urlscan.io logo urlscan.io
SecurityTrails logo

tandlakeri.com Open in urlscan Pro
2606:4700:3037::ac43:9828  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://portalintersight.diasamexico.mx/juice.php
Effective URL: https://tandlakeri.com/
Submission: On February 07 via manual from AT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3037::ac43:9828, located in United States and belongs to CLOUDFLARENET, US. The main domain is tandlakeri.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 5th 2021. Valid for: a year.
This is the only time tandlakeri.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 170.249.212.26 63410 (PRIVATESY...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 4 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.32.121.116 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 3.213.41.181 14618 (AMAZON-AES)
24 11
2    170.249.212.26 (United States)

ASN63410 (PRIVATESYSTEMS, US)
PTR: ns1.altamira.gob.mx
portalintersight.diasamexico.mx
2    2606:4700:3037::ac43:9828 (United States)

ASN13335 (CLOUDFLARENET, US)
tandlakeri.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2606:4700:3034::6815:1e9 (United States)

ASN13335 (CLOUDFLARENET, US)
app.groovefunnels.com
4    2606:4700:3035::6815:856 (United States)

ASN13335 (CLOUDFLARENET, US)
app.groove.cm
2    2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
3    2606:4700::6812:15b4 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.grooveapps.com
1    13.32.121.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-116.fra60.r.cloudfront.net
cdn.heapanalytics.com
2    2606:4700:3036::6815:6071 (United States)

ASN13335 (CLOUDFLARENET, US)
matomo.groovetech.io
5    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    3.213.41.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-41-181.compute-1.amazonaws.com
heapanalytics.com
Apex Domain
Subdomains		 Transfer
5 gstatic.com
fonts.gstatic.com
109 KB
4 groove.cm
app.groove.cm — Cisco Umbrella Rank: 337685
83 KB
4 groovefunnels.com
app.groovefunnels.com
2 KB
3 grooveapps.com
assets.grooveapps.com — Cisco Umbrella Rank: 316916
175 KB
2 groovetech.io
matomo.groovetech.io — Cisco Umbrella Rank: 414707
22 KB
2 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 3885
heapanalytics.com — Cisco Umbrella Rank: 3226
43 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 934
89 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
139 KB
2 tandlakeri.com
tandlakeri.com
84 KB
2 diasamexico.mx
portalintersight.diasamexico.mx
2 KB
24 10
Domain Requested by
5 fonts.gstatic.com fonts.googleapis.com
4 app.groove.cm tandlakeri.com
4 app.groovefunnels.com 4 redirects
3 assets.grooveapps.com tandlakeri.com
2 matomo.groovetech.io tandlakeri.com
matomo.groovetech.io
2 use.fontawesome.com tandlakeri.com
use.fontawesome.com
2 fonts.googleapis.com tandlakeri.com
app.groove.cm
2 tandlakeri.com tandlakeri.com
2 portalintersight.diasamexico.mx portalintersight.diasamexico.mx
1 heapanalytics.com tandlakeri.com
1 cdn.heapanalytics.com tandlakeri.com
24 11

This site contains no links.

Subject Issuer Validity Valid
portalintersight.diasamexico.mx
cPanel, Inc. Certification Authority		 2022-02-06 -
2022-05-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-05 -
2022-10-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
cdn.heapanalytics.com
Amazon		 2021-08-28 -
2022-09-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
heapanalytics.com
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://tandlakeri.com/
Frame ID: B313A0BFFBDE7ACB2DFD9A317836ED10
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hem

Page URL History Show full URLs

  1. https://portalintersight.diasamexico.mx/juice.php Page URL
  2. https://portalintersight.diasamexico.mx/juice.php Page URL
  3. https://tandlakeri.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

