bots.trafficon.co Open in urlscan Pro
2606:4700:3034::6815:4b36  Public Scan

29 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login-service Show response bots.trafficon.co/api/v1/	83 KB 22 KB	1058ms 1023ms	Document text/html	2606:4700:3034::6815:4b36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 PHP/7.2.11 PHP/7.4.16 Resource Hash bbeb75127beb6488aada2a49f5c67388ab0476f44584eff4d465a4342136a2bc Request headers :method GET :authority bots.trafficon.co :scheme https :path /api/v1/login-service?action=auto-login&vendor=investcap pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:42 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=da3fa41e3829efbec05fc296b88f4b53c1617724001; expires=Thu, 06-May-21 15:46:41 GMT; path=/; domain=.trafficon.co; HttpOnly; SameSite=Lax PHPSESSID=4314d561572c08fb0062ad5a20fe0990; path=/ __cfduid=d27113c62afe8092e99ec1b29bf67a8661617724001; expires=Thu, 06-May-21 15:46:41 GMT; path=/; domain=.investcap.io; HttpOnly; SameSite=Lax; Secure x-powered-by PHP/7.2.34 PHP/7.2.11 PHP/7.4.16 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate no-cache pragma no-cache access-control-allow-credentials true true true access-control-allow-methods GET, POST, PUT, OPTIONS, DELETE GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS GET, POST, PUT, OPTIONS, DELETE access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,authorization Content-Type, Authorization, X-Requested-With DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,authorization link <https://investcap.io/wp-json/>; rel="https://api.w.org/" <https://investcap.io/wp-json/wp/v2/pages/522>; rel="alternate"; type="application/json" <https://investcap.io/>; rel=shortlink vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 0949766594000005c40eb21000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ogz4Afv%2Bbx1TT7aZqVLruEDj975IDMeTOqrsCKn4wk3ZRimOLxDf%2B5VZoM9x7Yl91O3yfu5ARlEn20ZQN68%2BK%2Bdy9DaeD2J7y0Z7Ujg%3D"}]} nel {"max_age":604800,"report_to":"cf-nel"} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 access-control-allow-origin * * access-control-max-age 86400 server cloudflare cf-ray 63bc26828c1d05c4-FRA content-encoding br
GET H2	200	css2 fonts.googleapis.com/	8 KB 840 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto%3Awght%40300%3B400%3B500%3B700&display=swap Requested by Host: bots.trafficon.co URL: https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d46c61f4cb4a1550d261861139170a2bc1019b65c29fcf40bf1b8ca98d7f50e2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://bots.trafficon.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 06 Apr 2021 13:49:44 GMT server ESF date Tue, 06 Apr 2021 15:46:42 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 06 Apr 2021 15:46:42 GMT
GET H2	200	main_ac07e032.css bots.trafficon.co/wp-content/themes/prfwp/dist/styles/	8 KB 2 KB	77ms 76ms	Stylesheet text/html	2606:4700:3034::6815:4b36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bots.trafficon.co/wp-content/themes/prfwp/dist/styles/main_ac07e032.css Requested by Host: bots.trafficon.co URL: https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash bd8b2592613a6c89d6771e4d6844f17d7603ca966cc971df822d8458188c1dd8 Request headers Referer https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:42 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.34 access-control-allow-methods GET, POST, PUT, OPTIONS, DELETE alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 094976699a000005c4073bd000000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qBxG9wx7R5DvPOgaDHwO7b7ygd%2Fm3uiRsoVRIbXYqRjs5%2FldQWnjnT5Cp7gnMIkM%2BbScBZYHqRQZ9VmBa0pZjjmhPo8h71UZhVO%2Bk9%2FDpx3SqpeqK9qa4RFdrFLlZQ%3D%3D"}],"max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=14400 access-control-allow-credentials true cf-ray 63bc2688fdd605c4-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,authorization
