www.gofanvan.com Open in urlscan Pro
154.92.245.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.gofanvan.com/
Submission: On November 03 via manual (November 3rd 2023, 1:58:32 pm UTC) from PH — Scanned from DE

Summary HTTP 86 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 25 domains to perform 86 HTTP transactions. The main IP is 154.92.245.81, located in Hong Kong and belongs to OWS, US. The main domain is www.gofanvan.com.

This is the only time www.gofanvan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23 39	154.92.245.81 154.92.245.81	984 (OWS) (OWS)
1	2606:4700:e0:... 2606:4700:e0::ac40:660b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.204.244.227 45.204.244.227	984 (OWS) (OWS)
20	107.162.145.170 107.162.145.170	55002 (DEFENSE-NET) (DEFENSE-NET)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	3.162.38.61 3.162.38.61	16509 (AMAZON-02) (AMAZON-02)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	61.4.118.232 61.4.118.232	55720 (GIGABIT-M...) (GIGABIT-MY Gigabit Hosting Sdn Bhd)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1 1	18.172.226.51 18.172.226.51	16509 (AMAZON-02) (AMAZON-02)
1	18.172.226.57 18.172.226.57	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.163.64.102 54.163.64.102	14618 (AMAZON-AES) (AMAZON-AES)
1	23.57.31.196 23.57.31.196	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:e0:... 2606:4700:e0::ac40:6d1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	154.59.122.94 154.59.122.94	174 (COGENT-174) (COGENT-174)
1	18.64.103.101 18.64.103.101	16509 (AMAZON-02) (AMAZON-02)
5	103.215.36.141 103.215.36.141	() ()
86	30

39 154.92.245.81 (Hong Kong) 23 redirects

ASN984 (OWS, US)

www.gofanvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:660b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.204.244.227 (Hong Kong)

ASN984 (OWS, US)

45.204.244.227	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 107.162.145.170 (United States)

ASN55002 (DEFENSE-NET, US)

amtrustfinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.38.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-38-61.cdg52.r.cloudfront.net

thefontzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.4.118.232 (Hong Kong)

ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY)

ssdioe0242.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.226.51 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-172-226-51.bcn50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.226.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-226-57.bcn50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.163.64.102 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-64-102.compute-1.amazonaws.com

api1944.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.57.31.196 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-31-196.deploy.static.akamaitechnologies.com

origin.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6d1a (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.streetmetrics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.94 (Secaucus, United States)

ASN174 (COGENT-174, US)

e.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-101.txl50.r.cloudfront.net

cdn-0.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.215.36.141 (None, )

ASN- ()

www.muguacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	gofanvan.com 23 redirects www.gofanvan.com	183 KB
20	amtrustfinancial.com amtrustfinancial.com — Cisco Umbrella Rank: 369028	3 MB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
5	muguacdn.com www.muguacdn.com	36 KB
4	gstatic.com fonts.gstatic.com	65 KB
3	d41.co api1944.d41.co — Cisco Umbrella Rank: 583599 cdn-0.d41.co — Cisco Umbrella Rank: 25098	26 KB
2	acuityplatform.com origin.acuityplatform.com — Cisco Umbrella Rank: 20245 e.acuityplatform.com — Cisco Umbrella Rank: 18052	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	87 KB
2	hotjar.com 1 redirects static.hotjar.com — Cisco Umbrella Rank: 727	4 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 9830	12 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	200 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	google.de www.google.de — Cisco Umbrella Rank: 6862	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 747	396 B
1	t.co t.co — Cisco Umbrella Rank: 607	377 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	349 B
1	streetmetrics.io pixel.streetmetrics.io — Cisco Umbrella Rank: 16407	44 B
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 4323	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
1	ssdioe0242.xyz ssdioe0242.xyz	2 KB
1	thefontzone.com thefontzone.com — Cisco Umbrella Rank: 52321	362 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	5 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1002	11 KB
86	25

	Domain	Requested by
39	www.gofanvan.com	23 redirects www.gofanvan.com
20	amtrustfinancial.com	www.gofanvan.com
5	www.muguacdn.com	ssdioe0242.xyz
4	fonts.gstatic.com	fonts.googleapis.com
3	region1.google-analytics.com	www.googletagmanager.com
3	www.google-analytics.com	www.gofanvan.com www.google-analytics.com
2	api1944.d41.co	www.googletagmanager.com cdn-0.d41.co
2	connect.facebook.net	www.gofanvan.com connect.facebook.net
2	static.hotjar.com	1 redirects www.gofanvan.com
2	hm.baidu.com	45.204.244.227 www.gofanvan.com
2	www.googletagmanager.com	www.gofanvan.com www.googletagmanager.com
2	fonts.googleapis.com	www.gofanvan.com
1	cdn-0.d41.co	www.googletagmanager.com
1	e.acuityplatform.com	origin.acuityplatform.com
1	www.facebook.com	www.gofanvan.com
1	www.google.de	www.gofanvan.com
1	www.google.com	www.gofanvan.com
1	analytics.twitter.com	www.gofanvan.com
1	t.co	www.gofanvan.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.streetmetrics.io	www.gofanvan.com
1	origin.acuityplatform.com	www.gofanvan.com
1	tag.simpli.fi	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	ssdioe0242.xyz	www.gofanvan.com
1	thefontzone.com	www.gofanvan.com
1	cdnjs.cloudflare.com	www.gofanvan.com
1	use.fontawesome.com	www.gofanvan.com
86	28

This site contains no links.

Subject Issuer	Validity	Valid
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
thefontzone.com Amazon RSA 2048 M01	`2023-04-24` - `2024-05-22`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
eedkgs0152.xyz R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-12` - `2023-11-10`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.acuityplatform.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-30` - `2024-02-01`	a year	crt.sh
streetmetrics.io E1	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
muguacdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-21` - `2024-06-20`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.gofanvan.com/
Frame ID: 95417A1320787BFFEE7ED6A3E0212EE4
Requests: 73 HTTP requests in this frame

Frame: https://ssdioe0242.xyz/?channelCode=gg
Frame ID: CBE368BE33432D854857CF0DA5266392
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

扣扣传媒app_扣扣传媒app下载_扣扣传媒无限观看版扣扣传媒app_扣扣传媒app下载_扣扣传媒无限观看版

Detected technologies

Kentico CMS (CMS) Expand

Overall confidence: 100%
Detected patterns

/CMSPages/GetResource\.ashx

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

86
Requests

44 %
HTTPS

43 %
IPv6

25
Domains

28
Subdomains

30
IPs

5
Countries

3364 kB
Transfer

5022 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://www.gofanvan.com/CMSPages/GetResource.ashx?scriptfile=%27%7e%2fCMSScripts%2fCustom%2fjquery-3.3.1.min.js?v=s155%27 HTTP 302
http://www.gofanvan.com/404.html

Request Chain 14

http://www.gofanvan.com/getmedia/7d0e8eba-3d0c-47a1-82e3-ba51cc278682/amtrust-financial-logo-vector.png HTTP 302
https://amtrustfinancial.com/getmedia/7d0e8eba-3d0c-47a1-82e3-ba51cc278682/amtrust-financial-logo-vector.png

