reverse DNS
Software
Apache /
Resource Hash
0c815380414db1b84ead53aa8c652cc8c9da6c4a6d94d2e72999b47a72aee7b7

Request headers

Host
bpoled.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 31 Dec 2020 16:26:14 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
147
Server
Apache
Set-Cookie
uid16126=979708654-20201231102614-c00cb3c5f24fc2a4308098453f3b4c90-; domain=; expires=Sun, 31-Jan-2021 15:26:14 GMT; path=/; SameSite=None; Secure

Redirect headers

Date
Thu, 31 Dec 2020 16:26:13 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Location
https://bpoled.com/fee72f4cb2ddaf3000//242_31.207.33.114_35_82.102.20.235/80063826_2976695_3683
Content-Length
3
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
/
giftcardmission.com/r/1edf5a19-ddfc-4ff0-8f5f-3cbca63a2183/470213/979708654/ 		822 B
960 B 		Document
General
Check archive.org
Download Go to
Full URL
https://giftcardmission.com/r/1edf5a19-ddfc-4ff0-8f5f-3cbca63a2183/470213/979708654/
Requested by
Host: bpoled.com
URL: https://bpoled.com/fee72f4cb2ddaf3000//242_31.207.33.114_35_82.102.20.235/80063826_2976695_3683
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
72.11.134.188 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
nginx /
Resource Hash
2fce45bc944f38d48aa992920cccf4e27a25816333a6bafbe2c1ebd629b72490

Request headers

Host
giftcardmission.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://bpoled.com/fee72f4cb2ddaf3000//242_31.207.33.114_35_82.102.20.235/80063826_2976695_3683
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bpoled.com/fee72f4cb2ddaf3000//242_31.207.33.114_35_82.102.20.235/80063826_2976695_3683

Response headers

Server
nginx
Date
Thu, 31 Dec 2020 16:26:15 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
set-cookie
e09b0e9c-4034-4e6b-bd0d-b34c6049c2ca=d9f268f9-d536-4bc8-9b6b-68d897e8ea3d; Version=1; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; Domain=giftcardmission.com; Path=/ e09b0e9c-4034-4e6b-bd0d-b34c6049c2ca-check=d9f268f9-d536-4bc8-9b6b-68d897e8ea3d; Version=1; Expires=Thu, 31-Dec-2020 16:36:15 GMT; Max-Age=600; Domain=giftcardmission.com; Path=/
Cache-Control
no-cache
Expires
Thu, 31 Dec 2020 16:26:15 GMT
Content-Encoding
gzip
Primary Request campaign_804.html
khvan.de/
Redirect Chain
  • https://giftcardmission.com/r2/1edf5a19-ddfc-4ff0-8f5f-3cbca63a2183/470213/979708654//d9f268f9-d536-4bc8-9b6b-68d897e8ea3d/?red_param_1=https%3A%2F%2Fbpoled.com%2Ffee72f4cb2ddaf3000%2F%2F242_31.207...
  • https://www.exklusive-preise.de/de,flexfancy,responsive_753.html?idPartner=370&idCampaignAd=0&subId=17S&subIdentifier=d9f268f9-d536-4bc8-9b6b-68d897e8ea3d&rlmset=paypal_ff_de
  • https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
68 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
Requested by
Host: giftcardmission.com
URL: https://giftcardmission.com/r/1edf5a19-ddfc-4ff0-8f5f-3cbca63a2183/470213/979708654/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
server-redlemon01.virtualhosts.de
Software
Apache /
Resource Hash
bfd71f222c57345aa9af806fb9ea1ccb2a6ece4f0594dff2ba5fb493fa7030cf

Request headers

:method
GET
:authority
khvan.de
:scheme
https
:path
/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://giftcardmission.com/r/1edf5a19-ddfc-4ff0-8f5f-3cbca63a2183/470213/979708654/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://giftcardmission.com/r/1edf5a19-ddfc-4ff0-8f5f-3cbca63a2183/470213/979708654/

