urlscan.io logo urlscan.io
SecurityTrails logo

epromopartners.com Open in urlscan Pro
163.171.128.172  Public Scan

Go To Rescan Add Verdict Report
URL: https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4...
Submission Tags: falconsandbox
Submission: On June 01 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 34 HTTP transactions. The main IP is 163.171.128.172, located in Germany and belongs to QUANTILNETWORKS, US. The main domain is epromopartners.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on March 16th 2021. Valid for: a year.
This is the only time epromopartners.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    163.171.128.172 (Germany)

ASN54994 (QUANTILNETWORKS, US)
epromopartners.com
securechargevault.com
geoip.securechargevault.com
11    147.75.87.121 (Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k3-shared-ingress2
tggsnglf.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
13 epromopartners.com epromopartners.com
11 tggsnglf.com epromopartners.com
tggsnglf.com
5 fonts.gstatic.com fonts.googleapis.com
1 ssl.google-analytics.com tggsnglf.com
1 fonts.googleapis.com tggsnglf.com
1 ajax.aspnetcdn.com tggsnglf.com
1 code.jquery.com tggsnglf.com
1 geoip.securechargevault.com tggsnglf.com
1 securechargevault.com 1 redirects
34 9

This site contains no links.

Subject Issuer Validity Valid
www.epromopartners.com
AlphaSSL CA - SHA256 - G2		 2021-03-16 -
2022-04-17		 a year crt.sh
tggsnglf.com
R3		 2021-04-21 -
2021-07-20		 3 months crt.sh
geoip.securechargevault.com
AlphaSSL CA - SHA256 - G2		 2021-03-16 -
2022-04-17		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2020-11-16 -
2021-11-10		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
Frame ID: 3AE6B5056BC92130E8DF15FA51B2803F
Requests: 13 HTTP requests in this frame

Frame: https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
Frame ID: 9F3D7A338E5819F9E03C0C6F04C2CE35
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

34
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

677 kB
Transfer

1208 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://securechargevault.com/process/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264&a_sid=9282 HTTP 302
  • https://tggsnglf.com/dofadd/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264&a_sid=9282&dof_click_id=R7V8c228k0Z6e8A0U9Q4FeIcm3Rc13m2o

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
epromopartners.com/campaigns/fmfb/pot5hgy/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
9375e4b4dfb3a4d7573b18324807dbad831a88e21ed48e31e3bbce064e0de6b0

Request headers

:method
GET
:authority
epromopartners.com
:scheme
https
:path
/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 09:16:07 GMT
content-type
text/html; charset=UTF-8
x-cache-status
NOTCACHED
x-zen-fury
d927e09739b23166aadc63c67fb4ad09451fd0a9
cache-control
no-store
server
ZENEDGE
x-cdn
Served-By-Zenedge
content-encoding
gzip
x-via
1.1 PSdgflkfFRA1hb199:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:3 (Cdn Cache Server V2.0)
x-ws-request-id
60b5fad7_localhost_39442-6134
animate.css
epromopartners.com/campaigns/fmfb/pot5hgy/css/ 		76 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/campaigns/fmfb/pot5hgy/css/animate.css
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
8150a6e66442996f64560b128d0effe532ed5eabdf0a8c6176c8c4e8ed502e6f

Request headers

:path
/campaigns/fmfb/pot5hgy/css/animate.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
epromopartners.com
referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
b1c66bbd4bdd4722e775cc3f9b8e00c01ca19e7d
date
Tue, 01 Jun 2021 09:16:07 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2019 14:55:04 GMT
server
ZENEDGE
etag
W/"5d387148-12fb5"
x-cache-status
NOTCACHED
x-ws-request-id
60b5fad7_localhost_39442-6156
content-type
text/css
x-cdn
Served-By-Zenedge
x-via
1.1 PSdgflkfFRA1ox201:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:9 (Cdn Cache Server V2.0)
main.css
epromopartners.com/campaigns/fmfb/pot5hgy/css/ 		88 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/campaigns/fmfb/pot5hgy/css/main.css
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
69b8cebd8680f999e81d36a48241506eb4583e990368c7f417068d03d5e1785d

