Submitted URL: http://facewp3.xyz/
Effective URL: https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
Submission: On October 24 via api from DE

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 12 HTTP transactions. The main IP is 52.211.95.198, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is yjelm.love-in-air.net.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on June 29th 2018. Valid for: a year.
This is the only time yjelm.love-in-air.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 185.231.71.211 24875 (NOVOSERVE-AS)
1 2 52.211.95.198 16509 (AMAZON-02)
4 2.16.186.115 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.86.169.254 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
12 7
Domain Requested by
4 cdn-aimi.akamaized.net yjelm.love-in-air.net
2 theseoffersforyou.com yjelm.love-in-air.net
theseoffersforyou.com
2 facewp3.xyz
1 fonts.gstatic.com yjelm.love-in-air.net
1 www.googletagmanager.com yjelm.love-in-air.net
1 fonts.googleapis.com yjelm.love-in-air.net
1 yjelm.love-in-air.net facewp3.xyz
1 xbxdm.one-night-stand.club 1 redirects
12 8

This site contains no links.

Subject Issuer Validity Valid
*.love-in-air.net
COMODO RSA Domain Validation Secure Server CA
2018-06-29 -
2019-06-29
a year crt.sh
a248.e.akamai.net
DigiCert ECC Secure Server CA
2018-01-23 -
2019-01-19
a year crt.sh
*.googleapis.com
Google Internet Authority G3
2018-10-02 -
2018-12-25
3 months crt.sh
*.google-analytics.com
Google Internet Authority G3
2018-10-02 -
2018-12-25
3 months crt.sh
witch-fucker.com
Amazon
2018-06-11 -
2019-07-11
a year crt.sh
*.google.com
Google Internet Authority G3
2018-10-02 -
2018-12-25
3 months crt.sh

This page contains 1 frames:

Primary Page: https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
Frame ID: 7C8B9C88FCFAD5AB19AD872CB5D86BD7
Requests: 12 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://facewp3.xyz/ Page URL
  2. http://facewp3.xyz/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodH... Page URL
  3. http://xbxdm.one-night-stand.club/c/da57dc555e50572d?s1=11762&s2=41467&j1=1&j3=1 HTTP 302
    https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • env /^google_tag_manager$/i

Page Statistics

12
Requests

83 %
HTTPS

43 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

970 kB
Transfer

1037 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://facewp3.xyz/ Page URL
  2. http://facewp3.xyz/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwOlwvXC94YnhkbS5vbmUtbmlnaHQtc3RhbmQuY2x1YlwvY1wvZGE1N2RjNTU1ZTUwNTcyZD9zMT0xMTc2MiZzMj00MTQ2NyZqMT0xJmozPTEifQ.5KHoLWf6I67heJimFV3EDl51zVKdNtC3VgLqtOEIVNc Page URL
  3. http://xbxdm.one-night-stand.club/c/da57dc555e50572d?s1=11762&s2=41467&j1=1&j3=1 HTTP 302
    https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set /
facewp3.xyz/
380 B
1 KB
Document
General
Full URL
http://facewp3.xyz/
Protocol
HTTP/1.1
Server
185.231.71.211 -, , ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
vm253820.had.su
Software
nginx / PHP/7.2.3
Resource Hash
ee024006b3503e8a9df7cb9086d20c8d4984efcb1fcdaffe3b5b39114a3c232b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

Host
facewp3.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Wed, 24 Oct 2018 22:40:46 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.2.3
Last-Modified
Wed, 24 Oct 2018 22:40:46 GMT
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Pragma
no-cache
Expires
0
Set-Cookie
_subid=3r7h5dedlq1f2nq5tq; expires=Sat, 24-Nov-2018 22:40:46 GMT; Max-Age=2678400; path=/; domain=.facewp3.xyz aaa04=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI2OTRcIjoxNTQwNDIwODQ2fSxcImNhbXBhaWduc1wiOntcIjE4NFwiOjE1NDA0MjA4NDZ9LFwidGltZVwiOjE1NDA0MjA4NDZ9In0.bIEToOMpwanpTVSP9ZsTQmz_3R5YzpuTluRhQ57lhN4; expires=Sat, 24-Nov-2018 22:40:46 GMT; Max-Age=2678400; path=/; domain=.facewp3.xyz
Strict-Transport-Security
max-age=15768000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
gateway.php
facewp3.xyz/
314 B
513 B
Document
General
Full URL
http://facewp3.xyz/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwOlwvXC94YnhkbS5vbmUtbmlnaHQtc3RhbmQuY2x1YlwvY1wvZGE1N2RjNTU1ZTUwNTcyZD9zMT0xMTc2MiZzMj00MTQ2NyZqMT0xJmozPTEifQ.5KHoLWf6I67heJimFV3EDl51zVKdNtC3VgLqtOEIVNc
Protocol
HTTP/1.1
Server
185.231.71.211 -, , ASN24875 (NOVOSERVE-AS, NL),
Reverse DNS
vm253820.had.su
Software
nginx / PHP/7.2.3
Resource Hash
945afcc1241727b1b6f7463f45b5655bb4eacb3f5a4be43bb1a15ebed4d79cac
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