Response headers

date
Thu, 31 Dec 2020 16:26:16 GMT
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=pgcic86khcou9dupmrtr8vlhus; path=/ coyoteAffiliTokenId804=398443018; expires=Thu, 31-Dec-2020 20:26:16 GMT; Max-Age=14400; path=/
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
12436
content-type
text/html; charset=UTF-8

Redirect headers

date
Thu, 31 Dec 2020 16:26:15 GMT
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=t2souustv9fb4dp9pbr9cfu6dk; path=/ coyoteTrackingCookie_753=398443018; expires=Sat, 30-Jan-2021 16:26:15 GMT; Max-Age=2592000; path=/;samesite=None; Secure coyoteSimpleTrackingCookie=398443018; expires=Sat, 30-Jan-2021 16:26:15 GMT; Max-Age=2592000; path=/;SameSite=None; Secure
location
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
22
content-type
text/html; charset=UTF-8
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: khvan.de
URL: https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90

Request headers

Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 16:26:16 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
1743
etag
W/"f35a2111ffcc2dc2fded1fe3c98a7bee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=43200
cf-ray
60a55c7b2d00d711-FRA
cf-request-id
075b3820fc0000d7112dbc8000000001
expires
Fri, 01 Jan 2021 04:26:16 GMT
style_new.css
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/ 		88 KB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new.css
Requested by
Host: khvan.de
URL: https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b016ba5ce1d1c1a468e414106df7c2d5cc968a5aca0d810b25c58749928c3eb2

Request headers

Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 31 Dec 2020 16:26:17 GMT
Via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 09:58:28 GMT
Server
AmazonS3
x-amz-request-id
6F72D62E19713575
ETag
"244293ad1fb31499689b51c6070c644f"
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
90526
x-amz-id-2
x4VjMClrFvcHK1OoX2k5W8qSd1B/MCW9wGnqyuJXVqUVYOZZqaVO/4KP2iNuezwat1brjNbXkqg=
X-Amz-Cf-Id
_U2Z6YH_pJur1Zqe2A5bF40fMDl_SKcH_Jko_2YlYd4uPyfBLBrpiA==
spinner.css
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/spinner.css
Requested by
Host: khvan.de
URL: https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54f7c8623cf0f0cf760385a22a4a5d20db7b2e3dfaecaab38ddf25ace848b171

Request headers

Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 31 Dec 2020 16:26:17 GMT
Via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Feb 2018 10:07:16 GMT
Server
AmazonS3
x-amz-request-id
6BA1E9D2F8128026
ETag
"308609aca6938598a1390b47ec576e97"
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
1295
x-amz-id-2
ikhUKaioD4cuQArdNhPeNGKm5mOMK5+jxd5l+CjyZ4zfqw9RRaizjdvxx7IBDlUWD6TxnI+WZL4=
X-Amz-Cf-Id
_FzrwG5O-vjKqLpyw2oaBlt_X1-LkPDc8F2OzsKuoDr9izmly7udOQ==
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: khvan.de
URL: https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 16:26:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
balloon.min.css
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/balloon.min.css
Requested by
Host: khvan.de
URL: https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8