GET H2	200	Investcap_Hp.jpg bots.trafficon.co/wp-content/uploads/2021/01/	8 KB 8 KB	66ms 66ms	Image text/html	2606:4700:3034::6815:4b36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bots.trafficon.co/wp-content/uploads/2021/01/Investcap_Hp.jpg Requested by Host: bots.trafficon.co URL: https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:42 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.34 access-control-allow-methods GET, POST, PUT, OPTIONS, DELETE alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 094976699a000005c4062c3000000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h1%2B51lTKKsZdFbMKFtvY6g1f3m5gogBIk5NVypHwteLjVi6EeYyJ3uTkE%2B305ibbC6Ru1nkceMuoj8UFVd3j6gPTWj6YFlZB6UGeCdyCHE1%2FPa8cXT41IVgRd3a3YA%3D%3D"}],"max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=14400 access-control-allow-credentials true cf-ray 63bc2688fdd905c4-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,authorization
GET H2	200	trading_cors_macbook.jpg bots.trafficon.co/wp-content/uploads/2021/01/	8 KB 8 KB	76ms 75ms	Image text/html	2606:4700:3034::6815:4b36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bots.trafficon.co/wp-content/uploads/2021/01/trading_cors_macbook.jpg Requested by Host: bots.trafficon.co URL: https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:42 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.34 access-control-allow-methods GET, POST, PUT, OPTIONS, DELETE alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 094976699c000005c421872000000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZzC9hvela1KWPRl6w3WYCefSUIkpSp0aMLmDqZUuybXXkHPbqExpLcD6Eaxv0W4wKfPh8GxH%2F81MPb19P%2Bi4sxvdgi6uAs8XK%2FUUHwGNNoac1%2B%2FAwTLNYExSfwonnQ%3D%3D"}],"max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=14400 access-control-allow-credentials true cf-ray 63bc2688fddc05c4-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,authorization
GET H2	200	i_phone_x.jpg bots.trafficon.co/wp-content/uploads/2021/01/	8 KB 8 KB	62ms 61ms	Image text/html	2606:4700:3034::6815:4b36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bots.trafficon.co/wp-content/uploads/2021/01/i_phone_x.jpg Requested by Host: bots.trafficon.co URL: https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:42 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.34 access-control-allow-methods GET, POST, PUT, OPTIONS, DELETE alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09497669af000005c4f0983000000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IlT%2B9VJH6GpW0XoK62ugLFPIcpPgIfO42GrCJMSdsC8RnH576zoeFa%2Bd7mBjF9Gp6QKWeFt2arJY6qLM%2BT8WeDl7p9viAiKU0mk6fZ5qBbvYH5RZqO%2FCQHRI465IvA%3D%3D"}],"max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=14400 access-control-allow-credentials true cf-ray 63bc26891e1c05c4-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,authorization
GET H2	200	2021-01-13_09h50_48.png investcap.io/wp-content/uploads/2021/01/	6 KB 7 KB	81ms 29ms	Image image/png	2606:4700:3036::6815:57f6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://investcap.io/wp-content/uploads/2021/01/2021-01-13_09h50_48.png Requested by Host: bots.trafficon.co URL: https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:57f6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22fbb665eda73c788793cdfbcdbb7037b3b406c79ab6e432b57b22b6d6a68201 Request headers Referer https://bots.trafficon.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:42 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2530 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6416 cf-request-id 09497669e300002bb901352000000001 last-modified Sun, 04 Apr 2021 13:55:26 GMT server cloudflare etag "1910-5bf25eeec2895" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MkVqR%2BRyx5i7JwlJ1sT3bLvb1Tvp97TTfLfA5FKNCm9dOKpbaEegDLsCTJornW0IxWSUT04yLi46eL%2B73v0r5QgJody0LZNSfx3kdwI%2FPdUIm5GEfuvEXao%3D"}]} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 63bc268969252bb9-FRA
