www.fspromos4u.com Open in urlscan Pro
12.30.67.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.fspromos4u.com/landolakes
Effective URL:
https://www.fspromos4u.com/homepage/landolakes
Submission: On November 12 via manual (November 12th 2021, 4:38:50 pm UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 12.30.67.105, located in United States and belongs to ATT-INTERNET4, US. The main domain is www.fspromos4u.com.
TLS certificate: Issued by R3 on September 30th 2021. Valid for: 3 months.

This is the only time www.fspromos4u.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	12.30.67.105 12.30.67.105	7018 (ATT-INTER...) (ATT-INTERNET4)
4	52.92.130.57 52.92.130.57	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
19	6

10 12.30.67.105 (United States) 1 redirects

ASN7018 (ATT-INTERNET4, US)
PTR: ibidata.net

www.fspromos4u.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.92.130.57 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

fspromos4u.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	fspromos4u.com 1 redirects www.fspromos4u.com	2 MB
4	amazonaws.com fspromos4u.s3.amazonaws.com	457 KB
2	gstatic.com fonts.gstatic.com	67 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	doubleclick.net Failed stats.g.doubleclick.net Failed
19	6

	Domain	Requested by
10	www.fspromos4u.com	1 redirects www.fspromos4u.com
4	fspromos4u.s3.amazonaws.com	www.fspromos4u.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.fspromos4u.com www.google-analytics.com
1	fonts.googleapis.com	www.fspromos4u.com
0	stats.g.doubleclick.net Failed	www.google-analytics.com
19	6

This site contains links to these domains. Also see Links.

Domain
www.landolakesfoodservice.com
www.ibidata.com
reply4info.com

Subject Issuer	Validity	Valid
fspromos4u.com R3	`2021-09-30` - `2021-12-29`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-03-22` - `2022-03-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.fspromos4u.com/homepage/landolakes
Frame ID: 57E03C6AA6559A4BECAA82CD82A1E8A7
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Land O'Lakes Rebate Site

Page URL History Show full URLs

https://www.fspromos4u.com/landolakes HTTP 301
https://www.fspromos4u.com/homepage/landolakes Page URL

Page Statistics

19
Requests

95 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

2277 kB
Transfer

2769 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.landolakesfoodservice.com/

Search URL Search Domain Scan URL

URL: https://www.ibidata.com/

Search URL Search Domain Scan URL

URL: https://reply4info.com/privacy-policy?referrer=https://www.fspromos4u.com&client_full_name=FSPromos4U&name=FSPromos4U&email=info@fspromos4u.com
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.fspromos4u.com/landolakes HTTP 301
https://www.fspromos4u.com/homepage/landolakes Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request landolakes Show response
www.fspromos4u.com/homepage/
Redirect Chain

https://www.fspromos4u.com/landolakes
https://www.fspromos4u.com/homepage/landolakes

23 KB
5 KB

152ms
152ms

Document
text/html

12.30.67.105
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fspromos4u.com/homepage/landolakes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

12.30.67.105 , United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

ibidata.net

Software

Microsoft-IIS/8.5 /

Resource Hash

f351161a17541544d263a893ec307fe72da3311a847728f2195c6cfb541cede7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: .ibidata.net .fspromos4u.com .reply4info.com .authorize.net .googleapis.com .google-analytics.com .amazonaws.com .gravatar.com .gstatic.com analysis.ibidata.com; frame-ancestors 'self' .authorize.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
ETag: W/"5df9-6d90QfQgJt8j4qP8o2ZLThv6DN8"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: *
X-UA-Compatible: IE=Edge,chrome=1
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *.ibidata.net *.fspromos4u.com *.reply4info.com *.authorize.net *.googleapis.com *.google-analytics.com *.amazonaws.com *.gravatar.com *.gstatic.com analysis.ibidata.com; frame-ancestors 'self' *.authorize.net
Date: Fri, 12 Nov 2021 16:38:44 GMT

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://www.fspromos4u.com/homepage/landolakes
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-UA-Compatible: IE=Edge,chrome=1
Date: Fri, 12 Nov 2021 16:38:44 GMT
Content-Length: 169

GET
H/1.1 200
OK landolakes.css
www.fspromos4u.com/homepage/css/ 266 KB
42 KB 289ms
289ms Stylesheet
text/css 12.30.67.105
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fspromos4u.com/homepage/css/landolakes.css