Request headers

Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 31 Dec 2020 16:26:17 GMT
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Feb 2018 10:07:16 GMT
Server
AmazonS3
x-amz-request-id
BZAZFGDXEN5JEK7M
ETag
"acd37f0b3be30c6cefff2ed8117e5938"
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
5489
x-amz-id-2
4wW8K5QgCAoU31bRITmw32VMz6o+IOPyTJMLPemSgsdU6EIRf3jJeZW1pJzjWFHQ7/YN9klB3so=
X-Amz-Cf-Id
rkeWK2xChjEsac_a71yj1-gqkQU66Xl3c5V0GjdfKIoSta9YQXLScw==
jquery-3.4.1.js
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/ 		274 KB
274 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Requested by
Host: khvan.de
URL: https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 31 Dec 2020 16:26:17 GMT
Via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
Last-Modified
Wed, 28 Aug 2019 14:45:01 GMT
Server
AmazonS3
x-amz-request-id
BBF60AE1BC5B5453
ETag
"11c05eb286ed576526bf4543760785b9"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
280364
x-amz-id-2
nys9JcmIgCP7vJDxpxg4H218XXllcSVbv4DAFV8FRvlpL23Nu/quLRubWRgGzXKKnC3urCyWU08=
X-Amz-Cf-Id
BFM1bZg8YannpfruANfbAoyQKokGhfPy81M5aYPk8m_Jmcay-ECHTQ==
logic_new.js
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/scripts/ 		230 KB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/scripts/logic_new.js
Requested by
Host: khvan.de
URL: https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f67643a70c6572ae996bc8c79a891b5c38b822197f1e8dab27b37197a95dd97

Request headers

Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 31 Dec 2020 16:26:17 GMT
Via
1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
Last-Modified
Wed, 18 Nov 2020 13:45:30 GMT
Server
AmazonS3
x-amz-request-id
00EE6A2F9A478941
ETag
"fbc9dcf61af93dc835033e66f8f2601e"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
235100
x-amz-id-2
V/PYvobJKKju+ihGbCDm87yerZMXFa8zugOVU+q+DFjbqJaOVLFAgbYFyPEVu3SypfXzgYYgBOM=
X-Amz-Cf-Id
BU4dG4MxXHcpuPGRlKqqNDAZs0nWSSBfxdz8Cveb_pscCN30iSEMIg==
md5.min.js
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/md5.min.js
Requested by
Host: khvan.de
URL: https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9265ea6ee06a36211ef80e33821b309020e5c40c972cf70a07f10577c0cce549

Request headers

Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 31 Dec 2020 16:26:17 GMT
Via
1.1 72e8bbddfffeeec486003f867d631025.cloudfront.net (CloudFront)
Last-Modified
Tue, 08 Oct 2019 09:23:31 GMT
Server
AmazonS3
x-amz-request-id
4B7B62D72DCDE7E5
ETag
"d42ff83c2d527cdab773855cfe523561"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
3767
x-amz-id-2
hTTzAXpcMSv+9Un9+ZEoEbHRjKtQxtbEo5iN7S865DZuGiF732YA4zJOAzS1gex+Ttyt7FM9fag=
X-Amz-Cf-Id
kTPtNMBVxi4QmudYgNe97gyb_PofO16MLWPuPcK60L-Pa0Jjqu30hA==
rlm_stat.js
rltools.de/rlm_analytics/scripts/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rltools.de/rlm_analytics/scripts/rlm_stat.js
Requested by
Host: khvan.de
URL: https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd31026.kasserver.com
Software
Apache /
Resource Hash
64dc9dd977411f4bacc844545671fd94d51bc15be31753a4479883c61640220c

Request headers

Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 16:26:16 GMT
content-encoding
br
last-modified
Tue, 21 Jul 2020 16:01:32 GMT
server
Apache
etag
"35fa-5aaf5bca2492e-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
2918
adressDeOrt.js
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/scripts/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/scripts/adressDeOrt.js
Requested by
Host: khvan.de
URL: https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b4088bfcf66aabe95d2781a1deda475fd2103fe9341916a2568b59bd9183de9