GET H2	200	email-decode.min.js Show response bots.trafficon.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	9ms 7ms	Script application/javascript	2606:4700:3034::6815:4b36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bots.trafficon.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: bots.trafficon.co URL: https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:42 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to":"cf-nel","max_age":604800} cf-request-id 09497669b1000005c4e9ae8000000001 last-modified Thu, 01 Apr 2021 11:25:31 GMT server cloudflare x-frame-options DENY etag W/"6065adab-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YHJnimgdRaq3PmP%2FUpiGKUo3WWPUNU7LmiZisf2skgG%2Bau4ay%2BxWw0c0qvbwaNng3Mq%2Brfupwa%2FwoT0gJLtTjpkxY6nR0Drop2n2gMmQ7dbAm23GmGHhbeUF3Zvj%2FA%3D%3D"}],"max_age":604800} content-type application/javascript cache-control max-age=172800, public cf-ray 63bc26891e2705c4-FRA expires Thu, 08 Apr 2021 15:46:42 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/	85 KB 27 KB	31ms 29ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: bots.trafficon.co URL: https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://bots.trafficon.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1031675 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27433 cf-request-id 09497669b200002c4eb79f1000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1538f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6z5GomH8Jo3wlCK1XZdebKZ9ZEvuEV6NWmUEQFIr5FoGJJKZEjGdwCEXrcAWeOgVg6aaoVQJPm9R1ql1xlPrsk8aL2D45cz2MD%2BUBX34iL%2F%2F%2FA2k6BzYHFbafkqfA0095A%3D%3D"}],"max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 63bc26891fe42c4e-FRA expires Sun, 27 Mar 2022 15:46:42 GMT
GET H2	200	angular.min.js Show response cdnjs.cloudflare.com/ajax/libs/angular.js/1.6.7/	165 KB 51 KB	20ms 18ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.6.7/angular.min.js Requested by Host: bots.trafficon.co URL: https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ecd46beda912725a7ddae9fe8188539d5fd2caf3aa91e14b8f2a62ebe495d31 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://bots.trafficon.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 8768938 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 51822 cf-request-id 09497669b700002c4e95937000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:04:56 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03d28-2959e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dJ8RR%2FHqjvvjSvBJ6uou048QRW0WE3981sjbhIGzdEqMzfXnLbZxKQKdwnDKkOCr3OozAvcVD1It6CWc8tm0ONqETRFd1Tra8WsCVSnFWDvJlGwfORTnV%2BqGJ%2B2Ea8CkFQ%3D%3D"}],"max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 63bc26891fe92c4e-FRA expires Sun, 27 Mar 2022 15:46:42 GMT
GET H2	200	crm.widgets.config.js Show response widgets.bullpro.proftit.com/	254 B 597 B	58ms 25ms	Script application/javascript	2606:4700:10::6816:1b9f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://widgets.bullpro.proftit.com/crm.widgets.config.js Requested by Host: bots.trafficon.co URL: https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1b9f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56a688ef2a77f553923f248a7282912a998c241f29a48ad1a6f398e5c98c91bc Request headers Referer https://bots.trafficon.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:42 GMT content-encoding br cf-cache-status HIT last-modified Sun, 04 Apr 2021 13:22:52 GMT server cloudflare age 4930 etag W/"6069bdac-112" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control max-age=172800 cf-polished origSize=274 cf-ray 63bc26894fb62bca-FRA cf-request-id 09497669d100002bca0f820000000001 cf-bgj minify
GET H2	200	prf.widgets.js Show response widgets.bullpro.proftit.com/latest/	2 MB 347 KB	66ms 33ms	Script application/javascript	2606:4700:10::6816:1b9f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://widgets.bullpro.proftit.com/latest/prf.widgets.js Requested by Host: bots.trafficon.co URL: https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1b9f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3058ffdf9c66b24284f550cbfaf64e79df38d0038efa759d22d953a6532c9735 Request headers Referer https://bots.trafficon.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:42 GMT content-encoding br cf-cache-status HIT last-modified Sun, 04 Apr 2021 07:28:05 GMT server cloudflare age 4930 etag W/"60696a85-191f06" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control max-age=172800 cf-polished origSize=1646342 cf-ray 63bc26894fb72bca-FRA cf-request-id 09497669d100002bca2ea5b000000001 cf-bgj minify