Request Chain 15

http://www.gofanvan.com/getmedia/097364fd-5b08-4071-9fe4-a753a721ad8f/FMR-Home-Page-Tile-Image.jpg?width=725&height=353&ext=.jpg HTTP 302
https://amtrustfinancial.com/getmedia/097364fd-5b08-4071-9fe4-a753a721ad8f/FMR-Home-Page-Tile-Image.jpg?width=725&height=353&ext=.jpg

Request Chain 16

http://www.gofanvan.com/getmedia/d04538b7-f931-487f-94dd-c7a01c50b9c1/AML-Hero-Slider.png?width=725&height=460&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/d04538b7-f931-487f-94dd-c7a01c50b9c1/AML-Hero-Slider.png?width=725&height=460&ext=.png

Request Chain 17

http://www.gofanvan.com/getmedia/186ffc9c-1ee6-4ae0-9815-72dbad4e4285/Forbes-Hero-Slider.png?width=725&height=460&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/186ffc9c-1ee6-4ae0-9815-72dbad4e4285/Forbes-Hero-Slider.png?width=725&height=460&ext=.png

Request Chain 18

http://www.gofanvan.com/getmedia/42b03439-9b3f-43e0-84c7-822aaf4c6bd6/slide-3.png?width=725&height=460&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/42b03439-9b3f-43e0-84c7-822aaf4c6bd6/slide-3.png?width=725&height=460&ext=.png

Request Chain 19

http://www.gofanvan.com/getmedia/c36c6f15-1929-4b06-b713-b10b67d4ad02/International-725x460.png?width=725&height=460&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/c36c6f15-1929-4b06-b713-b10b67d4ad02/International-725x460.png?width=725&height=460&ext=.png

Request Chain 20

http://www.gofanvan.com/getmedia/41a8c155-a881-40c9-a4c0-bf83a3693923/slide-5.png?width=725&height=460&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/41a8c155-a881-40c9-a4c0-bf83a3693923/slide-5.png?width=725&height=460&ext=.png

Request Chain 21

http://www.gofanvan.com/getmedia/2b9e7008-8286-4c7d-a1c5-b5a30763fd2a/slide-1.png?width=725&height=460&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/2b9e7008-8286-4c7d-a1c5-b5a30763fd2a/slide-1.png?width=725&height=460&ext=.png

Request Chain 22

http://www.gofanvan.com/getmedia/a7eafbb9-ab50-4301-a99f-18e83f3d045e/slide-4.png?width=725&height=460&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/a7eafbb9-ab50-4301-a99f-18e83f3d045e/slide-4.png?width=725&height=460&ext=.png

Request Chain 23

http://www.gofanvan.com/getmedia/b504a364-8ab3-4415-8ea7-b92116923b53/2023-Corp-Brochure-Web-Banner_2448X1224.jpg?width=2448&height=1224&ext=.jpg HTTP 302
https://amtrustfinancial.com/getmedia/b504a364-8ab3-4415-8ea7-b92116923b53/2023-Corp-Brochure-Web-Banner_2448X1224.jpg?width=2448&height=1224&ext=.jpg

Request Chain 24

http://www.gofanvan.com/CMSPages/GetResource.ashx?scriptfile=%27%7e%2fCMSScripts%2fCustom%2fslick.min.js?v=s%27 HTTP 302
http://www.gofanvan.com/404.html

Request Chain 25

http://www.gofanvan.com/CMSPages/GetResource.ashx?scriptfile=%27%7e%2fCMSScripts%2fCustom%2fslick-init.js?v=s%27 HTTP 302
http://www.gofanvan.com/404.html

Request Chain 37

http://www.gofanvan.com/getmedia/097364fd-5b08-4071-9fe4-a753a721ad8f/FMR-Home-Page-Tile-Image.jpg?width=725&height=353&ext=.jpg HTTP 302
https://amtrustfinancial.com/getmedia/097364fd-5b08-4071-9fe4-a753a721ad8f/FMR-Home-Page-Tile-Image.jpg?width=725&height=353&ext=.jpg

Request Chain 38

http://www.gofanvan.com/getmedia/d04538b7-f931-487f-94dd-c7a01c50b9c1/AML-Hero-Slider.png?width=725&height=460&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/d04538b7-f931-487f-94dd-c7a01c50b9c1/AML-Hero-Slider.png?width=725&height=460&ext=.png

Request Chain 39

http://www.gofanvan.com/getmedia/186ffc9c-1ee6-4ae0-9815-72dbad4e4285/Forbes-Hero-Slider.png?width=725&height=460&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/186ffc9c-1ee6-4ae0-9815-72dbad4e4285/Forbes-Hero-Slider.png?width=725&height=460&ext=.png

Request Chain 40

http://www.gofanvan.com/getmedia/42b03439-9b3f-43e0-84c7-822aaf4c6bd6/slide-3.png?width=725&height=460&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/42b03439-9b3f-43e0-84c7-822aaf4c6bd6/slide-3.png?width=725&height=460&ext=.png

Request Chain 41

http://www.gofanvan.com/getmedia/c36c6f15-1929-4b06-b713-b10b67d4ad02/International-725x460.png?width=725&height=460&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/c36c6f15-1929-4b06-b713-b10b67d4ad02/International-725x460.png?width=725&height=460&ext=.png

Request Chain 42

http://www.gofanvan.com/getmedia/41a8c155-a881-40c9-a4c0-bf83a3693923/slide-5.png?width=725&height=460&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/41a8c155-a881-40c9-a4c0-bf83a3693923/slide-5.png?width=725&height=460&ext=.png

Request Chain 43

http://www.gofanvan.com/getmedia/2b9e7008-8286-4c7d-a1c5-b5a30763fd2a/slide-1.png?width=725&height=460&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/2b9e7008-8286-4c7d-a1c5-b5a30763fd2a/slide-1.png?width=725&height=460&ext=.png

Request Chain 44

http://www.gofanvan.com/getmedia/a7eafbb9-ab50-4301-a99f-18e83f3d045e/slide-4.png?width=725&height=460&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/a7eafbb9-ab50-4301-a99f-18e83f3d045e/slide-4.png?width=725&height=460&ext=.png

Request Chain 45

http://www.gofanvan.com/getmedia/e6c1fee3-497d-4d54-9021-1bcf856a849e/Homepage-P-C-Card-Image.png?width=1200&height=800&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/e6c1fee3-497d-4d54-9021-1bcf856a849e/Homepage-P-C-Card-Image.png?width=1200&height=800&ext=.png

Request Chain 46

http://www.gofanvan.com/getmedia/ea2794e4-8623-4289-b57c-6982b1a2cc6e/Homepage-W-SR-Card-Image.png?width=1200&height=800&ext=.png HTTP 302
https://amtrustfinancial.com/getmedia/ea2794e4-8623-4289-b57c-6982b1a2cc6e/Homepage-W-SR-Card-Image.png?width=1200&height=800&ext=.png

Request Chain 53

http://static.hotjar.com/c/hotjar-476649.js?sv=5 HTTP 301
https://static.hotjar.com/c/hotjar-476649.js?sv=5