Requested by

Host: www.fspromos4u.com
URL: https://www.fspromos4u.com/homepage/landolakes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

12.30.67.105 , United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

ibidata.net

Software

Microsoft-IIS/8.5 /

Resource Hash

7ea4667cc86c5f356715d4eb833ff59fb5917c899ef6ed2d5ac34906cc05404e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: .ibidata.net .fspromos4u.com .reply4info.com .authorize.net .googleapis.com .google-analytics.com .amazonaws.com .gravatar.com .gstatic.com analysis.ibidata.com; frame-ancestors 'self' .authorize.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fspromos4u.com/homepage/landolakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *.ibidata.net *.fspromos4u.com *.reply4info.com *.authorize.net *.googleapis.com *.google-analytics.com *.amazonaws.com *.gravatar.com *.gstatic.com analysis.ibidata.com; frame-ancestors 'self' *.authorize.net
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 05 May 2021 15:29:11 GMT
Server: Microsoft-IIS/8.5
ETag: W/"427b1-1793d25b1d7"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Accept-Ranges: bytes
Vary: Accept-Encoding
Date: Fri, 12 Nov 2021 16:38:44 GMT
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK ibi-assets
www.fspromos4u.com/homepage/ 15 KB
16 KB 880ms
622ms Image
image/png 12.30.67.105
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fspromos4u.com/homepage/ibi-assets?path=fspromo/fspromo-homepage/landolakes/logo.png

Requested by

Host: www.fspromos4u.com
URL: https://www.fspromos4u.com/homepage/landolakes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

12.30.67.105 , United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

ibidata.net

Software

Microsoft-IIS/8.5 /

Resource Hash

d964250b20b3bb741e37bd4fa79c903eed43bef1656e52a1da92992f95745d6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: .ibidata.net .fspromos4u.com .reply4info.com .authorize.net .googleapis.com .google-analytics.com .amazonaws.com .gravatar.com .gstatic.com analysis.ibidata.com; frame-ancestors 'self' .authorize.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fspromos4u.com/homepage/landolakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *.ibidata.net *.fspromos4u.com *.reply4info.com *.authorize.net *.googleapis.com *.google-analytics.com *.amazonaws.com *.gravatar.com *.gstatic.com analysis.ibidata.com; frame-ancestors 'self' *.authorize.net
X-Content-Type-Options: nosniff
Last-Modified: Wed May 05 2021 10:30:23 GMT-0500 (Central Daylight Time)
Server: Microsoft-IIS/8.5
ETag: "3ec7062a6816d080494bb8c783dfdb6f"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: https://www.fspromos4u.com, *
Expires: Sun Dec 12 2021 10:38:45 GMT-0600 (Central Standard Time)
Cache-Control: public, max-age=2592000
Date: Fri, 12 Nov 2021 16:38:45 GMT
Content-Disposition: inline; filename=logo.png;
Accept-Ranges: bytes
Content-Length: 15178
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK ibi-assets
www.fspromos4u.com/homepage/ 4 KB
4 KB 724ms
466ms Image
image/png 12.30.67.105
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fspromos4u.com/homepage/ibi-assets?path=fspromo/assets/logo-sm.png

Requested by

Host: www.fspromos4u.com
URL: https://www.fspromos4u.com/homepage/landolakes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