Request headers

:path
/campaigns/fmfb/pot5hgy/css/main.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
epromopartners.com
referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
054fb9a0ebd6d6ee6215bc29bde12cc7f218219e
date
Tue, 01 Jun 2021 09:16:07 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2019 14:55:04 GMT
server
ZENEDGE
etag
W/"5d387148-160b9"
x-cache-status
NOTCACHED
x-ws-request-id
60b5fad7_localhost_39442-6157
content-type
text/css
x-cdn
Served-By-Zenedge
x-via
1.1 PSdgflkfFRA1ox201:12 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:6 (Cdn Cache Server V2.0)
modernizr.custom.js
epromopartners.com/campaigns/fmfb/pot5hgy/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/campaigns/fmfb/pot5hgy/js/modernizr.custom.js
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
5bb282068677d8cfae23193ede34e1c43fd6f1ed2703e3c3990f7f5f20eb8343

Request headers

:path
/campaigns/fmfb/pot5hgy/js/modernizr.custom.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
epromopartners.com
referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
b1c66bbd4bdd4722e775cc3f9b8e00c01ca19e7d
date
Tue, 01 Jun 2021 09:16:07 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2019 14:55:04 GMT
server
ZENEDGE
etag
W/"5d387148-2bbd"
x-cache-status
NOTCACHED
x-ws-request-id
60b5fad7_localhost_39442-6158
content-type
application/javascript
x-cdn
Served-By-Zenedge
x-via
1.1 PSdgflkfFRA1hb199:12 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:6 (Cdn Cache Server V2.0)
logo.png
epromopartners.com/campaigns/fmfb/pot5hgy/images/ 		279 KB
280 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epromopartners.com/campaigns/fmfb/pot5hgy/images/logo.png
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
a9871d6a35b9b964f0bbe9ce9852a50fd901618b23cb68af929d80f4e405a8e9

Request headers

:path
/campaigns/fmfb/pot5hgy/images/logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
epromopartners.com
referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
b1c66bbd4bdd4722e775cc3f9b8e00c01ca19e7d
date
Tue, 01 Jun 2021 09:16:09 GMT
last-modified
Wed, 24 Jul 2019 14:55:09 GMT
server
ZENEDGE
etag
"5d38714d-45d13"
x-cache-status
NOTCACHED
x-ws-request-id
60b5fad7_localhost_39442-6203
content-type
image/png
x-cdn
Served-By-Zenedge
accept-ranges
bytes
content-length
285971
x-via
1.1 kf230:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1eq94:1 (Cdn Cache Server V2.0)
jquery.min.js
epromopartners.com/campaigns/fmfb/pot5hgy/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/campaigns/fmfb/pot5hgy/js/jquery.min.js
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Request headers

:path
/campaigns/fmfb/pot5hgy/js/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
epromopartners.com
referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
054fb9a0ebd6d6ee6215bc29bde12cc7f218219e
date
Tue, 01 Jun 2021 09:16:08 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2019 14:55:04 GMT
server
ZENEDGE
etag
W/"5d387148-15391"
x-cache-status
NOTCACHED
x-ws-request-id
60b5fad7_localhost_39442-6191
content-type
application/javascript
x-cdn
Served-By-Zenedge
x-via
1.1 PSdgflkfFRA1ox201:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc95:6 (Cdn Cache Server V2.0)
bootstrap.bundle.min.js
epromopartners.com/campaigns/fmfb/pot5hgy/js/ 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/campaigns/fmfb/pot5hgy/js/bootstrap.bundle.min.js
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db

Request headers

:path
/campaigns/fmfb/pot5hgy/js/bootstrap.bundle.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
epromopartners.com
referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
054fb9a0ebd6d6ee6215bc29bde12cc7f218219e
date
Tue, 01 Jun 2021 09:16:08 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2019 14:55:04 GMT
server
ZENEDGE
etag
W/"5d387148-1089e"
x-cache-status
NOTCACHED
x-ws-request-id
60b5fad7_localhost_39442-6198
content-type
application/javascript
x-cdn
Served-By-Zenedge
x-via
1.1 PSdgflkfFRA1bc200:11 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:8 (Cdn Cache Server V2.0)
main.js
epromopartners.com/campaigns/fmfb/pot5hgy/js/ 		430 B
604 B 		Script
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/campaigns/fmfb/pot5hgy/js/main.js
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
cc77098a4c5acc1533373abd3f3044a6cf644c32a0188f1035727e692a91fe07