Request headers

Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 31 Dec 2020 16:26:17 GMT
Via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
Last-Modified
Thu, 20 Aug 2020 10:52:07 GMT
Server
AmazonS3
x-amz-request-id
D0080A6AF73446C4
ETag
"f27bf73696475a931df4f92fb97cae2f"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
9770
x-amz-id-2
wjj4bP6EemC0NpTxfA1xGJvdbISEBCETQcHPzT/LBPWsGlzeLfOZkTKNgDlG8FSt0hRPsda4Wis=
X-Amz-Cf-Id
LyAlYT1l9-xAn1jVyM4pozK6m31iOvEZ5j5WC9GUXk-QEZGHoE2iSg==
moment.min.js
www.rlcontrol.de/ftp/flexblocks/scripts/lib/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/lib/moment.min.js
Requested by
Host: khvan.de
URL: https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
server-redlemon01.virtualhosts.de
Software
Apache /
Resource Hash
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49

Request headers

Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 16:26:16 GMT
content-encoding
gzip
last-modified
Tue, 24 Jul 2018 14:05:29 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16804
expires
Sat, 30 Jan 2021 16:26:16 GMT
rlm_stat.php
www.rltools.de/rlm_analytics/ 		20 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd31026.kasserver.com
Software
Apache /
Resource Hash
023cf2544dc77d8ca9f51ab0e4fea82179481e43fe0125ee17b6ed248b06ddb1

Request headers

Accept
*/*
Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 31 Dec 2020 16:26:22 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
outer_slice_top.png
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/ 		136 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/outer_slice_top.png
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf37f0c405389fda13867faa69cf36ffe1b8764f3e0460f2caade056a36d2483

Request headers

Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 31 Dec 2020 16:26:23 GMT
Via
1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Feb 2018 10:07:18 GMT
Server
AmazonS3
x-amz-request-id
14BF75A6E088FEF0
ETag
"b3cd71c3db91f48dfd8b00d472022dc0"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
136
x-amz-id-2
UKWm+/8CTJTV6WftQ2tiHi+F1A2oLZ25N3ELIgM/NHIQkA7leCiEvhs7/imHfIgeGktRsBeFXoo=
X-Amz-Cf-Id
Qn4_-v5mI6btXnJYiyI2uaFC6KJcWi_qVTa_IHmYrCuKphqaPKCjog==
outer_slice_bottom.png
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/ 		143 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/outer_slice_bottom.png
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c86ac9a90aafd6aa025eeb2d1d6de20c03df782ef151c9d2515b23407768f134

Request headers

Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 31 Dec 2020 16:26:23 GMT
Via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Feb 2018 10:07:18 GMT
Server
AmazonS3
x-amz-request-id
AXAN0WCN2TBKETET
ETag
"cdfb089c7a2ffb19106f0553ad115375"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
143
x-amz-id-2
zudaI/IDx98RE4BoG8Bt34FDVpUEhcMowwVRIozIdvCevv9CU+c4fDCw3h+GjG18XCiLBOXjpXo=
X-Amz-Cf-Id
L5QIxlCToIrQxSjjm9Yq699LTYMDA1FNi31xvmQNVcYcPuuTzJMFvg==
Aileron-Regular.woff
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/Aileron-Regular.woff
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d6ec731c7579bb3420bdd0ec8ac80682ac44b1fbe1ffa8429b736e644f2be69

Request headers

Origin
https://khvan.de
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 31 Dec 2020 16:26:23 GMT
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
x-amz-request-id
A667E70E2150192A
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
21776
x-amz-id-2
OmSToR2feJx7JEgAJZAblevNRE245DaK+3jZuSR1xEuNjys/MFnMoWIncC9cXN0T6Ilc+D7jNCE=
Last-Modified
Wed, 14 Feb 2018 10:07:17 GMT
Server
AmazonS3
ETag
"4309f5e6504ab4404a1c909a5ef8457f"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
Zc-hQTrguyWYb52-Jkm6tRoDyApt_Y6k4VCKMHDyKVyKWUnwpQz6oQ==
Aileron-Bold.woff
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/Aileron-Bold.woff
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac249b9af121f1a9bf29b7c611b5986a5f1088da276a72a1e96b77fec1020aad