12.30.67.105 , United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

ibidata.net

Software

Microsoft-IIS/8.5 /

Resource Hash

0af6a6c3163e48520b3f21a9be4ed9de5dc09bac784a7fda19bf9409fabaa6d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: .ibidata.net .fspromos4u.com .reply4info.com .authorize.net .googleapis.com .google-analytics.com .amazonaws.com .gravatar.com .gstatic.com analysis.ibidata.com; frame-ancestors 'self' .authorize.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fspromos4u.com/homepage/landolakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *.ibidata.net *.fspromos4u.com *.reply4info.com *.authorize.net *.googleapis.com *.google-analytics.com *.amazonaws.com *.gravatar.com *.gstatic.com analysis.ibidata.com; frame-ancestors 'self' *.authorize.net
X-Content-Type-Options: nosniff
Last-Modified: Wed May 06 2020 16:29:18 GMT-0500 (Central Daylight Time)
Server: Microsoft-IIS/8.5
ETag: "e556ef6226452c6efe5520d4937e8d53"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: https://www.fspromos4u.com, *
Expires: Sun Dec 12 2021 10:38:45 GMT-0600 (Central Standard Time)
Cache-Control: public, max-age=2592000
Date: Fri, 12 Nov 2021 16:38:45 GMT
Content-Disposition: inline; filename=logo-sm.png;
Accept-Ranges: bytes
Content-Length: 3601
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK dbef9dd0-05eb-11ec-bb38-d97afd92e7ff.jpg
fspromos4u.s3.amazonaws.com/uploads/ 138 KB
138 KB 763ms
251ms Image
application/octet-stream 52.92.130.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fspromos4u.s3.amazonaws.com/uploads/dbef9dd0-05eb-11ec-bb38-d97afd92e7ff.jpg
Requested by: Host: www.fspromos4u.com
URL: https://www.fspromos4u.com/homepage/landolakes
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.130.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: faa62577bc42190702ba9f2fba2590b118e3baac6066dc789fe452f673f9ea76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fspromos4u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Fri, 12 Nov 2021 16:38:47 GMT
Last-Modified: Wed, 25 Aug 2021 21:32:00 GMT
Server: AmazonS3
x-amz-request-id: X221Z2Y08D4ZCBFA
ETag: "459fe6b81b345802aafd7a300aef3bad"
x-amz-version-id: 9UEeASxpD2qiax9uL2rFwhFLQLfXRaNh
Accept-Ranges: bytes
Content-Type: application/octet-stream
Content-Length: 140836
x-amz-id-2: +5YNIsL3Zu9CVlo03MTiGMPmuoEWIWnlz5fFIg3wf68CyYzhA+uFKZNbGI+yOyogN49tZwZi8xA=

GET
H/1.1 200
OK f003c680-0130-11ec-8716-d10e9ed24fad.jpg
fspromos4u.s3.amazonaws.com/uploads/ 130 KB
130 KB 751ms
238ms Image
application/octet-stream 52.92.130.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fspromos4u.s3.amazonaws.com/uploads/f003c680-0130-11ec-8716-d10e9ed24fad.jpg
Requested by: Host: www.fspromos4u.com
URL: https://www.fspromos4u.com/homepage/landolakes
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.130.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8331922619f47d0a2499eb72eb9215e6e3758ddc8a9cc3fe095742e22f4fa2b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fspromos4u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Fri, 12 Nov 2021 16:38:47 GMT
Last-Modified: Thu, 19 Aug 2021 21:03:51 GMT
Server: AmazonS3
x-amz-request-id: X22CWWECFRJBYGWQ
ETag: "4c6237c96838d1571c3b1827cd19e716"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: application/octet-stream
Content-Length: 132979
x-amz-id-2: JyZc59fsb+HYQsH7TOnn39UifNpVGMrXfNDNsVA9ObHWTDdjspkBma+NIzJdGcsAFpcwb0AG6HM=

GET
H/1.1 200
OK fa59a840-fea9-11eb-959c-7753a345f45b.jpg
fspromos4u.s3.amazonaws.com/uploads/ 90 KB
90 KB 769ms
256ms Image
application/octet-stream 52.92.130.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fspromos4u.s3.amazonaws.com/uploads/fa59a840-fea9-11eb-959c-7753a345f45b.jpg
Requested by: Host: www.fspromos4u.com
URL: https://www.fspromos4u.com/homepage/landolakes
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.130.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1e03b192fb85e96d6cf8ecf812f17632fae09279266dda3166a582a5cc3c0f79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fspromos4u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Fri, 12 Nov 2021 16:38:47 GMT
Last-Modified: Mon, 16 Aug 2021 15:52:47 GMT
Server: AmazonS3
x-amz-request-id: X221W6KVJSCC3863
ETag: "9d4813406948b477dbe70e51e4464269"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: application/octet-stream
Content-Length: 91696
x-amz-id-2: +IdUMgjY/nIrD9TmS7/N3kP1qBqgh9uYsP7Fex6zQYHFBcuwnSnv1BHqOylJpMsS6/nZWIZpNCc=