24
Requests

83 %
HTTPS

73 %
IPv6

10
Domains

11
Subdomains

11
IPs

2
Countries

747 kB
Transfer

2276 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://portalintersight.diasamexico.mx/juice.php Page URL
  2. https://portalintersight.diasamexico.mx/juice.php Page URL
  3. https://tandlakeri.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://app.groovefunnels.com/groovepages/css/inpage_published.css HTTP 302
  • https://app.groove.cm/groovepages/css/inpage_published.css
Request Chain 4
  • https://app.groovefunnels.com/groovepages/css/chunk-vendors.css HTTP 302
  • https://app.groove.cm/groovepages/css/chunk-vendors.css
Request Chain 10
  • https://app.groovefunnels.com/groovepages/js/inpage_published.js HTTP 302
  • https://app.groove.cm/groovepages/js/inpage_published.js
Request Chain 11
  • https://app.groovefunnels.com/groovepages/js/chunk-vendors.js HTTP 302
  • https://app.groove.cm/groovepages/js/chunk-vendors.js

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
juice.php
portalintersight.diasamexico.mx/ 		937 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portalintersight.diasamexico.mx/juice.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.249.212.26 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
ns1.altamira.gob.mx
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 07 Feb 2022 14:14:30 GMT
Server
Apache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
juice.php
portalintersight.diasamexico.mx/ 		956 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portalintersight.diasamexico.mx/juice.php
Requested by
Host: portalintersight.diasamexico.mx
URL: https://portalintersight.diasamexico.mx/juice.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
170.249.212.26 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
ns1.altamira.gob.mx
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://portalintersight.diasamexico.mx/juice.php

Response headers

Date
Mon, 07 Feb 2022 14:14:30 GMT
Server
Apache
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request /
tandlakeri.com/ 		338 KB
83 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9828 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c89e5ed472a5e60aa761745fefd634be317b071e57a04c429d47f091c5c38fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://portalintersight.diasamexico.mx/

Response headers

date
Mon, 07 Feb 2022 14:14:31 GMT
content-type
text/html
last-modified
Tue, 03 Nov 2020 11:06:37 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUkXOQxTwq52cRin4UKR5OF%2BQgMWJj6%2FbNk9G9QmxvHTvjeE7H%2BDwijGg4U9IrEIR%2BJkNDThMzt7sb%2FGFj0nEuBI3KNdHsrXa2GCXTOQScJMsgdRD29z7x77UwknYFwelfXWtNlufKYoKHYkbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d9d399e4c083747-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		75 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Crimson+Pro:400,500,700,900|Fira+Sans:400,500,700,900|Josefin+Slab:400,700|Lato:400,700,900|Montserrat:400,500,700,900|Nunito:400,700,900|Oswald:400,500,700|Poppins:400,500,700,900|Raleway:400,500,700,900|Roboto+Condensed:400,700|Roboto:400,500,700,900|Source+Code+Pro:400,500,700,900|Source+Sans+Pro:400,700,900|Titillium+Web:400,700,900&display=swap
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ebcd444614429f840c8095f74e6595a815f5112d78f490151b8d1a530aed0054
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 14:14:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Feb 2022 14:14:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Feb 2022 14:14:31 GMT
inpage_published.css
app.groove.cm/groovepages/css/
Redirect Chain
  • https://app.groovefunnels.com/groovepages/css/inpage_published.css
  • https://app.groove.cm/groovepages/css/inpage_published.css
377 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovepages/css/inpage_published.css
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Server
2606:4700:3035::6815:856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b618174bba540a0b80130a805618fb6417602e4119495cb7b8df5826a0aa1ddc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:14:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Feb 2022 03:32:10 GMT
server
cloudflare
age
2005
etag
W/"620092ba-5e2b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lx%2FIcQnrMh4XOW4K4LDtokUEvfZGC%2BtGkemkwfdS1APOCeVPa4uVzP6gf1eDg4D1PW6isevYr3Go8o6SONxd1UHn86VFD3ohNjIW9pTxTF272I4XkNmDH2gkWTcUKf1u7Q7pK7RhJ3xM0Kh4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d9d39a279519153-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 07 Feb 2022 14:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnLNZW9kE%2FSvrF4s7Hqv3M0i7zapZszihLh2CXvk%2FrcNCZHIV2yiCQ2fs3GhiYW5mLnkwIZEifHnbD%2FWRBLqB8%2FFwy%2FHN6LB%2FzI0LU4kDw6ryWaUunDa0nBoLm2%2F2WDbgMxAOL6DoxayBEW%2F3MMeWJ4hNtI%3D"}],"group":"cf-nel","max_age":604800}
location
https://app.groove.cm/groovepages/css/inpage_published.css
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6d9d39a1fc8b3759-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
chunk-vendors.css
app.groove.cm/groovepages/css/
Redirect Chain
  • https://app.groovefunnels.com/groovepages/css/chunk-vendors.css
  • https://app.groove.cm/groovepages/css/chunk-vendors.css
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovepages/css/chunk-vendors.css
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Server
2606:4700:3035::6815:856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Mon, 07 Feb 2022 14:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pn2sMitJhs4W3vfeVA7gUZ8AHfPM675aaq%2B63GWsabDi54SOP%2BD%2FAjcgKbnJmEFCb0QizwOr5ngFdR1I18ndak6xd7%2Bwcl5mqx3RRv8IaXvOaoTqkP7lyleZYV5dvqaKG%2B9QYDIcP9lFn6F6PPqi8foNk3o%3D"}],"group":"cf-nel","max_age":604800}
location
https://app.groove.cm/groovepages/css/chunk-vendors.css
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6d9d39a1fc913759-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
all.css
use.fontawesome.com/releases/v5.13.0/css/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/css/all.css
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