Host
facewp3.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://facewp3.xyz/
Accept-Encoding
gzip, deflate
Cookie
_subid=3r7h5dedlq1f2nq5tq; aaa04=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI2OTRcIjoxNTQwNDIwODQ2fSxcImNhbXBhaWduc1wiOntcIjE4NFwiOjE1NDA0MjA4NDZ9LFwidGltZVwiOjE1NDA0MjA4NDZ9In0.bIEToOMpwanpTVSP9ZsTQmz_3R5YzpuTluRhQ57lhN4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://facewp3.xyz/

Response headers

Server
nginx
Date
Wed, 24 Oct 2018 22:40:47 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.2.3
Strict-Transport-Security
max-age=15768000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Primary Request 679efeecdc3b4d07
yjelm.love-in-air.net/c/
Redirect Chain
  • http://xbxdm.one-night-stand.club/c/da57dc555e50572d?s1=11762&s2=41467&j1=1&j3=1
  • https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
3 KB
2 KB
Document
General
Full URL
https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
Requested by
Host: facewp3.xyz
URL: http://facewp3.xyz/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwOlwvXC94YnhkbS5vbmUtbmlnaHQtc3RhbmQuY2x1YlwvY1wvZGE1N2RjNTU1ZTUwNTcyZD9zMT0xMTc2MiZzMj00MTQ2NyZqMT0xJmozPTEifQ.5KHoLWf6I67heJimFV3EDl51zVKdNtC3VgLqtOEIVNc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.95.198 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-211-95-198.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.0.32
Resource Hash
fadd6e609ea0a75a88f0f6be4a0d2437eb213a1a7d0ee06463ad13bdae06fc10

Request headers

:method
GET
:authority
yjelm.love-in-air.net
:scheme
https
:path
/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://facewp3.xyz/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwOlwvXC94YnhkbS5vbmUtbmlnaHQtc3RhbmQuY2x1YlwvY1wvZGE1N2RjNTU1ZTUwNTcyZD9zMT0xMTc2MiZzMj00MTQ2NyZqMT0xJmozPTEifQ.5KHoLWf6I67heJimFV3EDl51zVKdNtC3VgLqtOEIVNc
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://facewp3.xyz/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJodHRwOlwvXC94YnhkbS5vbmUtbmlnaHQtc3RhbmQuY2x1YlwvY1wvZGE1N2RjNTU1ZTUwNTcyZD9zMT0xMTc2MiZzMj00MTQ2NyZqMT0xJmozPTEifQ.5KHoLWf6I67heJimFV3EDl51zVKdNtC3VgLqtOEIVNc