GET
H/1.1 200
OK 41342e50-b262-11eb-94de-690bf7e03625.jpg
fspromos4u.s3.amazonaws.com/uploads/ 98 KB
99 KB 766ms
252ms Image
application/octet-stream 52.92.130.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fspromos4u.s3.amazonaws.com/uploads/41342e50-b262-11eb-94de-690bf7e03625.jpg
Requested by: Host: www.fspromos4u.com
URL: https://www.fspromos4u.com/homepage/landolakes
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.130.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: aa39191f0c06f5687d4ba18a2da6274079bf7ba1b80b5ede2324d0ad89dbf9d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fspromos4u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Fri, 12 Nov 2021 16:38:47 GMT
Last-Modified: Tue, 11 May 2021 14:07:52 GMT
Server: AmazonS3
x-amz-request-id: X22F4VR6T61KB9GJ
ETag: "dea1e104e0a1fdae8d38c4be52269172"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: application/octet-stream
Content-Length: 100529
x-amz-id-2: gWqQ10+0c3c0JLO6rMJgKbi8wTVYjyyHuwmDpM8Wz+hPftI9VcjKqyrO0SqKSMHWEs7F94S8tik=

GET
H/1.1 200
OK ibi-assets
www.fspromos4u.com/homepage/ 1 MB
1 MB 1284ms
1024ms Image
image/jpeg 12.30.67.105
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fspromos4u.com/homepage/ibi-assets?path=fspromo/fspromo-homepage/landolakes/PerformanceExtrasSellSheet_2020.jpg

Requested by

Host: www.fspromos4u.com
URL: https://www.fspromos4u.com/homepage/landolakes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

12.30.67.105 , United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

ibidata.net

Software

Microsoft-IIS/8.5 /

Resource Hash

3a7db15828c4a32fe8a564118902033447c0372cf2959dbedcf579f14a29f10d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: .ibidata.net .fspromos4u.com .reply4info.com .authorize.net .googleapis.com .google-analytics.com .amazonaws.com .gravatar.com .gstatic.com analysis.ibidata.com; frame-ancestors 'self' .authorize.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fspromos4u.com/homepage/landolakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *.ibidata.net *.fspromos4u.com *.reply4info.com *.authorize.net *.googleapis.com *.google-analytics.com *.amazonaws.com *.gravatar.com *.gstatic.com analysis.ibidata.com; frame-ancestors 'self' *.authorize.net
X-Content-Type-Options: nosniff
Last-Modified: Fri May 22 2020 13:12:07 GMT-0500 (Central Daylight Time)
Server: Microsoft-IIS/8.5
ETag: "44b0469d48672dd9270d0085aec3b04e"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://www.fspromos4u.com, *
Expires: Sun Dec 12 2021 10:38:45 GMT-0600 (Central Standard Time)
Cache-Control: public, max-age=2592000
Date: Fri, 12 Nov 2021 16:38:45 GMT
Content-Disposition: inline; filename=PerformanceExtrasSellSheet_2020.jpg;
Accept-Ranges: bytes
Content-Length: 1459212
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK index.js Show response
www.fspromos4u.com/homepage/js/ 294 KB
92 KB 555ms
298ms Script
application/javascript 12.30.67.105
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fspromos4u.com/homepage/js/index.js

Requested by

Host: www.fspromos4u.com
URL: https://www.fspromos4u.com/homepage/landolakes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

12.30.67.105 , United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

ibidata.net

Software

Microsoft-IIS/8.5 /

Resource Hash

b17f75a6bf01bd66419bf0ae05b8d32ef849e48e431593148fb80bf37c4befec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: .ibidata.net .fspromos4u.com .reply4info.com .authorize.net .googleapis.com .google-analytics.com .amazonaws.com .gravatar.com .gstatic.com analysis.ibidata.com; frame-ancestors 'self' .authorize.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fspromos4u.com/homepage/landolakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *.ibidata.net *.fspromos4u.com *.reply4info.com *.authorize.net *.googleapis.com *.google-analytics.com *.amazonaws.com *.gravatar.com *.gstatic.com analysis.ibidata.com; frame-ancestors 'self' *.authorize.net
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 05 May 2021 15:30:22 GMT
Server: Microsoft-IIS/8.5
ETag: W/"4965f-1793d26c8cc"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Accept-Ranges: bytes
Vary: Accept-Encoding
Date: Fri, 12 Nov 2021 16:38:44 GMT
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.fspromos4u.com
URL: https://www.fspromos4u.com/homepage/landolakes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fspromos4u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2291
date: Fri, 12 Nov 2021 16:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20006
expires: Fri, 12 Nov 2021 18:00:34 GMT

GET
H/1.1 200
OK ga.js Show response
www.fspromos4u.com/homepage/js/ 30 KB
10 KB 417ms
158ms Script
application/javascript 12.30.67.105
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fspromos4u.com/homepage/js/ga.js