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.gofanvan.com/ 90 KB
29 KB 1108ms
262ms Document
text/html 154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 908453ea86584d4a3acf20a82fb4ccb53fe99d97e7ee54be556f465653d0708a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=gbk
Date: Fri, 03 Nov 2023 13:58:21 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK GetResource.ashx
www.gofanvan.com/CMSPages/ 84 KB
19 KB 244ms
243ms Stylesheet
text/css 154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/CMSPages/GetResource.ashx?stylesheetname=AFSI-REDESIGN-MAIN
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: bbe62f3bbdef809095783f1941070481d53a361e456cb1ddadc68910ebb9e65c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:22 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK GetResource.ashx
www.gofanvan.com/CMSPages/ 84 KB
19 KB 445ms
238ms Stylesheet
text/css 154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/CMSPages/GetResource.ashx?stylesheetname=Bootstrap
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: bbe62f3bbdef809095783f1941070481d53a361e456cb1ddadc68910ebb9e65c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:22 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK GetResource.ashx
www.gofanvan.com/CMSPages/ 84 KB
19 KB 452ms
240ms Stylesheet
text/css 154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/CMSPages/GetResource.ashx?stylesheetname=Icomoon
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: bbe62f3bbdef809095783f1941070481d53a361e456cb1ddadc68910ebb9e65c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:22 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK GetResource.ashx
www.gofanvan.com/CMSPages/ 84 KB
19 KB 682ms
468ms Stylesheet
text/css 154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/CMSPages/GetResource.ashx?stylesheetname=burger
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: bbe62f3bbdef809095783f1941070481d53a361e456cb1ddadc68910ebb9e65c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:22 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.3.1/css/ 48 KB
11 KB 105ms
38ms Stylesheet
text/css 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Referer: http://www.gofanvan.com/
Origin: http://www.gofanvan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:58:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 401
etag: W/"10519cfd3206802f58315b877a9beab5"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcOiVeXXgRdXCJJFjaH3auyXkGquIIS5Ixgx6NtNDKqtjBm64zIMwq8DKWQEY2Eu9xi2THeaIIj39B9iSdYZDlzPiwEKJabs%2BSoEKpOt2DZiaTXSvfZBykJLcY7w465dHs2vGQ6o8h6bSax3LpPHCpjA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 820521b46e540e6c-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 82ms
30ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2408915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Y2Z0erlHX22jrdmEct9%2BOg1Ou%2FqMr3t%2Br%2BRHyGbpt1zSCHvtC7YdqHCznDJeNj%2F3sDzC1ugKLQz35DK%2FLF1VfJI2XWi%2FVYaxc%2BrbyWgbzFP5AkfJ7ZcltqXekQq5EJe9K6kB%2F%2BocbX7hhhbu2CEBuPH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 820521b45ca74da4-FRA
expires: Wed, 23 Oct 2024 13:58:22 GMT

GET
H/1.1

200
OK

404.html Show response
www.gofanvan.com/
Redirect Chain

http://www.gofanvan.com/CMSPages/GetResource.ashx?scriptfile=%27%7e%2fCMSScripts%2fCustom%2fjquery-3.3.1.min.js?v=s155%27
http://www.gofanvan.com/404.html

790 B
1021 B

219ms
219ms

Script
text/html

154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/404.html
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 65e5e0eead2d624827110ad678b0214c2f481de3419814efbb43370920438482

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:24 GMT
Last-Modified: Fri, 22 Sep 2017 04:19:48 GMT
Server: nginx
ETag: "59c48f64-316"
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 790

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:23 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Location: http://www.gofanvan.com/404.html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK buluke1.js Show response
45.204.244.227/ 2 KB
1 KB 1620ms
1402ms Script
application/javascript 45.204.244.227
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://45.204.244.227/buluke1.js
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 45.204.244.227 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: d15efbacc5da885b2918049176ae093ac55d0049c4c8c7d0f986e07269860420

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Nov 2023 11:26:46 GMT
Server: nginx
ETag: W/"6544d8f6-7bc"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Sat, 04 Nov 2023 01:58:22 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.gofanvan.com/ 101 KB
30 KB 691ms
262ms Script
text/html 154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/ScriptResource.axd?d=uHIkleVeDJf4xS50Krz-yGFVbx7Jx7MYtXZhS3-B9Th5N0fgAL4QCRTB4XwrAixkJ5tXqYRYMj3MucZxLkEFAM_71CvUPr1Y5ABCMRX1UOwoIwUCvWv0fwujR3UJfSI17ev_DWtU7TWFvE9rsreC6_FUioxqCOXQt3T2ytX1b5c1&t=13798092
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 6a0c848063b51aee6860b1501c3567ab6b7dc5e6e9ca55e2043e4ad7e3d12fb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:22 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=gbk
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.gofanvan.com/ 11 KB
4 KB 1088ms
226ms Script
text/html 154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/ScriptResource.axd?d=Y3m6UrVMbqJVE-kQ9gioH3K4hE0_qyoYMUJPnmR-ljoHGlqk6lYQfjoE47uwkO5VsoTpHgN4e-gxNQrBS79kvHRHMvmH_fJJMId9922ACfIGTagTUsw0gWqveI6Mhu6g0&t=27679117
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: ee74662fa7968939e4f88ae72372432a502fcd71092a754f8680e8fb07bbeeab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:23 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=gbk
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.gofanvan.com/ 19 KB
5 KB 1109ms
234ms Script
text/html 154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/ScriptResource.axd?d=gWcrHB-EGC1p4LtZa-lbj0_xHjRM9pceGETHfh8Or0Il55aKdbYEFxFClUKKZTk7DaDzgsrjSxwwhzmsHPRmVIe8pLZyUbMyFVxYhWzpHgU1&t=27679117
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: f3efeeb5de0b4e9dc7529bc58ff3ff356e6394e0d53c4d1baa41ffd98009da18

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:23 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=gbk
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.gofanvan.com/ 876 B
856 B 1861ms
753ms Script
text/html 154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/ScriptResource.axd?d=YGQkKErHFDdGeCMY44uk_m5wP9cfEPpftxlB4x1F5HmnO0eN0uLJf8voJ6CXX6d75OBEAfUDbFUJGXIi-_v4Lod8DtsQxQP_IZLx54wppSI3s5ouMGYxiZ4gf4Ma5B0k0&t=27679117
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a82cc83a33a9c20499d4283b92b75483f34f2defb2174edde64a721ae2231ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:23 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=gbk
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.gofanvan.com/ 10 KB
2 KB 1337ms
227ms Script
text/html 154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/ScriptResource.axd?d=zhB4TnNg5SCnTud0nPZV0MRovE2OlFmi3BLOOdCXMtOCVbP95J0UsDbA8EkCEpO_cwadVhkg6CToB27jv1vk26mZBb0xUNJyHakepvOZXYCqy1pfmdxcmte2rZHgQCCt0&t=27679117
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: bceddbb3a8bc2e836e861f0df2f652f0d5bbaf29b37272b748847e3bd9bdf37b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:23 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=gbk
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.gofanvan.com/ 7 KB
2 KB 1565ms
227ms Script
text/html 154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/ScriptResource.axd?d=eG7SOMgzjGkaCcb5n7DNEksgcD6Fq9EnH4sLJDBFAQJgPD9v2QI9SDCLa6Nw-Zs3sSXnY1PoAjVutJWWhn-2fvqn609MsV_1Xe8uuevf105w_T73IkG7T0tbemWE2m0c0&t=27679117
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 03c22ae111e8f46a46b153ab71e772e8da6f67f5adffcb46eb1394b489fa4bba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:23 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=gbk
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

amtrust-financial-logo-vector.png
amtrustfinancial.com/getmedia/7d0e8eba-3d0c-47a1-82e3-ba51cc278682/
Redirect Chain

http://www.gofanvan.com/getmedia/7d0e8eba-3d0c-47a1-82e3-ba51cc278682/amtrust-financial-logo-vector.png
https://amtrustfinancial.com/getmedia/7d0e8eba-3d0c-47a1-82e3-ba51cc278682/amtrust-financial-logo-vector.png