Request headers

:path
/campaigns/fmfb/pot5hgy/js/main.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
epromopartners.com
referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
d927e09739b23166aadc63c67fb4ad09451fd0a9
date
Tue, 01 Jun 2021 09:16:07 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2019 14:55:04 GMT
server
ZENEDGE
etag
W/"5d387148-1ae"
x-cache-status
NOTCACHED
x-ws-request-id
60b5fad7_localhost_39442-6201
content-type
application/javascript
x-cdn
Served-By-Zenedge
x-via
1.1 PSdgflkfFRA1bc200:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:11 (Cdn Cache Server V2.0)
iframeResizer.min.js
epromopartners.com/common/js/iframeResizer/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/common/js/iframeResizer/iframeResizer.min.js
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33

Request headers

:path
/common/js/iframeResizer/iframeResizer.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
epromopartners.com
referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
054fb9a0ebd6d6ee6215bc29bde12cc7f218219e
date
Tue, 01 Jun 2021 09:16:07 GMT
last-modified
Thu, 04 Jan 2018 18:22:20 GMT
server
ZENEDGE
age
1
etag
"5a4e70dc-2e17"
x-cache-status
NOTCACHED
x-ws-request-id
60b5fad7_localhost_39442-6202
content-type
application/javascript
x-cdn
Served-By-Zenedge
accept-ranges
bytes
content-length
11799
x-via
1.1 PSygldLON2ii12:13 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:13 (Cdn Cache Server V2.0)
f.js
epromopartners.com/__zenedge/assets/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/__zenedge/assets/f.js?v=1541158593
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
64ef86f970680e7322c71974fe2e9bd9a1da71f4d02578a60d9d883ceebb5af0

Request headers

:path
/__zenedge/assets/f.js?v=1541158593
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
epromopartners.com
referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
739bfe673911cb9dd012ff42d90ff68ccc6e496a
date
Tue, 01 Jun 2021 09:16:07 GMT
last-modified
Fri, 02 Nov 2018 11:37:21 GMT
server
ZENEDGE
etag
"5bdc36f1-59e1"
x-ws-request-id
60b5fad7_localhost_39442-6204
content-type
application/javascript
accept-ranges
bytes
content-length
23009
x-via
1.1 PSdgflkfFRA1hb199:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:6 (Cdn Cache Server V2.0)
/
tggsnglf.com/dofadd/ Frame 9F3D
Redirect Chain
  • https://securechargevault.com/process/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264&a_sid=9282
  • https://tggsnglf.com/dofadd/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264&a_sid=9282&dof_click_id=R7V8c228k0Z6e8A0U9Q4Fe...
609 B
916 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tggsnglf.com/dofadd/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264&a_sid=9282&dof_click_id=R7V8c228k0Z6e8A0U9Q4FeIcm3Rc13m2o
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.87.121 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress2
Software
/
Resource Hash
2b16c8a4f70d8010307d4170becb5d17ac7e6ad7adb8f535da36a1cfdff54700

Request headers

:method
GET
:authority
tggsnglf.com
:scheme
https
:path
/dofadd/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264&a_sid=9282&dof_click_id=R7V8c228k0Z6e8A0U9Q4FeIcm3Rc13m2o
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://epromopartners.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://epromopartners.com/

Response headers

date
Tue, 01 Jun 2021 09:16:08 GMT
content-type
text/html; charset=UTF-8
x-cache-status
NOTCACHED
x-zen-fury
8f6f1c844750d706a32005b308de2ddc1fa9da2c
cache-control
no-store
pragma
no-cache
set-cookie
PHPSESSID=0767616dfb439a2091d42a706275bd20; path=/; secure; SameSite=None
expires
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cdn
Served-By-Zenedge
content-encoding
gzip
vary
Accept-Encoding
x-varnish
9266070
age
0
via
1.1 varnish (Varnish/6.3)
section-io-cache
Miss
accept-ranges
bytes
section-io-id
b05b4818308b360246a60947bde09271

