subscribe.sharemovingmedia.com Open in urlscan Pro
13.58.98.49  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://dn.mdsi.org/ Page URL
2. https://subscribe.sharemovingmedia.com/dail-enews-subscription-page Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response dn.mdsi.org/	447 B 693 B	404ms 224ms	Document text/html	74.114.167.131 ZAYO-6461
General Check archive.org Show headers Download Go to Full URL http://dn.mdsi.org/ Protocol HTTP/1.1 Server 74.114.167.131 , United States, ASN6461 (ZAYO-6461, US), Reverse DNS 74-114-167-131.static.fullcontrol.net Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 2a220f677d6a3baa853dca27b389733c2a868f530c413afd53bf4816ff7d04cf Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Content-Length 447 Content-Type text/html Date Fri, 16 Feb 2024 10:01:39 GMT ETag "1fceb47b2efd91:0" Last-Modified Mon, 25 Sep 2023 13:14:57 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	Primary Request dail-enews-subscription-page Show response subscribe.sharemovingmedia.com/	9 KB 10 KB	610ms 121ms	Document text/html	13.58.98.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://subscribe.sharemovingmedia.com/dail-enews-subscription-page Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.58.98.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-58-98-49.us-east-2.compute.amazonaws.com Software nginx / Express Resource Hash 3a9da899c8082619936870bb7c8baa3b11903ded6ecb7149272803e640f70b7b Request headers Referer http://dn.mdsi.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Origin * Connection keep-alive Content-Length 9560 Content-Type text/html; charset=utf-8 Date Fri, 16 Feb 2024 10:01:40 GMT ETag W/"2558-jEmmx3QD35nWvFNxDtuNwz65R0k" Server nginx X-Powered-By Express
GET H/1.1	200 OK	pagestyles.css emailservice.mirabelsmarketingmanager.com/css/	3 KB 4 KB	383ms 115ms	Stylesheet text/css	13.58.98.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://emailservice.mirabelsmarketingmanager.com/css/pagestyles.css Requested by Host: subscribe.sharemovingmedia.com URL: https://subscribe.sharemovingmedia.com/dail-enews-subscription-page Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.58.98.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-58-98-49.us-east-2.compute.amazonaws.com Software nginx / Express Resource Hash 4488a0645ad0f56cdc0e5ebe65835e0cc4f0fdfd6db34e5a0940094ca1903b92 Request headers accept-language de-DE,de;q=0.9 Referer https://subscribe.sharemovingmedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Fri, 16 Feb 2024 10:01:41 GMT Last-Modified Thu, 15 Feb 2024 06:19:09 GMT Server nginx X-Powered-By Express ETag W/"d22-18dab6b4150" Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 3362
GET H/1.1	200 OK	validation.js Show response emailservice.mirabelsmarketingmanager.com/js/	15 KB 16 KB	495ms 227ms	Script application/javascript	13.58.98.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://emailservice.mirabelsmarketingmanager.com/js/validation.js Requested by Host: subscribe.sharemovingmedia.com URL: https://subscribe.sharemovingmedia.com/dail-enews-subscription-page Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.58.98.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-58-98-49.us-east-2.compute.amazonaws.com Software nginx / Express Resource Hash 359007c14ade9acbb096d7690abe2972cb9076abae57f2b59155a3bf887d56d0 Request headers accept-language de-DE,de;q=0.9 Referer https://subscribe.sharemovingmedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Fri, 16 Feb 2024 10:01:41 GMT Last-Modified Thu, 15 Feb 2024 06:19:09 GMT Server nginx X-Powered-By Express ETag W/"3d9a-18dab6b415c" Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 15770