13 KB
14 KB

598ms
486ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/7d0e8eba-3d0c-47a1-82e3-ba51cc278682/amtrust-financial-logo-vector.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

95b39284792a314f83598e0404f30076babaea47894abe2e97a5b8abe3cea992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:24 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Fri, 09 Jul 2021 17:21:43 GMT
ETag: "7/9/2021 5:21:43 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="amtrust-financial-logo-vector.png"
Accept-Ranges: bytes
Content-Length: 13582
Expires: Sat, 04 Nov 2023 13:58:24 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:23 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/7d0e8eba-3d0c-47a1-82e3-ba51cc278682/amtrust-financial-logo-vector.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

FMR-Home-Page-Tile-Image.jpg
amtrustfinancial.com/getmedia/097364fd-5b08-4071-9fe4-a753a721ad8f/
Redirect Chain

http://www.gofanvan.com/getmedia/097364fd-5b08-4071-9fe4-a753a721ad8f/FMR-Home-Page-Tile-Image.jpg?width=725&height=353&ext=.jpg
https://amtrustfinancial.com/getmedia/097364fd-5b08-4071-9fe4-a753a721ad8f/FMR-Home-Page-Tile-Image.jpg?width=725&height=353&ext=.jpg

57 KB
58 KB

725ms
492ms

Image
image/jpeg

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/097364fd-5b08-4071-9fe4-a753a721ad8f/FMR-Home-Page-Tile-Image.jpg?width=725&height=353&ext=.jpg

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

f6a68ad4b1a8fdc1afa652c51b0b2d99770939a2c5bf265d5755fcc6dd7649d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:24 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Mon, 05 Jun 2023 19:42:52 GMT
ETag: "6/5/2023 7:42:52 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="FMR-Home-Page-Tile-Image.jpg"
Accept-Ranges: bytes
Content-Length: 58455
Expires: Sat, 04 Nov 2023 13:58:24 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:23 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/097364fd-5b08-4071-9fe4-a753a721ad8f/FMR-Home-Page-Tile-Image.jpg?width=725&height=353&ext=.jpg
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

AML-Hero-Slider.png
amtrustfinancial.com/getmedia/d04538b7-f931-487f-94dd-c7a01c50b9c1/
Redirect Chain

http://www.gofanvan.com/getmedia/d04538b7-f931-487f-94dd-c7a01c50b9c1/AML-Hero-Slider.png?width=725&height=460&ext=.png
https://amtrustfinancial.com/getmedia/d04538b7-f931-487f-94dd-c7a01c50b9c1/AML-Hero-Slider.png?width=725&height=460&ext=.png

21 KB
22 KB

242ms
141ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/d04538b7-f931-487f-94dd-c7a01c50b9c1/AML-Hero-Slider.png?width=725&height=460&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

70d66dbd8b6212f0e2c15f20c6a2337b77a07e6738ffbd52431bd70027623814

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:24 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Thu, 15 Jun 2023 16:50:17 GMT
ETag: "6/15/2023 4:50:17 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="AML-Hero-Slider.png"
Accept-Ranges: bytes
Content-Length: 21517
Expires: Sat, 04 Nov 2023 13:58:24 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:24 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/d04538b7-f931-487f-94dd-c7a01c50b9c1/AML-Hero-Slider.png?width=725&height=460&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

Forbes-Hero-Slider.png
amtrustfinancial.com/getmedia/186ffc9c-1ee6-4ae0-9815-72dbad4e4285/
Redirect Chain

http://www.gofanvan.com/getmedia/186ffc9c-1ee6-4ae0-9815-72dbad4e4285/Forbes-Hero-Slider.png?width=725&height=460&ext=.png
https://amtrustfinancial.com/getmedia/186ffc9c-1ee6-4ae0-9815-72dbad4e4285/Forbes-Hero-Slider.png?width=725&height=460&ext=.png

35 KB
35 KB

142ms
142ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/186ffc9c-1ee6-4ae0-9815-72dbad4e4285/Forbes-Hero-Slider.png?width=725&height=460&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

1923083115d47a1f2b2f8b11830c8b2a6f557942085909ee32b114ac0e4ebb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:24 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Wed, 01 Feb 2023 14:55:43 GMT
ETag: "2/1/2023 2:55:43 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="Forbes-Hero-Slider.png"
Accept-Ranges: bytes
Content-Length: 35386
Expires: Sat, 04 Nov 2023 13:58:24 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:24 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/186ffc9c-1ee6-4ae0-9815-72dbad4e4285/Forbes-Hero-Slider.png?width=725&height=460&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

slide-3.png
amtrustfinancial.com/getmedia/42b03439-9b3f-43e0-84c7-822aaf4c6bd6/
Redirect Chain

http://www.gofanvan.com/getmedia/42b03439-9b3f-43e0-84c7-822aaf4c6bd6/slide-3.png?width=725&height=460&ext=.png
https://amtrustfinancial.com/getmedia/42b03439-9b3f-43e0-84c7-822aaf4c6bd6/slide-3.png?width=725&height=460&ext=.png

10 KB
11 KB

139ms
139ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/42b03439-9b3f-43e0-84c7-822aaf4c6bd6/slide-3.png?width=725&height=460&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

0d0ec59dba1f1a109e723185123451e15c9d63a8b59c0f4b8ab20d4895d9863f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:24 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Mon, 14 Nov 2022 21:37:49 GMT
ETag: "11/14/2022 9:37:49 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="slide-3.png"
Accept-Ranges: bytes
Content-Length: 10328
Expires: Sat, 04 Nov 2023 13:58:24 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:24 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/42b03439-9b3f-43e0-84c7-822aaf4c6bd6/slide-3.png?width=725&height=460&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

International-725x460.png
amtrustfinancial.com/getmedia/c36c6f15-1929-4b06-b713-b10b67d4ad02/
Redirect Chain

http://www.gofanvan.com/getmedia/c36c6f15-1929-4b06-b713-b10b67d4ad02/International-725x460.png?width=725&height=460&ext=.png
https://amtrustfinancial.com/getmedia/c36c6f15-1929-4b06-b713-b10b67d4ad02/International-725x460.png?width=725&height=460&ext=.png

10 KB
10 KB

488ms
487ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/c36c6f15-1929-4b06-b713-b10b67d4ad02/International-725x460.png?width=725&height=460&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