Redirect headers

date
Tue, 01 Jun 2021 09:16:08 GMT
content-type
text/html; charset=UTF-8
x-cache-status
NOTCACHED
x-zen-fury
054fb9a0ebd6d6ee6215bc29bde12cc7f218219e
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=2c5e51f50b8ac8b5f8d67ed4af2e1b51; path=/; secure; SameSite=None
location
https://tggsnglf.com/dofadd/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264&a_sid=9282&dof_click_id=R7V8c228k0Z6e8A0U9Q4FeIcm3Rc13m2o
expires
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
ZENEDGE
x-cdn
Served-By-Zenedge
x-via
1.1 PSdgflkfFRA1ox201:7 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1eq94:13 (Cdn Cache Server V2.0)
x-ws-request-id
60b5fad7_localhost_39540-46323
pattern.png
epromopartners.com/campaigns/fmfb/pot5hgy/images/ 		91 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epromopartners.com/campaigns/fmfb/pot5hgy/images/pattern.png
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/fmfb/pot5hgy/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
d1cb81248158bda602b2243b8a33511cb0562eaa50bb64b85da2cf0dc3d363d5

Request headers

:path
/campaigns/fmfb/pot5hgy/images/pattern.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
epromopartners.com
referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/css/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
b1c66bbd4bdd4722e775cc3f9b8e00c01ca19e7d
date
Tue, 01 Jun 2021 09:16:07 GMT
last-modified
Wed, 24 Jul 2019 14:55:09 GMT
server
ZENEDGE
etag
"5d38714d-5b"
x-cache-status
NOTCACHED
x-ws-request-id
60b5fad7_localhost_39442-6205
content-type
image/png
x-cdn
Served-By-Zenedge
accept-ranges
bytes
content-length
91
x-via
1.1 PSdgflkfFRA1ox201:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:4 (Cdn Cache Server V2.0)
bg-3.jpg
epromopartners.com/campaigns/fmfb/pot5hgy/images/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epromopartners.com/campaigns/fmfb/pot5hgy/images/bg-3.jpg
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/fmfb/pot5hgy/css/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
f0d4ef45b0f39245618bd751994c3c72cfa7cf09761d79690e9ca44a4f82936c

Request headers

:path
/campaigns/fmfb/pot5hgy/images/bg-3.jpg
pragma
no-cache
cookie
__zjc2805=5097356498
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
epromopartners.com
referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/css/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
054fb9a0ebd6d6ee6215bc29bde12cc7f218219e
date
Tue, 01 Jun 2021 09:16:08 GMT
last-modified
Wed, 24 Jul 2019 14:55:04 GMT
server
ZENEDGE
etag
"5d387148-1192f"
x-cache-status
NOTCACHED
x-ws-request-id
60b5fad8_localhost_39442-6242
content-type
image/jpeg
x-cdn
Served-By-Zenedge
accept-ranges
bytes
content-length
71983
x-via
1.1 PSdgflkfFRA1ox201:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:14 (Cdn Cache Server V2.0)
f.js
tggsnglf.com/__zenedge/assets/ Frame 9F3D 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tggsnglf.com/__zenedge/assets/f.js?v=1541158593
Requested by
Host: tggsnglf.com
URL: https://tggsnglf.com/dofadd/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264&a_sid=9282&dof_click_id=R7V8c228k0Z6e8A0U9Q4FeIcm3Rc13m2o
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.87.121 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress2
Software
/
Resource Hash
64ef86f970680e7322c71974fe2e9bd9a1da71f4d02578a60d9d883ceebb5af0

Request headers

Referer
https://tggsnglf.com/dofadd/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264&a_sid=9282&dof_click_id=R7V8c228k0Z6e8A0U9Q4FeIcm3Rc13m2o
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
8f6f1c844750d706a32005b308de2ddc1fa9da2c
date
Tue, 01 Jun 2021 09:16:08 GMT
content-encoding
gzip
section-io-cache-id
cb23753374d9bb0d5ec4edf227f71d8e
last-modified
Fri, 02 Nov 2018 11:37:21 GMT
age
3122
etag
"5bdc36f1-59e1"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish (Varnish/6.3)
x-varnish
10364870 9947440
content-length
7741
accept-ranges
bytes
section-io-id
cd8adb80cdeec7a64052ebb9586616e8
section-io-cache
Hit
/
tggsnglf.com/dofadd/ Frame 9F3D 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.87.121 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress2
Software
/
Resource Hash
fcef6f9d4b4a686b74250f419b5135955c0926072a032959f7b7d1a5d44ae0ff