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	81ms 34ms	Script text/javascript	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LfhBWkgAAAAAC4nmP9Z1jFpk92edBhSK6ZP-Y30 Requested by Host: subscribe.sharemovingmedia.com URL: https://subscribe.sharemovingmedia.com/dail-enews-subscription-page Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash cc7ee35b248b4d1c28954ccbaff79badb372083f73980b892ef1e32ae8461496 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://subscribe.sharemovingmedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 10:01:40 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 16 Feb 2024 10:01:40 GMT
GET H2	200	css fonts.googleapis.com/	22 KB 2 KB	82ms 29ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800 Requested by Host: emailservice.mirabelsmarketingmanager.com URL: https://emailservice.mirabelsmarketingmanager.com/css/pagestyles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ecae33eb25b1dbca55fc3c77886e4e01548bc694afa636eb221f7a0a9f7f43ab Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://emailservice.mirabelsmarketingmanager.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 16 Feb 2024 10:01:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 16 Feb 2024 09:01:08 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 16 Feb 2024 10:01:41 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	66ms 19ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://subscribe.sharemovingmedia.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 14 Feb 2024 04:08:42 GMT x-content-type-options nosniff age 193979 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 13 Feb 2025 04:08:42 GMT
GET H/1.1	200 OK	REP-JHC_Dail-enews.png mmclientfilespublic.s3.amazonaws.com/BEE-Editor/Images/Client1929/	447 KB 447 KB	689ms 270ms	Image image/png	52.92.162.9 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mmclientfilespublic.s3.amazonaws.com/BEE-Editor/Images/Client1929/REP-JHC_Dail-enews.png Requested by Host: subscribe.sharemovingmedia.com URL: https://subscribe.sharemovingmedia.com/dail-enews-subscription-page Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.92.162.9 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6b7bb14387f63dd9d049f936137663e9135226a6948745613d3bb3e79d9db551 Request headers accept-language de-DE,de;q=0.9 Referer https://subscribe.sharemovingmedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Fri, 16 Feb 2024 10:01:42 GMT Last-Modified Wed, 05 Apr 2023 16:58:45 GMT Server AmazonS3 x-amz-request-id QZCSXBV45SZ0SJ8D ETag "85700b4e009d44775b35909d5e8fd155" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 457741 x-amz-id-2 lGPVxyNBmIdBRLFbZ8vpLGMIfmvTSPRpdtn1IP+qIV2+LBcioXlDVkG5MCRlrlM0EzHc5qKjDZ0=
GET H2	200	Asyncload.js Show response d1vg5xiq7qffdj.cloudfront.net/	20 KB 6 KB	73ms 20ms	Script application/javascript	2600:9000:2491:e00:0:6f3c:65c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1vg5xiq7qffdj.cloudfront.net/Asyncload.js?isUb=1&fpkey=220243&encsid=UH7MXch0NYM,&enccid=hEexGKD34iY,&wsid=Mzc0&trackingUrl=HIfoicOddMFsPj6pIhUag2wljpopK4yI9456300cf5g, Requested by Host: subscribe.sharemovingmedia.com URL: https://subscribe.sharemovingmedia.com/dail-enews-subscription-page Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:e00:0:6f3c:65c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 72753bf20ed288ede24c8c12689fd3ec0aaaae976f5155d7b8d90eca316506b5 Request headers accept-language de-DE,de;q=0.9 Referer https://subscribe.sharemovingmedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 12 Feb 2024 03:11:55 GMT content-encoding gzip via 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P7 age 370186 x-powered-by ASP.NET x-cache Hit from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" last-modified Thu, 11 Feb 2021 17:53:16 GMT server Microsoft-IIS/10.0 etag W/"d8aa53c69e0d71:0" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 access-control-allow-headers Content-Type x-amz-cf-id gb5UiWFSaAo4VgDXFitTMJQmIa-r935kPwSIffFcrpxBRkXsHijTbQ==