257daef59700b65d38e869ef8edf3625013eac03ca3952b53b3d11eaf62ad8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Thu, 08 Dec 2022 16:43:26 GMT
ETag: "12/8/2022 4:43:26 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="International-725x460.png"
Accept-Ranges: bytes
Content-Length: 9982
Expires: Sat, 04 Nov 2023 13:58:25 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:25 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/c36c6f15-1929-4b06-b713-b10b67d4ad02/International-725x460.png?width=725&height=460&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

slide-5.png
amtrustfinancial.com/getmedia/41a8c155-a881-40c9-a4c0-bf83a3693923/
Redirect Chain

http://www.gofanvan.com/getmedia/41a8c155-a881-40c9-a4c0-bf83a3693923/slide-5.png?width=725&height=460&ext=.png
https://amtrustfinancial.com/getmedia/41a8c155-a881-40c9-a4c0-bf83a3693923/slide-5.png?width=725&height=460&ext=.png

14 KB
14 KB

144ms
143ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/41a8c155-a881-40c9-a4c0-bf83a3693923/slide-5.png?width=725&height=460&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

64aa4c1ba28586a85407faad92ce93d1d0b12654868464951e81df0d4a49683f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Mon, 14 Nov 2022 21:40:26 GMT
ETag: "11/14/2022 9:40:26 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="slide-5.png"
Accept-Ranges: bytes
Content-Length: 14059
Expires: Sat, 04 Nov 2023 13:58:25 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:25 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/41a8c155-a881-40c9-a4c0-bf83a3693923/slide-5.png?width=725&height=460&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

slide-1.png
amtrustfinancial.com/getmedia/2b9e7008-8286-4c7d-a1c5-b5a30763fd2a/
Redirect Chain

http://www.gofanvan.com/getmedia/2b9e7008-8286-4c7d-a1c5-b5a30763fd2a/slide-1.png?width=725&height=460&ext=.png
https://amtrustfinancial.com/getmedia/2b9e7008-8286-4c7d-a1c5-b5a30763fd2a/slide-1.png?width=725&height=460&ext=.png

16 KB
16 KB

139ms
139ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/2b9e7008-8286-4c7d-a1c5-b5a30763fd2a/slide-1.png?width=725&height=460&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

afcfa433d142d6f10e33a9a4f164a0fe427f3818ea9234f628b2ba13c0d30954

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Mon, 14 Nov 2022 15:47:51 GMT
ETag: "11/14/2022 3:47:51 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="slide-1.png"
Accept-Ranges: bytes
Content-Length: 16192
Expires: Sat, 04 Nov 2023 13:58:25 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:25 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/2b9e7008-8286-4c7d-a1c5-b5a30763fd2a/slide-1.png?width=725&height=460&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

slide-4.png
amtrustfinancial.com/getmedia/a7eafbb9-ab50-4301-a99f-18e83f3d045e/
Redirect Chain

http://www.gofanvan.com/getmedia/a7eafbb9-ab50-4301-a99f-18e83f3d045e/slide-4.png?width=725&height=460&ext=.png
https://amtrustfinancial.com/getmedia/a7eafbb9-ab50-4301-a99f-18e83f3d045e/slide-4.png?width=725&height=460&ext=.png

18 KB
19 KB

142ms
142ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/a7eafbb9-ab50-4301-a99f-18e83f3d045e/slide-4.png?width=725&height=460&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

e9e54de5ec7d3721d0c06b19cdd36fa808e312f43f879f99dae5d2e8b369e887

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Mon, 14 Nov 2022 21:38:37 GMT
ETag: "11/14/2022 9:38:37 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="slide-4.png"
Accept-Ranges: bytes
Content-Length: 18517
Expires: Sat, 04 Nov 2023 13:58:25 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:25 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/a7eafbb9-ab50-4301-a99f-18e83f3d045e/slide-4.png?width=725&height=460&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

2023-Corp-Brochure-Web-Banner_2448X1224.jpg
amtrustfinancial.com/getmedia/b504a364-8ab3-4415-8ea7-b92116923b53/
Redirect Chain

http://www.gofanvan.com/getmedia/b504a364-8ab3-4415-8ea7-b92116923b53/2023-Corp-Brochure-Web-Banner_2448X1224.jpg?width=2448&height=1224&ext=.jpg
https://amtrustfinancial.com/getmedia/b504a364-8ab3-4415-8ea7-b92116923b53/2023-Corp-Brochure-Web-Banner_2448X1224.jpg?width=2448&height=1224&ext=.jpg

839 KB
840 KB

146ms
146ms

Image
image/jpeg

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/b504a364-8ab3-4415-8ea7-b92116923b53/2023-Corp-Brochure-Web-Banner_2448X1224.jpg?width=2448&height=1224&ext=.jpg

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

9edca158cd7aa7d57dd400b77a6fccb0b22187fda4a53558a8a61e89c742fe40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Wed, 26 Apr 2023 20:34:17 GMT
ETag: "4/26/2023 8:34:17 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="2023-Corp-Brochure-Web-Banner_2448X1224.jpg"
Accept-Ranges: bytes
Content-Length: 859445
Expires: Sat, 04 Nov 2023 13:58:25 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:25 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/b504a364-8ab3-4415-8ea7-b92116923b53/2023-Corp-Brochure-Web-Banner_2448X1224.jpg?width=2448&height=1224&ext=.jpg
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

404.html Show response
www.gofanvan.com/
Redirect Chain

http://www.gofanvan.com/CMSPages/GetResource.ashx?scriptfile=%27%7e%2fCMSScripts%2fCustom%2fslick.min.js?v=s%27
http://www.gofanvan.com/404.html

790 B
1021 B

208ms
207ms

Script
text/html

154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/404.html
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 65e5e0eead2d624827110ad678b0214c2f481de3419814efbb43370920438482

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:25 GMT
Last-Modified: Fri, 22 Sep 2017 04:19:48 GMT
Server: nginx
ETag: "59c48f64-316"
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 790

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:25 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Location: http://www.gofanvan.com/404.html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

404.html Show response
www.gofanvan.com/
Redirect Chain

http://www.gofanvan.com/CMSPages/GetResource.ashx?scriptfile=%27%7e%2fCMSScripts%2fCustom%2fslick-init.js?v=s%27
http://www.gofanvan.com/404.html

790 B
1021 B

1346ms
1345ms

Script
text/html

154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/404.html
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 65e5e0eead2d624827110ad678b0214c2f481de3419814efbb43370920438482

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:26 GMT
Last-Modified: Fri, 22 Sep 2017 04:19:48 GMT
Server: nginx
ETag: "59c48f64-316"
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 790

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:25 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Location: http://www.gofanvan.com/404.html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK AFSI-redesign.js Show response
www.gofanvan.com/CMSScripts/Custom/ 86 KB
17 KB 242ms
242ms Script
text/javascript 154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/CMSScripts/Custom/AFSI-redesign.js
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 49962e37ac194b49ef778d577253d2721f9118c98bc778bc557dd1f1c54b2c68

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:24 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK chat-bot.js Show response
www.gofanvan.com/CMSScripts/Custom/ 2 KB
1 KB 236ms
236ms Script
text/javascript 154.92.245.81
OWS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.gofanvan.com/CMSScripts/Custom/chat-bot.js
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Server: 154.92.245.81 , Hong Kong, ASN984 (OWS, US),
Reverse DNS
Software: nginx /
Resource Hash: 3beea1ab5bb7559d6b8cbde371b589f841171b9acfc244a80bbf7fae88b7bb44