Referer
https://tandlakeri.com/
Origin
https://tandlakeri.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:14:32 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
A17PNNQTK16XXX76
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
VWNSniMA+IynbA+F97XndAbLpS2w/A4ABh8p5Y/ucM9gvilXnkpi7DophY2mCNtYbg6Z+xsQIJw=
last-modified
Wed, 30 Jun 2021 15:38:38 GMT
server
cloudflare
etag
W/"76cb46c10b6c0293433b371bae2414b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49cjtxVOHTEM8v7v31pH4Z0kamHszSuSyQ4KpVVE3Jb17wM2wik5ZIGJHFEr6fLQb4I40AiznsBawGwNewgb85XaW7tpsYbFJSRqm5px85cu78sTrdPzPy00E8sj3ZTBoz2qAh5c6EmgSS%2Bo%2FXl91%2BSd"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6d9d39a20b800f76-MXP
navmenu-lib.web.js
assets.grooveapps.com/plugins/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.grooveapps.com/plugins/navmenu-lib.web.js
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac89b68adf6bccc9b76cf174051874de548764c4053918e7eae1ef108cfa2dd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:14:32 GMT
content-encoding
br
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsSjsWx_HzMyTqB0kwCTsL0XLqwJYJ8RjJ_Y9VG5aJE3l_KwDHL72UR56BK39NRA0984ccLRHHwj3Qi2hLCQ1U
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Wed, 02 Feb 2022 12:13:21 GMT
server
cloudflare
etag
W/"6b2daa74f43b0044dba8ebae1fe9422f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=THpArg==, md5=ay2qdPQ7AETbqOuuH+lCLw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1643804000925627
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
68779
cf-ray
6d9d39a26b949213-FRA
expires
Tue, 07 Feb 2023 14:14:32 GMT
css2
fonts.googleapis.com/ 		695 KB
136 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,700;0,900;1,400&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovepages/css/inpage_published.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a4be78866f7b675779556131629d5fa6280e84ba6d1c8aedc2475121a1ad3252
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 14:14:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Feb 2022 14:14:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Feb 2022 14:14:32 GMT
1599220593_mf-logo.png
assets.grooveapps.com/images/5ea2b4c4b0103d0de18a5d6c/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5ea2b4c4b0103d0de18a5d6c/1599220593_mf-logo.png
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bda8fcc2deb768fc41e69ef070d6acb4b7071ecb158369bd55cd03435c485dff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:14:32 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdva8NTaEXyZpgmxrXh8TIz9wSYVDah-_MECUlK1qKWngFzI8jBHVS5oqiFkFyiQBuzZEhEPzi3HKaesRE5Bz3M
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
5585
last-modified
Fri, 04 Sep 2020 11:56:33 GMT
server
cloudflare
etag
"9a7d33f7b957bad2e4dd2dec0b6c9ac3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Fl2/pw==, md5=mn0z97lXutLk3S3sC2yaww==
x-goog-generation
1599220593466336
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
5585
accept-ranges
bytes
cf-ray
6d9d39a39e259213-FRA
expires
Mon, 07 Feb 2022 18:14:32 GMT
email-decode.min.js
tandlakeri.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tandlakeri.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9828 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:14:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Feb 2022 11:10:48 GMT
server
cloudflare
etag
W/"61fbb838-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtTE3OgeDkpFZTTayKhwESBc5CJzCPTnL6pVJotnmg6JeGome4BDOgq2SO2xLA%2By%2BF8Rzlkn6jLhSWoobqPIp3OoC6W2iHF3JKCk76sX9sNXr4PAkZxEWYci%2FlrE%2BdkdtyBjL0%2B5z%2BkKGBsH3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d9d39a40a84839d-MXP
vary
Accept-Encoding
expires
Wed, 09 Feb 2022 14:14:32 GMT
inpage_published.js
app.groove.cm/groovepages/js/