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/	493 KB 197 KB	63ms 19ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LfhBWkgAAAAAC4nmP9Z1jFpk92edBhSK6ZP-Y30 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://subscribe.sharemovingmedia.com/ Origin https://subscribe.sharemovingmedia.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 07:51:15 GMT content-encoding gzip x-content-type-options nosniff age 7826 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200774 x-xss-protection 0 last-modified Mon, 05 Feb 2024 05:00:25 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 15 Feb 2025 07:51:15 GMT
POST H/1.1	200 OK	addlpvisit Show response emailservice.mirabelsmarketingmanager.com/api/	16 B 438 B	120ms 120ms	Fetch application/json	13.58.98.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://emailservice.mirabelsmarketingmanager.com/api/addlpvisit Requested by Host: emailservice.mirabelsmarketingmanager.com URL: https://emailservice.mirabelsmarketingmanager.com/js/validation.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.58.98.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-58-98-49.us-east-2.compute.amazonaws.com Software nginx / Express Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Request headers Referer https://subscribe.sharemovingmedia.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/json Response headers Date Fri, 16 Feb 2024 10:01:41 GMT Server nginx X-Powered-By Express ETag W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA" Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 16
OPTIONS H/1.1	204 No Content	addlpvisit emailservice.mirabelsmarketingmanager.com/api/ Frame	0 0	340ms 114ms	Preflight	13.58.98.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://emailservice.mirabelsmarketingmanager.com/api/addlpvisit Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.58.98.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-58-98-49.us-east-2.compute.amazonaws.com Software nginx / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://subscribe.sharemovingmedia.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin * Connection keep-alive Content-Length 0 Date Fri, 16 Feb 2024 10:01:41 GMT Server nginx Vary Access-Control-Request-Headers X-Powered-By Express
GET H2	200	fp2.min.js Show response d1vg5xiq7qffdj.cloudfront.net/	29 KB 11 KB	22ms 22ms	Script application/javascript	2600:9000:2491:e00:0:6f3c:65c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1vg5xiq7qffdj.cloudfront.net/fp2.min.js Requested by Host: d1vg5xiq7qffdj.cloudfront.net URL: https://d1vg5xiq7qffdj.cloudfront.net/Asyncload.js?isUb=1&fpkey=220243&encsid=UH7MXch0NYM,&enccid=hEexGKD34iY,&wsid=Mzc0&trackingUrl=HIfoicOddMFsPj6pIhUag2wljpopK4yI9456300cf5g, Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:e00:0:6f3c:65c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f Request headers accept-language de-DE,de;q=0.9 Referer https://subscribe.sharemovingmedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 12 Feb 2024 23:42:44 GMT content-encoding gzip via 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P7 age 296336 x-powered-by ASP.NET x-cache Hit from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" last-modified Tue, 04 Feb 2020 16:16:08 GMT server Microsoft-IIS/10.0 etag W/"014506876dbd51:0" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 access-control-allow-headers Content-Type x-amz-cf-id HpFab45e6KvTO90Wv6THWcozzGQbzLmswcSTzNOElzoZVZMXNuZyXw==
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame E8F2	45 KB 28 KB	44ms 44ms	Document text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfhBWkgAAAAAC4nmP9Z1jFpk92edBhSK6ZP-Y30&co=aHR0cHM6Ly9zdWJzY3JpYmUuc2hhcmVtb3ZpbmdtZWRpYS5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=jp59skase9om Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 86f12e1260e31340a5c63e4149f32496456b5c70d61a4c88427c5d1055b47462 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-FClh6BpZ5DMs7NE6udJlKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://subscribe.sharemovingmedia.