GET H2	200	contact-form-7_ac07e032.js Show response bots.trafficon.co/wp-content/themes/prfwp/dist/scripts/	8 KB 2 KB	73ms 72ms	Script text/html	2606:4700:3034::6815:4b36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bots.trafficon.co/wp-content/themes/prfwp/dist/scripts/contact-form-7_ac07e032.js Requested by Host: bots.trafficon.co URL: https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash bd8b2592613a6c89d6771e4d6844f17d7603ca966cc971df822d8458188c1dd8 Request headers Referer https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:42 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.34 access-control-allow-methods GET, POST, PUT, OPTIONS, DELETE alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09497669b2000005c4fa253000000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p6YPSRIumJtceirqc1f3oIHXa%2FXXsp0kjoakieKeKMJ0oI4QQdAFsoCrDdMHeg8fJIXWzgJol%2FUTuh%2FRvsBKqsK3MRMpVgjONl0V7IMtF%2BYxYnjZ6WLswGw6cPCtlA%3D%3D"}],"max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=14400 access-control-allow-credentials true cf-ray 63bc26891e2805c4-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,authorization
GET H2	200	main_ac07e032.js Show response bots.trafficon.co/wp-content/themes/prfwp/dist/scripts/	8 KB 2 KB	72ms 71ms	Script text/html	2606:4700:3034::6815:4b36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bots.trafficon.co/wp-content/themes/prfwp/dist/scripts/main_ac07e032.js Requested by Host: bots.trafficon.co URL: https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash bd8b2592613a6c89d6771e4d6844f17d7603ca966cc971df822d8458188c1dd8 Request headers Referer https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:42 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.34 access-control-allow-methods GET, POST, PUT, OPTIONS, DELETE alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09497669b5000005c4b5afa000000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nv7eO3XF2hxHFE5y4%2BZKTaOMPKMfLDOppxV0x3rGsxVy%2B1w5Aq5rquTPT3y0csl6s2aRiUdi4nou24MsopPkaf8c27IrbFMHtRnVjCtPyBO5pWrI%2FBUXjsUOHOb8XA%3D%3D"}],"max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=14400 access-control-allow-credentials true cf-ray 63bc26891e2d05c4-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,authorization
GET H2	200	HP-animation-1.mp4 bots.trafficon.co/wp-content/uploads/2021/01/	8 KB 9 KB	71ms 70ms	Media text/html	2606:4700:3034::6815:4b36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bots.trafficon.co/wp-content/uploads/2021/01/HP-animation-1.mp4 Requested by Host: bots.trafficon.co URL: https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b36 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash bd8b2592613a6c89d6771e4d6844f17d7603ca966cc971df822d8458188c1dd8 Request headers Referer https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers date Tue, 06 Apr 2021 15:46:42 GMT cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.34 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET, POST, PUT, OPTIONS, DELETE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oOPJbEAma9wU6dcdkdAs7dCyGuMLXVYpsAJi4%2BRQAL6N27dkp9K6bVm7D07FdK%2FlGRwCmwcSrHNQ8djs4OjOqxIDMmDatb75FXEnLLMOLLUj2rBNiPLcSsuMlKDDEg%3D%3D"}],"max_age":604800} access-control-allow-credentials true cf-ray 63bc2689bf9005c4-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,authorization alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0949766a13000005c43f902000000001