Redirect Chain
  • https://app.groovefunnels.com/groovepages/js/inpage_published.js
  • https://app.groove.cm/groovepages/js/inpage_published.js
81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovepages/js/inpage_published.js
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Server
2606:4700:3035::6815:856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5537173fb208b6d68a49856697ec3f38275da1ac5a975db8bc27c86ece8b0a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:14:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Feb 2022 03:32:10 GMT
server
cloudflare
age
1925
etag
W/"620092ba-145c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InaX58UelKTyIZANXZQToXYfHhTPJXvo%2BLBNGZrFhCzPFH1Vbl9MAMXnWFsutvkDTWRMKclJJWcmZQm03i7US3vNJs1Acs2kAcPr57EFuzcj1G6SY4JiL1l%2FaGMoknrnzLPj5yaMUjwKCaee"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d9d39a4c86a9153-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 07 Feb 2022 14:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7o8qqj6YmfMXoutf10QuZn91JcqErhDP6OY0XahjX70on5JkpYNoZrkseUCZFTOe312Y%2FIf8ZZP6A%2FfER3T8cxfjpPdpMe8%2FHJXb9Zc7uWuCGGBivX%2Bjb3xdoCxkCHNoTkMm7g2eijZxl5rYmwsDzxSHoBo%3D"}],"group":"cf-nel","max_age":604800}
location
https://app.groove.cm/groovepages/js/inpage_published.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6d9d39a43ac006ed-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
chunk-vendors.js
app.groove.cm/groovepages/js/
Redirect Chain
  • https://app.groovefunnels.com/groovepages/js/chunk-vendors.js
  • https://app.groove.cm/groovepages/js/chunk-vendors.js
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovepages/js/chunk-vendors.js
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Server
2606:4700:3035::6815:856 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Mon, 07 Feb 2022 14:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqOcTwOUmUfHGCiYww6Ue1779WmOp%2Bat%2Fk7qCw4WK4GPNabfCrAYtoszigrkP77DM1Tbmj3lQLtZBenaWobXxxBkA9D0%2FUXhTDTln082SoimEdXtlfMLHdHG98%2F91nkG38O0IIhJ7fTfnZ46qH9%2FoGMG4PI%3D"}],"group":"cf-nel","max_age":604800}
location
https://app.groove.cm/groovepages/js/chunk-vendors.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6d9d39a43ac306ed-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
heap-3364072150.js
cdn.heapanalytics.com/js/ 		109 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-3364072150.js
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-116.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e0481fd8d30b247692fbcddb457f11dd0e60ad28684d14058ece0148f59b42b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:13:45 GMT
content-encoding
gzip
server
nginx
age
47
etag
W/"1b517-7YNZ2tBl9qy3m7U0+IuUOg"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA60-P1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
ThLH-mCVrqoSOIY1ew3offmeYY820yaSiNb4AbaXToZwgeI3wTpggA==
matomo.js
matomo.groovetech.io/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://matomo.groovetech.io/matomo.js
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:6071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43af579102b8c4adff968a3a00280fc2061cc33538c7bbad1d8d6ec775f0807b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:14:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Jan 2022 17:08:21 GMT
server
cloudflare
age
3751
etag
W/"f93c-5d58dd993cb40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLxuvt2H9A4BUvZSzIAVXCSUSo%2FsbRgOwgrTfHERpKirKTD%2B%2FWfMJjQN2lqlx8%2BI%2F8G8%2B70iseldb6nxrZqB4VX%2B%2FeK%2FKRI75hMm7oZOTeXGaZPwiI66bStLrlKMZL%2F4%2Bh1tiImQZN5fSI6u9WfYYXgXpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d9d39a4ab4e0635-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