Response headers

status
200
server
nginx
date
Wed, 24 Oct 2018 22:40:47 GMT
content-type
text/html; charset=UTF-8
set-cookie
unique_1405132=unique_1405132; expires=Thu, 25-Oct-2018 22:40:47 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5bbb28485972c341398566; expires=Thu, 25-Oct-2018 22:40:47 GMT; Max-Age=86400; path=/; HttpOnly unique_1405132=unique_1405132; expires=Thu, 25-Oct-2018 22:40:47 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5bbb28485972c341398566; expires=Thu, 25-Oct-2018 22:40:47 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=203411_11762_41467; expires=Fri, 23-Nov-2018 22:40:47 GMT; Max-Age=2592000; path=/; HttpOnly unique_1405132=unique_1405132; expires=Thu, 25-Oct-2018 22:40:47 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5bbb28485972c341398566; expires=Thu, 25-Oct-2018 22:40:47 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=203411_11762_41467; expires=Fri, 23-Nov-2018 22:40:47 GMT; Max-Age=2592000; path=/; HttpOnly
x-powered-by
PHP/7.0.32
content-encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 24 Oct 2018 22:40:47 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Location
https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
Set-Cookie
unique_1406290=unique_1406290; expires=Thu, 25-Oct-2018 22:40:47 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5bbb28485972c341398566; expires=Thu, 25-Oct-2018 22:40:47 GMT; Max-Age=86400; path=/; HttpOnly unique_1406290=unique_1406290; expires=Thu, 25-Oct-2018 22:40:47 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5bbb28485972c341398566; expires=Thu, 25-Oct-2018 22:40:47 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=49415_11762_41467; expires=Fri, 23-Nov-2018 22:40:47 GMT; Max-Age=2592000; path=/; HttpOnly unique_1406290=unique_1406290; expires=Thu, 25-Oct-2018 22:40:47 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5bbb28485972c341398566; expires=Thu, 25-Oct-2018 22:40:47 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=49415_11762_41467; expires=Fri, 23-Nov-2018 22:40:47 GMT; Max-Age=2592000; path=/; HttpOnly tid=fsnvv5bd0f4ef8fe98237059007; path=/; HttpOnly
Status
302 Found
main-style.css
cdn-aimi.akamaized.net/landings/121974/1540366701/css/
16 KB
4 KB
Stylesheet
General
Full URL
https://cdn-aimi.akamaized.net/landings/121974/1540366701/css/main-style.css?1540366702
Requested by
Host: yjelm.love-in-air.net
URL: https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8bcaf70507d8c14d8d6ef38b192355ddaf6951f45c1b4f2aab7bddb76eaaac51

Request headers

Referer
https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:40:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Oct 2018 07:38:24 GMT
Server
AmazonS3
x-amz-request-id
437E114564FF0D1A
ETag
"b3ea31733d785f8cdce243af178a2f67"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3577
x-amz-id-2
9ddhnZ1XiUdy2NonYYBa0IpbYWlViD0roQ9NtmGKbzjBzdtOPVcxDLJZVmD+XUWgtCESj4hd5wQ=
oie_1aJ0CGfOBb1U.jpg
cdn-aimi.akamaized.net/landings/121974/1540366701/images/
4 KB
5 KB
Image
General
Full URL
https://cdn-aimi.akamaized.net/landings/121974/1540366701/images/oie_1aJ0CGfOBb1U.jpg
Requested by
Host: yjelm.love-in-air.net
URL: https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3362df22d47b60c587ed1058389a6fd1f468b8b978c0c08bce28c1dcfa3da150

Request headers

Referer
https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:40:47 GMT
Last-Modified
Wed, 24 Oct 2018 07:38:23 GMT
Server
AmazonS3
x-amz-request-id
939D5E744D8CBC27
ETag
"afd761232cac97415cde36dbd9f2c55b"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4475
x-amz-id-2
25E8EL8pNpnyAnLQpzlUrJ3Rak1m1W7Dd0x5yNeobevgO+og26eKB6wK6trscZ9WAuTTrvVeEX0=
css
fonts.googleapis.com/
3 KB
672 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300
Requested by
Host: yjelm.love-in-air.net
URL: https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
6ac2295fdbd23b964320bea2fdae992d839e8c3c4802041fb603ebd2207eacb3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Wed, 24 Oct 2018 22:40:47 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 24 Oct 2018 22:40:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Wed, 24 Oct 2018 22:40:47 GMT
gtm.js
www.googletagmanager.com/
65 KB
23 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPJGZHL
Requested by
Host: yjelm.love-in-air.net
URL: https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
4d2274fb0d698c600032872c1ad3ca9b79f8b646600bd183761d7ecbef613e33
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:40:47 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
23820
x-xss-protection
1; mode=block
expires
Wed, 24 Oct 2018 22:40:47 GMT
dbl-subscriber.js
theseoffersforyou.com/pushjs/1.0.0/
12 KB
5 KB
Script
General
Full URL
https://theseoffersforyou.com/pushjs/1.0.0/dbl-subscriber.js
Requested by
Host: yjelm.love-in-air.net
URL: https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.169.254 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-169-254.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b0deca7156d4f2e7bca13038e1e9e5545ed0f76cf235b9a3d8ac23e81f39377d