Request headers

:method
GET
:authority
tggsnglf.com
:scheme
https
:path
/dofadd/?SID=0767616dfb439a2091d42a706275bd20
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tggsnglf.com/dofadd/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264&a_sid=9282&dof_click_id=R7V8c228k0Z6e8A0U9Q4FeIcm3Rc13m2o
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=0767616dfb439a2091d42a706275bd20
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://tggsnglf.com/dofadd/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264&a_sid=9282&dof_click_id=R7V8c228k0Z6e8A0U9Q4FeIcm3Rc13m2o

Response headers

date
Tue, 01 Jun 2021 09:16:08 GMT
content-type
text/html; charset=UTF-8
x-cache-status
NOTCACHED
x-zen-fury
9c4b02afb40c157e5ad13f6afb0417b3fa8c3cbe
cache-control
no-store
pragma
no-cache
set-cookie
PHPSESSID=0767616dfb439a2091d42a706275bd20; path=/; secure; SameSite=None
expires
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cdn
Served-By-Zenedge
content-encoding
gzip
vary
Accept-Encoding
x-varnish
4784311
age
0
via
1.1 varnish (Varnish/6.3)
section-io-cache
Miss
accept-ranges
bytes
section-io-id
8daac2dc1fed34d72a4dcf4b7ea9e4a9
/
geoip.securechargevault.com/ Frame 9F3D 		400 B
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip.securechargevault.com/?v=1
Requested by
Host: tggsnglf.com
URL: https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
f309f7ae78834dc28e5733b087b5ad2d03e924f0a84dcc703122614937cbdf55

Request headers

Referer
https://tggsnglf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 09:16:09 GMT
content-encoding
gzip
server
ZENEDGE
x-cache-status
NOTCACHED
x-ws-request-id
60b5fad9_localhost_39106-22647
x-via
1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:9 (Cdn Cache Server V2.0)
cache-control
no-cache, no-store, must-revalidate
x-zen-fury
d927e09739b23166aadc63c67fb4ad09451fd0a9
content-type
application/javascript
x-cdn
Served-By-Zenedge
expires
0
cleanstep3wht.css
tggsnglf.com/common_tpls/compact/css/ Frame 9F3D 		141 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tggsnglf.com/common_tpls/compact/css/cleanstep3wht.css
Requested by
Host: tggsnglf.com
URL: https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.87.121 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress2
Software
/
Resource Hash
e64b7cedcf1af0481e37bdfe2835f5e0e0311764c7e0bb91f28c83a0f8d3870c

Request headers

Referer
https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
35874a142e7181431de8231a2f78dbdc90b1f6e9
date
Tue, 01 Jun 2021 09:16:09 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2019 17:18:20 GMT
x-cdn
Served-By-Zenedge
age
0
etag
W/"5d3892dc-23398"
x-cache-status
NOTCACHED
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish (Varnish/6.3)
x-varnish
10436213
accept-ranges
bytes
section-io-id
ba567549cea9fb75c0e0201ffe684aa0
section-io-cache
Miss
jquery-3.4.1.min.js
code.jquery.com/ Frame 9F3D 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: tggsnglf.com
URL: https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin
https://tggsnglf.com
Referer
https://tggsnglf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 09:16:08 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-15851"
vary
Accept-Encoding
x-hw
1622538968.dop223.fr8.t,1622538968.cds287.fr8.hn,1622538968.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/ Frame 9F3D 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
Requested by
Host: tggsnglf.com
URL: https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FEA) /
Resource Hash
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://tggsnglf.com
Referer
https://tggsnglf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 09:16:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21022598
x-cache
HIT
content-length
12247
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:09:58 GMT
server
ECAcc (frc/8FEA)
etag
"194598e6cb33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
form_support.js
tggsnglf.com/common_tpls/js/ Frame 9F3D 		977 B
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tggsnglf.com/common_tpls/js/form_support.js?v=1516308712
Requested by
Host: tggsnglf.com
URL: https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.87.121 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress2
Software
/
Resource Hash
f2648f83e8bb78db15ffc5d01dcbc53fb6b8c585dcfabbb88bd0471b8399ca00