GET H2	200	track.js Show response httpsinvestcapio.ladesk.com/scripts/	58 KB 14 KB	136ms 49ms	Script application/javascript	172.104.227.106 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://httpsinvestcapio.ladesk.com/scripts/track.js Requested by Host: bots.trafficon.co URL: https://bots.trafficon.co/api/v1/login-service?action=auto-login&vendor=investcap Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.104.227.106 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li1803-106.members.linode.com Software nginx / Resource Hash d1e296a893f6c3605cd39c6e69484d8b978f0073cb3c6c1380647eb38fc09965 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://bots.trafficon.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:43 GMT content-encoding gzip x-content-type-options nosniff x-srv 2 age 107 vary Accept-Encoding content-length 14222 last-modified Thu, 01 Apr 2021 15:08:52 GMT server nginx etag W/"e728-5beea9bf98900" strict-transport-security max-age=31536000; includeSubDomains x-varnish 866799197 869618640 via 1.1 varnish (2.lb-app.la.linode-de) cache-control max-age=300, public accept-ranges bytes content-type application/javascript expires Tue, 06 Apr 2021 21:44:55 GMT
GET H2	200	button.php Show response httpsinvestcapio.ladesk.com/scripts/	7 KB 2 KB	31ms 31ms	Script application/x-javascript	172.104.227.106 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://httpsinvestcapio.ladesk.com/scripts/button.php?ChS=UTF-8&C=Widget&i=ajwlty93&p=__S__bots.trafficon.co%2Fapi%2Fv1%2Flogin-service%3Faction%3Dauto-login%26vendor%3Dinvestcap Requested by Host: httpsinvestcapio.ladesk.com URL: https://httpsinvestcapio.ladesk.com/scripts/track.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.104.227.106 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li1803-106.members.linode.com Software nginx / Resource Hash 410b04c484d9f7c85a60a0be87b6f740fb96623149f2f8a175345b9a0daafa71 Request headers Referer https://bots.trafficon.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma date Tue, 06 Apr 2021 15:46:43 GMT content-encoding gzip last-modified Tue, 06 Apr 2021 15:44:55 GMT x-srv 1 age 107 vary Accept-Encoding content-type application/x-javascript; charset=UTF-8 via 1.1 varnish (2.lb-app.la.linode-de) cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-varnish 866869002 869786753 accept-ranges bytes content-length 1767 server nginx expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	generateWidget.php Show response httpsinvestcapio.ladesk.com/scripts/ Frame F1C9	54 KB 11 KB	91ms 91ms	Document text/html	172.104.227.106 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://httpsinvestcapio.ladesk.com/scripts/generateWidget.php?v=5.23.13.4&t=1617666825&cwid=ajwlty93&cwrt=C&cwt=chat&pt=Investcap&ref=https%3A%2F%2Fbots.trafficon.co%2Fapi%2Fv1%2Flogin-service%3Faction%3Dauto-login%26vendor%3Dinvestcap Requested by Host: httpsinvestcapio.ladesk.com URL: https://httpsinvestcapio.ladesk.com/scripts/track.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.104.227.106 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li1803-106.members.linode.com Software nginx / Resource Hash 136875ffb2f506784e4c25690e85a1821188c65105d75357cb10abc95cccb445 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers :method GET :authority httpsinvestcapio.ladesk.com :scheme https :path /scripts/generateWidget.php?v=5.23.13.4&t=1617666825&cwid=ajwlty93&cwrt=C&cwt=chat&pt=Investcap&ref=https%3A%2F%2Fbots.trafficon.co%2Fapi%2Fv1%2Flogin-service%3Faction%3Dauto-login%26vendor%3Dinvestcap pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://bots.trafficon.co/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://bots.trafficon.co/ Response headers server nginx date Tue, 06 Apr 2021 15:46:43 GMT content-type text/html; charset=utf-8 cache-control max-age=31536000, public expires Sat, 01 Jan 2022 08:00:00 GMT last-modified Tue, 01 Jan 2008 08:00:00 GMT x-srv 4 content-encoding gzip x-varnish 871961191 age 0 vary Accept-Encoding via 1.1 varnish (2.lb-app.la.linode-de) accept-ranges bytes strict-transport-security max-age=31536000; includeSubDomains