Request headers

Origin
https://khvan.de
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 31 Dec 2020 16:26:23 GMT
Via
1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
x-amz-request-id
7C412F108C7DB137
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
23108
x-amz-id-2
wJgPOgnHc+GfRtQG9RYTgbBDIEKu2yVv1XJwa43EjrjNXxErtMfrsbAQG2mvU5cVBjKygtLFeMo=
Last-Modified
Wed, 14 Feb 2018 10:07:17 GMT
Server
AmazonS3
ETag
"317ed94a878c8d8ea413f51e575513f4"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
eWrey-SXk9Rln2SAlQf9SWI4nfvDRHTSUP7r-TWETboqmwCj9cxUmA==
Candal.woff
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/Candal.woff
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80a2aa3ffeb789ffaa34b6a0b738e7baed24396c4656dd1224c8c0ba0f4ddf84

Request headers

Origin
https://khvan.de
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 31 Dec 2020 16:26:23 GMT
Via
1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-request-id
6BCC8E2C8353B449
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
25000
x-amz-id-2
U8KlGd6SNOLhbXOq78T0w0/TIaxbJMHsih5Ui05OjB/TWCbjl1N4eGrvjvLqo/PvY8SRKMuPQFA=
Last-Modified
Wed, 14 Feb 2018 10:07:18 GMT
Server
AmazonS3
ETag
"e29c6ae99d1f2dc8d6a607b46c082b74"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
cwDvsC-AoAuYzZOwcGt2IQ5yiXorDbrQ8o-lL2qRlV1fn3uqJaQWzw==
resource.php
khvan.de/ftp/flexfancy/services/ 		1 KB
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khvan.de/ftp/flexfancy/services/resource.php?rlmset=paypal_ff_de
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
server-redlemon01.virtualhosts.de
Software
Apache /
Resource Hash
c161251ffa3ff29a56e5990ede2037ac5ca306399ac432054d9d9eef9d5ce124

Request headers

Accept
*/*
Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 16:26:22 GMT
content-encoding
gzip
server
Apache
content-length
591
vary
Accept-Encoding,User-Agent
content-type
application/json; charset=utf-8
Aileron-Heavy.woff
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/fonts/Aileron-Heavy.woff
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67bb015ac96fd86bc355f22829c7c4e7ed5c288176c2ec013c356eef07b1ae87

Request headers

Origin
https://khvan.de
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 31 Dec 2020 16:26:23 GMT
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
x-amz-request-id
45394DF61C847435
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
23280
x-amz-id-2
O6HfD8iLNzZgIY3PXmSadQV3z/sM5WPhhJUmojYwtwvP+/9rBCAsP1ngvD18CE6fi5D6vtXsfSg=
Last-Modified
Wed, 14 Feb 2018 10:07:17 GMT
Server
AmazonS3
ETag
"977a8badf138ba0183b618103fbea86a"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
wuchYDwbTl4mSnaqXHLcXkiCuNf-V72_U5Fk1fWsIIb9ocJRmVBRoQ==
checkbox.png
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/gui/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/images/gui/checkbox.png
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.67.172 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d59fddd512526f62fc744ca6b79c807d3d972795686d00b6b87e69e706546e77

Request headers

Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/style_new.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 31 Dec 2020 16:26:23 GMT
Via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
Last-Modified
Mon, 04 Jun 2018 15:08:55 GMT
Server
AmazonS3
x-amz-request-id
5360D5222C4647E1
ETag
"46b1a02714406cd093dfe9a7af57997d"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
1509
x-amz-id-2
2xhdgmzL6e9MPWSVyvkg1N7i+9Huk3oaZrIF0fedIXq0vvZZu4z+Rddp+tn2ffGyhcZ+7VWdnLM=
X-Amz-Cf-Id
kYdVushVi-uMq5Ta2IcbwdRf6WL1MweGZxwlx2W4-V7dpSaSmgKo8g==
paypal500ff.png
khvan.de/ftp/flexfancy/build/promotion/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://khvan.de/ftp/flexfancy/build/promotion/paypal500ff.png
Requested by
Host: khvan.de
URL: https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
server-redlemon01.virtualhosts.de
Software
Apache /
Resource Hash
47eaa50199e10e4e22d63e6a7627f61e39b434e76106cebc6f80bab83ed7c6e9

