urlscan.io logo urlscan.io
SecurityTrails logo

www.cincopa.com Open in urlscan Pro
151.101.2.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://oren-as-safe.orenshmu.com/
Effective URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https...
Submission: On January 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 5 countries across 23 domains to perform 82 HTTP transactions. The main IP is 151.101.2.133, located in United States and belongs to FASTLY, US. The main domain is www.cincopa.com. The Cisco Umbrella rank of the primary domain is 260543.
TLS certificate: Issued by R3 on January 11th 2022. Valid for: 3 months.
This is the only time www.cincopa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.168.254.107 36351 (SOFTLAYER)
16 151.101.2.133 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
3 54.72.146.196 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
10 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a03:5f80:a::... 50952 (DATAIX-AS...)
1 142.250.186.34 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 34.226.52.22 14618 (AMAZON-AES)
17 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 63.32.167.175 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 151.101.128.217 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.201.81.77 15169 (GOOGLE)
1 1 13.35.253.92 16509 (AMAZON-02)
3 13.35.253.111 16509 (AMAZON-02)
1 99.83.219.81 16509 (AMAZON-02)
82 26
1    108.168.254.107 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 6b.fe.a86c.ip4.static.sl-reverse.com
oren-as-safe.orenshmu.com
16    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
www.cincopa.com
wwwcdn.cincopa.com
4    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    54.72.146.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-146-196.eu-west-1.compute.amazonaws.com
popups.landingi.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    2606:4700::6812:bde4 (United States)

ASN13335 (CLOUDFLARENET, US)
leadbooster-chat.pipedrive.com
3    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:5f80:a::b212:e7d1 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)
snap.licdn.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    34.226.52.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-52-22.compute-1.amazonaws.com
mautic.cincopa.com
17    2606:4700:3035::ac43:a6fa (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.assets-landingi.com
styles.assets-landingi.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    63.32.167.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-167-175.eu-west-1.compute.amazonaws.com
stats.landingi.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    151.101.128.217 (United States)

ASN54113 (FASTLY, US)
player.vimeo.com
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    35.201.81.77 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 77.81.201.35.bc.googleusercontent.com
api.rollbar.com
1    13.35.253.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-92.fra6.r.cloudfront.net
widget.intercom.io
3    13.35.253.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-111.fra6.r.cloudfront.net
js.intercomcdn.com
1    99.83.219.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
18 cincopa.com
www.cincopa.com — Cisco Umbrella Rank: 260543
wwwcdn.cincopa.com
mautic.cincopa.com
664 KB
17 assets-landingi.com
scripts.assets-landingi.com — Cisco Umbrella Rank: 129056
styles.assets-landingi.com — Cisco Umbrella Rank: 160992
52 KB
10 pipedrive.com
leadbooster-chat.pipedrive.com — Cisco Umbrella Rank: 88958
196 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 433
www.linkedin.com — Cisco Umbrella Rank: 624
px4.ads.linkedin.com — Cisco Umbrella Rank: 5443
3 KB
4 landingi.com
popups.landingi.com — Cisco Umbrella Rank: 152799
stats.landingi.com — Cisco Umbrella Rank: 156008
10 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
4 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2178
124 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
55 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2169
api-iam.intercom.io — Cisco Umbrella Rank: 2586
3 KB
2 rollbar.com
api.rollbar.com — Cisco Umbrella Rank: 12541
192 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
50 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 88
499 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6151
611 B
2 google.com
www.google.com — Cisco Umbrella Rank: 8
611 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
113 KB
2 gstatic.com
fonts.gstatic.com
75 KB
1 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 1730
7 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 97
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 828
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 202
17 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
66 KB
1 orenshmu.com
oren-as-safe.orenshmu.com
544 B
82 23
Domain Requested by
15 wwwcdn.cincopa.com www.cincopa.com
wwwcdn.cincopa.com
11 scripts.assets-landingi.com popups.landingi.com
10 leadbooster-chat.pipedrive.com www.cincopa.com
cdnjs.cloudflare.com
leadbooster-chat.pipedrive.com
6 styles.assets-landingi.com popups.landingi.com
4 fonts.googleapis.com www.cincopa.com
popups.landingi.com
3 js.intercomcdn.com widget.intercom.io
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.cincopa.com
3 popups.landingi.com www.cincopa.com
cdnjs.cloudflare.com
2 api.rollbar.com cdnjs.cloudflare.com
2 www.youtube.com scripts.assets-landingi.com
www.youtube.com
2 www.facebook.com www.cincopa.com
2 px.ads.linkedin.com 2 redirects
2 www.google.de www.cincopa.com
2 www.google.com www.cincopa.com
2 mautic.cincopa.com cdnjs.cloudflare.com
2 connect.facebook.net www.cincopa.com
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io 1 redirects
1 player.vimeo.com popups.landingi.com
1 px4.ads.linkedin.com www.cincopa.com
1 www.linkedin.com 1 redirects
1 stats.landingi.com cdnjs.cloudflare.com
1 stats.g.doubleclick.net cdnjs.cloudflare.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 cdnjs.cloudflare.com www.cincopa.com
1 www.googletagmanager.com www.cincopa.com
1 www.cincopa.com
1 oren-as-safe.orenshmu.com 1 redirects
82 31
Subject Issuer Validity Valid
*.cincopa.com
R3		 2022-01-11 -
2022-04-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.landingi.com
Certum Domain Validation CA SHA2		 2021-09-13 -
2022-09-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
pipedrive.com
Cloudflare Inc ECC CA-3		 2021-10-27 -
2022-10-26		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-23 -
2022-01-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.vimeo.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-09-15 -
2022-10-17		 a year crt.sh
api.rollbar.com
DigiCert SHA2 Secure Server CA		 2020-07-13 -
2022-07-27		 2 years crt.sh
*.intercomcdn.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
*.intercom.com
Amazon		 2021-04-15 -
2022-05-14		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Frame ID: 0BBB5B3E5FB7D7D1831C02D1DF57F4A4
Requests: 47 HTTP requests in this frame

Frame: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Frame ID: 68F5885C68BC9AB67051366E7FD2A300
Requests: 23 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.bf34b48c.js
Frame ID: 1CD42014B9DC078398434C683B1D697E
Requests: 3 HTTP requests in this frame

Frame: https://leadbooster-chat.pipedrive.com/assets/main.js?version=65d43556ae_4848
Frame ID: 42A07F419F0D7FF067E21488CAB7F002
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login To Your Account | Cincopa

Page URL History Show full URLs

  1. https://oren-as-safe.orenshmu.com/ HTTP 302
    https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20ac... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • rollbar\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

82
Requests

98 %
HTTPS

57 %
IPv6

23
Domains

31
Subdomains

26
IPs

5
Countries

1457 kB
Transfer

3577 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://oren-as-safe.orenshmu.com/ HTTP 302
    https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=185522&time=1642153427800&url=https%3A%2F%2Fwww.cincopa.com%2Flogin.aspx%3Fmsg%3DLogged%2520Cincopa%2520user%2520is%2520not%2520allowed%2520to%2520this%2520account%26continue%3Dhttps%253a%252f%252foren-as-safe.orenshmu.com%252f HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D185522%26time%3D1642153427800%26url%3Dhttps%253A%252F%252Fwww.cincopa.com%252Flogin.aspx%253Fmsg%253DLogged%252520Cincopa%252520user%252520is%252520not%252520allowed%252520to%252520this%252520account%2526continue%253Dhttps%25253a%25252f%25252foren-as-safe.orenshmu.com%25252f%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=185522&time=1642153427800&url=https%3A%2F%2Fwww.cincopa.com%2Flogin.aspx%3Fmsg%3DLogged%2520Cincopa%2520user%2520is%2520not%2520allowed%2520to%2520this%2520account%26continue%3Dhttps%253a%252f%252foren-as-safe.orenshmu.com%252f&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=185522&time=1642153427800&url=https%3A%2F%2Fwww.cincopa.com%2Flogin.aspx%3Fmsg%3DLogged%2520Cincopa%2520user%2520is%2520not%2520allowed%2520to%2520this%2520account%26continue%3Dhttps%253a%252f%252foren-as-safe.orenshmu.com%252f&liSync=true&e_ipv6=AQI9Q9NxjAQKdAAAAX5X-MSqvcJ5d7PYxZCPWq9Jg1pz3fmQcjffAdu1Cz4BorHxRV0cxXy5TXXrAlptFjSme0r7P_qCAQ
Request Chain 68
  • https://widget.intercom.io/widget/d24n1idu HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.aspx
www.cincopa.com/
Redirect Chain
  • https://oren-as-safe.orenshmu.com/
  • https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
89 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d17f9701503eb07951cbe40010b40d791b52ffbb8720f69f63c90694164969b5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
server
Microsoft-IIS/10.0
fpm
FP12-Cincopa
access-control-allow-origin
*
timing-allow-origin
*
fpm-session
readonly
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-aspnet-version
4.0.30319
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite3.1 | 1 rewrite3.2 | 1 rewrite4 | 1 rewrite5 | 1 rewrite6 | 2 baseKillerAppsPage.cs:70 | 2 baseKillerAppsPage.cs:5293 | 2 cms:60 | 2 after sleep | 3 cms:125 | 3 cms:249 | 4 cms:251 | 4 cms:294 | 77 cms:296 | 77 cms:385 | 77 baseKillerAppsPage.cs:7409 | 77 baseKillerAppsPage.cs:2336 | 77 before LoginCincopa | 77 after LoginCincopa | 77 cms:409 | 78 end
x-powered-by
ASP.NET
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
accept-ranges
bytes
via
1.1 varnish, 1.1 varnish
date
Fri, 14 Jan 2022 09:43:47 GMT
x-served-by
cache-dal21280-DAL, cache-mxp6964-MXP
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1642153427.639642,VS0,VE588
vary
Accept-Encoding
content-length
28004