GET DATA	200 OK	truncated /	843 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d14874d84f1f0acb9e0f0d423010d3c98b00c5b0d211ea64081275e925889364 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	chat.css httpsinvestcapio.ladesk.com/themes/embedded_chat/ascent/ Frame F1C9	160 KB 27 KB	37ms 36ms	Stylesheet text/css	172.104.227.106 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://httpsinvestcapio.ladesk.com/themes/embedded_chat/ascent/chat.css?v=5.23.13.4 Requested by Host: httpsinvestcapio.ladesk.com URL: https://httpsinvestcapio.ladesk.com/scripts/generateWidget.php?v=5.23.13.4&t=1617666825&cwid=ajwlty93&cwrt=C&cwt=chat&pt=Investcap&ref=https%3A%2F%2Fbots.trafficon.co%2Fapi%2Fv1%2Flogin-service%3Faction%3Dauto-login%26vendor%3Dinvestcap Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.104.227.106 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li1803-106.members.linode.com Software nginx / Resource Hash 37d13e00396ca23a8bdc68294fef7416362827496ba9860f1837b57c108461a7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:43 GMT content-encoding gzip x-content-type-options nosniff x-srv 1 age 913 vary Accept-Encoding content-length 27332 last-modified Thu, 01 Apr 2021 15:09:04 GMT server nginx etag W/"27f47-5beea9cb0a400" strict-transport-security max-age=31536000; includeSubDomains x-varnish 870954296 870525888 via 1.1 varnish (2.lb-app.la.linode-de) cache-control max-age=604800 accept-ranges bytes content-type text/css expires Tue, 13 Apr 2021 15:31:29 GMT
GET H2	200	track_visit.php Show response httpsinvestcapio.ladesk.com/scripts/	507 B 619 B	31ms 31ms	Script application/x-javascript	172.104.227.106 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://httpsinvestcapio.ladesk.com/scripts/track_visit.php?t=Y&C=Track&B=tq35m2l7mhqw9l7ko1wadvna82qyq&S=7e7o83h900lyi0hcxm37r2imqvxxw&pt=Investcap&url=__S__bots.trafficon.co%2Fapi%2Fv1%2Flogin-service%3Faction%3Dauto-login%26vendor%3Dinvestcap&ref=&sr=1600x1200&ud=%7B%7D&vn=Y&ci=&jstk=Y Requested by Host: httpsinvestcapio.ladesk.com URL: https://httpsinvestcapio.ladesk.com/scripts/track.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.104.227.106 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li1803-106.members.linode.com Software nginx / Resource Hash 325bba9e9bfd51ec8e3842b356e5d7c6f9c7ab2a55bc809056f3c46ee5112876 Request headers Referer https://bots.trafficon.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma date Tue, 06 Apr 2021 15:46:43 GMT content-encoding gzip last-modified Tue, 06 Apr 2021 15:44:55 GMT x-srv 4 age 107 vary Accept-Encoding content-type application/x-javascript via 1.1 varnish (2.lb-app.la.linode-de) cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-varnish 870954313 869903425 accept-ranges bytes content-length 295 server nginx expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	bus.html Show response 2-vbus-de.ladesk.com/5_23_13_4/scripts/lib/ Frame E993	34 KB 10 KB	104ms 31ms	Document text/html	172.104.244.5 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://2-vbus-de.ladesk.com/5_23_13_4/scripts/lib/bus.html?v=5.23.13.4 Requested by Host: httpsinvestcapio.ladesk.com URL: https://httpsinvestcapio.ladesk.com/scripts/track.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.104.244.5 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li1821-5.members.linode.com Software nginx / Resource Hash 661a8d053631ca15d851a5528055937dc81915a07e2f055a5bda20cf4f9798f1 Request headers :method GET :authority 2-vbus-de.ladesk.com :scheme https :path /5_23_13_4/scripts/lib/bus.html?v=5.23.13.4 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://bots.trafficon.co/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://bots.trafficon.co/ Response headers server nginx date Tue, 06 Apr 2021 15:46:43 GMT content-type text/html last-modified Thu, 01 Apr 2021 15:08:52 GMT etag W/"6065e204-861b" content-encoding gzip