Request headers

Referer
https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 09:16:08 GMT
content-encoding
gzip
section-io-cache-id
016d58a01ae14e9c42cbf2af240658af
x-cdn
Served-By-Zenedge
age
11266
x-cache-status
NOTCACHED
section-io-cache
Hit
content-length
525
x-zen-fury
35874a142e7181431de8231a2f78dbdc90b1f6e9
last-modified
Tue, 19 Jan 2021 00:12:19 GMT
etag
W/"600623e3-3d1"
vary
Accept-Encoding
x-varnish
4468594 2979640
via
1.1 varnish (Varnish/6.3)
section-io-id
7170d82f5f682d0ac96538498d95a1dc
accept-ranges
bytes
content-type
application/javascript
validate_form_v2.js
tggsnglf.com/common_tpls/js/ Frame 9F3D 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tggsnglf.com/common_tpls/js/validate_form_v2.js?jsv=17
Requested by
Host: tggsnglf.com
URL: https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.87.121 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress2
Software
/
Resource Hash
71619b1a61ef77a86e5eea4a0416d9735dbfa9b668f77db09a26b7397d521b1f

Request headers

Referer
https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 09:16:08 GMT
content-encoding
gzip
section-io-cache-id
bdb0d6efcc45661ebbabc7493d9d68de
x-cdn
Served-By-Zenedge
age
11164
x-cache-status
NOTCACHED
section-io-cache
Hit
content-length
5543
x-zen-fury
35874a142e7181431de8231a2f78dbdc90b1f6e9
last-modified
Mon, 26 Apr 2021 15:55:30 GMT
etag
W/"6086e272-5509"
vary
Accept-Encoding
x-varnish
4241111 3751196
via
1.1 varnish (Varnish/6.3)
section-io-id
61a11344184dad616c91f1d1c53ddbe9
accept-ranges
bytes
content-type
application/javascript
ajax-loader.gif
tggsnglf.com/common_tpls/images/ Frame 9F3D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tggsnglf.com/common_tpls/images/ajax-loader.gif
Requested by
Host: tggsnglf.com
URL: https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.87.121 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress2
Software
/
Resource Hash
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Request headers

Referer
https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
35874a142e7181431de8231a2f78dbdc90b1f6e9
date
Tue, 01 Jun 2021 09:16:09 GMT
via
1.1 varnish (Varnish/6.3)
section-io-cache-id
439332d25e160a2097005c4d57b7af63
last-modified
Tue, 16 Jun 2020 16:45:10 GMT
x-cdn
Served-By-Zenedge
age
4892
etag
"5ee8f716-c88"
x-cache-status
NOTCACHED
content-type
image/gif
x-varnish
10436217 9417883
content-length
3208
accept-ranges
bytes
section-io-id
5094403858b4a89ad91d9825d540a1c5
section-io-cache
Hit
profile.png
tggsnglf.com/common_tpls/compact/img/cleanstep3wht/ Frame 9F3D 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tggsnglf.com/common_tpls/compact/img/cleanstep3wht/profile.png
Requested by
Host: tggsnglf.com
URL: https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.87.121 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress2
Software
/
Resource Hash
7b0e037c59f684ec33039398c3bc1ee2a75d5a7b7de1b02c45ea706a72cace17

Request headers

Referer
https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
9c4b02afb40c157e5ad13f6afb0417b3fa8c3cbe
date
Tue, 01 Jun 2021 09:16:09 GMT
via
1.1 varnish (Varnish/6.3)
section-io-cache-id
1044589ac44cd2afc4949ceb41de610f
last-modified
Wed, 17 Jul 2019 19:25:03 GMT
x-cdn
Served-By-Zenedge
age
14535
etag
"5d2f760f-1636"
x-cache-status
NOTCACHED
content-type
image/png
x-varnish
4784320 4130553
content-length
5686
accept-ranges
bytes
section-io-id
dd0c32697efc75d2a5f7cc81a2354f76
section-io-cache
Hit
iframeResizer.contentWindow.min.js
tggsnglf.com/common_tpls/js/ Frame 9F3D 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tggsnglf.com/common_tpls/js/iframeResizer.contentWindow.min.js
Requested by
Host: tggsnglf.com
URL: https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.87.121 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress2
Software
/
Resource Hash
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Request headers