Requested by

Host: www.fspromos4u.com
URL: https://www.fspromos4u.com/homepage/landolakes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

12.30.67.105 , United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

ibidata.net

Software

Microsoft-IIS/8.5 /

Resource Hash

beef6335fdd21c9a30478b2e661d115ab002642f0321b5f3b98e2b17522542a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: .ibidata.net .fspromos4u.com .reply4info.com .authorize.net .googleapis.com .google-analytics.com .amazonaws.com .gravatar.com .gstatic.com analysis.ibidata.com; frame-ancestors 'self' .authorize.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fspromos4u.com/homepage/landolakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *.ibidata.net *.fspromos4u.com *.reply4info.com *.authorize.net *.googleapis.com *.google-analytics.com *.amazonaws.com *.gravatar.com *.gstatic.com analysis.ibidata.com; frame-ancestors 'self' *.authorize.net
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 05 May 2021 15:30:22 GMT
Server: Microsoft-IIS/8.5
ETag: W/"792c-1793d26c8cc"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Accept-Ranges: bytes
Vary: Accept-Encoding
Date: Fri, 12 Nov 2021 16:38:44 GMT
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&family=Open+Sans:wght@600;700&display=swap

Requested by

Host: www.fspromos4u.com
URL: https://www.fspromos4u.com/homepage/css/landolakes.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5b58446c469e1c35eb5b82fe66b719483d6578f3192e68f59f43bed2a6077ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fspromos4u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 16:38:46 GMT
server: ESF
date: Fri, 12 Nov 2021 16:38:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Nov 2021 16:38:46 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
www.fspromos4u.com/homepage/fonts/ 134 KB
134 KB 261ms
260ms Font
font/woff2 12.30.67.105
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fspromos4u.com/homepage/fonts/fa-solid-900.woff2

Requested by

Host: www.fspromos4u.com
URL: https://www.fspromos4u.com/homepage/css/landolakes.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

12.30.67.105 , United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

ibidata.net

Software

Microsoft-IIS/8.5 /

Resource Hash

943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: .ibidata.net .fspromos4u.com .reply4info.com .authorize.net .googleapis.com .google-analytics.com .amazonaws.com .gravatar.com .gstatic.com analysis.ibidata.com; frame-ancestors 'self' .authorize.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.fspromos4u.com/homepage/css/landolakes.css
Origin: https://www.fspromos4u.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *.ibidata.net *.fspromos4u.com *.reply4info.com *.authorize.net *.googleapis.com *.google-analytics.com *.amazonaws.com *.gravatar.com *.gstatic.com analysis.ibidata.com; frame-ancestors 'self' *.authorize.net
X-Content-Type-Options: nosniff
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: Microsoft-IIS/8.5
ETag: W/"21678-7438674ba0"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Date: Fri, 12 Nov 2021 16:38:44 GMT
Accept-Ranges: bytes
Content-Length: 136824
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 37ms
15ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Open+Sans:wght@600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fspromos4u.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 12:11:32 GMT
x-content-type-options: nosniff
age: 102434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 12:11:32 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Open+Sans:wght@600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fspromos4u.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 10004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 13:52:02 GMT

GET
H/1.1 200
OK ibiFont.ttf
www.fspromos4u.com/homepage/fonts/ 2 KB
2 KB 131ms
130ms Font
font/ttf 12.30.67.105
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fspromos4u.com/homepage/fonts/ibiFont.ttf?74crdy

Requested by

Host: www.fspromos4u.com
URL: https://www.fspromos4u.com/homepage/css/landolakes.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