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:24 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 81ms
33ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600&family=Source+Serif+Pro:wght@400;600&display=swap

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/CMSPages/GetResource.ashx?stylesheetname=Bootstrap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f294962d8caf3657a07504d3bd6fd605bc692e65467567d621f6f672c4cf638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Nov 2023 13:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 13:58:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Nov 2023 13:58:22 GMT

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1002 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600&family=Source+Serif+Pro:wght@400;600&display=swap

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/CMSPages/GetResource.ashx?stylesheetname=burger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f294962d8caf3657a07504d3bd6fd605bc692e65467567d621f6f672c4cf638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Nov 2023 13:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 13:58:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Nov 2023 13:58:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 74ms
25ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 13:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 412
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 03 Nov 2023 15:51:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 449 KB
116 KB 102ms
56ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KFMJ69

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d70ad384274d7ad851a6ed14367f4df3559b7c4aa4fbfd4f94b136426dce4532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:58:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117948
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Nov 2023 13:58:24 GMT

GET
H2 200 a2e6395942b4b79443c6355ca0598726 Show response
thefontzone.com/v4/w/fonts/ 0
362 B 418ms
307ms XHR
application/json 3.162.38.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://thefontzone.com/v4/w/fonts/a2e6395942b4b79443c6355ca0598726?i=www.gofanvan.com&l=www.gofanvan.com&p=/&o=Win32&v2=1600x1200&r3=-60&s4=&y1=http%3A&y2=&y3=
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.38.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-38-61.cdg52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:58:24 GMT
via: 1.1 5e9eaa4dae17f466e627d76765f5de64.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
x-amzn-trace-id: Root=1-6544fc80-503a0a2153764cfe335a096b;Sampled=0;lineage=d7a1fa29:0
x-amzn-requestid: c0b49317-3ee4-4ad6-bf69-489c9b21a383
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: N0xkKH2foAMEdXA=
content-length: 0
x-amz-cf-id: xsKJjdm8nMnVM0MF6LxMbLffN-HMldRQLREhSsRp1ctQ_cuUEqipMg==

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1365ms
429ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?f6424ccaf3c021f74833af7f9ec45467

Requested by

Host: 45.204.244.227
URL: http://45.204.244.227/buluke1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

dafc62fed2b1a2b569547be31ff3e9f58c4e702e85c021c3a2ffe2bcfbd35a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:25 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 7150b697c6098a0474a057f31e48a45c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11256

GET
H2 200 / Show response
ssdioe0242.xyz/ Frame CBE3 4 KB
2 KB 1144ms
212ms Document
text/html 61.4.118.232
GIGABIT-MY Gigabi...

General

Check archive.org

Show headers Download Go to

Full URL

https://ssdioe0242.xyz/?channelCode=gg

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

61.4.118.232 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),

Reverse DNS

Software

nginx /

Resource Hash

e1de4c1f2e6d7d51bcc5e360f4a59407ae9813309e5e98de5089191858dc4fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.gofanvan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 03 Nov 2023 13:58:25 GMT
etag: W/"65338369-1174"
last-modified: Sat, 21 Oct 2023 07:53:13 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 66ms
19ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600&family=Source+Serif+Pro:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.gofanvan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 37043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 03:41:01 GMT

GET
H2 200 neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v17/ 21 KB
21 KB 81ms
38ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v17/neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600&family=Source+Serif+Pro:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc308be27791dc58e7ce19f0d245ef66b8eb6975b8c7ae22d97c09927c84dc48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.gofanvan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:21:13 GMT
x-content-type-options: nosniff
age: 599831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21528
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 23:15:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 15:21:13 GMT

GET
H/1.1

200
OK

FMR-Home-Page-Tile-Image.jpg
amtrustfinancial.com/getmedia/097364fd-5b08-4071-9fe4-a753a721ad8f/
Redirect Chain

http://www.gofanvan.com/getmedia/097364fd-5b08-4071-9fe4-a753a721ad8f/FMR-Home-Page-Tile-Image.jpg?width=725&height=353&ext=.jpg
https://amtrustfinancial.com/getmedia/097364fd-5b08-4071-9fe4-a753a721ad8f/FMR-Home-Page-Tile-Image.jpg?width=725&height=353&ext=.jpg

57 KB
58 KB

141ms
141ms

Image
image/jpeg

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/097364fd-5b08-4071-9fe4-a753a721ad8f/FMR-Home-Page-Tile-Image.jpg?width=725&height=353&ext=.jpg

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

f6a68ad4b1a8fdc1afa652c51b0b2d99770939a2c5bf265d5755fcc6dd7649d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Mon, 05 Jun 2023 19:42:52 GMT
ETag: "6/5/2023 7:42:52 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="FMR-Home-Page-Tile-Image.jpg"
Accept-Ranges: bytes
Content-Length: 58455
Expires: Sat, 04 Nov 2023 13:58:25 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:25 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/097364fd-5b08-4071-9fe4-a753a721ad8f/FMR-Home-Page-Tile-Image.jpg?width=725&height=353&ext=.jpg
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

AML-Hero-Slider.png
amtrustfinancial.com/getmedia/d04538b7-f931-487f-94dd-c7a01c50b9c1/
Redirect Chain

http://www.gofanvan.com/getmedia/d04538b7-f931-487f-94dd-c7a01c50b9c1/AML-Hero-Slider.png?width=725&height=460&ext=.png
https://amtrustfinancial.com/getmedia/d04538b7-f931-487f-94dd-c7a01c50b9c1/AML-Hero-Slider.png?width=725&height=460&ext=.png

21 KB
22 KB

144ms
144ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/d04538b7-f931-487f-94dd-c7a01c50b9c1/AML-Hero-Slider.png?width=725&height=460&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

70d66dbd8b6212f0e2c15f20c6a2337b77a07e6738ffbd52431bd70027623814

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Thu, 15 Jun 2023 16:50:17 GMT
ETag: "6/15/2023 4:50:17 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="AML-Hero-Slider.png"
Accept-Ranges: bytes
Content-Length: 21517
Expires: Sat, 04 Nov 2023 13:58:25 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:25 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/d04538b7-f931-487f-94dd-c7a01c50b9c1/AML-Hero-Slider.png?width=725&height=460&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

Forbes-Hero-Slider.png
amtrustfinancial.com/getmedia/186ffc9c-1ee6-4ae0-9815-72dbad4e4285/
Redirect Chain

http://www.gofanvan.com/getmedia/186ffc9c-1ee6-4ae0-9815-72dbad4e4285/Forbes-Hero-Slider.png?width=725&height=460&ext=.png
https://amtrustfinancial.com/getmedia/186ffc9c-1ee6-4ae0-9815-72dbad4e4285/Forbes-Hero-Slider.png?width=725&height=460&ext=.png

35 KB
35 KB

140ms
140ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/186ffc9c-1ee6-4ae0-9815-72dbad4e4285/Forbes-Hero-Slider.png?width=725&height=460&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