Redirect headers

cache-control
private
content-type
text/html; charset=utf-8
location
https://www.cincopa.com/login.aspx?msg=Logged Cincopa user is not allowed to this account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
server
Microsoft-IIS/10.0
fpm
FP12-Portals
access-control-allow-origin
*
timing-allow-origin
*
x-aspnet-version
4.0.30319
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 2 rewrite3.1 | 2 rewrite3.2 | 2 rewrite4 | 9 baseKillerAppsPage.cs:70 | 9 baseKillerAppsPage.cs:5293 | 9 cms:60 | 9 after sleep | 10 cms:125 | 10 cms:249 | 130 end
x-powered-by
ASP.NET
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
date
Fri, 14 Jan 2022 09:43:45 GMT
content-length
262
styles-2020.css
wwwcdn.cincopa.com/_cms/design20/scss/ 		465 KB
126 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wwwcdn.cincopa.com/_cms/design20/scss/styles-2020.css?fts=2022-01-04T11:10:58.3487248Z&minify=yes
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
892c3123546a80423591d35339cd6f04fc034cd73f1192dbe39fcddbebf23399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
content-encoding
gzip
x-aspnet-version
4.0.30319
age
858656
x-powered-by
ASP.NET
x-cache
MISS, HIT
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite3.1 | 1 rewrite3.2 | 1 rewrite4 | 1 rewrite5 | 1 baseKillerAppsPage.cs:69 | 1 baseKillerAppsPage.cs:2290 | 1 before LoginCincopa | 1 after LoginCincopa | 3169 end
content-length
128936
x-served-by
cache-dal21225-DAL, cache-mxp6964-MXP
access-control-allow-origin
*
server
Microsoft-IIS/10.0
cache-control
public, max-age=31536000
x-timer
S1642153427.291817,VS0,VE2
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
content-type
text/css; charset=utf-8
via
1.1 varnish, 1.1 varnish
fpm
FP12-Cincopa
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-cache-hits
0, 1
css
fonts.googleapis.com/ 		30 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,600,700|Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a4c5ce831eceafcecd9857fda7d69d23bbd001d3e4976d33d06a4ed16a667f27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 09:43:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 14 Jan 2022 09:43:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jan 2022 09:43:47 GMT
cincopaicons2019.css
wwwcdn.cincopa.com/_cms/design15/css/fonts/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wwwcdn.cincopa.com/_cms/design15/css/fonts/cincopaicons2019.css?fts=2021-10-12T07:55:36.5886140Z&minify=yes
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3eddde2730d9dbd3c46e04f11b43382f85d4d9e269fb4bd2ef90f45070eab7d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
content-encoding
gzip
x-aspnet-version
4.0.30319
age
2062292
x-powered-by
ASP.NET
x-cache
MISS, HIT
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite3.1 | 1 rewrite3.2 | 1 rewrite4 | 1 rewrite5 | 2 baseKillerAppsPage.cs:69 | 2 baseKillerAppsPage.cs:2162 | 2 before LoginCincopa | 2 after LoginCincopa | 111 end
content-length
2749
x-served-by
cache-dal21244-DAL, cache-mxp6964-MXP
access-control-allow-origin
*
server
Microsoft-IIS/10.0
cache-control
public, max-age=31536000
x-timer
S1642153427.291885,VS0,VE1
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
content-type
text/css; charset=utf-8
via
1.1 varnish, 1.1 varnish
fpm
FP12-Cincopa
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-cache-hits
0, 1
jquery-3.6.0.min.js
wwwcdn.cincopa.com/_cms/design15/js/ 		87 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwcdn.cincopa.com/_cms/design15/js/jquery-3.6.0.min.js?fts=2021-10-19T07:17:36.6920594Z
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
content-encoding
gzip
fpm
FP12-Cincopa
age
2063415
x-powered-by
ASP.NET
x-cache
HIT, HIT
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite3.1 | 1 rewrite3.2 | 1 rewrite4 | 1 rewrite5 | 1 rewrite6 | 1 end
content-length
39756
x-served-by
cache-dal21222-DAL, cache-mxp6964-MXP
access-control-allow-origin
*
last-modified
Tue, 19 Oct 2021 07:17:36 GMT
server
Microsoft-IIS/10.0
x-timer
S1642153427.291920,VS0,VE2
etag
"921a064b9c4d71:0"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-cache-hits
1, 1
common.js
wwwcdn.cincopa.com/_cms/design15/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwcdn.cincopa.com/_cms/design15/common.js?fts=2021-03-11T11:13:46.7631726Z&minify=yes
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ab0b9cb00099d3b31d377cf42a62c50cb71f95f6cfc0aa121658d6b07b40cfae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
content-encoding
gzip
x-aspnet-version
4.0.30319
age
2063417
x-powered-by
ASP.NET
x-cache
HIT, HIT
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 4 rewrite3.1 | 4 rewrite3.2 | 4 rewrite4 | 4 rewrite5 | 598 baseKillerAppsPage.cs:69 | 612 baseKillerAppsPage.cs:2162 | 612 before LoginCincopa | 612 after LoginCincopa | 638 end
content-length
9043
x-served-by
cache-dal21228-DAL, cache-mxp6964-MXP
access-control-allow-origin
*
server
Microsoft-IIS/10.0
cache-control
public, max-age=31536000
x-timer
S1642153427.291963,VS0,VE1
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
fpm
FP12-Cincopa
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-cache-hits
15, 1
simplemodal.js
wwwcdn.cincopa.com/_cms/design13/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwcdn.cincopa.com/_cms/design13/js/simplemodal.js?fts=2021-11-08T07:40:05.7397184Z&minify=yes
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
46687b5e6a8700ccfb9847f5a83660c484e980b0230c3753e9bbba5ad4a22551

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
content-encoding
gzip
x-aspnet-version
4.0.30319
age
2060666
x-powered-by
ASP.NET
x-cache
MISS, HIT
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite3.1 | 1 rewrite3.2 | 1 rewrite4 | 1 rewrite5 | 1392 baseKillerAppsPage.cs:69 | 1427 baseKillerAppsPage.cs:2162 | 1427 before LoginCincopa | 1427 after LoginCincopa | 1441 end
content-length
3914
x-served-by
cache-dal21234-DAL, cache-mxp6964-MXP
access-control-allow-origin
*
server
Microsoft-IIS/10.0
cache-control
public, max-age=31536000
x-timer
S1642153427.292042,VS0,VE1
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
fpm
FP12-Cincopa
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-cache-hits
0, 277
install-code
popups.landingi.com/api/v3/website/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popups.landingi.com/api/v3/website/install-code?apikey=e547069b-7bbe-471d-bebc-65e92e6af460
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.146.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-146-196.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.3
Resource Hash
ce282a1807c31dcfef836cb1cd030127c10dbf8559696ac5fa2b947d54589b3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
cache-control
max-age: 1, public
server
nginx
x-powered-by
PHP/7.4.3
content-type
text/javascript; charset=UTF-8
logo.png
wwwcdn.cincopa.com/_cms/design13/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwcdn.cincopa.com/_cms/design13/images/logo.png?fts=2019-01-02T12:34:09.3655589Z
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
114d860e73166b27dd91e78abaaee56486b8ce9672eae3c9583db9a84279b4f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
via
1.1 varnish, 1.1 varnish
fpm
FP12-Cincopa
age
2063417
x-powered-by
ASP.NET
x-cache
HIT, HIT
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 31 rewrite3.1 | 31 rewrite3.2 | 32 end
x-cache-hits
1, 1
content-length
6368
x-served-by
cache-dal21274-DAL, cache-mxp6964-MXP
server
Microsoft-IIS/10.0
x-timer
S1642153427.352245,VS0,VE1
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
*
expires
Thu, 20 Jan 2022 12:33:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
optimized
yep 2% 6484 byte 6368 byte toMMwGIt-qsd8887WxEXHA.png
cincopaicons2019.css
wwwcdn.cincopa.com/_cms/design15/css/fonts/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wwwcdn.cincopa.com/_cms/design15/css/fonts/cincopaicons2019.css?fts=2021-10-12T07:55:36.5886140Z&minify=yes
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
content-encoding
gzip
x-aspnet-version
4.0.30319
age
2062292
x-powered-by
ASP.NET
x-cache
MISS, HIT
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite3.1 | 1 rewrite3.2 | 1 rewrite4 | 1 rewrite5 | 2 baseKillerAppsPage.cs:69 | 2 baseKillerAppsPage.cs:2162 | 2 before LoginCincopa | 2 after LoginCincopa | 111 end
content-length
2749
x-served-by
cache-dal21244-DAL, cache-mxp6964-MXP
access-control-allow-origin
*
server
Microsoft-IIS/10.0
cache-control
public, max-age=31536000
x-timer
S1642153427.373316,VS0,VE0
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
content-type
text/css; charset=utf-8
via
1.1 varnish, 1.1 varnish
fpm
FP12-Cincopa
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-cache-hits
0, 2
check-use.jpg
wwwcdn.cincopa.com/_cms/design17/images/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwcdn.cincopa.com/_cms/design17/images/check-use.jpg?fts=2021-06-03T07:45:31.8505975Z
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
58504c193caa14038eed2f026b8c93dafbde9206ebfbef03c34bdda52e72d73d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
via
1.1 varnish, 1.1 varnish
fpm
FP12-Cincopa
age
2063416
x-powered-by
ASP.NET
x-cache
HIT, HIT
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 17 rewrite3.1 | 17 rewrite3.2 | 20 end
x-cache-hits
3, 1
content-length
53388
x-served-by
cache-dal21247-DAL, cache-mxp6964-MXP
server
Microsoft-IIS/10.0
x-timer
S1642153427.366710,VS0,VE1
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
*
expires
Thu, 20 Jan 2022 12:33:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
optimized
yep 60% 132171 byte 53388 byte EHZHNqHWPtzy4Gh4Agv3CD.jpg
free-webinar.jpg
wwwcdn.cincopa.com/_cms/design17/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwcdn.cincopa.com/_cms/design17/images/free-webinar.jpg?fts=2021-06-03T07:46:50.3471451Z
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d237b824439c6cdb48e87ac956172dd0bce77d7516d95704742f7aaf3b374c7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
via
1.1 varnish, 1.1 varnish
fpm
FP12-Cincopa
age
2063417
x-powered-by
ASP.NET
x-cache
HIT, HIT
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite3.1 | 1 rewrite3.2 | 2 end
x-cache-hits
1, 1
content-length
29570
x-served-by
cache-dal21268-DAL, cache-mxp6964-MXP
server
Microsoft-IIS/10.0
x-timer
S1642153427.366770,VS0,VE1
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
*
expires
Thu, 20 Jan 2022 12:33:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
optimized
yep 56% 66868 byte 29570 byte Lb-FGeSN2LZcILEl96mjTB.jpg
anaheim-ducks.jpg
wwwcdn.cincopa.com/_cms/design17/images/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwcdn.cincopa.com/_cms/design17/images/anaheim-ducks.jpg?fts=2021-06-03T07:35:47.4815970Z
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e73411ad9b998eeb00c8174130abf3efdd40091070ceab181960c5c270b42fc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
via
1.1 varnish, 1.1 varnish
fpm
FP12-Cincopa
age
847762
x-powered-by
ASP.NET
x-cache
HIT, HIT
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite3.1 | 1 rewrite3.2 | 3 end
x-cache-hits
1, 1
content-length
89016
x-served-by
cache-dal21282-DAL, cache-mxp6964-MXP
server
Microsoft-IIS/10.0
x-timer
S1642153427.366813,VS0,VE1
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
*
expires
Thu, 03 Feb 2022 14:14:24 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
optimized
yep 42% 154231 byte 89016 byte Qsf6cLVZ5uyEuKt6II39oB.jpg
icm.jpg
wwwcdn.cincopa.com/_cms/design17/images/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwcdn.cincopa.com/_cms/design17/images/icm.jpg?fts=2021-06-03T07:47:47.4583037Z
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7d44efa9203b050c929fa4068c7a70edc265fe2e92fd2274c695c5c0f67aebc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
via
1.1 varnish, 1.1 varnish
fpm
FP12-Cincopa
age
2063417
x-powered-by
ASP.NET
x-cache
HIT, HIT
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 33 rewrite3.1 | 33 rewrite3.2 | 36 end
x-cache-hits
1, 1
content-length
85658
x-served-by
cache-dal21246-DAL, cache-mxp6964-MXP
server
Microsoft-IIS/10.0
x-timer
S1642153427.366913,VS0,VE27
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
*
expires
Thu, 20 Jan 2022 12:33:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
optimized
yep 45% 156340 byte 85658 byte w5H5i9AvU6J7KJ_KZDlq-C.jpg
tech-banner.jpg
wwwcdn.cincopa.com/_cms/design18/images/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwcdn.cincopa.com/_cms/design18/images/tech-banner.jpg?fts=2021-06-08T05:46:28.9979300Z
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fbda3e1d124f05075b6f1c40d46be420070c7fb107fc21db29c888281f585467