Request headers

Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 16:26:22 GMT
last-modified
Thu, 24 Oct 2019 09:34:34 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
109024
expires
Sat, 30 Jan 2021 16:26:22 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://khvan.de
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 16:26:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
rlm_stat.php
www.rltools.de/rlm_analytics/ 		12 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd31026.kasserver.com
Software
Apache /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
*/*
Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 31 Dec 2020 16:26:22 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
rlm_stat.php
www.rltools.de/rlm_analytics/ 		12 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd31026.kasserver.com
Software
Apache /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
*/*
Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 31 Dec 2020 16:26:22 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
rlm_stat.php
www.rltools.de/rlm_analytics/ 		12 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd31026.kasserver.com
Software
Apache /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
*/*
Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 31 Dec 2020 16:26:28 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
rlm_stat.php
www.rltools.de/rlm_analytics/ 		12 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rltools.de/rlm_analytics/rlm_stat.php
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.149.2 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd31026.kasserver.com
Software
Apache /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Accept
*/*
Referer
https://khvan.de/campaign_804.html?coyoteAffiliTokenId=398443018&rlmset=paypal_ff_de&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 31 Dec 2020 16:26:33 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
1000
access-control-allow-headers
Content-Type, Authorization, X-Requested-With

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| OneSignal function| $ function| jQuery boolean| secondCoregStage number| totalCoregCount number| clickedCoregCount number| coregCount boolean| coregsUncovered boolean| coregSlider object| currentCoregParent number| lastPercentage number| currentPercentage object| percentInterval number| weightedCoregCount number| initProgress string| prepageProcessingMessage function| OnCoregDoiPage function| OnFirstRegPage function| OnSecondRegPage function| OnCoregPage function| OnPromoPage1 function| OnThankYouPage function| SetPromotionImage function| set_progress function| apply_coreg_highlights function| transform_tile_coregs function| DrawProgressIndicator function| DecodeBase64 function| HexDigitToDec function| SimpleHexToDec function| HexColorToRgb function| IsEnglishVersion function| GetLocale object| messageStrings function| Translate function| GetCookie function| SetCookie function| FinishPrepageSection function| InitPrepageQuiz string| originalContinueButtonLabel string| originalPromoImage function| InitPrepageImageSelector function| PadNumber function| FormatClockTime function| RunCountdownClock function| UpdateUserProgress function| InitTextSwitchControls function| show_info_popup function| BrandbueroBuyButtonCallback function| apply_frank_coreg_changes function| InRange function| CheckMaxAge function| FP_ShowMessage function| FP_MessageBoxIsVisible function| apply_fisherprice_coreg_changes function| apply_o2_coreg_changes function| assign_coreg_indices function| show_first_coreg function| get_coreg_container_by_index function| show_next_coreg function| hide_coreg_and_show_next function| InitGui function| ShowMessage function| ShowPromoConsentMessage function| InputValidator object| inputValidators function| VerifyInputFields function| ShowSecondRegPage number| agbNum number| unknownAttemptCount number| maxUnknownAttemptCount boolean| emailErrorShown string| textInputColor boolean| skipSecondRegPage function| ShowKickboxError function| HideKickboxErrorMessage function| IsValidTonlineAddress function| EmailAddressOnWhitelist function| SetupContinueButton function| SetupPromoConsentInfoWindow function| AssignInputProxies function| AttachShowSponsorsHandlers function| SetupSponsorsList function| AssignInputValidator function| AssignInputValidators function| CreateDefaultConfig function| ConfigureContinueButton function| DrawCoregProgressShape number| currentProgressStage number| targetProgressWidth object| coregProgressInterval function| DrawCoregProgressBar number| currentCoregStep function| UpdateCoregProgress function| GetCoregCount function| GetNextCoregId function| FinalizeCoreg object| lastSelectedRadio boolean| blitzCoregClicked function| build_radio_buttons function| InitCoregs function| ConfigureSweepstake function| ConfigureSimplePage function| OnRegistrationPage function| OnRegistrationPage1 function| OnRegistrationPage2 function| InitSweepstake function| ApplyFazTweaks function| RebuildBlitzCoreg function| IsMobileBrowser function| showArrowHint function| ModifySpiegelCoreg function| ApplyAdjustments function| ShowCoregStoerer function| HideCoregStoerer function| SetupStoerer function| SetupNewProgressbar function| AssignInputCounterparts function| HighlightErrors function| add_coreg_images function| apply_agb_coreg_changes function| apply_selection_list_coreg_changes function| apply_iframe_coreg_changes function| apply_nicey_coreg_changes function| GetCoregIdFromElement function| md5 function| RlmStat number| globalStatisticJavaSciptFunctionsLoaded string| globalAjaxUrl function| setAjaxUrl function| CopyStreetValue function| moment function| CalcCalendarWeek number| calendarWeek