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-FClh6BpZ5DMs7NE6udJlKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 16 Feb 2024 10:01:41 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame E8F2	55 KB 24 KB	57ms 19ms	Stylesheet text/css	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfhBWkgAAAAAC4nmP9Z1jFpk92edBhSK6ZP-Y30&co=aHR0cHM6Ly9zdWJzY3JpYmUuc2hhcmVtb3ZpbmdtZWRpYS5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=jp59skase9om Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 08:10:26 GMT content-encoding gzip x-content-type-options nosniff age 6675 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 05 Feb 2024 05:00:25 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 15 Feb 2025 08:10:26 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame E8F2	493 KB 196 KB	56ms 19ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfhBWkgAAAAAC4nmP9Z1jFpk92edBhSK6ZP-Y30&co=aHR0cHM6Ly9zdWJzY3JpYmUuc2hhcmVtb3ZpbmdtZWRpYS5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=jp59skase9om Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 07:51:15 GMT content-encoding gzip x-content-type-options nosniff age 7826 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 200774 x-xss-protection 0 last-modified Mon, 05 Feb 2024 05:00:25 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 15 Feb 2025 07:51:15 GMT
GET H3	200	GaCecGsOYBX5Y-bYhBnP8HzGx5OMr0R3KV4Tm0nuRTQ.js Show response www.google.com/js/bg/ Frame E8F2	17 KB 7 KB	18ms 18ms	Script text/javascript	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/bg/GaCecGsOYBX5Y-bYhBnP8HzGx5OMr0R3KV4Tm0nuRTQ.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 19a09e706b0e6015f963e6d88419cff07cc6c7938caf4477295e139b49ee4534 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfhBWkgAAAAAC4nmP9Z1jFpk92edBhSK6ZP-Y30&co=aHR0cHM6Ly9zdWJzY3JpYmUuc2hhcmVtb3ZpbmdtZWRpYS5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=jp59skase9om User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 14 Feb 2024 06:23:39 GMT content-encoding br x-content-type-options nosniff age 185882 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6957 x-xss-protection 0 last-modified Mon, 05 Feb 2024 17:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 13 Feb 2025 06:23:39 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame E8F2	2 KB 2 KB	19ms 18ms	Image image/png	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Thu, 15 Feb 2024 05:19:14 GMT x-content-type-options nosniff age 103347 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Thu, 22 Feb 2024 05:19:14 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame E8F2	15 KB 15 KB	22ms 22ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfhBWkgAAAAAC4nmP9Z1jFpk92edBhSK6ZP-Y30&co=aHR0cHM6Ly9zdWJzY3JpYmUuc2hhcmVtb3ZpbmdtZWRpYS5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=jp59skase9om Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Tue, 13 Feb 2024 09:04:02 GMT x-content-type-options nosniff age 262659 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Feb 2025 09:04:02 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame E8F2	15 KB 15 KB	24ms 24ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfhBWkgAAAAAC4nmP9Z1jFpk92edBhSK6ZP-Y30&co=aHR0cHM6Ly9zdWJzY3JpYmUuc2hhcmVtb3ZpbmdtZWRpYS5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=jp59skase9om Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Thu, 15 Feb 2024 13:40:25 GMT x-content-type-options nosniff age 73276 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 14 Feb 2025 13:40:25 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame E8F2	102 B 135 B	27ms 27ms	Other text/javascript	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfhBWkgAAAAAC4nmP9Z1jFpk92edBhSK6ZP-Y30&co=aHR0cHM6Ly9zdWJzY3JpYmUuc2hhcmVtb3ZpbmdtZWRpYS5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=jp59skase9om Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash da38d3e3b25f4bd39761adb2517f234e1b291293d6582e7c58ea5b335f205f38 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfhBWkgAAAAAC4nmP9Z1jFpk92edBhSK6ZP-Y30&co=aHR0cHM6Ly9zdWJzY3JpYmUuc2hhcmVtb3ZpbmdtZWRpYS5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=jp59skase9om User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 10:01:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 16 Feb 2024 10:01:41 GMT