GET H2	304	v2 Show response 2-vbus-de.ladesk.com/5_23_13_4/u278321_a368/tq35m2l7mhqw9l7ko1wadvna82qyq/event/lp/ Frame E993	0 161 B	31ms 30ms	XHR	172.104.244.5 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://2-vbus-de.ladesk.com/5_23_13_4/u278321_a368/tq35m2l7mhqw9l7ko1wadvna82qyq/event/lp/v2?channels=2a85039dbe_vb_7e7o83h900lyi0hcxm37r2imqvxxw&tag=0&time=Tue%2C%2006%20Apr%202021%2011%3A36%3A43%20GMT&eventid=&_=1617724003619 Requested by Host: 2-vbus-de.ladesk.com URL: https://2-vbus-de.ladesk.com/5_23_13_4/scripts/lib/bus.html?v=5.23.13.4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.104.244.5 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li1821-5.members.linode.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://2-vbus-de.ladesk.com/5_23_13_4/scripts/lib/bus.html?v=5.23.13.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:43 GMT last-modified Tue, 06 Apr 2021 11:36:43 GMT server nginx etag W/0 content-type application/octet-stream cache-control no-cache, no-store, must-revalidate content-length 0 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	304	v2 Show response 2-vbus-de.ladesk.com/5_23_13_4/u278321_a368/tq35m2l7mhqw9l7ko1wadvna82qyq/event/lp/ Frame E993	0 161 B	37ms 37ms	XHR	172.104.244.5 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://2-vbus-de.ladesk.com/5_23_13_4/u278321_a368/tq35m2l7mhqw9l7ko1wadvna82qyq/event/lp/v2?channels=2a85039dbe_vb_7e7o83h900lyi0hcxm37r2imqvxxw&tag=0&time=Tue%2C%2006%20Apr%202021%2011%3A36%3A43%20GMT&eventid=&_=1617724013652 Requested by Host: 2-vbus-de.ladesk.com URL: https://2-vbus-de.ladesk.com/5_23_13_4/scripts/lib/bus.html?v=5.23.13.4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.104.244.5 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li1821-5.members.linode.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://2-vbus-de.ladesk.com/5_23_13_4/scripts/lib/bus.html?v=5.23.13.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 15:46:53 GMT last-modified Tue, 06 Apr 2021 11:36:43 GMT server nginx etag W/0 content-type application/octet-stream cache-control no-cache, no-store, must-revalidate content-length 0 expires Thu, 01 Jan 1970 00:00:01 GMT

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| angular object| core object| __core-js_shared__ function| _ object| FileAPI object| JSON3 object| prf function| setImmediate function| clearImmediate function| P object| wpcf7 object| main object| LiveAgentTrackerXD function| LiveAgent function| LiveAgentTracker function| init_button_ajwlty93 object| widgets number| widgetsLength

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bots.trafficon.co/	1969-12-31 23:59:59	Name: LaSID Value: 7e7o83h900lyi0hcxm37r2imqvxxw
			.trafficon.co/	1969-12-31 23:59:59	Name: LaVisitorId_aHR0cHNpbnZlc3RjYXBpby5sYWRlc2suY29tLw Value: tq35m2l7mhqw9l7ko1wadvna82qyq
			bots.trafficon.co/	1970-01-19 17:23:30	Name: LaVisitorNew Value: Y
			bots.trafficon.co/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4314d561572c08fb0062ad5a20fe0990
			.trafficon.co/	1970-01-19 18:05:16	Name: __cfduid Value: da3fa41e3829efbec05fc296b88f4b53c1617724001

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2-vbus-de.ladesk.com
bots.trafficon.co
cdnjs.cloudflare.com
fonts.googleapis.com
httpsinvestcapio.ladesk.com
investcap.io
widgets.bullpro.proftit.com
172.104.227.106
172.104.244.5
2606:4700:10::6816:1b9f
2606:4700:3034::6815:4b36
2606:4700:3036::6815:57f6
2606:4700::6810:135e
2a00:1450:4001:80e::200a
136875ffb2f506784e4c25690e85a1821188c65105d75357cb10abc95cccb445
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
22fbb665eda73c788793cdfbcdbb7037b3b406c79ab6e432b57b22b6d6a68201
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3058ffdf9c66b24284f550cbfaf64e79df38d0038efa759d22d953a6532c9735
325bba9e9bfd51ec8e3842b356e5d7c6f9c7ab2a55bc809056f3c46ee5112876
37d13e00396ca23a8bdc68294fef7416362827496ba9860f1837b57c108461a7
410b04c484d9f7c85a60a0be87b6f740fb96623149f2f8a175345b9a0daafa71
56a688ef2a77f553923f248a7282912a998c241f29a48ad1a6f398e5c98c91bc
661a8d053631ca15d851a5528055937dc81915a07e2f055a5bda20cf4f9798f1
6ecd46beda912725a7ddae9fe8188539d5fd2caf3aa91e14b8f2a62ebe495d31
bbeb75127beb6488aada2a49f5c67388ab0476f44584eff4d465a4342136a2bc
bd8b2592613a6c89d6771e4d6844f17d7603ca966cc971df822d8458188c1dd8
d14874d84f1f0acb9e0f0d423010d3c98b00c5b0d211ea64081275e925889364
d1e296a893f6c3605cd39c6e69484d8b978f0073cb3c6c1380647eb38fc09965
d46c61f4cb4a1550d261861139170a2bc1019b65c29fcf40bf1b8ca98d7f50e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855