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
via
1.1 varnish, 1.1 varnish
fpm
FP12-Cincopa
age
2063417
x-powered-by
ASP.NET
x-cache
HIT, HIT
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 30 rewrite3.1 | 30 rewrite3.2 | 34 end
x-cache-hits
1, 1
content-length
103380
x-served-by
cache-dal21231-DAL, cache-mxp6964-MXP
server
Microsoft-IIS/10.0
x-timer
S1642153427.366957,VS0,VE1
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
*
expires
Thu, 20 Jan 2022 12:33:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
optimized
yep 39% 170356 byte 103380 byte pLjeuecEo_qYMkfmnFe7AD.jpg
reglogin.css
wwwcdn.cincopa.com/_cms/design13/css/ 		10 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wwwcdn.cincopa.com/_cms/design13/css/reglogin.css?fts=2018-12-17T09:25:45.6915365Z
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
19e2f56f3661ae684570f3a1d47620f9eedbcce3a8734ceff7c7c29bc05acae1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
content-encoding
gzip
fpm
FP12-Cincopa
age
2062930
x-powered-by
ASP.NET
x-cache
HIT, HIT
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite3.1 | 1 rewrite3.2 | 1 rewrite4 | 1 rewrite5 | 1 rewrite6 | 1 end
content-length
5655
x-served-by
cache-dal21258-DAL, cache-mxp6964-MXP
access-control-allow-origin
*
last-modified
Mon, 17 Dec 2018 09:25:45 GMT
server
Microsoft-IIS/10.0
x-timer
S1642153427.325502,VS0,VE2
etag
"a577417dea95d41:0"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-cache-hits
1, 1
gtm.js
www.googletagmanager.com/ 		193 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NC24R2&l=_udDataLayer
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e70bb9d4e7424d60d3fbf922c81b8e35312750d5546f42b3043c11d58ddeb6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66715
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Jan 2022 09:43:47 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cincopa.com/
Origin
https://www.cincopa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10418949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17086
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-f4a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiwUtatTWjQTutzWxjOnM%2FDexkt7%2Fr9g17un604tOGiGav77L815v15DKCeCDkeETR0AkNJLxiBl2ojm%2FV5vRoQrkLA8YffhMnYfSPgW%2B7aTHgk1S6pJTGPvEAQZG8VpVB4y25U5%2Fg7REu1zH6lMxX%2BH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6cd5ec094b73374a-MXP
expires
Wed, 04 Jan 2023 09:43:47 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v21/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v21/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600,700|Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cincopa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 19:33:06 GMT
x-content-type-options
nosniff
age
223841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:51 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 19:33:06 GMT
cincopaicons2019.ttf
wwwcdn.cincopa.com/_cms/design15/css/fonts/ 		65 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wwwcdn.cincopa.com/_cms/design15/css/fonts/cincopaicons2019.ttf?dg7im3
Requested by
Host: wwwcdn.cincopa.com
URL: https://wwwcdn.cincopa.com/_cms/design15/css/fonts/cincopaicons2019.css?fts=2021-10-12T07:55:36.5886140Z&minify=yes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
355ccc576b266bb5381cc49f88dfa1b3e28b46305b31994b58c9ef1ebecb9155

Request headers

Referer
https://wwwcdn.cincopa.com/_cms/design15/css/fonts/cincopaicons2019.css?fts=2021-10-12T07:55:36.5886140Z&minify=yes
Origin
https://www.cincopa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
content-encoding
gzip
fpm
FP12-Cincopa
age
1254
x-powered-by
ASP.NET
x-cache
HIT, HIT
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite3.1 | 1 rewrite3.2 | 1 rewrite4 | 1 rewrite5 | 1 rewrite6 | 1 end
content-length
36295
x-served-by
cache-dal21257-DAL, cache-mxp6975-MXP
access-control-allow-origin
*
server
Microsoft-IIS/10.0
x-timer
S1642153427.412505,VS0,VE1
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
content-type
application/octet-stream
via
1.1 varnish, 1.1 varnish
cache-control
public
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-cache-hits
1, 1
mtc.js
wwwcdn.cincopa.com/_cms/design19/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwwcdn.cincopa.com/_cms/design19/mtc.js?fts=2020-01-23T10:28:57.2525762Z
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8a63f2f01ab6abfa565c30d232fd03ca8c289ad5df958ad4f44a12c47aad2e7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
content-encoding
gzip
fpm
FP12-Cincopa
age
2063418
x-powered-by
ASP.NET
x-cache
HIT, HIT
fpm-runtime
| 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite3.1 | 1 rewrite3.2 | 1 rewrite4 | 1 rewrite5 | 1 rewrite6 | 1 end
content-length
48018
x-served-by
cache-dal21279-DAL, cache-mxp6964-MXP
access-control-allow-origin
*
last-modified
Thu, 23 Jan 2020 10:28:57 GMT
server
Microsoft-IIS/10.0
x-timer
S1642153427.405448,VS0,VE1
etag
"c24443ebd7d1d51:0"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, HEAD
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-cache-hits
1, 1
loader.js
leadbooster-chat.pipedrive.com/assets/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leadbooster-chat.pipedrive.com/assets/loader.js
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bde4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35b20ebc5182756de20cb246d244790f7895c7b3ace940b7794d7231bd26e0d4
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
x-correlation-id
1dde4a90-e3d7-4f19-9615-805af190b7e7
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 13 Jan 2022 15:27:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=0
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=0
badi
Routing: eu-central-1=>eu-central-1; Version: 61a1; Host: bari;
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray
6cd5ec099c1359b3-MXP
access-control-expose-headers
X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600,700|Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cincopa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:52:02 GMT
x-content-type-options
nosniff
age
589905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 13:52:02 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e1644ce4019b3d07c8247256ef8b9f992ddf37d1de148f4859a0207dcfc7c8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NC24R2&l=_udDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2561
date
Fri, 14 Jan 2022 09:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 14 Jan 2022 11:01:06 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NC24R2&l=_udDataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 09:43:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=77319
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
conversion_async.js
www.googleadservices.com/pagead/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NC24R2&l=_udDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14835
x-xss-protection
0
server
cafe
etag
2630088915750441828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 14 Jan 2022 09:43:47 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
Fu/jiLJG7yEt0A86rdnpYjxtSyn3yxW0IYYa4qrrQAPbbeGYGFJhXjsf/lh/W/ei1VCFFJ3zsdODDux2gwhm9Q==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Fri, 14 Jan 2022 09:43:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
event
mautic.cincopa.com/mtc/ 		115 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mautic.cincopa.com/mtc/event
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.226.52.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-52-22.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d1bdeb4c5e0edc34f5107d104260d8b7c98c66b84bae7e928ac3581659bfede2

Request headers

Referer
https://www.cincopa.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Fri, 14 Jan 2022 09:43:50 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.cincopa.com
Access-Control-Max-Age
36000
Cache-Control
max-age=0, must-revalidate, private
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Authorization
Expires
Fri, 14 Jan 2022 09:43:50 GMT
event
mautic.cincopa.com/mtc/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mautic.cincopa.com/mtc/event
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.226.52.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-52-22.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-requested-with
Origin
https://www.cincopa.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
Cache-Control
no-cache, private
Date
Fri, 14 Jan 2022 09:43:47 GMT
Access-Control-Allow-Origin
https://www.cincopa.com
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Authorization
Access-Control-Allow-Methods
PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
36000
js
www.google-analytics.com/gtm/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-KKDSCJB&l=_udDataLayer&t=gtm4&cid=13153703.1642153428
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2282eb0c297e4207dbead565eb1070f654029f5d74f03c1c3f6c7e0b91e0c4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36336
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Jan 2022 09:43:47 GMT
static.min.js
scripts.assets-landingi.com/popups/local-storage/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/popups/local-storage/static.min.js
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/v3/website/install-code?apikey=e547069b-7bbe-471d-bebc-65e92e6af460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b4f0d8060e40b8e7412d369e7c9696613468c24317990a4e134c87ea28db7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3720
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
CS2K2Z9C5Q5FA9XE
x-amz-id-2
iXkNi/kZOOhTh8s2tAMw8yXCn2pp8U8a02R1io87ibsssdQeYnMJLe6ulkem1zeeszGyV+Uo8kw=
last-modified
Fri, 25 Oct 2019 09:08:50 GMT
server
cloudflare
etag
W/"d2aec0a38e4d23cf7c1fa11b9d6fc230"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeoDXERmCZTin8zoIX38PC9JoN1MJPqNZWZ0MrHPLPvI0HiGHbg6fUoV0MvGhL7AKztMGYSIMvBkLUaVX71pkq0wN966mHrGY0gA3VCvhOTrTzcS8nHHq%2FxEH5EuWsQKxYyFeKvIwtx9cmLQfRcMIwvYNmz2zj3eI40%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
x-amz-version-id
null
cf-ray
6cd5ec0b282d5a37-MXP
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/921603631/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/921603631/?random=1642153427647&cv=9&fst=1642153427647&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cincopa.com%2Flogin.aspx%3Fmsg%3DLogged%2520Cincopa%2520user%2520is%2520not%2520allowed%2520to%2520this%2520account%26continue%3Dhttps%253a%252f%252foren-as-safe.orenshmu.com%252f&tiba=Login%20To%20Your%20Account%20%7C%20Cincopa&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82d3eb96e9bd2f0d1ad6d8e508d97b40b24fc26f761606a0c9b99c85268b5c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 09:43:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1099
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
151618038817952
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/151618038817952?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a1e948b35d63e53d0fff53bb5b5a5705e8f90626a53c3c2ea4d49670164aa98b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
11kvHrUsH3qfe5WtxS6gBPo/UEZUQoVd4+KA9FHyWgBFnK48M0RutNe9G5GGyHmfZZsNW2mr1eD/VCGR+aoQOQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 14 Jan 2022 09:43:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/921603631/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/921603631/?random=1642153427647&cv=9&fst=1642150800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.cincopa.com%2Flogin.aspx%3Fmsg%3DLogged%2520Cincopa%2520user%2520is%2520not%2520allowed%2520to%2520this%2520account%26continue%3Dhttps%253a%252f%252foren-as-safe.orenshmu.com%252f&tiba=Login%20To%20Your%20Account%20%7C%20Cincopa&async=1&fmt=3&is_vtc=1&random=1895411445&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 09:43:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/921603631/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/921603631/?random=1642153427647&cv=9&fst=1642150800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.cincopa.com%2Flogin.aspx%3Fmsg%3DLogged%2520Cincopa%2520user%2520is%2520not%2520allowed%2520to%2520this%2520account%26continue%3Dhttps%253a%252f%252foren-as-safe.orenshmu.com%252f&tiba=Login%20To%20Your%20Account%20%7C%20Cincopa&async=1&fmt=3&is_vtc=1&random=1895411445&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 09:43:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5185695-1&cid=13153703.1642153428&jid=763952530&gjid=883321677&_gid=311429768.1642153428&_u=aGDAgEADQAAAAE~&z=1986570206
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cincopa.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 14 Jan 2022 09:43:47 GMT
content-type
text/plain
access-control-allow-origin
https://www.cincopa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=777771640&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cincopa.com%2Flogin.aspx%3Fmsg%3DLogged%2520Cincopa%2520user%2520is%2520not%2520allowed%2520to%2520this%2520account%26continue%3Dhttps%253a%252f%252foren-as-safe.orenshmu.com%252f&ul=en-us&de=UTF-8&dt=Login%20To%20Your%20Account%20%7C%20Cincopa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQ~&jid=763952530&gjid=883321677&cid=13153703.1642153428&tid=UA-5185695-1&_gid=311429768.1642153428&gtm=2wg1c0NC24R2&cd10=1970-01-01T00%3A00%3A00.000Z&z=1849034272
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 20:03:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
49195
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
session
stats.landingi.com/api/v2/ 		79 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.landingi.com/api/v2/session
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.167.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-167-175.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.11
Resource Hash
2e1ccbb86b4a0e6f3fc87b7877b9ae7c91d0cd66d914b6ad34b569e41d2f1cbb

Request headers

Referer
https://www.cincopa.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.cincopa.com
date
Fri, 14 Jan 2022 09:43:47 GMT
cache-control
no-cache, private
server
nginx
x-powered-by
PHP/7.4.11
content-type
application/json
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5185695-1&cid=13153703.1642153428&jid=763952530&_u=aGDAgEADQAAAAE~&z=226732446
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 09:43:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5185695-1&cid=13153703.1642153428&jid=763952530&_u=aGDAgEADQAAAAE~&z=226732446
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 09:43:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=185522&time=1642153427800&url=https%3A%2F%2Fwww.cincopa.com%2Flogin.aspx%3Fmsg%3DLogged%2520Cincopa%2520user%2520is%2520not%2520allowed%2520to%252...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D185522%26time%3D1642153427800%26url%3Dhttps%253A%252F%252Fwww.cincopa.com%252Flog...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=185522&time=1642153427800&url=https%3A%2F%2Fwww.cincopa.com%2Flogin.aspx%3Fmsg%3DLogged%2520Cincopa%2520user%2520is%2520not%2520allowed%2520to%252...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=185522&time=1642153427800&url=https%3A%2F%2Fwww.cincopa.com%2Flogin.aspx%3Fmsg%3DLogged%2520Cincopa%2520user%2520is%2520not%2520allowed%2520to%25...
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=185522&time=1642153427800&url=https%3A%2F%2Fwww.cincopa.com%2Flogin.aspx%3Fmsg%3DLogged%2520Cincopa%2520user%2520is%2520not%2520allowed%2520to%2520this%2520account%26continue%3Dhttps%253a%252f%252foren-as-safe.orenshmu.com%252f&liSync=true&e_ipv6=AQI9Q9NxjAQKdAAAAX5X-MSqvcJ5d7PYxZCPWq9Jg1pz3fmQcjffAdu1Cz4BorHxRV0cxXy5TXXrAlptFjSme0r7P_qCAQ
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
x-li-proto
http/2
x-li-pop
prod-lva1
content-type
application/javascript
content-length
0
x-li-uuid
01RguNcZyhbwT4ga7ioAAA==

Redirect headers

date
Fri, 14 Jan 2022 09:43:47 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 67799AC6BD4C42E29EE58FB041B991BE Ref B: FRAEDGE1311 Ref C: 2022-01-14T09:43:48Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=185522&time=1642153427800&url=https%3A%2F%2Fwww.cincopa.com%2Flogin.aspx%3Fmsg%3DLogged%2520Cincopa%2520user%2520is%2520not%2520allowed%2520to%2520this%2520account%26continue%3Dhttps%253a%252f%252foren-as-safe.orenshmu.com%252f&liSync=true&e_ipv6=AQI9Q9NxjAQKdAAAAX5X-MSqvcJ5d7PYxZCPWq9Jg1pz3fmQcjffAdu1Cz4BorHxRV0cxXy5TXXrAlptFjSme0r7P_qCAQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAXVh6PACzoQ9Z3z109Btw==
add-popups
popups.landingi.com/api/v2/website/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://popups.landingi.com/api/v2/website/add-popups?apikey=e547069b-7bbe-471d-bebc-65e92e6af460
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.146.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-146-196.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.3
Resource Hash
77658b496140b764d658470eeab94c3adbb76d215b1923c247696f16c7a541da

Request headers

Referer
https://www.cincopa.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.cincopa.com
date
Fri, 14 Jan 2022 09:43:47 GMT
cache-control
no-cache, private
server
nginx
x-powered-by
PHP/7.4.3
access-control-allow-headers
Access-Control-Allow-Origin
content-type
application/json
render
popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/ Frame 68F5 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.146.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-146-196.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.3
Resource Hash
86e93ab65d3d4bcf385c8457784d67c1d77c2d1f505c8fd80674c5420a357371

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-type
text/html; charset=UTF-8
server
nginx
x-powered-by
PHP/7.4.3
access-control-allow-origin
*
access-control-allow-headers
Access-Control-Allow-Origin, Content-Type, apikey
cache-control
no-cache, private
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=151618038817952&ev=PageView&dl=https%3A%2F%2Fwww.cincopa.com%2Flogin.aspx%3Fmsg%3DLogged%2520Cincopa%2520user%2520is%2520not%2520allowed%2520to%2520this%2520account%26continue%3Dhttps%253a%252f%252foren-as-safe.orenshmu.com%252f&rl=&if=false&ts=1642153428074&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1642153428072.1292645817&it=1642153427656&coo=false&rqm=GET
Requested by
Host: www.cincopa.com
URL: https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Fri, 14 Jan 2022 09:43:48 GMT
bootstrap-tooltips.min.css
styles.assets-landingi.com/popups/ Frame 68F5 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://styles.assets-landingi.com/popups/bootstrap-tooltips.min.css
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
442e16d7fd7209031651b54d665d74c2391fd13661f4f4589c7bc0120a276dd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3021
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TEWMT8HTQ2ZMHJHH
x-amz-id-2
l8zt3JEfjs7enBcLTD9kAV1Gb1/fqnUUaTc9Vs4w3aYT0oEXXFyzBfkp47i9fUsMk9JnDxVfQLQ=
last-modified
Fri, 25 Oct 2019 12:13:20 GMT
server
cloudflare
etag
W/"65e004928fabb0aa5912a7e6859b85fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ee4RTwooXipLfIcjBodgZ3DDoJZ9QdZICazmqvcO9pZN7v9F3pXdcv2VnjrHDT9jQ7pUqxc6m%2BWiGUdIomLSoNAvxA4vkZAn8JavsvPptlUkD0gI1RyI4Sz6q7h%2BJ07schzOY3d816XyuGTF9HPSoN5fxZm7a9J0EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6cd5ec0eb9b95a37-MXP
font-awesome.min.css
styles.assets-landingi.com/popups/font-awesome/css/ Frame 68F5 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://styles.assets-landingi.com/popups/font-awesome/css/font-awesome.min.css
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3021
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
HVX0WCS92GDP9KV1
x-amz-id-2
gTWP7R2sO989oqnIs6O7JCL7CoDdX9i29wat9L/I5hDYNiiKBAfzII/CUedvM4H6+MBOXjzv8T0=
last-modified
Fri, 25 Oct 2019 12:06:08 GMT
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZcn6GvYd5hKsluz6WG6x4D7xwMbc4xxGhuF8jhYErDwdnqjtrzjAmFlGnhU1rNNVyP0O5eaeEaPT1lc%2FvFuMVhAchHoY6eYNxBLxhnfoJBLjFFfC36iO2ZDvyGJXL%2Bth8%2FDDsg%2FiWRfgPRxlL92OYpGMLxZjjjlLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6cd5ec0eb9bc5a37-MXP
base.min.css
styles.assets-landingi.com/popups/popup/ Frame 68F5 		589 B
660 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://styles.assets-landingi.com/popups/popup/base.min.css
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f590e1307ad1f6bfa62b1526bfa21d2104aa9f8cf4cc606995faf9a5920007b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4593
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
KQEC9KHDBK5GDFSY
x-amz-id-2
zI9S/ls4JT4Bi7nhH2Bi4KR+fyAv7bKkc5V21m1b+ip1ktS5sCeVEuU8QLs9qnQdYZwCcPfJ6SM=
last-modified
Fri, 25 Oct 2019 12:11:10 GMT
server
cloudflare
etag
W/"fa683e2d1f042b0a5882a56dccefb4d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaZijc5noH2UOrh07xBHtx9zf%2BtET0cbFUte7%2BRnT50PwOQiDziA3l2fjZ0aH8aigikohEjnLP%2BPF13LJMvvuF94f5ybdE3In8LCHmgm6w2Ps9k8g9D68uVf6Zic2MSitE%2FSEvOEj9DZywjObmto4wvv0s92nvi%2Fwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6cd5ec0eb9bf5a37-MXP
datepicker.min.css
styles.assets-landingi.com/popups/popup/ Frame 68F5 		712 B
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://styles.assets-landingi.com/popups/popup/datepicker.min.css
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f593a563a42d4e2688359737c8223c9628f5717d7f0a90bc9664f9236ce3e1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3021
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
RHPTXNYRPWF3EYT4
x-amz-id-2
smHHKjATcCoulX8AFbUdd9dbnOSxJh+cZJjXG0VE8nYitEX4X+hFHGK0cYK4Y5suka+rwO/Z7aY=
last-modified
Fri, 25 Oct 2019 12:11:09 GMT
server
cloudflare
etag
W/"39196ec843885e8f83ca462a15f50b6a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1Ge3nkvZG5avl5uABH9I56mO9Et%2FcXPnWD18mdl3KjSIziZr38TO6D0BQ000TX8Sa2f6bdjhWkuqdM0iPIziu93LE2czgAnvwZyIegJNDEEH77MM0QzfZo1%2Bf34Q9XkUmp5FY%2BiMSB%2BhN%2BrK33urqfH2StUU8hl7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6cd5ec0eb9c15a37-MXP
tooltips.min.css
styles.assets-landingi.com/popups/popup/ Frame 68F5 		306 B
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://styles.assets-landingi.com/popups/popup/tooltips.min.css
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b13e4bb3b00140036d117d9a8799237ffd11ecc59a661c46409e89d038db104a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4593
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
67DGHMHK9WVRG49H
x-amz-id-2
GOLLZQe9J/FcDpcPNgbvguE8ERUge8D6R+v+8ISzWyuywy39UcRCqQugJEGZcYndf8YnyEn0MTM=
last-modified
Fri, 25 Oct 2019 12:11:09 GMT
server
cloudflare
etag
W/"f15738d9719866af1710aaaea31a845d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZLR6yk7KEyAHZ4zDr1RKlsgGODwOBZ8s%2FSlv2bYgvex%2Be9hmS5JxMyndxxDy7at3HiwVqQm98cunk1Tv%2BQZ5xoUpeLd5AiIEZ20BnHxObZ6MSyxTbvU6h29txGKThZ1Kfkt61kVMRNOw%2BBEULmFU9qeVrxoXL6D1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6cd5ec0eb9c55a37-MXP
popup_body_2021_12_30_20_56_29.css
styles.assets-landingi.com/N9c0h2jA/ Frame 68F5 		96 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://styles.assets-landingi.com/N9c0h2jA/popup_body_2021_12_30_20_56_29.css
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36b0f3ec1f3de5972d0e0d2d911a5f270cc7a0609ed39df8ee4fe0c0a1d92eb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
02JX4H9RY698YAKQ
cf-polished
origSize=118244
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2
2u7wXDVkn+iDhpaYAIksf02TVk8FeHZfs/oheJdYYqDBUuirZz3MHT6Vww8bAJAw5vxFFVGXhfc=
last-modified
Thu, 30 Dec 2021 19:56:31 GMT
server
cloudflare
etag
W/"6d41ffd9b70300b60557440c22440b02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpPYSLE2mZJ0LeKKh7Bb7inyDe7mQtiWqEyY173KQQQ0wHNU5sfbfdpVrED%2Fm9LK9%2Bv42DXTGyHbRpaxU2J%2FauyQ%2Fg2UAW4nJNkqjpFzz8X39r2OjWLq0saRtQfTRMozqEZ4bxTH2pGRbiOj8X%2BOjODp26yWJzSi%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6cd5ec0eb9c75a37-MXP
cf-bgj
minify
css
fonts.googleapis.com/ Frame 68F5 		13 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b8888b9540a1add6f920d27a8fd0fee037b204549c1a56d7a8eeb8e568b612cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 09:37:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 14 Jan 2022 09:43:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jan 2022 09:43:48 GMT
css
fonts.googleapis.com/ Frame 68F5 		9 KB
689 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,300i,400,400i,700,700i&subset=latin,latin-ext
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
66234195007cf7611db38862e1d7dc0b5fea1c855d4e35754aeb8d65c71f2eea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 09:35:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 14 Jan 2022 09:43:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jan 2022 09:43:48 GMT
css
fonts.googleapis.com/ Frame 68F5 		5 KB
609 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Comfortaa:300,400,700&subset=latin,latin-ext
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab46e2780eb2335ffa0efd7a9cb185dc9901f8f495f4ef8d158f0fb274916bf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 09:43:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 14 Jan 2022 09:43:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jan 2022 09:43:48 GMT
bootstrap-native.min.js
scripts.assets-landingi.com/popups/ Frame 68F5 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/popups/bootstrap-native.min.js
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd35fdb7541261ef4cd2130f7a71ec10ec31bf4e2a7f6f50699ec0560d1ac81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3121
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
RHPP8AE54X3HRH8V
x-amz-id-2
NG+peaA66Bt8FanMJFLif2B8sPWFlodDezVbxXI76WXqE+uvkZCNDf8TT9KuxtI2n8fmfWz7i7g=
last-modified
Fri, 25 Oct 2019 08:38:51 GMT
server
cloudflare
etag
W/"b9da328479ba7bf2cdcbe30aea70fd1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSdATMQG4mEy98Wa9NW6jwC2SC6W65ErVn0hrpChwDKkF9n2tQKECd4yFQBAk0o1IPxA%2BqZCp065r2QGjaBM9Gjb95hMzkwXgMWu44TATT2lqsyNQ%2BCJPj%2B2ixzve0%2B2bGQzW9cCXm1HuTF2t6p8UlQykrEqPw8l%2FGE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
x-amz-version-id
null
cf-ray
6cd5ec0ecc53375e-MXP
init.min.js
scripts.assets-landingi.com/popups/popup-iframe/widget/popup-closer/ Frame 68F5 		663 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/popups/popup-iframe/widget/popup-closer/init.min.js?v=1.3
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d12d9961f790a604bb8d26e9a4c03c49329eb2635cfb7fe519232a2c82ff91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3121
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
FVY6CP791P1DG367
x-amz-id-2
Wf+nmzwqzE9NW8MytMDTR8MvbZ5yN5Y5SCPiWQ5yfNENCoyJ+nnzS96zVT2XK9xWhLClVzudlIc=
last-modified
Tue, 02 Nov 2021 09:33:37 GMT
server
cloudflare
etag
W/"c25ca36b1f548c52ace1a3d1a92e0ccb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQbqtSINI1U83173QQaTG3%2BSc0QnBlTn6qRLTS69PCQ%2BdIjzfR3aXsd%2BUZXH7QlBcLBwv%2Fbm29fuXWS1dlMxbq0etieA0R5I6D0ZmrGKMyrtwqXfY1oHSaW9ZybAIj2uV20uvISEj%2F6TjWetFpUILRo4n2Vywk%2F2Hic%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
x-amz-version-id
rC7_9Z7RyNY_Kblbojjajetjpm6iISMh
cf-ray
6cd5ec0ecc5d375e-MXP
init.min.js
scripts.assets-landingi.com/popups/popup-iframe/widget/form/ Frame 68F5 		301 B
893 B 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/popups/popup-iframe/widget/form/init.min.js
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6664542b08444bcb2fe8f6edafb266201b5aab625994b6ee32bbf55d1b9a1bba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3121
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
87QMXDDB9C2DQFW6
x-amz-id-2
4xNshSwOFfC67bffkQRAgqxrb0oWezLTWROiUgG4zrne1I769S3mBce6KEikZgKAc9nUZ8SoJn0=
last-modified
Fri, 25 Oct 2019 08:48:30 GMT
server
cloudflare
etag
W/"f66368234b9722428c5b134aed1f5c06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQabxc65MjV9%2ByCVE2GCoFZZXOS9cXx17%2BfJvwm1aqNFomzDhmJiioOMfNpCP3GuoQ%2FuDNAFqmt6kwx%2Bac1lL%2B085C07AHUqUgMl08mABBf1SJvr4YLGtpVUlxg8a4kANU9gZqILzZQ1CzcytIe7oVufvJSkffeKZEE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
x-amz-version-id
null
cf-ray
6cd5ec0ecc5f375e-MXP
send.min.js
scripts.assets-landingi.com/popups/popup-iframe/widget/form/ Frame 68F5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/popups/popup-iframe/widget/form/send.min.js?v=1.1
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f962e4ec5a2e229e46ba2498760df6f09ddc6751f8454ab4d2c2f6801bb7635

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5029
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TM460XKX2R9FR7RY
x-amz-id-2
tkytpuRd/XtSCKSJioKB/QIrQHieWbwizSNJ44mOwrdROfW2wkmIPnAWs42vxJCGe6A4opZdd9U=
last-modified
Wed, 19 May 2021 08:50:08 GMT
server
cloudflare
etag
W/"65c8d88cf5f8828304d7e3dc38546e92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOeUSm%2Fffi0peMFSxa3GfoE6027i5r3XwThU7hsQh0456Ha10ZOzWmoSKj6rn6nVEopBS9RgbmXaCiDxv1QtS3GPVAZtz99%2FLERHc8CeGDbTesGbdaSiPadAdHen5ToCUIgwU1dPQFTpGYPh2GwgFYY1niWpJAG0Gs0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
x-amz-version-id
XfhFPwKOWIleA3TCIs2mGoeFHgh5OMK_
cf-ray
6cd5ec0ecc60375e-MXP
submit-button.min.js
scripts.assets-landingi.com/popups/popup-iframe/widget/form/ Frame 68F5 		453 B
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/popups/popup-iframe/widget/form/submit-button.min.js
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a54f0bee2d0fdd29b756fd149d800dcb7814d4e85fa25baea94f7ca6cfb4472

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3121
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
2FV9N4TC9N043655
x-amz-id-2
IgpdbID7EE1pNMWcQvlz1YigqDG6I0OPEGhZ1KBunkqE19fkJFq7IkrFlqj+bkfCv1PDMb4Onwc=
last-modified
Fri, 25 Oct 2019 08:48:30 GMT
server
cloudflare
etag
W/"41f4e597fefd6aeaeea4d7f6f7c3efbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRxc%2FU51CiH9wP02Mj83fWDVzo4uTK2k3b7KPCx3G%2FLkub%2BkbparKub91CFg%2FppeJDGrrilbFMoZ0m767mo23CT4Os7xAIXn235FxqcSZ7F7POP7mryzfGWOXaUadtzzO3GF%2FaZUe7vhAfmH%2BdZJOct1jCWPqZfDKUw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
x-amz-version-id
null
cf-ray
6cd5ec0ecc64375e-MXP
init.min.js
scripts.assets-landingi.com/popups/popup-iframe/widget/counter/ Frame 68F5 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/popups/popup-iframe/widget/counter/init.min.js
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec235e8f74ebc4408c23c99a0b3793c69c50ec10ec0984bf9561a157288df0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3121
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
87QKJK3YW2RHK6MV
x-amz-id-2
5Z0t8MCvJY5ro+ZUoldI5PT2sq3yilCjd3p2qhPXAW2SlF6YbzAALSR6pZfDuQOqNCDxkbNMzaI=
last-modified
Fri, 25 Oct 2019 08:48:31 GMT
server
cloudflare
etag
W/"612909ad758b1ae75f7b5f93a42f2f78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFT24okNMxUOwJ76Phxc%2Biqy%2BE6PuVCp9qz4ExWJ%2FC1%2FRUK5AQL8SaVx9Zl1v3vwRoMiZG6z%2F2JmUNsOt6g4QR8xkcPo%2BThRKf25y8G5blFh%2BwkLSTgV1iH3hzoK%2F3FhNMSFohQJxxILykiw8EnZ8khefsF3GoZMmxw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
x-amz-version-id
null
cf-ray
6cd5ec0ecc66375e-MXP
render.min.js
scripts.assets-landingi.com/popups/popup-iframe/conversion/ Frame 68F5 		943 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/popups/popup-iframe/conversion/render.min.js?v=1.2
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28a192a0729926d20ac5cd36f3994aaa7babc7dfeb57e73937ce6eb334e5f5d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3121
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
FVY1V0GPE5H8J3Q7
x-amz-id-2
z3jc0mgOL3lcbHJrBU5zQB5huKsDmHeDqTpTrL4bdA32tYktXLuMRqMsUsI7lDSEEcfGLpQWyV0=
last-modified
Tue, 02 Nov 2021 09:29:37 GMT
server
cloudflare
etag
W/"0c2fdf8b49a36560522b68d52a625585"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7vQviKq5g8vKDK1w37CWyZ6x14kBajNdcLkwaJ%2FOjHcOnS%2FOEQhbnh2bEu1sg7sInTkpJb%2Fy4A8j2tgxlhnhgcuEWpHEhlM45fJWbsfObaNwdOv6gpDnIMC4zlnamJR%2BvHwdB8qg1MzUiwDD298bpuyBF%2FqsvrkdTg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
x-amz-version-id
Umw8C5gc8PKZyhk7JiEl9MsTGRphMI28
cf-ray
6cd5ec0ecc69375e-MXP
datepicker-file.min.js
scripts.assets-landingi.com/popups/popup-iframe/widget/form/ Frame 68F5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/popups/popup-iframe/widget/form/datepicker-file.min.js
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b707bcb1a7e3bffc9f277a3b07bf8f25cb178795f38aade88c1fbdc899fc3191

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3121
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
87QVRMWX1XXC5H7F
x-amz-id-2
qrS6NeqZTzRj/o89Ei2EypCl/GnmxtQ/8oZJDKiKTq9WATTGTpJUxx0rMm/IgrK98FcWpekMhxQ=
last-modified
Fri, 25 Oct 2019 08:48:31 GMT
server
cloudflare
etag
W/"83e72f6c52639c25a010e958708d7c39"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BVzSUQ9nJ785TniTt0wrv%2BQE1wwscSPFaR1yzTj7pA5y9ahiJd2qY4Sb5nkqMeGXXlUDqpzNUHMTcQUoF8NF9JpLrzyP22BuPTxfTGK%2B1O9cqBrzAFSjmGdDcNR9ovFuv%2FbFtFjcLQx%2B8%2FAaqOAQQcUdYSTutfKJgs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
x-amz-version-id
null
cf-ray
6cd5ec0ecc6b375e-MXP
video.min.js
scripts.assets-landingi.com/popups/popup-iframe/widget/form/ Frame 68F5 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/popups/popup-iframe/widget/form/video.min.js?v=1.2
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd804490bf23eadbb564ffabab28297329da9090e758c16b7123102797e42afd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3121
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
FVY8K2QKXTXGFY3K
x-amz-id-2
m0X9L/0aX4widbOguEO5/BQB3oXDSuSylxoMIE75Knap1xThKwTa36m2uWTh7UwvcKcb7Lw2TAo=
last-modified
Tue, 02 Nov 2021 09:31:12 GMT
server
cloudflare
etag
W/"e63bace29c88801878fae77e0d802c27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFHak5uQh4dtpK5zGEGj7T9tMoo99SDozmffNYGEWTEm698cJMiNkRApiW2FTo%2FnHKCzWgv6ovlZTQ9nd8S0a9nD7bhJGxw1D82wOrQJ%2Fbkr4Zy%2BKGJ4JPcnuVUQC23HDTHDvaLf%2FN7asQtgvKmN10UFneWH6021S7s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
x-amz-version-id
2UBpPFToXw8Sgco8s9Y85PytF8WTsyCb
cf-ray
6cd5ec0ecc6f375e-MXP
player.js
player.vimeo.com/api/ Frame 68F5 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
81d1eeb980b09409744568d2ed3ca7ff1ee763d6aeb9dc6c66bc845dd3d3bb96
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Varnish-Cache
1
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
515
X-Cache
HIT
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection
keep-alive
X-VServer
infra-playproxy-b-3
Content-Length
5996
X-Xss-Protection
1; mode=block
X-Served-By
cache-mxp6956-MXP
X-Player-Backend
p
Expires
Fri, 14 Jan 2022 10:03:26 GMT
Server
nginx
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer
S1642153428.318695,VS0,VE0
Date
Fri, 14 Jan 2022 09:43:48 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript;charset=utf-8
Via
1.1 varnish, 1.1 varnish
Vary
Accept-Encoding
X-Vimeo-DC
ge
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
X-Cache-Hits
557
init.min.js
scripts.assets-landingi.com/popups/popup-iframe/widget/counterv2/ Frame 68F5 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.assets-landingi.com/popups/popup-iframe/widget/counterv2/init.min.js
Requested by
Host: popups.landingi.com
URL: https://popups.landingi.com/api/popups/3d55f1e6-5c0a-11eb-b750-5a3d18a5b2c2/render
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a6fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f60db22b613aa8b54f3955a8059e16f3a2dbaf892ff60fe210dc280380b56623

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3121
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
2FV5T7TAC5Y0AT2R
x-amz-id-2
XUINInAyQytZ3NjfqientDsXh0oM3aNWNRqxFaiO5b3U8cZozzfzjBNShNlw/Cvg1jZ+igBweQo=
last-modified
Thu, 04 Nov 2021 11:43:44 GMT
server
cloudflare
etag
W/"696e7ba73d592261ae41d25dada57164"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALUs27TqxLt2E0GFbM52gZYFJWxx6eCsaA3pWEIQsymYpUilslrNKv%2BksQl58OPCCp9pIRnUJn1GcXXlIEe6Afuedj0fgMvxnpiUDPIZo%2FhTuLOYkIAHJm254u2m0QmfWAJvdXpgahysW6pl9EH92RtC%2BmpdyKHFwDE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
x-amz-version-id
hkZxcSaTEGcidauW8NHw8qbj6DxC0kJA
cf-ray
6cd5ec0ecc70375e-MXP
iframe_api
www.youtube.com/ Frame 68F5 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: scripts.assets-landingi.com
URL: https://scripts.assets-landingi.com/popups/popup-iframe/widget/form/video.min.js?v=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f44fc673df1581cce8e297b59ef738336d5abc66c0f9c269db42da0cb69afc65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
expires
Fri, 14 Jan 2022 09:43:48 GMT
www-widgetapi.js
www.youtube.com/s/player/18da33ed/www-widgetapi.vflset/ Frame 68F5 		149 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/18da33ed/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2796e6b6d08fe158da147e14d704783027bafe912d9d30dd28b3480380a9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://popups.landingi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 08:15:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
5282
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49396
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 01:19:38 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 14 Jan 2023 08:15:46 GMT
/
api.rollbar.com/api/1/item/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.rollbar.com/api/1/item/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.81.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.81.201.35.bc.googleusercontent.com
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-rollbar-access-token
Origin
https://www.cincopa.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.9
date
Fri, 14 Jan 2022 09:43:48 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers
content-type,x-rollbar-access-token
x-response-time
1ms
via
1.1 google
alt-svc
clear
/
api.rollbar.com/api/1/item/ 		100 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rollbar.com/api/1/item/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.81.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.81.201.35.bc.googleusercontent.com
Software
nginx/1.17.9 /
Resource Hash
b9c476b5c637f19fd74a8e7afab627b6aea72bd7edda71cff20d9b08d0a12635

Request headers

X-Rollbar-Access-Token
76edbd7e0ce94bc2ab1027843dff1263
Referer
https://www.cincopa.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

x-response-time
12ms
date
Fri, 14 Jan 2022 09:43:48 GMT
via
1.1 google
server
nginx/1.17.9
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
content-length
100
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/d24n1idu
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
13.35.253.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-111.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c70e481cb9a2f011f10be76c8ec5738db52000f5d7f1992c440bdac442a5cec6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 14 Jan 2022 09:41:02 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 12:15:56 GMT
server
AmazonS3
age
166
etag
"55f6360ca7f6bb30efb4751c5f629ff8"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
6063
x-amz-cf-id
RFSHijFQElNXiF43aK2bC_o8tn7MwR8TKxhQukYccxv9mrTlVEyCBg==

Redirect headers

date
Thu, 13 Jan 2022 09:26:08 GMT
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
server
AmazonS3
age
87461
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
WW4Vz2MiT1eJctEsCSF3GOcQJuTYRfXWVmSTuqSf8T6MSXcYILOX5g==
bundleInfo
leadbooster-chat.pipedrive.com/chat-api/ 		111 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadbooster-chat.pipedrive.com/chat-api/bundleInfo?url=https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bde4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3b7bac960345bc340751776eb4e31459c5c73d0850df5a7a42dfc4918ed33e4
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

x-public-token
chatbot-1930
Referer
https://www.cincopa.com/
Leadbooster-Chat-Company-Id
1093296
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
x-correlation-id
c39aadb2-d1bb-4c64-968e-dbb44f77cc95
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6f-tAkRhwDLur/ZrWs1ijgXW5gRfIc"
expect-ct
max-age=0
vary
Accept-Encoding
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
cache-control
no-cache
badi
Routing: eu-central-1=>eu-central-1; Version: 61a1; Host: bari;
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray
6cd5ec113d5583a9-MXP
bundleInfo
leadbooster-chat.pipedrive.com/chat-api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://leadbooster-chat.pipedrive.com/chat-api/bundleInfo?url=https://www.cincopa.com/login.aspx?msg=Logged%20Cincopa%20user%20is%20not%20allowed%20to%20this%20account&continue=https%3a%2f%2foren-as-safe.orenshmu.com%2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bde4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
leadbooster-chat-company-id,x-public-token
Origin
https://www.cincopa.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
cf-ray
6cd5ec106aff83a9-MXP
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Access-Control-Request-Headers, Accept-Encoding
cf-cache-status
DYNAMIC
access-control-allow-headers
leadbooster-chat-company-id,x-public-token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-expose-headers
X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
badi
Routing: eu-central-1=>eu-central-1; Version: 61a1; Host: bari;
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
expect-ct
max-age=0
referrer-policy
no-referrer
x-content-type-options
nosniff
x-correlation-id
b960ccf1-5e8f-43b4-8244-45b4931a4edc
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0 1; mode=block
server
cloudflare
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=151618038817952&ev=Microdata&dl=https%3A%2F%2Fwww.cincopa.com%2Flogin.aspx%3Fmsg%3DLogged%2520Cincopa%2520user%2520is%2520not%2520allowed%2520to%2520this%2520account%26continue%3Dhttps%253a%252f%252foren-as-safe.orenshmu.com%252f&rl=&if=false&ts=1642153428576&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%20To%20Your%20Account%20%7C%20Cincopa%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A50%2C%22w%22%3A190%7D%2C%22properties%22%3A%7B%22url%22%3A%22%2F%22%2C%22logo%22%3A%22%2F%2Fwwwcdn.cincopa.com%2F_cms%2Fdesign13%2Fimages%2Flogo.png%3Ffts%3D2019-01-02T12%3A34%3A09.3655589Z%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FOrganization%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1642153428072.1292645817&it=1642153427656&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cincopa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Fri, 14 Jan 2022 09:43:48 GMT
frame-modern.bf34b48c.js
js.intercomcdn.com/ Frame 1CD4 		294 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.bf34b48c.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/d24n1idu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-111.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2c451d022e420959f3dc643377d2aa1ec6da96b57ff55cb8446e845e03521c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 14 Jan 2022 08:15:59 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 12:14:49 GMT
server
AmazonS3
age
5270
etag
"9b60f58262de090743a8784f8b3363b4"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
80200
x-amz-cf-id
xBdaMhyusB4WYlGmBUpCuDLLy3iEK86GLGDoS57zRkGFdJOHnIywBA==
vendor-modern.aed2a635.js
js.intercomcdn.com/ Frame 1CD4 		125 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.aed2a635.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/d24n1idu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-111.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d813849669b73ae248b4799780675c66b93ac67bc9d5bcab4404f52ff9b768ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 14 Jan 2022 08:23:00 GMT
content-encoding
gzip
last-modified
Thu, 13 Jan 2022 12:14:49 GMT
server
AmazonS3
age
4849
etag
"54ae25b5f120a40657e92e7e493e2cf6"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
39073
x-amz-cf-id
UU_W6GRflSzLYDtkSzm0ALJ_kk1nmDmjR-mYk7oQoGo7cd1byxDVfA==
ping
api-iam.intercom.io/messenger/web/ Frame 1CD4 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.bf34b48c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.219.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
58bbae47e491b75a9531d6c0e06cd3e204738fa7b7aa0dc4017a435548a7cc59
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 14 Jan 2022 09:43:49 GMT
content-encoding
gzip
x-ami-version
ami-0a5563164c3bc33fb
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept,Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
000gukbopemmsdrhffq0
x-runtime
0.311097
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"58bbae47e491b75a9531d6c0e06cd3e2"
x-ratelimit-remaining
13331
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cincopa.com
x-intercom-version
29b081d2c108647b6bff6b00f4072300a9b3acf7
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1642153430
x-ratelimit-limit
13333
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
main.js
leadbooster-chat.pipedrive.com/assets/ Frame 42A0 		511 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leadbooster-chat.pipedrive.com/assets/main.js?version=65d43556ae_4848
Requested by
Host: leadbooster-chat.pipedrive.com
URL: https://leadbooster-chat.pipedrive.com/assets/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bde4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
549fd228d4a2d7eec6f6a572d9537e01d31870eb97092a33e14a683bd1001390
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:48 GMT
x-correlation-id
42e6567e-6681-4c87-aa4c-d7750b3a2a0b
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 13 Jan 2022 15:27:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=0
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=0
badi
Routing: eu-central-1=>eu-central-1; Version: 61a1; Host: bari;
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray
6cd5ec125f0359a7-MXP
access-control-expose-headers
X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
1930
leadbooster-chat.pipedrive.com/chat-api/playbookSettings/byId/ Frame 42A0 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://leadbooster-chat.pipedrive.com/chat-api/playbookSettings/byId/1930
Requested by
Host: leadbooster-chat.pipedrive.com
URL: https://leadbooster-chat.pipedrive.com/assets/main.js?version=65d43556ae_4848
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bde4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd03fd658cbf4cfbef4f595deb7694aae5c1385c70583cda7c7ffc4036bb4805
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

x-public-token
chatbot-1930
Referer
Leadbooster-Chat-Company-Id
1093296
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Jan 2022 09:43:49 GMT
x-correlation-id
4f0cc4fc-917b-4d41-b266-b3d5f27ec13d
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"865-O6cOjxbkyRhUrlj8XGxbLrDzXNY"
expect-ct
max-age=0
vary
Accept-Encoding
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
cache-control
no-cache
badi
Routing: eu-central-1=>eu-central-1; Version: 61a1; Host: bari;
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray
6cd5ec149e6283a9-MXP
1930
leadbooster-chat.pipedrive.com/chat-api/playbookSettings/byId/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://leadbooster-chat.pipedrive.com/chat-api/playbookSettings/byId/1930
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bde4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,leadbooster-chat-company-id,x-public-token
Origin
https://www.cincopa.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 14 Jan 2022 09:43:49 GMT
cf-ray
6cd5ec13fc7e83a9-MXP
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Access-Control-Request-Headers, Accept-Encoding
cf-cache-status
DYNAMIC
access-control-allow-headers
content-type,leadbooster-chat-company-id,x-public-token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-expose-headers
X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
badi
Routing: eu-central-1=>eu-central-1; Version: 61a1; Host: bari;
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
expect-ct
max-age=0
referrer-policy
no-referrer
x-content-type-options
nosniff
x-correlation-id
f7eba22e-0efe-492d-be70-29d9bec999f2
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0 1; mode=block
server
cloudflare
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
seen
leadbooster-chat.pipedrive.com/api/v1/statistics/ Frame 42A0 		26 B
958 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://leadbooster-chat.pipedrive.com/api/v1/statistics/seen
Requested by
Host: leadbooster-chat.pipedrive.com
URL: https://leadbooster-chat.pipedrive.com/assets/main.js?version=65d43556ae_4848
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bde4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

x-public-token
chatbot-1930
Referer
Leadbooster-Chat-Company-Id
1093296
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 14 Jan 2022 09:43:49 GMT
x-correlation-id
7a659e5b-3d4f-4edc-b1c5-7434d248cb96
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1a-pIPrt4esgEyEkX/w62Rnrj9XXdg"
expect-ct
max-age=0
vary
Accept-Encoding
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
cache-control
no-cache
badi
Routing: eu-central-1=>eu-central-1; Version: 61a1; Host: bari;
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray
6cd5ec16ed9d83a9-MXP
/
leadbooster-chat.pipedrive.com/chat-ui/playbooks/1d1a9f06-980d-11e9-a398-fa163e66a870/images/ Frame 42A0 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadbooster-chat.pipedrive.com/chat-ui/playbooks/1d1a9f06-980d-11e9-a398-fa163e66a870/images/?companyId=1093296&imageUuid=1288acdc-deba-4063-888d-79e2bf7c01dd&imageExtension=png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bde4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
293887ffa96ea3c174f045723db9a24cb6407c43e77eaea42710291de0edc5d7
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:50 GMT
x-correlation-id
93ad2cf0-8bec-45e7-be8f-1e6a1c838ab7
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9832
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=0
vary
Accept-Encoding
x-download-options
noopen
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
cache-control
max-age:604800, public
badi
Routing: eu-central-1=>eu-central-1; Version: 61a1; Host: bari;
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray
6cd5ec16299959a7-MXP
seen
leadbooster-chat.pipedrive.com/api/v1/statistics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://leadbooster-chat.pipedrive.com/api/v1/statistics/seen
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bde4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,leadbooster-chat-company-id,x-public-token
Origin
https://www.cincopa.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 14 Jan 2022 09:43:49 GMT
content-length
0
cf-ray
6cd5ec162b5183a9-MXP
access-control-allow-origin
https://www.cincopa.com
allow
GET, POST, PUT, DELETE, PATCH
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-headers
content-type,leadbooster-chat-company-id,x-public-token
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vary
Accept-Encoding
server
cloudflare
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
OpenSans-Regular.woff2
leadbooster-chat.pipedrive.com/assets/ Frame 42A0 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://leadbooster-chat.pipedrive.com/assets/OpenSans-Regular.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bde4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
516c7b2926dbd461e33f19ff05db8587e5990184dba657483d5a569cc099a8ee
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Referer
Origin
https://www.cincopa.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:43:49 GMT
x-correlation-id
01e7b11f-40ad-45a1-bc98-a531dc3f97da
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19392
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 13 Jan 2022 15:27:59 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=0
strict-transport-security
max-age=31536000; includeSubDomains
x-download-options
noopen
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=0
badi
Routing: eu-central-1=>eu-central-1; Version: 61a1; Host: bari;
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
accept-ranges
bytes
cf-ray
6cd5ec162b5683a9-MXP
access-control-expose-headers
X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onsecuritypolicyviolation object| onslotchange function| $ function| jQuery function| ridFromResponse function| idFromResponse function| detectCookie function| createTooltip function| popupCalculation function| googleTrackAndGo function| openModal function| closeModal function| findParent function| findNext function| inBetween function| GetParentXOffset function| GetParentYOffset function| getElement function| AjaxGetData function| AjaxGetDataReadyHandler function| convertEventToIE function| GetXMLHttpRequestObj function| inlineLabelEdit function| isiPhone string| _cp_flash function| gotFlash object| __jsMiniMsg object| __jsMiniMsg_msgs function| jsMiniMsg function| setCookie function| getCookie function| userInfoCollector function| userVerticalInfoCollector function| calculcateTimeLeft function| globalEventsHandler function| checkEmbedLocalStorage function| sendEventToGTM function| addAddThisWidget function| fire_usage_event function| tmpl object| __ud object| __us number| time object| cincopa object| cp_checkMobile object| _gaq object| _udDataLayer object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError function| _rollbarURH object| Rollbar function| rollbar number| cp_timer object| cp_isMobile object| pipedriveLeadboosterConfig function| onResize string| cincopashareParam undefined| standalone string| userAgent boolean| safari boolean| ios function| inWebView string| isLogged string| continueUrl string| loginUrl string| errorMsg string| isEditor function| onchangeAction function| createPopUp function| ajaxLogin string| MauticTrackingObject function| mt object| mauticSettings string| formdata undefined| formjson string| url string| href string| page_name string| page_href object| affdata object| intercomSettings number| intercomTimer function| cincomLoad function| cincomEvent object| cincomSettings function| is_debug undefined| __user_level boolean| __edit_mode undefined| user_plan_name object| __user_feature boolean| __is_user_logged object| resShareDefaults undefined| q undefined| e function| calcJourney function| trace_journey function| Intercom object| google_tag_manager number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| fbq function| _fbq object| MauticJS function| s4 string| MauticDomain object| MauticLang function| Fingerprint2 object| mtcId object| gaplugins object| gaGlobal object| gaData object| staticScript function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| msg number| c_start object| google_optimize object| convertedPopups object| closedPopups function| showPopup function| trackGaEvent function| isPopupClosed function| lintrk boolean| _already_called_lintrk function| __intercomAssignLocation object| LeadBooster

29 Cookies

Domain/Path Name / Value
.cincopa.com/ Name: cpAffData
Value: ,,,https%3a%2f%2fwww.cincopa.com%2flogin.aspx%3fmsg%3dLogged%2520Cincopa%2520user%2520is%2520not%2520allowed%2520to%2520this%2520account%26continue%3dhttps%253a%252f%252foren-as-safe.orenshmu.com%252f
.cincopa.com/ Name: cpAffDataDate
Value: 1/14/2022 9:43:47 AM
.cincopa.com/ Name: _gcl_au
Value: 1.1.1128605135.1642153427
.cincopa.com/ Name: _ga
Value: GA1.2.13153703.1642153428
.cincopa.com/ Name: _gid
Value: GA1.2.311429768.1642153428
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.cincopa.com/ Name: _dc_gtm_UA-5185695-1
Value: 1
.pipedrive.com/ Name: __cf_bm
Value: h5QTK5KsjLLrIw.0SL8p0iysgzr6CV3buqdHOXAZwGY-1642153427-0-AdzwWC9IqJp1fvo+maP6TWaJNcGX32QRhiVcKXXh4xrE6NIs9hOZ8HpOyeeu0sGw3o51eX4NmjU2wOKWERdXEPI=
.linkedin.com/ Name: UserMatchHistory
Value: AQJk4guwFuTTmgAAAX5X-MPFYx9YyG5-GchmG3x9Dq6qFvFaKim8lNkRT3Z59azRgtP6V_hIPXA-iA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJEDV2nuGiDIAAAAX5X-MPFJnc0GWjt5yHCCSVrpr0ULAuCavPr9OUTPpnXgy_t7V2YOxnmfq0pP-uOAIfahg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&d239d5b6-7492-4408-892d-a7bbc18c73d4"
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2607:u=1:x=1:i=1642153427:t=1642239827:v=2:sig=AQGUAoOT3N_Lk2IpDGajqJKokWo4ZCFv"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202201140943482f0f60e4-2125-4f1a-843c-20a726a6cfe0AQGDlIGXyuWbxJ13F6o1ElYYhP7vnOVT"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDIxNTM0Mjg7MjswMjHsJm7Tld5txAPCut10uv3+ru0Fe+1lHGVTG3pPiWKEew==
.cincopa.com/ Name: _fbp
Value: fb.1.1642153428072.1292645817
.facebook.com/ Name: fr
Value: 0LynaLlsQe4MwSscu..Bh4UXU...1.0.Bh4UXU.
.youtube.com/ Name: YSC
Value: -dIlcVhWtHE
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: JM7K65eqwWg
.cincopa.com/ Name: intercom-id-d24n1idu
Value: acb1742f-03ef-460f-9882-ab275a3a62eb
.cincopa.com/ Name: intercom-session-d24n1idu
Value:
mautic.cincopa.com/ Name: mautic_device_id
Value: xac2obpv4h14mcjalqeu3oc
mautic.cincopa.com/ Name: mtc_id
Value: 3107362
mautic.cincopa.com/ Name: mtc_sid
Value: xac2obpv4h14mcjalqeu3oc
mautic.cincopa.com/ Name: mautic_referer_id
Value: 9630450
.cincopa.com/ Name: mtc_id
Value: 3107362
.cincopa.com/ Name: mtc_sid
Value: xac2obpv4h14mcjalqeu3oc
.cincopa.com/ Name: mautic_device_id
Value: xac2obpv4h14mcjalqeu3oc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.rollbar.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.intercomcdn.com
leadbooster-chat.pipedrive.com
mautic.cincopa.com
oren-as-safe.orenshmu.com
player.vimeo.com
popups.landingi.com
px.ads.linkedin.com
px4.ads.linkedin.com
scripts.assets-landingi.com
snap.licdn.com
stats.g.doubleclick.net
stats.landingi.com
styles.assets-landingi.com
widget.intercom.io
www.cincopa.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.youtube.com
wwwcdn.cincopa.com
108.168.254.107
108.174.10.14
13.35.253.111
13.35.253.92
142.250.186.34
151.101.128.217
151.101.2.133
2606:4700:3035::ac43:a6fa
2606:4700::6810:135e
2606:4700::6812:bde4
2620:1ec:21::14
2a00:1450:4001:802::200e
2a00:1450:4001:809::2008
2a00:1450:4001:810::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c0b::9b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:5f80:a::b212:e7d1
34.226.52.22
35.201.81.77
54.72.146.196
63.32.167.175
99.83.219.81
068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc
0ec235e8f74ebc4408c23c99a0b3793c69c50ec10ec0984bf9561a157288df0a
0f962e4ec5a2e229e46ba2498760df6f09ddc6751f8454ab4d2c2f6801bb7635
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114d860e73166b27dd91e78abaaee56486b8ce9672eae3c9583db9a84279b4f2
19e2f56f3661ae684570f3a1d47620f9eedbcce3a8734ceff7c7c29bc05acae1
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
2282eb0c297e4207dbead565eb1070f654029f5d74f03c1c3f6c7e0b91e0c4a0
28a192a0729926d20ac5cd36f3994aaa7babc7dfeb57e73937ce6eb334e5f5d1
293887ffa96ea3c174f045723db9a24cb6407c43e77eaea42710291de0edc5d7
2e1ccbb86b4a0e6f3fc87b7877b9ae7c91d0cd66d914b6ad34b569e41d2f1cbb
2f593a563a42d4e2688359737c8223c9628f5717d7f0a90bc9664f9236ce3e1d
355ccc576b266bb5381cc49f88dfa1b3e28b46305b31994b58c9ef1ebecb9155
35b20ebc5182756de20cb246d244790f7895c7b3ace940b7794d7231bd26e0d4
36b0f3ec1f3de5972d0e0d2d911a5f270cc7a0609ed39df8ee4fe0c0a1d92eb0
3e70bb9d4e7424d60d3fbf922c81b8e35312750d5546f42b3043c11d58ddeb6b
3eddde2730d9dbd3c46e04f11b43382f85d4d9e269fb4bd2ef90f45070eab7d5
442e16d7fd7209031651b54d665d74c2391fd13661f4f4589c7bc0120a276dd4
46687b5e6a8700ccfb9847f5a83660c484e980b0230c3753e9bbba5ad4a22551
47b4f0d8060e40b8e7412d369e7c9696613468c24317990a4e134c87ea28db7a
516c7b2926dbd461e33f19ff05db8587e5990184dba657483d5a569cc099a8ee
549fd228d4a2d7eec6f6a572d9537e01d31870eb97092a33e14a683bd1001390
58504c193caa14038eed2f026b8c93dafbde9206ebfbef03c34bdda52e72d73d
58bbae47e491b75a9531d6c0e06cd3e204738fa7b7aa0dc4017a435548a7cc59
62f2796e6b6d08fe158da147e14d704783027bafe912d9d30dd28b3480380a9b
66234195007cf7611db38862e1d7dc0b5fea1c855d4e35754aeb8d65c71f2eea
6664542b08444bcb2fe8f6edafb266201b5aab625994b6ee32bbf55d1b9a1bba
6f590e1307ad1f6bfa62b1526bfa21d2104aa9f8cf4cc606995faf9a5920007b
77658b496140b764d658470eeab94c3adbb76d215b1923c247696f16c7a541da
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a54f0bee2d0fdd29b756fd149d800dcb7814d4e85fa25baea94f7ca6cfb4472
7d44efa9203b050c929fa4068c7a70edc265fe2e92fd2274c695c5c0f67aebc4
7e1644ce4019b3d07c8247256ef8b9f992ddf37d1de148f4859a0207dcfc7c8b
81d1eeb980b09409744568d2ed3ca7ff1ee763d6aeb9dc6c66bc845dd3d3bb96
82d3eb96e9bd2f0d1ad6d8e508d97b40b24fc26f761606a0c9b99c85268b5c13
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86e93ab65d3d4bcf385c8457784d67c1d77c2d1f505c8fd80674c5420a357371
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
892c3123546a80423591d35339cd6f04fc034cd73f1192dbe39fcddbebf23399
8a63f2f01ab6abfa565c30d232fd03ca8c289ad5df958ad4f44a12c47aad2e7b
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e948b35d63e53d0fff53bb5b5a5705e8f90626a53c3c2ea4d49670164aa98b
a3b7bac960345bc340751776eb4e31459c5c73d0850df5a7a42dfc4918ed33e4
a4c5ce831eceafcecd9857fda7d69d23bbd001d3e4976d33d06a4ed16a667f27
ab0b9cb00099d3b31d377cf42a62c50cb71f95f6cfc0aa121658d6b07b40cfae
ab46e2780eb2335ffa0efd7a9cb185dc9901f8f495f4ef8d158f0fb274916bf1
acd35fdb7541261ef4cd2130f7a71ec10ec31bf4e2a7f6f50699ec0560d1ac81
b13e4bb3b00140036d117d9a8799237ffd11ecc59a661c46409e89d038db104a
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b707bcb1a7e3bffc9f277a3b07bf8f25cb178795f38aade88c1fbdc899fc3191
b8888b9540a1add6f920d27a8fd0fee037b204549c1a56d7a8eeb8e568b612cb
b9c476b5c637f19fd74a8e7afab627b6aea72bd7edda71cff20d9b08d0a12635
c70e481cb9a2f011f10be76c8ec5738db52000f5d7f1992c440bdac442a5cec6
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
ce282a1807c31dcfef836cb1cd030127c10dbf8559696ac5fa2b947d54589b3e
d17f9701503eb07951cbe40010b40d791b52ffbb8720f69f63c90694164969b5
d1bdeb4c5e0edc34f5107d104260d8b7c98c66b84bae7e928ac3581659bfede2
d237b824439c6cdb48e87ac956172dd0bce77d7516d95704742f7aaf3b374c7b
d2d12d9961f790a604bb8d26e9a4c03c49329eb2635cfb7fe519232a2c82ff91
d813849669b73ae248b4799780675c66b93ac67bc9d5bcab4404f52ff9b768ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73411ad9b998eeb00c8174130abf3efdd40091070ceab181960c5c270b42fc1
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c451d022e420959f3dc643377d2aa1ec6da96b57ff55cb8446e845e03521c7
f44fc673df1581cce8e297b59ef738336d5abc66c0f9c269db42da0cb69afc65
f60db22b613aa8b54f3955a8059e16f3a2dbaf892ff60fe210dc280380b56623
fbda3e1d124f05075b6f1c40d46be420070c7fb107fc21db29c888281f585467
fd03fd658cbf4cfbef4f595deb7694aae5c1385c70583cda7c7ffc4036bb4805
fd804490bf23eadbb564ffabab28297329da9090e758c16b7123102797e42afd
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3