GET H/1.1	200 OK	lnktrk.js Show response app1.mirabelanalytics.com/	67 KB 23 KB	628ms 305ms	Script application/javascript	13.65.25.195 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://app1.mirabelanalytics.com/lnktrk.js Requested by Host: d1vg5xiq7qffdj.cloudfront.net URL: https://d1vg5xiq7qffdj.cloudfront.net/Asyncload.js?isUb=1&fpkey=220243&encsid=UH7MXch0NYM,&enccid=hEexGKD34iY,&wsid=Mzc0&trackingUrl=HIfoicOddMFsPj6pIhUag2wljpopK4yI9456300cf5g, Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.65.25.195 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash b52608eb90130f261d38507f7445e73f9c54fde9b481d23f1987bafd1ed5090a Request headers accept-language de-DE,de;q=0.9 Referer https://subscribe.sharemovingmedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Fri, 16 Feb 2024 10:01:42 GMT Content-Encoding gzip Last-Modified Mon, 30 Mar 2020 05:09:01 GMT Server nginx/1.10.3 (Ubuntu) ETag W/"5e817eed-10d63" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
POST H2	200	JsResourse.ashx Show response app.mirabelsmarketingmanager.com/fpv2/fps/	52 KB 53 KB	638ms 238ms	XHR text/plain	52.12.68.237 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.mirabelsmarketingmanager.com/fpv2/fps/JsResourse.ashx?encsid=UH7MXch0NYM,&enccid=hEexGKD34iY,&fpid=73872f49-ec8e-423e-ba3f-16ab42a335a1&isUb=1&trackingUrl=HIfoicOddMFsPj6pIhUag2wljpopK4yI9456300cf5g, Requested by Host: d1vg5xiq7qffdj.cloudfront.net URL: https://d1vg5xiq7qffdj.cloudfront.net/Asyncload.js?isUb=1&fpkey=220243&encsid=UH7MXch0NYM,&enccid=hEexGKD34iY,&wsid=Mzc0&trackingUrl=HIfoicOddMFsPj6pIhUag2wljpopK4yI9456300cf5g, Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.12.68.237 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-12-68-237.us-west-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash a3639e7c2abbc08d0a94dddc3b74d706588fde12e4156a40375b3ac12b98f212 Request headers Referer https://subscribe.sharemovingmedia.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Fri, 16 Feb 2024 10:01:42 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin * content-type text/plain; charset=utf-8 cache-control private access-control-allow-headers Content-Type content-length 53613
GET H/1.1	200 OK	fetchdata api.emailsnow.info/	68 B 263 B	378ms 114ms	Image image/png	13.58.98.49 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://api.emailsnow.info/fetchdata?ref=http%3A%2F%2Fdn.mdsi.org%2F&cid=hEexGKD34iY%2C&wid=UH7MXch0NYM%2C&trackurl=HIfoicOddMFsPj6pIhUag2wljpopK4yI9456300cf5g%2C&uuid=e6b8ad75-c6b3-44d1-be69-1fa14c84954e&msg=asyncload&pageurl=https%3A%2F%2Fsubscribe.sharemovingmedia.com%2Fdail-enews-subscription-page Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.58.98.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-58-98-49.us-east-2.compute.amazonaws.com Software nginx / Express Resource Hash cef4f8291e3a04c0285761f4bce1be1ba267090ce3078367eaab21653a48319b Request headers accept-language de-DE,de;q=0.9 Referer https://subscribe.sharemovingmedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 16 Feb 2024 10:01:42 GMT Server nginx Connection keep-alive X-Powered-By Express Content-Length 68 Content-Type image/png