1923083115d47a1f2b2f8b11830c8b2a6f557942085909ee32b114ac0e4ebb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Wed, 01 Feb 2023 14:55:43 GMT
ETag: "2/1/2023 2:55:43 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="Forbes-Hero-Slider.png"
Accept-Ranges: bytes
Content-Length: 35386
Expires: Sat, 04 Nov 2023 13:58:26 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:26 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/186ffc9c-1ee6-4ae0-9815-72dbad4e4285/Forbes-Hero-Slider.png?width=725&height=460&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

slide-3.png
amtrustfinancial.com/getmedia/42b03439-9b3f-43e0-84c7-822aaf4c6bd6/
Redirect Chain

http://www.gofanvan.com/getmedia/42b03439-9b3f-43e0-84c7-822aaf4c6bd6/slide-3.png?width=725&height=460&ext=.png
https://amtrustfinancial.com/getmedia/42b03439-9b3f-43e0-84c7-822aaf4c6bd6/slide-3.png?width=725&height=460&ext=.png

10 KB
11 KB

139ms
138ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/42b03439-9b3f-43e0-84c7-822aaf4c6bd6/slide-3.png?width=725&height=460&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

0d0ec59dba1f1a109e723185123451e15c9d63a8b59c0f4b8ab20d4895d9863f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Mon, 14 Nov 2022 21:37:49 GMT
ETag: "11/14/2022 9:37:49 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="slide-3.png"
Accept-Ranges: bytes
Content-Length: 10328
Expires: Sat, 04 Nov 2023 13:58:26 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:26 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/42b03439-9b3f-43e0-84c7-822aaf4c6bd6/slide-3.png?width=725&height=460&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

International-725x460.png
amtrustfinancial.com/getmedia/c36c6f15-1929-4b06-b713-b10b67d4ad02/
Redirect Chain

http://www.gofanvan.com/getmedia/c36c6f15-1929-4b06-b713-b10b67d4ad02/International-725x460.png?width=725&height=460&ext=.png
https://amtrustfinancial.com/getmedia/c36c6f15-1929-4b06-b713-b10b67d4ad02/International-725x460.png?width=725&height=460&ext=.png

10 KB
10 KB

141ms
141ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/c36c6f15-1929-4b06-b713-b10b67d4ad02/International-725x460.png?width=725&height=460&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

257daef59700b65d38e869ef8edf3625013eac03ca3952b53b3d11eaf62ad8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Thu, 08 Dec 2022 16:43:26 GMT
ETag: "12/8/2022 4:43:26 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="International-725x460.png"
Accept-Ranges: bytes
Content-Length: 9982
Expires: Sat, 04 Nov 2023 13:58:26 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:26 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/c36c6f15-1929-4b06-b713-b10b67d4ad02/International-725x460.png?width=725&height=460&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

slide-5.png
amtrustfinancial.com/getmedia/41a8c155-a881-40c9-a4c0-bf83a3693923/
Redirect Chain

http://www.gofanvan.com/getmedia/41a8c155-a881-40c9-a4c0-bf83a3693923/slide-5.png?width=725&height=460&ext=.png
https://amtrustfinancial.com/getmedia/41a8c155-a881-40c9-a4c0-bf83a3693923/slide-5.png?width=725&height=460&ext=.png

14 KB
14 KB

139ms
138ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/41a8c155-a881-40c9-a4c0-bf83a3693923/slide-5.png?width=725&height=460&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

64aa4c1ba28586a85407faad92ce93d1d0b12654868464951e81df0d4a49683f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Mon, 14 Nov 2022 21:40:26 GMT
ETag: "11/14/2022 9:40:26 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="slide-5.png"
Accept-Ranges: bytes
Content-Length: 14059
Expires: Sat, 04 Nov 2023 13:58:26 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:26 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/41a8c155-a881-40c9-a4c0-bf83a3693923/slide-5.png?width=725&height=460&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

slide-1.png
amtrustfinancial.com/getmedia/2b9e7008-8286-4c7d-a1c5-b5a30763fd2a/
Redirect Chain

http://www.gofanvan.com/getmedia/2b9e7008-8286-4c7d-a1c5-b5a30763fd2a/slide-1.png?width=725&height=460&ext=.png
https://amtrustfinancial.com/getmedia/2b9e7008-8286-4c7d-a1c5-b5a30763fd2a/slide-1.png?width=725&height=460&ext=.png

16 KB
16 KB

224ms
142ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/2b9e7008-8286-4c7d-a1c5-b5a30763fd2a/slide-1.png?width=725&height=460&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

afcfa433d142d6f10e33a9a4f164a0fe427f3818ea9234f628b2ba13c0d30954

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Mon, 14 Nov 2022 15:47:51 GMT
ETag: "11/14/2022 3:47:51 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="slide-1.png"
Accept-Ranges: bytes
Content-Length: 16192
Expires: Sat, 04 Nov 2023 13:58:26 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:26 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/2b9e7008-8286-4c7d-a1c5-b5a30763fd2a/slide-1.png?width=725&height=460&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

slide-4.png
amtrustfinancial.com/getmedia/a7eafbb9-ab50-4301-a99f-18e83f3d045e/
Redirect Chain

http://www.gofanvan.com/getmedia/a7eafbb9-ab50-4301-a99f-18e83f3d045e/slide-4.png?width=725&height=460&ext=.png
https://amtrustfinancial.com/getmedia/a7eafbb9-ab50-4301-a99f-18e83f3d045e/slide-4.png?width=725&height=460&ext=.png

18 KB
19 KB

149ms
138ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/a7eafbb9-ab50-4301-a99f-18e83f3d045e/slide-4.png?width=725&height=460&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

e9e54de5ec7d3721d0c06b19cdd36fa808e312f43f879f99dae5d2e8b369e887

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Mon, 14 Nov 2022 21:38:37 GMT
ETag: "11/14/2022 9:38:37 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="slide-4.png"
Accept-Ranges: bytes
Content-Length: 18517
Expires: Sat, 04 Nov 2023 13:58:26 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:26 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/a7eafbb9-ab50-4301-a99f-18e83f3d045e/slide-4.png?width=725&height=460&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

Homepage-P-C-Card-Image.png
amtrustfinancial.com/getmedia/e6c1fee3-497d-4d54-9021-1bcf856a849e/
Redirect Chain

http://www.gofanvan.com/getmedia/e6c1fee3-497d-4d54-9021-1bcf856a849e/Homepage-P-C-Card-Image.png?width=1200&height=800&ext=.png
https://amtrustfinancial.com/getmedia/e6c1fee3-497d-4d54-9021-1bcf856a849e/Homepage-P-C-Card-Image.png?width=1200&height=800&ext=.png

922 KB
922 KB

145ms
144ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/e6c1fee3-497d-4d54-9021-1bcf856a849e/Homepage-P-C-Card-Image.png?width=1200&height=800&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

0750be575b9faf74611be800cf1307f0e81da31d565ede12232dee6d18bb5622

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Tue, 06 Dec 2022 15:45:46 GMT
ETag: "12/6/2022 3:45:46 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="Homepage-P-C-Card-Image.png"
Accept-Ranges: bytes
Content-Length: 944016
Expires: Sat, 04 Nov 2023 13:58:26 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:26 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/e6c1fee3-497d-4d54-9021-1bcf856a849e/Homepage-P-C-Card-Image.png?width=1200&height=800&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