355d1a0aab39a3e4fa816440ae57da9c544054d9615c3c41948f8cd93c610ecc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26d3fdff195132dd4c305ef61825ac7140da4a9406b958d5beeb0d3e410eefd9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/jpeg
1604400823_23640756_at-the-dentist.jpg
assets.grooveapps.com/images/5eb102eb6039da124836458e/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5eb102eb6039da124836458e/1604400823_23640756_at-the-dentist.jpg?update=2
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c4a719a2e40e914130114e45ab05fc0e08332d3744748ccb4eedfae49f0e5bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:14:32 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtIYprFwwT36rbBxEdOT6S35F_Mlrm7khHoZkrEBKcUahaUGh4uGmltpsgQSc7qIagD038OlKonbJWggGvJSic
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
151389
last-modified
Tue, 03 Nov 2020 10:54:05 GMT
server
cloudflare
etag
"3d9457a0a99abdf85847a46c842363c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Rpdo/w==, md5=PZRXoKmavfhYR6RshCNjwA==
x-goog-generation
1604400845301862
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
151389
accept-ranges
bytes
cf-ray
6d9d39a468239213-FRA
expires
Mon, 07 Feb 2022 18:14:32 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v41/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v41/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Crimson+Pro:400,500,700,900|Fira+Sans:400,500,700,900|Josefin+Slab:400,700|Lato:400,700,900|Montserrat:400,500,700,900|Nunito:400,700,900|Oswald:400,500,700|Poppins:400,500,700,900|Raleway:400,500,700,900|Roboto+Condensed:400,700|Roboto:400,500,700,900|Source+Code+Pro:400,500,700,900|Source+Sans+Pro:400,700,900|Titillium+Web:400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tandlakeri.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 02:25:51 GMT
x-content-type-options
nosniff
age
388121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24080
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:40:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 03 Feb 2023 02:25:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Crimson+Pro:400,500,700,900|Fira+Sans:400,500,700,900|Josefin+Slab:400,700|Lato:400,700,900|Montserrat:400,500,700,900|Nunito:400,700,900|Oswald:400,500,700|Poppins:400,500,700,900|Raleway:400,500,700,900|Roboto+Condensed:400,700|Roboto:400,500,700,900|Source+Code+Pro:400,500,700,900|Source+Sans+Pro:400,700,900|Titillium+Web:400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tandlakeri.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:48:03 GMT
x-content-type-options
nosniff
age
275189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 04 Feb 2023 09:48:03 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Crimson+Pro:400,500,700,900|Fira+Sans:400,500,700,900|Josefin+Slab:400,700|Lato:400,700,900|Montserrat:400,500,700,900|Nunito:400,700,900|Oswald:400,500,700|Poppins:400,500,700,900|Raleway:400,500,700,900|Roboto+Condensed:400,700|Roboto:400,500,700,900|Source+Code+Pro:400,500,700,900|Source+Sans+Pro:400,700,900|Titillium+Web:400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tandlakeri.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 19:30:15 GMT
x-content-type-options
nosniff
age
413057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:11:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Feb 2023 19:30:15 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Crimson+Pro:400,500,700,900|Fira+Sans:400,500,700,900|Josefin+Slab:400,700|Lato:400,700,900|Montserrat:400,500,700,900|Nunito:400,700,900|Oswald:400,500,700|Poppins:400,500,700,900|Raleway:400,500,700,900|Roboto+Condensed:400,700|Roboto:400,500,700,900|Source+Code+Pro:400,500,700,900|Source+Sans+Pro:400,700,900|Titillium+Web:400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tandlakeri.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 17:56:19 GMT