GET H/1.1	200 OK	lnktrk.php app1.mirabelanalytics.com/	43 B 248 B	158ms 158ms	Image image/gif	13.65.25.195 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://app1.mirabelanalytics.com/lnktrk.php?action_name=Dail-eNews%20Subscription%20Form&idsite=374&rec=1&r=753141&h=11&m=1&s=43&url=https%3A%2F%2Fsubscribe.sharemovingmedia.com%2Fdail-enews-subscription-page&urlref=http%3A%2F%2Fdn.mdsi.org%2F&_id=098d9aea22b97b3d&_idts=1708077703&_idvc=1&_idn=0&_refts=1708077703&_viewts=1708077703&_ref=http%3A%2F%2Fdn.mdsi.org%2F&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&cvar=%7B%221%22%3A%5B%22__fp_uuid%22%2C%22e6b8ad75-c6b3-44d1-be69-1fa14c84954e%22%5D%7D&_cvar=%7B%224%22%3A%5B%22ftype%22%2C%22e6b8ad75-c6b3-44d1-be69-1fa14c84954e%22%5D%7D&gt_ms=123&pv_id=EmHlsM Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.65.25.195 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://subscribe.sharemovingmedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Fri, 16 Feb 2024 10:01:43 GMT Cache-Control no-store Content-Encoding none Server nginx/1.10.3 (Ubuntu) Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	fpv5.aspx Show response app.mirabelsmarketingmanager.com/fpv2/ Frame F74C	2 KB 3 KB	641ms 250ms	Document text/html	52.12.68.237 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.mirabelsmarketingmanager.com/fpv2/fpv5.aspx?encsid=UH7MXch0NYM,&enccid=hEexGKD34iY,&fpid=73872f49-ec8e-423e-ba3f-16ab42a335a1&isUb=1&trackingUrl=HIfoicOddMFsPj6pIhUag2wljpopK4yI9456300cf5g,&ver=v9 Requested by Host: dn.mdsi.org URL: http://dn.mdsi.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.12.68.237 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-12-68-237.us-west-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 8c64df69003f4886d9416f18694eeccf7abbad8fcea6f4cf7325213cc504555b Request headers Referer https://subscribe.sharemovingmedia.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * cache-control private content-length 2393 content-type text/html; charset=utf-8 date Fri, 16 Feb 2024 10:01:42 GMT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.4.2/ Frame F74C	70 KB 25 KB	66ms 20ms	Script text/javascript	2a00:1450:4001:830::200a
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js Requested by Host: app.mirabelsmarketingmanager.com URL: https://app.mirabelsmarketingmanager.com/fpv2/fpv5.aspx?encsid=UH7MXch0NYM,&enccid=hEexGKD34iY,&fpid=73872f49-ec8e-423e-ba3f-16ab42a335a1&isUb=1&trackingUrl=HIfoicOddMFsPj6pIhUag2wljpopK4yI9456300cf5g,&ver=v9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a -, , ASN (), Reverse DNS Software sffe / Resource Hash e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://app.mirabelsmarketingmanager.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 14 Feb 2024 05:01:52 GMT content-encoding gzip x-content-type-options nosniff age 190792 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24715 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 13 Feb 2025 05:01:52 GMT
GET H2	200	fp2.min.js Show response d1vg5xiq7qffdj.cloudfront.net/ Frame F74C	29 KB 11 KB	23ms 22ms	Script application/javascript	2600:9000:2491:e00:0:6f3c:65c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1vg5xiq7qffdj.cloudfront.net/fp2.min.js Requested by Host: app.mirabelsmarketingmanager.com URL: https://app.mirabelsmarketingmanager.com/fpv2/fpv5.aspx?encsid=UH7MXch0NYM,&enccid=hEexGKD34iY,&fpid=73872f49-ec8e-423e-ba3f-16ab42a335a1&isUb=1&trackingUrl=HIfoicOddMFsPj6pIhUag2wljpopK4yI9456300cf5g,&ver=v9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:e00:0:6f3c:65c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f Request headers accept-language de-DE,de;q=0.9 Referer https://app.mirabelsmarketingmanager.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 12 Feb 2024 23:42:44 GMT content-encoding gzip via 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P7 age 296339 x-powered-by ASP.NET x-cache Hit from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" last-modified Tue, 04 Feb 2020 16:16:08 GMT server Microsoft-IIS/10.0 etag W/"014506876dbd51:0" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 access-control-allow-headers Content-Type x-amz-cf-id Rek-YdYLMUH29AqHsl8BTXeNZgvVk9EWUJEsZ0Jd5835WNH2tvWruw==