Referer
https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 09:16:09 GMT
content-encoding
gzip
section-io-cache-id
b850afd9481f9044d7f74bb8f159e1bb
x-cdn
Served-By-Zenedge
age
11267
x-cache-status
NOTCACHED
section-io-cache
Hit
content-length
5094
x-zen-fury
b4d46d2ead7afe4749258240ed525d06815fc7dd
last-modified
Tue, 16 Jun 2020 16:45:10 GMT
etag
W/"5ee8f716-3445"
vary
Accept-Encoding
x-varnish
4468598 2684876
via
1.1 varnish (Varnish/6.3)
section-io-id
54b2951af85232c3bf702b6e615e8ddd
accept-ranges
bytes
content-type
application/javascript
f.js
tggsnglf.com/__zenedge/assets/ Frame 9F3D 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tggsnglf.com/__zenedge/assets/f.js?v=1541158593
Requested by
Host: tggsnglf.com
URL: https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.87.121 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress2
Software
/
Resource Hash
64ef86f970680e7322c71974fe2e9bd9a1da71f4d02578a60d9d883ceebb5af0

Request headers

Referer
https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-zen-fury
8f6f1c844750d706a32005b308de2ddc1fa9da2c
date
Tue, 01 Jun 2021 09:16:09 GMT
content-encoding
gzip
section-io-cache-id
cb23753374d9bb0d5ec4edf227f71d8e
last-modified
Fri, 02 Nov 2018 11:37:21 GMT
age
3123
etag
"5bdc36f1-59e1"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish (Varnish/6.3)
x-varnish
10436218 9947440
content-length
7741
accept-ranges
bytes
section-io-id
0252aacbd6229d5a26a0441585921c05
section-io-cache
Hit
css
fonts.googleapis.com/ Frame 9F3D 		11 KB
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Requested by
Host: tggsnglf.com
URL: https://tggsnglf.com/common_tpls/compact/css/cleanstep3wht.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
93419375ace457303adcb19b0d23de96b1da646564073ce6935795b4458f9670
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tggsnglf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 08:11:05 GMT
server
ESF
date
Tue, 01 Jun 2021 09:16:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Jun 2021 09:16:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9F3D 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://tggsnglf.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 01:56:01 GMT
x-content-type-options
nosniff
age
26408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 01:56:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9F3D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://tggsnglf.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
459157
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 27 May 2022 01:43:32 GMT
ga.js
ssl.google-analytics.com/ Frame 9F3D 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: tggsnglf.com
URL: https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tggsnglf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4267
date
Tue, 01 Jun 2021 08:05:02 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 01 Jun 2021 10:05:02 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9F3D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://tggsnglf.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 04:57:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
15542
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Wed, 01 Jun 2022 04:57:07 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9F3D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://tggsnglf.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 03:57:03 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:50 GMT
server
sffe
age
364746
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
expires
Sat, 28 May 2022 03:57:03 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9F3D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://tggsnglf.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:13:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
342161
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Sat, 28 May 2022 10:13:28 GMT
f
tggsnglf.com/__zenedge/ Frame 9F3D 		25 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tggsnglf.com/__zenedge/f
Requested by
Host: tggsnglf.com
URL: https://tggsnglf.com/__zenedge/assets/f.js?v=1541158593
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.87.121 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k3-shared-ingress2
Software
/
Resource Hash
905cfd18d8a2167f26f7b434370397a5ba426278b47b7e53e0bab4fb52707db4

Request headers

Referer
https://tggsnglf.com/dofadd/?SID=0767616dfb439a2091d42a706275bd20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

x-zen-fury
35874a142e7181431de8231a2f78dbdc90b1f6e9
date
Tue, 01 Jun 2021 09:16:09 GMT
via
1.1 varnish (Varnish/6.3)
content-type
image/png
x-cdn
Served-By-Zenedge
age
0
accept-ranges
bytes
x-varnish
10499307
cache-control
no-store
section-io-id
3e2f457122f5c1161e0816e4e59eab54
section-io-cache
Miss
content-length
25
f
epromopartners.com/__zenedge/ 		25 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epromopartners.com/__zenedge/f
Requested by
Host: epromopartners.com
URL: https://epromopartners.com/__zenedge/assets/f.js?v=1541158593
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
905cfd18d8a2167f26f7b434370397a5ba426278b47b7e53e0bab4fb52707db4

Request headers

sec-fetch-mode
cors
origin
https://epromopartners.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
__zjc2805=5097356498
content-length
1276
:path
/__zenedge/f
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
epromopartners.com
referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://epromopartners.com/campaigns/fmfb/pot5hgy/?dofid=p36%3Ao710%3Aaredictus%3Ab53241c1f%3Ac&x_aff_sub3=10213feb96c532b4ea8992c462dadc&x_affiliate_id=9282&x_offer_id=264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

x-zen-fury
054fb9a0ebd6d6ee6215bc29bde12cc7f218219e
date
Tue, 01 Jun 2021 09:16:10 GMT
server
ZENEDGE
x-ws-request-id
60b5fada_localhost_39442-6400
x-via
1.1 PSdgflkfFRA1gi91:11 (Cdn Cache Server V2.0)
cache-control
no-store
content-type
image/png
x-cdn
Served-By-Zenedge

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| html5 object| Modernizr function| $ function| jQuery object| bootstrap function| iFrameResize function| scrollToElem function| respondToSubmit function| v object| y object| z number| A string| B string| C function| D function| H

2 Cookies

Domain/Path Name / Value
tggsnglf.com/ Name: PHPSESSID
Value: 0767616dfb439a2091d42a706275bd20
epromopartners.com/ Name: __zjc2805
Value: 5097356498

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
code.jquery.com
epromopartners.com
fonts.googleapis.com
fonts.gstatic.com
geoip.securechargevault.com
securechargevault.com
ssl.google-analytics.com
tggsnglf.com
147.75.87.121
152.199.19.160
163.171.128.172
2001:4de0:ac18::1:a:3b
2a00:1450:4001:802::200a
2a00:1450:4001:809::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2b16c8a4f70d8010307d4170becb5d17ac7e6ad7adb8f535da36a1cfdff54700
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
5bb282068677d8cfae23193ede34e1c43fd6f1ed2703e3c3990f7f5f20eb8343
64ef86f970680e7322c71974fe2e9bd9a1da71f4d02578a60d9d883ceebb5af0
69b8cebd8680f999e81d36a48241506eb4583e990368c7f417068d03d5e1785d
71619b1a61ef77a86e5eea4a0416d9735dbfa9b668f77db09a26b7397d521b1f
7b0e037c59f684ec33039398c3bc1ee2a75d5a7b7de1b02c45ea706a72cace17
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
8150a6e66442996f64560b128d0effe532ed5eabdf0a8c6176c8c4e8ed502e6f
905cfd18d8a2167f26f7b434370397a5ba426278b47b7e53e0bab4fb52707db4
93419375ace457303adcb19b0d23de96b1da646564073ce6935795b4458f9670
9375e4b4dfb3a4d7573b18324807dbad831a88e21ed48e31e3bbce064e0de6b0
a9871d6a35b9b964f0bbe9ce9852a50fd901618b23cb68af929d80f4e405a8e9
bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc77098a4c5acc1533373abd3f3044a6cf644c32a0188f1035727e692a91fe07
d1cb81248158bda602b2243b8a33511cb0562eaa50bb64b85da2cf0dc3d363d5
e64b7cedcf1af0481e37bdfe2835f5e0e0311764c7e0bb91f28c83a0f8d3870c
f0d4ef45b0f39245618bd751994c3c72cfa7cf09761d79690e9ca44a4f82936c
f2648f83e8bb78db15ffc5d01dcbc53fb6b8c585dcfabbb88bd0471b8399ca00
f309f7ae78834dc28e5733b087b5ad2d03e924f0a84dcc703122614937cbdf55
fcef6f9d4b4a686b74250f419b5135955c0926072a032959f7b7d1a5d44ae0ff
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355