x-content-type-options
nosniff
age
418693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Feb 2023 17:56:19 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Crimson+Pro:400,500,700,900|Fira+Sans:400,500,700,900|Josefin+Slab:400,700|Lato:400,700,900|Montserrat:400,500,700,900|Nunito:400,700,900|Oswald:400,500,700|Poppins:400,500,700,900|Raleway:400,500,700,900|Roboto+Condensed:400,700|Roboto:400,500,700,900|Source+Code+Pro:400,500,700,900|Source+Sans+Pro:400,700,900|Titillium+Web:400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tandlakeri.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 02:15:24 GMT
x-content-type-options
nosniff
age
388748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:15:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 03 Feb 2023 02:15:24 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.13.0/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer
https://use.fontawesome.com/releases/v5.13.0/css/all.css
Origin
https://tandlakeri.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 14:14:32 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
A17PS55RTFMQZEBY
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76612
x-amz-id-2
ibLodSDf6x/AW4akYLKBn1CldPTU7rvKPLjNID0ov84sj7MG8GbKZ1/myefKFJKsRnUl539RJ2A=
last-modified
Wed, 30 Jun 2021 15:39:01 GMT
server
cloudflare
etag
"a06da7f0950f9dd366fc9db9d56d618a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvHmJ56fldWTXfySVmcYKRe7KwQpY1WI%2F%2Bkq74OZ4geLONUxy7gr8pE1ZFT3uildHsBytDRKKxlmlxkGDofSvPcLQGFKX4tCCeh9NQfU00nIU50wQIgF5IbwMr0GvkJPvm%2BiDv%2Bp9L0jfS%2BWqlJ1JcIU"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6d9d39a4bede73e3-LHR
h
heapanalytics.com/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=3364072150&u=409241241675554&v=2240514103894560&s=1264999941864457&b=web&tv=4.0&z=0&h=%2F&d=tandlakeri.com&t=Hem&r=https%3A%2F%2Fportalintersight.diasamexico.mx%2F&ts=1644243271723&st=1644243271724
Requested by
Host: tandlakeri.com
URL: https://tandlakeri.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.41.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-41-181.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tandlakeri.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 14:14:32 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
matomo.php
matomo.groovetech.io/ 		0
566 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.groovetech.io/matomo.php?action_name=tandlakeri.com%2FHem&idsite=4&rec=1&r=042210&h=14&m=14&s=31&url=https%3A%2F%2Ftandlakeri.com%2F&urlref=https%3A%2F%2Fportalintersight.diasamexico.mx%2F&_id=a2d957311ff0a187&_idn=1&_refts=1644243272&_ref=https%3A%2F%2Fportalintersight.diasamexico.mx%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension1=199428&dimension2=koYmL28g4&pv_id=gZcCGE&pf_net=211&pf_srv=500&pf_tfr=345&pf_dm1=578
Requested by
Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:6071 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tandlakeri.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 07 Feb 2022 14:14:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.15
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBwhBUP6pu7z5pUdAn0IHSNPQLO%2FeiFgbtbf5nAXyvIJ6vMHdKRSPK0V5p%2BEoVPVlnAQpd%2Bi%2FxiQOLYq4ag2Vyl60Cu11l4i8PtCwtJvUC%2B7EXxg60sDHUGwClVLiFhwRubvdJ%2BFtXvFixDPe%2F7a4XxLhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://tandlakeri.com
access-control-allow-credentials
true
cf-ray
6d9d39a5dfd75a01-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| heap object| _paq function| setupNavmenu function| fetchGPmegamenu boolean| isFreeUser function| encodeSite object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log boolean| gpNavmenusReady