GET H2	200	clntv5.js Show response d1vg5xiq7qffdj.cloudfront.net/ Frame F74C	16 KB 16 KB	26ms 26ms	Script application/javascript	2600:9000:2491:e00:0:6f3c:65c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1vg5xiq7qffdj.cloudfront.net/clntv5.js?t=v2.1.4.6 Requested by Host: app.mirabelsmarketingmanager.com URL: https://app.mirabelsmarketingmanager.com/fpv2/fpv5.aspx?encsid=UH7MXch0NYM,&enccid=hEexGKD34iY,&fpid=73872f49-ec8e-423e-ba3f-16ab42a335a1&isUb=1&trackingUrl=HIfoicOddMFsPj6pIhUag2wljpopK4yI9456300cf5g,&ver=v9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:e00:0:6f3c:65c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 7ee22459ecdd0f8101a30501528be08e8fc071f056e9f85eedeb554223607911 Request headers accept-language de-DE,de;q=0.9 Referer https://app.mirabelsmarketingmanager.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 02 Feb 2024 18:23:24 GMT via 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P7 age 1179687 x-powered-by ASP.NET x-cache Hit from cloudfront p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-length 15997 last-modified Mon, 26 Jun 2023 12:19:36 GMT server Microsoft-IIS/10.0 etag "e156da7828a8d91:0" access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes access-control-allow-headers Content-Type x-amz-cf-id CDPvLpgDwpey08MlZKyHET3EvDJlk_7IejMpU8ondvtlGqOamv4uPw==
POST H2	200	GetDesc Show response app.mirabelsmarketingmanager.com/fpv2/fpv5.aspx/ Frame F74C	120 B 280 B	626ms 625ms	XHR application/json	52.12.68.237 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.mirabelsmarketingmanager.com/fpv2/fpv5.aspx/GetDesc Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.12.68.237 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-12-68-237.us-west-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 61ab1bf93141b96d55fe90d844fcd3720bd513329e47be99bcfdc3596de13ab3 Request headers Accept application/json, text/javascript, */* Referer https://app.mirabelsmarketingmanager.com/fpv2/fpv5.aspx?encsid=UH7MXch0NYM,&enccid=hEexGKD34iY,&fpid=73872f49-ec8e-423e-ba3f-16ab42a335a1&isUb=1&trackingUrl=HIfoicOddMFsPj6pIhUag2wljpopK4yI9456300cf5g,&ver=v9 X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Fri, 16 Feb 2024 10:01:44 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" access-control-allow-origin * content-type application/json; charset=utf-8 cache-control private, max-age=0 access-control-allow-headers Content-Type content-length 120

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| afs string| cf string| pld boolean| __ismrktlp string| loadEvent undefined| __mrkt_lpType undefined| __mrkt_lpId undefined| __mrkt_popUpLinked boolean| __mrktIsPopUpPreview function| initOnLoad function| addLpVisit function| validatePage object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| InactiveClientList string| __mkm_new_fp object| __fp_components object| _paq function| __fp_uuidv4 function| __getUuid function| __sessionStorage function| __localStorage function| __setCookie function| __get__Fp function| __getParameterByName string| __fp_uuid object| MYLIBRARY number| __trk_counter function| invokeTrackVisitor function| __hasPwkKey function| enableTracking function| getQueryStrings function| __fp_callMonApi number| __mkm_local_counter function| __mkm_bindEvent_async function| generateMkmNewFp function| logMessage object| Base64 function| convertArrytoJson function| Fingerprint2 object| recaptcha object| closure_lm_703701 number| c2 number| c1 object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| IFrame_Base64 string| mrkt_baseUrl string| __mrkt_qs string| __mrkt_ft string| __mrkt_tfp string| __mrkt_lsof string| __mrkt_lsemail string| __mrkt_f string| __mrkt_isUb string| __mrkt_ipAddress string| _mrkt_trackvisitor string| __mrkt_customVarV4 string| __mrkt_customvarV5 undefined| __mrkt_globlaFpId undefined| __mrkt_setPNGEmailId boolean| ___debug__code undefined| ___donottrack number| __mrkt_maxWaitCallTime number| __mrkt_waitCallTime string| __mrkt_utcCurrentTime function| ShowCurrentTime function| StoreVariablesinSession number| __mrkt_isLocal string| mrkt_lp_submission_uri boolean| is_mrkt_submission_posted object| _mrkt_submission_obj function| Getvalue_mrkt_lp_controls function| mrkt_lp_pushwebflowhandler function| getFp_mrkt_lp_finger_Print