Request headers

Referer
https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:40:48 GMT
content-encoding
gzip
last-modified
Mon, 17 Sep 2018 11:15:08 GMT
server
nginx
etag
W/"5b9f8cbc-3166"
vary
Accept-Encoding
content-type
application/javascript
status
200
overlay.png
cdn-aimi.akamaized.net/landings/121974/1540366701/css/
0
587 B
Image
General
Full URL
https://cdn-aimi.akamaized.net/landings/121974/1540366701/css/overlay.png
Requested by
Host: yjelm.love-in-air.net
URL: https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn-aimi.akamaized.net/landings/121974/1540366701/css/main-style.css?1540366702
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
application/xml
bg2132131.jpg
cdn-aimi.akamaized.net/landings/121974/1540366701/images/
912 KB
912 KB
Image
General
Full URL
https://cdn-aimi.akamaized.net/landings/121974/1540366701/images/bg2132131.jpg
Requested by
Host: yjelm.love-in-air.net
URL: https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f7bcf44d6999d8e1d1006f94ab5c720c127c68b4cf415496623e41943255783b

Request headers

Referer
https://cdn-aimi.akamaized.net/landings/121974/1540366701/css/main-style.css?1540366702
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 24 Oct 2018 22:40:47 GMT
Last-Modified
Wed, 24 Oct 2018 07:38:23 GMT
Server
AmazonS3
x-amz-request-id
9F47D20645BFBD18
ETag
"2c8c2c15cb162751f945b613325ed9e8"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
933819
x-amz-id-2
3/eY4HwVidzEQh86J5slh2FBH3GwH44g6DqLnawR122KtZngkz1shi6D27/4z7pnbWR2fCuV1f4=
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v11/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2
Requested by
Host: yjelm.love-in-air.net
URL: https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
435102c6994284c58e63143d49204d6c3876633ffec220cc73ca05ff8e0156c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300
Origin
https://yjelm.love-in-air.net

Response headers

date
Tue, 09 Oct 2018 16:37:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:43 GMT
server
sffe
age
1317825
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
12968
x-xss-protection
1; mode=block
expires
Wed, 09 Oct 2019 16:37:02 GMT
lang-config.js
theseoffersforyou.com/pushjs/1.0.0/config/
8 KB
2 KB
Script
General
Full URL
https://theseoffersforyou.com/pushjs/1.0.0/config/lang-config.js
Requested by
Host: theseoffersforyou.com
URL: https://theseoffersforyou.com/pushjs/1.0.0/dbl-subscriber.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.169.254 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-86-169-254.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f1f5518e39341d6f4189be101a85c496add2a43b569a809bd3193d52f3e61de1

Request headers

Referer
https://yjelm.love-in-air.net/c/679efeecdc3b4d07?&click_id=fsnvv5bd0f4ef8fe98237059007&s1=11762&s2=41467&s3=&s5=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 24 Oct 2018 22:40:48 GMT
content-encoding
gzip
last-modified
Wed, 24 Oct 2018 10:47:44 GMT
server
nginx
etag
W/"5bd04dd0-1ead"
vary
Accept-Encoding
content-type
application/javascript
status
200

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| _push object| _pcq object| google_tag_manager number| th_bridge_jump_step string| authParty string| apiServerUrl undefined| pushTrackData undefined| pushPopup undefined| cid function| getFirstPopUP function| validateAndShowPopUP function| getPushDomain undefined| clickNotification undefined| closeNotificationPopup function| showNotification undefined| setCookie undefined| getCookie function| getUrlParams undefined| openChildWindow function| fillTrackDataUrlParams function| getTrackDataUrlParams function| include function| isPushSupportedOnBrowser function| isDefaultAndroidBrowser function| retry function| isIE10OrLater function| detectPrivateMode function| getBrowserInfo function| getDeviceType function| getLanguage undefined| defaultFirstPopupJson function| resolveCidByPid object| langConf function| getLangConf object| langConfigMap function| isBrowserOnCidExclude

3 Cookies

Domain/Path Name / Value
yjelm.love-in-air.net/ Name: scriptHash
Value: 203411_11762_41467
yjelm.love-in-air.net/ Name: unique_id
Value: 5bbb28485972c341398566
yjelm.love-in-air.net/ Name: unique_1405132
Value: unique_1405132

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff