www.efmsales.com Open in urlscan Pro
64.26.30.137  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.efmsales.com/	10 KB 4 KB	720ms 205ms	Document text/html	64.26.30.137 AFFINITY-FTL
General Check archive.org Show headers Download Go to Full URL http://www.efmsales.com/ Protocol HTTP/1.1 Server 64.26.30.137 , United States, ASN3064 (AFFINITY-FTL, US), Reverse DNS Software Apache / PHP/5.4.45-1+hw7 Resource Hash 1aeee515cf7f94d03a2cf58cde727a319a27a842a97aa3623e0ec42e9d391b7f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 3405 Content-Type text/html; charset=UTF-8 Date Thu, 16 Jun 2022 21:14:48 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=256 Pragma no-cache Server Apache Vary Accept-Encoding X-Powered-By PHP/5.4.45-1+hw7
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.7.1/	92 KB 33 KB	81ms 19ms	Script text/javascript	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js Requested by Host: www.efmsales.com URL: http://www.efmsales.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 18:44:28 GMT content-encoding gzip x-content-type-options nosniff age 181820 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33333 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 14 Jun 2023 18:44:28 GMT
GET H/1.1	200 OK	concat_widget.min.css www.efmsales.com/css/widgets/	131 KB 24 KB	156ms 155ms	Stylesheet text/css	64.26.30.137 AFFINITY-FTL
General Check archive.org Show headers Download Go to Full URL http://www.efmsales.com/css/widgets/concat_widget.min.css?v=7.2.44627 Requested by Host: www.efmsales.com URL: http://www.efmsales.com/ Protocol HTTP/1.1 Server 64.26.30.137 , United States, ASN3064 (AFFINITY-FTL, US), Reverse DNS Software Apache / Resource Hash e9eca035b0ed459bec3ae3f46b9421982880754dcb99d58cf6f93322ef174d64 Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Thu, 16 Jun 2022 21:14:48 GMT Content-Encoding gzip Last-Modified Sun, 02 Feb 2020 18:47:16 GMT Server Apache ETag "20dca-59d9c3c58bfbd-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=255 Content-Length 24054
GET H/1.1	200 OK	main.min.css www.efmsales.com/templates/creator/m_b/b7/b73/160/css/	7 KB 2 KB	151ms 150ms	Stylesheet text/css	64.26.30.137 AFFINITY-FTL
General Check archive.org Show headers Download Go to Full URL http://www.efmsales.com/templates/creator/m_b/b7/b73/160/css/main.min.css?v=1517236031 Requested by Host: www.efmsales.com URL: http://www.efmsales.com/ Protocol HTTP/1.1 Server 64.26.30.137 , United States, ASN3064 (AFFINITY-FTL, US), Reverse DNS Software Apache / Resource Hash 7dfe9192836607d73105d9d4aabe26cd0100016ddadae4eb9f202c93b3e8fdf3 Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Thu, 16 Jun 2022 21:14:48 GMT Content-Encoding gzip Last-Modified Fri, 24 Jan 2020 04:37:17 GMT Server Apache ETag "1d6d-59cdb5001037a-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=256 Content-Length 1800
GET H/1.1	200 OK	style.min.css www.efmsales.com/templates/creator/m_b/b7/b73/160/css/	3 KB 1 KB	287ms 142ms	Stylesheet text/css	64.26.30.137 AFFINITY-FTL
General Check archive.org Show headers Download Go to Full URL http://www.efmsales.com/templates/creator/m_b/b7/b73/160/css/style.min.css?v=1517236031 Requested by Host: www.efmsales.com URL: http://www.efmsales.com/ Protocol HTTP/1.1 Server 64.26.30.137 , United States, ASN3064 (AFFINITY-FTL, US), Reverse DNS Software Apache / Resource Hash 6727d17036ba5e36fa85e1dcbb21769b7d4a1757a6e60c9ff284f1a64246b15d Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Thu, 16 Jun 2022 21:14:48 GMT Content-Encoding gzip Last-Modified Fri, 24 Jan 2020 15:46:14 GMT Server Apache ETag "a6b-59ce4a85804de-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=256 Content-Length 837
GET H/1.1	200 OK	skeleton.css www.efmsales.com/css/	18 KB 4 KB	292ms 146ms	Stylesheet text/css	64.26.30.137 AFFINITY-FTL
General Check archive.org Show headers Download Go to Full URL http://www.efmsales.com/css/skeleton.css Requested by Host: www.efmsales.com URL: http://www.efmsales.com/ Protocol HTTP/1.1 Server 64.26.30.137 , United States, ASN3064 (AFFINITY-FTL, US), Reverse DNS Software Apache / Resource Hash 9ddccbb3982a56735e0cb79c042b2a06c26f0e99bec5dff844e90bfcc9c9f2d0 Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Thu, 16 Jun 2022 21:14:48 GMT Content-Encoding gzip Last-Modified Sun, 02 Feb 2020 18:47:16 GMT Server Apache ETag "4666-59d9c3c592d1d-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=256 Content-Length 3511
GET H/1.1	200 OK	css fonts.googleapis.com/	1 KB 980 B	59ms 31ms	Stylesheet text/css	2a00:1450:400e:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.googleapis.com/css?family=Domine:400,700 Requested by Host: www.efmsales.com URL: http://www.efmsales.com/ Protocol HTTP/1.1 Server 2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9ff8bb70d4ed8af69326a150a05fe62b6267944a86d3a8e9c54d6b4eb32d2b4f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Thu, 16 Jun 2022 21:14:48 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin X-XSS-Protection 0 Last-Modified Thu, 16 Jun 2022 21:14:48 GMT Server ESF Cross-Origin-Opener-Policy same-origin-allow-popups X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private, max-age=86400, stale-while-revalidate=604800 Timing-Allow-Origin * Link <http://fonts.gstatic.com>; rel=preconnect; crossorigin Expires Thu, 16 Jun 2022 21:14:48 GMT
GET H/1.1	200 OK	wp-menu.js Show response www.efmsales.com/templates/creator/m_b/b7/b73/160/assets/	3 KB 1 KB	293ms 147ms	Script application/javascript	64.26.30.137 AFFINITY-FTL
General Check archive.org Show headers Download Go to Full URL http://www.efmsales.com/templates/creator/m_b/b7/b73/160/assets/wp-menu.js?v=1517236031 Requested by Host: www.efmsales.com URL: http://www.efmsales.com/ Protocol HTTP/1.1 Server 64.26.30.137 , United States, ASN3064 (AFFINITY-FTL, US), Reverse DNS Software Apache / Resource Hash 0cbedd01fa8fd4c159394616f5800d860fc4514f2f015264a0831bd80c4c092d Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Thu, 16 Jun 2022 21:14:48 GMT Content-Encoding gzip Last-Modified Fri, 24 Jan 2020 04:37:17 GMT Server Apache ETag "ce2-59cdb5001131a-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=256 Content-Length 1011
GET H/1.1	200 OK	respond.min.js Show response www.efmsales.com/templates/creator/m_b/b7/b73/160/assets/	4 KB 2 KB	295ms 147ms	Script application/javascript	64.26.30.137 AFFINITY-FTL
General Check archive.org Show headers Download Go to Full URL http://www.efmsales.com/templates/creator/m_b/b7/b73/160/assets/respond.min.js?v=1517236031 Requested by Host: www.efmsales.com URL: http://www.efmsales.com/ Protocol HTTP/1.1 Server 64.26.30.137 , United States, ASN3064 (AFFINITY-FTL, US), Reverse DNS Software Apache / Resource Hash 42716c7732312a4c001cc96b6477bdc421d6b094c3f96fa6e5ee6a6e985a8f0c Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Thu, 16 Jun 2022 21:14:48 GMT Content-Encoding gzip Last-Modified Fri, 24 Jan 2020 04:37:17 GMT Server Apache ETag "fe6-59cdb5000f3da-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=256 Content-Length 2085
GET H/1.1	200 OK	slide.js Show response www.efmsales.com/templates/creator/m_b/b7/b73/160/assets/	2 KB 996 B	297ms 146ms	Script application/javascript	64.26.30.137 AFFINITY-FTL
General Check archive.org Show headers Download Go to Full URL http://www.efmsales.com/templates/creator/m_b/b7/b73/160/assets/slide.js?v=1517236031 Requested by Host: www.efmsales.com URL: http://www.efmsales.com/ Protocol HTTP/1.1 Server 64.26.30.137 , United States, ASN3064 (AFFINITY-FTL, US), Reverse DNS Software Apache / Resource Hash ef06a72b20a0e02582d7a867a0ac35b9a657ee0f245dd3fbf45cdd470b5dccdb Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Thu, 16 Jun 2022 21:14:48 GMT Content-Encoding gzip Last-Modified Fri, 24 Jan 2020 04:37:17 GMT Server Apache ETag "69b-59cdb50043f9a-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=255 Content-Length 662
GET H/1.1	200 OK	856326-EFM_Logo-c51ce.w250.h100.png www.efmsales.com/var/m_6/61/617/73837/	12 KB 12 KB	145ms 144ms	Image image/png	64.26.30.137 AFFINITY-FTL
General Check archive.org Show headers Download Go to Show image Full URL http://www.efmsales.com/var/m_6/61/617/73837/856326-EFM_Logo-c51ce.w250.h100.png?1579840637 Requested by Host: www.efmsales.com URL: http://www.efmsales.com/ Protocol HTTP/1.1 Server 64.26.30.137 , United States, ASN3064 (AFFINITY-FTL, US), Reverse DNS Software Apache / Resource Hash eb21a440b6be91cde3bff024cc13bb97834d922d1eacb981a856658229d8e40b Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Thu, 16 Jun 2022 21:14:48 GMT Last-Modified Fri, 24 Jan 2020 04:37:18 GMT Server Apache ETag "3010-59cdb5007aa9b" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=254 Content-Length 12304
GET H/1.1	200 OK	841881-efmsales_web_face-8f14e.jpg www.efmsales.com/var/m_6/61/617/73837/	117 KB 117 KB	147ms 146ms	Image image/jpeg	64.26.30.137 AFFINITY-FTL
General Check archive.org Show headers Download Go to Show image Full URL http://www.efmsales.com/var/m_6/61/617/73837/841881-efmsales_web_face-8f14e.jpg Requested by Host: www.efmsales.com URL: http://www.efmsales.com/ Protocol HTTP/1.1 Server 64.26.30.137 , United States, ASN3064 (AFFINITY-FTL, US), Reverse DNS Software Apache / Resource Hash fc37ca7836048e69769b13216250695024e410e0db2432b3ae12cc70682d0ac9 Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Thu, 16 Jun 2022 21:14:48 GMT Last-Modified Fri, 24 Jan 2020 04:37:18 GMT Server Apache ETag "1d283-59cdb5008279b" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=255 Content-Length 119427
GET H/1.1	200 OK	front_bundle.min.js Show response www.efmsales.com/js/bundles/	162 KB 48 KB	161ms 161ms	Script application/javascript	64.26.30.137 AFFINITY-FTL
General Check archive.org Show headers Download Go to Full URL http://www.efmsales.com/js/bundles/front_bundle.min.js?v=7.2.44627 Requested by Host: www.efmsales.com URL: http://www.efmsales.com/ Protocol HTTP/1.1 Server 64.26.30.137 , United States, ASN3064 (AFFINITY-FTL, US), Reverse DNS Software Apache / Resource Hash 5c5ee18bf8af783e5a73e83b375dd85b6b5e9621d20426ee626bf70115a40fd1 Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Thu, 16 Jun 2022 21:14:48 GMT Content-Encoding gzip Last-Modified Fri, 24 Jan 2020 04:37:17 GMT Server Apache ETag "287a2-59cdb50045eda-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=254 Content-Length 48672
GET H2	200	api.js Show response www.google.com/recaptcha/	909 B 993 B	75ms 27ms	Script text/javascript	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&v=7.2.44627 Requested by Host: www.efmsales.com URL: http://www.efmsales.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 204303ee5077d5fe8623f354027670f9e04d4ee174b2bbbd0d611d5bd9c84c8b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 16 Jun 2022 21:14:49 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 580 x-xss-protection 1; mode=block expires Thu, 16 Jun 2022 21:14:49 GMT
GET H/1.1	200 OK	L0x8DFMnlVwD4h3hu_qn.woff2 fonts.gstatic.com/s/domine/v18/	27 KB 28 KB	40ms 20ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/domine/v18/L0x8DFMnlVwD4h3hu_qn.woff2 Requested by Host: fonts.googleapis.com URL: http://fonts.googleapis.com/css?family=Domine:400,700 Protocol HTTP/1.1 Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash edbfbc1fb14bc704831f952888b7e51e96e69e9075d7768f2a0d8b24fc0b0b9d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://fonts.googleapis.com/ Origin http://www.efmsales.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Date Thu, 09 Jun 2022 23:59:01 GMT X-Content-Type-Options nosniff Age 594948 Content-Security-Policy-Report-Only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy cross-origin Content-Length 27760 X-XSS-Protection 0 Last-Modified Thu, 21 Apr 2022 16:43:13 GMT Server sffe Cross-Origin-Opener-Policy same-origin; report-to="apps-themes" Report-To {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Expires Fri, 09 Jun 2023 23:59:01 GMT
GET H2	200	www-widgetapi.js Show response s.ytimg.com/yts/jsbin/www-widgetapi-vflj3RSGk/	20 KB 21 KB	81ms 20ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s.ytimg.com/yts/jsbin/www-widgetapi-vflj3RSGk/www-widgetapi.js Requested by Host: www.efmsales.com URL: http://www.efmsales.com/js/bundles/front_bundle.min.js?v=7.2.44627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a599232b27762d0deef401c854b6c5f7f9f7b69c63a22fdf36b99bac156946fc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Sun, 12 Jun 2022 09:45:00 GMT x-content-type-options nosniff age 386989 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20602 x-xss-protection 0 last-modified Tue, 08 May 2018 20:06:48 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=691200 accept-ranges bytes timing-allow-origin https://www.youtube.com cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Mon, 20 Jun 2022 09:45:00 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/	367 KB 146 KB	69ms 20ms	Script text/javascript	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&v=7.2.44627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.efmsales.com/ Origin http://www.efmsales.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 16 Jun 2022 17:26:30 GMT content-encoding gzip x-content-type-options nosniff age 13699 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 148524 x-xss-protection 0 last-modified Mon, 06 Jun 2022 04:02:41 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 16 Jun 2023 17:26:30 GMT
GET H2	200	addthis_widget.js Show response s7.addthis.com/js/250/	353 KB 114 KB	107ms 25ms	Script application/javascript	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/js/250/addthis_widget.js?_=1655414089424 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip last-modified Mon, 26 Oct 2020 18:11:48 GMT server nginx/1.15.8 etag "5f971164-5834c" vary Accept-Encoding x-distribution 99 content-type application/javascript cache-control public, max-age=600 date Thu, 16 Jun 2022 21:14:49 GMT x-host s7.addthis.com content-length 116323
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 69A7	43 KB 23 KB	40ms 39ms	Document text/html	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYxo4UAAAAAHrKdOqHLQTNNeIxggkS0jv828Ph&co=aHR0cDovL3d3dy5lZm1zYWxlcy5jb206ODA.&hl=de&v=g9jXH0OtfQet-V0Aewq23c7K&size=invisible&badge=bottomright&cb=rj1bkjexdpka Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c158ad54dedf9cd0bd6c73dad73092083fb761c17649babbe0c7b29c3a62357e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-zQpQs1M14gtD3jdvmaQBAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://www.efmsales.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 22884 content-security-policy script-src 'report-sample' 'nonce-zQpQs1M14gtD3jdvmaQBAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 16 Jun 2022 21:14:49 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	moatframe.js Show response z.moatads.com/addthismoatframe568911941483/	2 KB 1 KB	74ms 21ms	Script application/x-javascript	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/addthismoatframe568911941483/moatframe.js Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/250/addthis_widget.js?_=1655414089424 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 16 Jun 2022 21:14:49 GMT content-encoding gzip last-modified Fri, 08 Nov 2019 20:13:52 GMT server AmazonS3 x-amz-request-id D5503D14AA2F06AA etag "f14b4e1f799b14f798a195f43cf58376" vary Accept-Encoding content-type application/x-javascript cache-control max-age=38388 accept-ranges bytes content-length 948 x-amz-id-2 JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/ Frame 69A7	51 KB 24 KB	61ms 21ms	Stylesheet text/css	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYxo4UAAAAAHrKdOqHLQTNNeIxggkS0jv828Ph&co=aHR0cDovL3d3dy5lZm1zYWxlcy5jb206ODA.&hl=de&v=g9jXH0OtfQet-V0Aewq23c7K&size=invisible&badge=bottomright&cb=rj1bkjexdpka Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 16 Jun 2022 16:12:00 GMT content-encoding gzip x-content-type-options nosniff age 18169 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 06 Jun 2022 04:02:41 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 16 Jun 2023 16:12:00 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/ Frame 69A7	367 KB 145 KB	59ms 19ms	Script text/javascript	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYxo4UAAAAAHrKdOqHLQTNNeIxggkS0jv828Ph&co=aHR0cDovL3d3dy5lZm1zYWxlcy5jb206ODA.&hl=de&v=g9jXH0OtfQet-V0Aewq23c7K&size=invisible&badge=bottomright&cb=rj1bkjexdpka Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 16 Jun 2022 17:26:30 GMT content-encoding gzip x-content-type-options nosniff age 13699 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 148524 x-xss-protection 0 last-modified Mon, 06 Jun 2022 04:02:41 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 16 Jun 2023 17:26:30 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 69A7	2 KB 2 KB	19ms 18ms	Image image/png	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 18:59:48 GMT x-content-type-options nosniff age 180901 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 21 Jun 2022 18:59:48 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 69A7	15 KB 16 KB	70ms 22ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYxo4UAAAAAHrKdOqHLQTNNeIxggkS0jv828Ph&co=aHR0cDovL3d3dy5lZm1zYWxlcy5jb206ODA.&hl=de&v=g9jXH0OtfQet-V0Aewq23c7K&size=invisible&badge=bottomright&cb=rj1bkjexdpka Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 17:06:41 GMT x-content-type-options nosniff age 187688 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 14 Jun 2023 17:06:41 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 69A7	15 KB 15 KB	74ms 26ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYxo4UAAAAAHrKdOqHLQTNNeIxggkS0jv828Ph&co=aHR0cDovL3d3dy5lZm1zYWxlcy5jb206ODA.&hl=de&v=g9jXH0OtfQet-V0Aewq23c7K&size=invisible&badge=bottomright&cb=rj1bkjexdpka Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 08:48:37 GMT x-content-type-options nosniff age 217572 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 14 Jun 2023 08:48:37 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 69A7	102 B 134 B	28ms 28ms	Other text/javascript	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=g9jXH0OtfQet-V0Aewq23c7K Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYxo4UAAAAAHrKdOqHLQTNNeIxggkS0jv828Ph&co=aHR0cDovL3d3dy5lZm1zYWxlcy5jb206ODA.&hl=de&v=g9jXH0OtfQet-V0Aewq23c7K&size=invisible&badge=bottomright&cb=rj1bkjexdpka Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 884fb63655c87934d3b52b108f13b8939e3f9a4241c88dd7d7e5d2dd6de0d3bb Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYxo4UAAAAAHrKdOqHLQTNNeIxggkS0jv828Ph&co=aHR0cDovL3d3dy5lZm1zYWxlcy5jb206ODA.&hl=de&v=g9jXH0OtfQet-V0Aewq23c7K&size=invisible&badge=bottomright&cb=rj1bkjexdpka User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 16 Jun 2022 21:14:49 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Thu, 16 Jun 2022 21:14:49 GMT
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame E5BF	7 KB 1 KB	31ms 31ms	Document text/html	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=g9jXH0OtfQet-V0Aewq23c7K&k=6LeYxo4UAAAAAHrKdOqHLQTNNeIxggkS0jv828Ph Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d1d2552b3e1f7ba9d59eff08022c45fb3f4fe813a23a165b1991036c8dccb494 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-vZ94AePWzunWs7ipC5dimw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://www.efmsales.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 1113 content-security-policy script-src 'report-sample' 'nonce-vZ94AePWzunWs7ipC5dimw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 16 Jun 2022 21:14:49 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/ Frame E5BF	51 KB 24 KB	19ms 19ms	Stylesheet text/css	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=g9jXH0OtfQet-V0Aewq23c7K&k=6LeYxo4UAAAAAHrKdOqHLQTNNeIxggkS0jv828Ph Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 16 Jun 2022 16:12:00 GMT content-encoding gzip x-content-type-options nosniff age 18169 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 06 Jun 2022 04:02:41 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 16 Jun 2023 16:12:00 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/ Frame E5BF	367 KB 145 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=g9jXH0OtfQet-V0Aewq23c7K&k=6LeYxo4UAAAAAHrKdOqHLQTNNeIxggkS0jv828Ph Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 16 Jun 2022 17:26:30 GMT content-encoding gzip x-content-type-options nosniff age 13699 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 148524 x-xss-protection 0 last-modified Mon, 06 Jun 2022 04:02:41 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 16 Jun 2023 17:26:30 GMT
GET H2	200	300lo.json Show response m.addthis.com/live/red_lojson/	90 B 250 B	218ms 209ms	Script application/javascript	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://m.addthis.com/live/red_lojson/300lo.json?si=62ab9d49086759b9&bkl=0&bl=1&pdt=1465&sid=62ab9d49086759b9&pub=&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.efmsales.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1655414089972&jsl=1&uvs=62ab9d49f9f3bd2c000&skipb=1&callback=addthis.cbs.jsonp__466439201678913840 Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/250/addthis_widget.js?_=1655414089424 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software / Resource Hash f5d24e57afd415f378b5605470d8838813b3d3c2cd7bb1173cb7ff2e0ab89214 Request headers accept-language de-DE,de;q=0.9 Referer http://www.efmsales.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers pragma no-cache date Thu, 16 Jun 2022 21:14:50 GMT cache-control max-age=0, no-cache, no-store, no-transform content-disposition attachment; filename=1.txt content-length 90 content-type application/javascript;charset=utf-8
GET		sh.f48a1a04fe8dbf021b4cda1d.html s7.addthis.com/static/ Frame 4B0C	0 0
GET H2	200	sh.f48a1a04fe8dbf021b4cda1d.html Show response s7.addthis.com/static/ Frame 874A	71 KB 26 KB	75ms 75ms	Document text/html	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/250/addthis_widget.js?_=1655414089424 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer http://www.efmsales.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control public, max-age=86313600 content-encoding gzip content-length 26421 content-type text/html date Thu, 16 Jun 2022 21:14:50 GMT etag W/"5f971164-11adc" last-modified Mon, 26 Oct 2020 18:11:48 GMT p3p CP="NON ADM OUR DEV IND COM STA" server nginx/1.15.8 strict-transport-security max-age=15724800; includeSubDomains timing-allow-origin * vary Accept-Encoding x-host s7.addthis.com
POST H3	200	reload Show response www.google.com/recaptcha/api2/ Frame E5BF	38 KB 23 KB	75ms 75ms	XHR application/json	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6LeYxo4UAAAAAHrKdOqHLQTNNeIxggkS0jv828Ph Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9065674b541d51787bc3c08b924c64266dd9fc1348e8c3236fb8b8ef72eac213 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/bframe?hl=de&v=g9jXH0OtfQet-V0Aewq23c7K&k=6LeYxo4UAAAAAHrKdOqHLQTNNeIxggkS0jv828Ph accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Content-Type application/x-protobuffer Response headers date Thu, 16 Jun 2022 21:14:50 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23039 x-xss-protection 1; mode=block expires Thu, 16 Jun 2022 21:14:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

s7.addthis.com

URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| $ function| jQuery object| jQuery171027797142677488607 function| reverseMenu function| portraitOrientation function| landscapeOrientation object| respond number| sid function| alertChangesNotSaved function| inspect function| OpenWin function| numberFormat function| searchFldValidation function| fldValidation function| getFileName function| updateLinkedSelects function| addImageFlashEffect function| addToDocOnload function| docOnloadRunBuf function| setImageUrl function| in_array function| validateInput function| fileValidate function| fileErrMsg function| addParentCat function| onSelectClick function| validateGoogleAnalyticsLoginDetails function| selectState function| checkSelected function| EnvokeMobile function| bodyAutoScroll function| MobileLogin function| showVarsTag function| switchMode function| getDependecies function| buildSocialEntry function| getInternetExplorerVersion undefined| imageTagId undefined| currentIndex undefined| oldIndex undefined| originalText undefined| fldReqs undefined| fldReqsSec undefined| fldReqsSecKey string| docOnLoadBuf object| efu function| onloadCallback object| base64 function| Froogaloop function| SlideManager object| YT object| YTConfig object| WC number| currentWidth number| setWidth number| setHeight function| $f function| onYTReady object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| socialEntries object| socialEntriesTitle object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| recaptcha object| iCaptchasIds string| $badgePosition object| closure_lm_500979 function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto boolean| __@@##MUH object| addthis_share object| addthis_config object| oattr

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 08:09:26	Name: _GRECAPTCHA Value: 09ADepaW1lix9rczLvhN6BEARctVo2zC7PwEpgvJcYg9vPg8-H71BiVgLFndiN3xBMTkKKCr0Nqa1yZqIRm365eSw
			www.efmsales.com/	1970-01-20 13:19:02	Name: __atuvc Value: 1%7C24
			www.efmsales.com/	1970-01-20 03:50:15	Name: __atuvs Value: 62ab9d49f9f3bd2c000
			.addthis.com/	1970-01-20 13:19:02	Name: uvc Value: 1%7C24
			.addthis.com/	1970-01-20 13:19:02	Name: loc Value: MDAwMDBFVURFSEUyMzA4MTg5MzAwMzAwMDBDSA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
m.addthis.com
s.ytimg.com
s7.addthis.com
www.efmsales.com
www.google.com
www.gstatic.com
z.moatads.com
s7.addthis.com
104.75.88.126
23.35.237.151
2a00:1450:4001:803::2004
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:400e:802::200a
64.26.30.137
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0cbedd01fa8fd4c159394616f5800d860fc4514f2f015264a0831bd80c4c092d
1aeee515cf7f94d03a2cf58cde727a319a27a842a97aa3623e0ec42e9d391b7f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
204303ee5077d5fe8623f354027670f9e04d4ee174b2bbbd0d611d5bd9c84c8b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42716c7732312a4c001cc96b6477bdc421d6b094c3f96fa6e5ee6a6e985a8f0c
506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c5ee18bf8af783e5a73e83b375dd85b6b5e9621d20426ee626bf70115a40fd1
6727d17036ba5e36fa85e1dcbb21769b7d4a1757a6e60c9ff284f1a64246b15d
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7dfe9192836607d73105d9d4aabe26cd0100016ddadae4eb9f202c93b3e8fdf3
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
884fb63655c87934d3b52b108f13b8939e3f9a4241c88dd7d7e5d2dd6de0d3bb
9065674b541d51787bc3c08b924c64266dd9fc1348e8c3236fb8b8ef72eac213
9ddccbb3982a56735e0cb79c042b2a06c26f0e99bec5dff844e90bfcc9c9f2d0
9ff8bb70d4ed8af69326a150a05fe62b6267944a86d3a8e9c54d6b4eb32d2b4f
a599232b27762d0deef401c854b6c5f7f9f7b69c63a22fdf36b99bac156946fc
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
c158ad54dedf9cd0bd6c73dad73092083fb761c17649babbe0c7b29c3a62357e
d1d2552b3e1f7ba9d59eff08022c45fb3f4fe813a23a165b1991036c8dccb494
e9eca035b0ed459bec3ae3f46b9421982880754dcb99d58cf6f93322ef174d64
eb21a440b6be91cde3bff024cc13bb97834d922d1eacb981a856658229d8e40b
edbfbc1fb14bc704831f952888b7e51e96e69e9075d7768f2a0d8b24fc0b0b9d
ef06a72b20a0e02582d7a867a0ac35b9a657ee0f245dd3fbf45cdd470b5dccdb
f5d24e57afd415f378b5605470d8838813b3d3c2cd7bb1173cb7ff2e0ab89214
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fc37ca7836048e69769b13216250695024e410e0db2432b3ae12cc70682d0ac9