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bpoled.com
cdn.onesignal.com
giftcardmission.com
khvan.de
maxcdn.bootstrapcdn.com
pinktro.com
rlmgws-data.s3-accelerate.amazonaws.com
rltools.de
www.equinet.ru
www.exklusive-preise.de
www.rlcontrol.de
www.rltools.de
103.157.224.101
130.255.79.215
194.58.98.80
2001:4de0:ac19::1:b:2a
2606:4700::6812:e234
31.207.33.114
65.9.67.172
72.11.134.188
85.13.149.2
023cf2544dc77d8ca9f51ab0e4fea82179481e43fe0125ee17b6ed248b06ddb1
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
0c815380414db1b84ead53aa8c652cc8c9da6c4a6d94d2e72999b47a72aee7b7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2fce45bc944f38d48aa992920cccf4e27a25816333a6bafbe2c1ebd629b72490
3f67643a70c6572ae996bc8c79a891b5c38b822197f1e8dab27b37197a95dd97
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8
47eaa50199e10e4e22d63e6a7627f61e39b434e76106cebc6f80bab83ed7c6e9
54f7c8623cf0f0cf760385a22a4a5d20db7b2e3dfaecaab38ddf25ace848b171
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
64dc9dd977411f4bacc844545671fd94d51bc15be31753a4479883c61640220c
67bb015ac96fd86bc355f22829c7c4e7ed5c288176c2ec013c356eef07b1ae87
6d6ec731c7579bb3420bdd0ec8ac80682ac44b1fbe1ffa8429b736e644f2be69
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b4088bfcf66aabe95d2781a1deda475fd2103fe9341916a2568b59bd9183de9
80a2aa3ffeb789ffaa34b6a0b738e7baed24396c4656dd1224c8c0ba0f4ddf84
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
9265ea6ee06a36211ef80e33821b309020e5c40c972cf70a07f10577c0cce549
ac249b9af121f1a9bf29b7c611b5986a5f1088da276a72a1e96b77fec1020aad
b016ba5ce1d1c1a468e414106df7c2d5cc968a5aca0d810b25c58749928c3eb2
bf37f0c405389fda13867faa69cf36ffe1b8764f3e0460f2caade056a36d2483
bfd71f222c57345aa9af806fb9ea1ccb2a6ece4f0594dff2ba5fb493fa7030cf
c161251ffa3ff29a56e5990ede2037ac5ca306399ac432054d9d9eef9d5ce124
c86ac9a90aafd6aa025eeb2d1d6de20c03df782ef151c9d2515b23407768f134
d59fddd512526f62fc744ca6b79c807d3d972795686d00b6b87e69e706546e77