object| obj_mrkt_lp function| Bind_mrkt_lp_Save_Event boolean| __mrkt_isPiwikCall string| _fp_temp_token function| getFp_Temp_Token function| getCustomVariable function| tempEmailRemoval function| delete_fp_cookie function| trackAnaluticsOfPiwik function| TrackVisitor function| IFrameCall function| readPostMessage function| isValueNullorEmpty function| getEmailId function| getfpCookie function| SetFpCookie function| __mrkt__updateEm function| updateEm function| getEmail function| getMailinQs function| getQueryStringByKey function| getParamValue function| setCookie number| __mkm_unbounceCounter function| PushToUnbounce function| setUbFld function| setwebflowFld function| getQsFromUrl function| GenerateCampaignDigitalId number| __mkm_counter function| PushToWebflow object| ___ifrmsDocs number| ___ifrmReties function| __mkm_processiFrames function| __mkm_bindEvent function| __mkm_unbounceBindEvent function| __logvstemupd function| Set_cl_fp_TempToken function| __fp_send_temptoken function| __getSessionData function| __temptoken_readpostmessage function| sendfingerprinttoIframe boolean| isNewfpgenerated number| setFP function| tempfpcall string| f string| e string| tfp object| data number| srcIndex

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			subscribe.sharemovingmedia.com/	1970-01-20 18:28:12	Name: sid Value: s%3Ae1a9e2c0-a88a-4b1e-84c1-91f4ca5fbf6e.tzE8JD9tQ%2FsYQMsvRiXPpy%2FmKMj9TOZBofcUL7Y2AOU
			subscribe.sharemovingmedia.com/	1970-01-20 18:27:59	Name: __lpVisit__7b555645-710b-4b45-a918-a2b768ae312c Value: 1
			subscribe.sharemovingmedia.com/	1970-01-21 04:03:57	Name: fp_value Value: 73872f49-ec8e-423e-ba3f-16ab42a335a1
			subscribe.sharemovingmedia.com/	1970-01-20 22:50:45	Name: _pk_ref.374.7b6b Value: %5B%22%22%2C%22%22%2C1708077703%2C%22http%3A%2F%2Fdn.mdsi.org%2F%22%5D
			subscribe.sharemovingmedia.com/	1970-01-21 03:53:52	Name: _pk_id.374.7b6b Value: 098d9aea22b97b3d.1708077703.1.1708077703.1708077703.
			subscribe.sharemovingmedia.com/	1970-01-20 18:27:59	Name: _pk_ses.374.7b6b Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.emailsnow.info
app.mirabelsmarketingmanager.com
app1.mirabelanalytics.com
d1vg5xiq7qffdj.cloudfront.net
dn.mdsi.org
emailservice.mirabelsmarketingmanager.com
fonts.googleapis.com
fonts.gstatic.com
mmclientfilespublic.s3.amazonaws.com
subscribe.sharemovingmedia.com
www.google.com
www.gstatic.com
13.58.98.49
13.65.25.195
2600:9000:2491:e00:0:6f3c:65c0:21
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200a
52.12.68.237
52.92.162.9
74.114.167.131
19a09e706b0e6015f963e6d88419cff07cc6c7938caf4477295e139b49ee4534
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2a220f677d6a3baa853dca27b389733c2a868f530c413afd53bf4816ff7d04cf
359007c14ade9acbb096d7690abe2972cb9076abae57f2b59155a3bf887d56d0
3a9da899c8082619936870bb7c8baa3b11903ded6ecb7149272803e640f70b7b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4488a0645ad0f56cdc0e5ebe65835e0cc4f0fdfd6db34e5a0940094ca1903b92
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b
61ab1bf93141b96d55fe90d844fcd3720bd513329e47be99bcfdc3596de13ab3
6b7bb14387f63dd9d049f936137663e9135226a6948745613d3bb3e79d9db551
72753bf20ed288ede24c8c12689fd3ec0aaaae976f5155d7b8d90eca316506b5
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7ee22459ecdd0f8101a30501528be08e8fc071f056e9f85eedeb554223607911
86f12e1260e31340a5c63e4149f32496456b5c70d61a4c88427c5d1055b47462
8c64df69003f4886d9416f18694eeccf7abbad8fcea6f4cf7325213cc504555b
a3639e7c2abbc08d0a94dddc3b74d706588fde12e4156a40375b3ac12b98f212
b52608eb90130f261d38507f7445e73f9c54fde9b481d23f1987bafd1ed5090a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc7ee35b248b4d1c28954ccbaff79badb372083f73980b892ef1e32ae8461496
cef4f8291e3a04c0285761f4bce1be1ba267090ce3078367eaab21653a48319b
da38d3e3b25f4bd39761adb2517f234e1b291293d6582e7c58ea5b335f205f38
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
ecae33eb25b1dbca55fc3c77886e4e01548bc694afa636eb221f7a0a9f7f43ab