7 Cookies

Domain/Path Name / Value
portalintersight.diasamexico.mx/ Name: d
Value: 0
portalintersight.diasamexico.mx/ Name: n
Value: Etc/Unknown
.tandlakeri.com/ Name: _hp2_id.3364072150
Value: %7B%22userId%22%3A%22409241241675554%22%2C%22pageviewId%22%3A%222240514103894560%22%2C%22sessionId%22%3A%221264999941864457%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
tandlakeri.com/ Name: _pk_ref.4.cd2d
Value: %5B%22%22%2C%22%22%2C1644243272%2C%22https%3A%2F%2Fportalintersight.diasamexico.mx%2F%22%5D
tandlakeri.com/ Name: _pk_id.4.cd2d
Value: a2d957311ff0a187.1644243272.
tandlakeri.com/ Name: _pk_ses.4.cd2d
Value: 1
.tandlakeri.com/ Name: _hp2_ses_props.3364072150
Value: %7B%22r%22%3A%22https%3A%2F%2Fportalintersight.diasamexico.mx%2F%22%2C%22ts%22%3A1644243271723%2C%22d%22%3A%22tandlakeri.com%22%2C%22h%22%3A%22%2F%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.groove.cm
app.groovefunnels.com
assets.grooveapps.com
cdn.heapanalytics.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
matomo.groovetech.io
portalintersight.diasamexico.mx
tandlakeri.com
use.fontawesome.com
13.32.121.116
170.249.212.26
2606:4700:3034::6815:1e9
2606:4700:3035::6815:856
2606:4700:3036::6815:6071
2606:4700:3037::6815:4e07
2606:4700:3037::ac43:9828
2606:4700::6812:15b4
2a00:1450:4001:803::2003
2a00:1450:4001:82a::200a
3.213.41.181
0c89e5ed472a5e60aa761745fefd634be317b071e57a04c429d47f091c5c38fe
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1c4a719a2e40e914130114e45ab05fc0e08332d3744748ccb4eedfae49f0e5bf
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26d3fdff195132dd4c305ef61825ac7140da4a9406b958d5beeb0d3e410eefd9
355d1a0aab39a3e4fa816440ae57da9c544054d9615c3c41948f8cd93c610ecc
43af579102b8c4adff968a3a00280fc2061cc33538c7bbad1d8d6ec775f0807b
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
a4be78866f7b675779556131629d5fa6280e84ba6d1c8aedc2475121a1ad3252
ac89b68adf6bccc9b76cf174051874de548764c4053918e7eae1ef108cfa2dd8
b618174bba540a0b80130a805618fb6417602e4119495cb7b8df5826a0aa1ddc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bda8fcc2deb768fc41e69ef070d6acb4b7071ecb158369bd55cd03435c485dff
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d5537173fb208b6d68a49856697ec3f38275da1ac5a975db8bc27c86ece8b0a2
e0481fd8d30b247692fbcddb457f11dd0e60ad28684d14058ece0148f59b42b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebcd444614429f840c8095f74e6595a815f5112d78f490151b8d1a530aed0054