12.30.67.105 , United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

ibidata.net

Software

Microsoft-IIS/8.5 /

Resource Hash

74caeae8ccbf2744caf9431eb16fa82f73a00f458e58adaeeca885e48c25a398

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: .ibidata.net .fspromos4u.com .reply4info.com .authorize.net .googleapis.com .google-analytics.com .amazonaws.com .gravatar.com .gstatic.com analysis.ibidata.com; frame-ancestors 'self' .authorize.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.fspromos4u.com/homepage/css/landolakes.css
Origin: https://www.fspromos4u.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *.ibidata.net *.fspromos4u.com *.reply4info.com *.authorize.net *.googleapis.com *.google-analytics.com *.amazonaws.com *.gravatar.com *.gstatic.com analysis.ibidata.com; frame-ancestors 'self' *.authorize.net
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 03 May 2021 18:02:43 GMT
Server: Microsoft-IIS/8.5
ETag: W/"80c-17933658c06"
X-Frame-Options: SAMEORIGIN
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Accept-Ranges: bytes
Vary: Accept-Encoding
Date: Fri, 12 Nov 2021 16:38:45 GMT
X-UA-Compatible: IE=Edge,chrome=1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 13ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1124897519&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fspromos4u.com%2Fhomepage%2Flandolakes&dp=%2Fhomepage%2Flandolakes%2F&ul=en-us&de=UTF-8&dt=Land%20O%27Lakes%20Rebate%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEABEAAAAC~&jid=2056698320&gjid=1904760207&cid=1729287471.1636735126&tid=UA-15028613-23&_gid=1403297054.1636735126&_r=1&_av=2.4.1&_au=23&did=i5iSjo&z=1280233144

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fspromos4u.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 16:38:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fspromos4u.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
stats.g.doubleclick.net/j/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15028613-23&cid=1729287471.1636735126&jid=2056698320&gjid=1904760207&_gid=1403297054.1636735126&_u=aGBAAEAAEAAAAC~&z=286112564

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fspromos4u.com/	1970-01-20 16:10:07	Name: _ga Value: GA1.2.1729287471.1636735126
.fspromos4u.com/	1970-01-19 22:40:21	Name: _gid Value: GA1.2.1403297054.1636735126
.fspromos4u.com/	1970-01-19 22:38:55	Name: _gat_tracker0 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.google-analytics.com/analytics.js(Line 43) Message: Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15028613-23&cid=1729287471.1636735126&jid=2056698320&gjid=1904760207&_gid=1403297054.1636735126&_u=aGBAAEAAEAAAAC~&z=286112564' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: .ibidata.net .fspromos4u.com .reply4info.com .authorize.net .googleapis.com .google-analytics.com .amazonaws.com .gravatar.com *.gstatic.com analysis.ibidata.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: .ibidata.net .fspromos4u.com .reply4info.com .authorize.net .googleapis.com .google-analytics.com .amazonaws.com .gravatar.com .gstatic.com analysis.ibidata.com; frame-ancestors 'self' .authorize.net
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fspromos4u.s3.amazonaws.com
stats.g.doubleclick.net
www.fspromos4u.com
www.google-analytics.com
stats.g.doubleclick.net
12.30.67.105
2a00:1450:4001:803::200a
2a00:1450:4001:810::200e
2a00:1450:4001:827::2003
52.92.130.57
0af6a6c3163e48520b3f21a9be4ed9de5dc09bac784a7fda19bf9409fabaa6d9
1e03b192fb85e96d6cf8ecf812f17632fae09279266dda3166a582a5cc3c0f79
3a7db15828c4a32fe8a564118902033447c0372cf2959dbedcf579f14a29f10d
74caeae8ccbf2744caf9431eb16fa82f73a00f458e58adaeeca885e48c25a398
7ea4667cc86c5f356715d4eb833ff59fb5917c899ef6ed2d5ac34906cc05404e
8331922619f47d0a2499eb72eb9215e6e3758ddc8a9cc3fe095742e22f4fa2b6
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa39191f0c06f5687d4ba18a2da6274079bf7ba1b80b5ede2324d0ad89dbf9d6
b17f75a6bf01bd66419bf0ae05b8d32ef849e48e431593148fb80bf37c4befec
beef6335fdd21c9a30478b2e661d115ab002642f0321b5f3b98e2b17522542a5
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
d5b58446c469e1c35eb5b82fe66b719483d6578f3192e68f59f43bed2a6077ed
d964250b20b3bb741e37bd4fa79c903eed43bef1656e52a1da92992f95745d6d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
f351161a17541544d263a893ec307fe72da3311a847728f2195c6cfb541cede7
faa62577bc42190702ba9f2fba2590b118e3baac6066dc789fe452f673f9ea76

www.fspromos4u.com Open in urlscan Pro 12.30.67.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

19 Requests

95 %HTTPS

60 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

2277 kBTransfer

2769 kBSize

3 Cookies

3 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

www.fspromos4u.com Open in urlscan Pro
12.30.67.105 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

95 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

2277 kB
Transfer

2769 kB
Size

3
Cookies

19 HTTP transactions
0 data transactions