Homepage-W-SR-Card-Image.png
amtrustfinancial.com/getmedia/ea2794e4-8623-4289-b57c-6982b1a2cc6e/
Redirect Chain

http://www.gofanvan.com/getmedia/ea2794e4-8623-4289-b57c-6982b1a2cc6e/Homepage-W-SR-Card-Image.png?width=1200&height=800&ext=.png
https://amtrustfinancial.com/getmedia/ea2794e4-8623-4289-b57c-6982b1a2cc6e/Homepage-W-SR-Card-Image.png?width=1200&height=800&ext=.png

548 KB
549 KB

140ms
139ms

Image
image/png

107.162.145.170
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://amtrustfinancial.com/getmedia/ea2794e4-8623-4289-b57c-6982b1a2cc6e/Homepage-W-SR-Card-Image.png?width=1200&height=800&ext=.png

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Server

107.162.145.170 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

7d85cc1e7af5e9c78ce63c70ea06b903b3f13b418a278af1990b62eb6a4eef95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Via: 1.1 fra1-bit12013
Last-Modified: Tue, 06 Dec 2022 15:47:04 GMT
ETag: "12/6/2022 3:47:04 PM"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, must-revalidate, public, max-age=604800, immutable: 1; mode=block
Content-Disposition: inline; filename="Homepage-W-SR-Card-Image.png"
Accept-Ranges: bytes
Content-Length: 561648
Expires: Sat, 04 Nov 2023 13:58:26 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:26 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/jpeg; charset=UTF-8
Location: https://amtrustfinancial.com/getmedia/ea2794e4-8623-4289-b57c-6982b1a2cc6e/Homepage-W-SR-Card-Image.png?width=1200&height=800&ext=.png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 64ms
46ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600&family=Source+Serif+Pro:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.gofanvan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 23:04:46 GMT
x-content-type-options: nosniff
age: 572018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 23:04:46 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 26ms
24ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600&family=Source+Serif+Pro:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.gofanvan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 05:19:53 GMT
x-content-type-options: nosniff
age: 549511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14780
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 05:19:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
84 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-09Q7QDEPVM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFMJ69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7565ecaa561390f020221f83a8bebf9e101d0c721ad28b6242a9c377fa479d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:58:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86136
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Nov 2023 13:58:24 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 28ms
27ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=948211176&t=pageview&_s=1&dl=http%3A%2F%2Fwww.gofanvan.com%2F&ul=en-us&de=GBK&dt=%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92app_%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92app%E4%B8%8B%E8%BD%BD_%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92%E6%97%A0%E9%99%90%E8%A7%82%E7%9C%8B%E7%89%88&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABBAAAACAAI~&jid=888342503&gjid=11963790&cid=204987845.1699019904&tid=UA-49404584-2&_gid=1090303529.1699019904&_r=1&_slc=1&gtm=45He3b11n71KFMJ69v72329432&cd1=AFSI&cd3=Home&cd4=&cd6=en-US&cd9=%2F&cd10=&cd19=null&gcd=11l1l1l1l1&z=1907545634

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.gofanvan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 13:58:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.gofanvan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 28ms
28ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=948211176&t=pageview&_s=1&dl=http%3A%2F%2Fwww.gofanvan.com%2F&ul=en-us&de=GBK&dt=%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92app_%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92app%E4%B8%8B%E8%BD%BD_%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92%E6%97%A0%E9%99%90%E8%A7%82%E7%9C%8B%E7%89%88&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAACAAI~&jid=1803959955&gjid=1186717430&cid=204987845.1699019904&tid=UA-116118065-1&_gid=1090303529.1699019904&_r=1&_slc=1&gtm=45He3b11n71KFMJ69v72329432&cd1=AFSI&cd3=Home&cd4=&cd6=en-US&cd9=%2F&cd10=&gcd=11l1l1l1l1&z=247425004

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.gofanvan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 13:58:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.gofanvan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 91ms
27ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFMJ69
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:58:24 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230114-FRA

GET
H2

200

hotjar-476649.js Show response
static.hotjar.com/c/
Redirect Chain

http://static.hotjar.com/c/hotjar-476649.js?sv=5
https://static.hotjar.com/c/hotjar-476649.js?sv=5

9 KB
4 KB

221ms
108ms

Script
application/javascript

18.172.226.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-476649.js?sv=5

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

Server

18.172.226.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-226-57.bcn50.r.cloudfront.net

Software

Resource Hash

a1079dd5bbce1a75dcc7d381240a343cc3c319ce0efe19373451a7504d7bd7ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8e27a1df0bfacc96034bdffd33a051aa.cloudfront.net (CloudFront)
x-amz-cf-pop: BCN50-P2
etag: W/c35c1a18617785e6da27534f692f54b3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ahkeijNqMNJuq294hLXifjJsGoNvSrNsOO2cwDPxva02OeMaSipf8g==

Redirect headers

Date: Fri, 03 Nov 2023 13:58:24 GMT
Via: 1.1 a342168095b14af0dc71393efe63bb58.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: BCN50-P2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://static.hotjar.com/c/hotjar-476649.js?sv=5
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: eAjq99ac-q6gz2ndx3cIe-u4oTJUrJw_nB_hZPhFq11KbuoLseIqTg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 71ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Nov 2023 13:58:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: M4IUVXzawRtugnrj5Sq2TsYId0MQkKzQ9uWXEQJqi2awSLiZPQHSvU0KLlRQp7uAD2FxTMAjEdg7UxazWs/6Ig==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bef7b120-0804-0139-3825-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ 3 KB
3 KB 102ms
29ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/bef7b120-0804-0139-3825-06abc14c0bc6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFMJ69
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 9e668a1b50299bd65857d3d1a68ff3199ed48fdf7d6654990e1adc29abddf6fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 13:58:24 GMT
server: openresty
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 3101
x-request-id: F5QhmfyYa0HW7JWoqX2C
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content / Show response
api1944.d41.co/sync/ 0
443 B 333ms
128ms Script
text/plain 54.163.64.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://api1944.d41.co/sync/

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFMJ69

Protocol

HTTP/1.1

Server

54.163.64.102 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-163-64-102.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:24 GMT
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options: SAMEORIGIN
access-control-allow-origin: http://www.gofanvan.com
Cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK pixel.js Show response
origin.acuityplatform.com/event/v2/ 2 KB
3 KB 160ms
32ms Script
application/javascript 23.57.31.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.acuityplatform.com/event/v2/pixel.js
Requested by: Host: www.gofanvan.com
URL: http://www.gofanvan.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.31.196 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-31-196.deploy.static.akamaitechnologies.com
Software: nginx/1.14.0 /
Resource Hash: 89cf66cb9de8da20fc15e9953845dd4d1de2c0fb465c827a09d818449222c533

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 13:58:24 GMT
Last-Modified: Wed, 04 Jan 2023 18:57:40 GMT
Server: nginx/1.14.0
ETag: "63b5cc24-978"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2424

GET
H2 200 959b5904-7579-4f24-9288-f6b2e9c96d0d
pixel.streetmetrics.io/pixel/ 44 B
44 B 338ms
224ms Image
image/gif 2606:4700:e0::ac40:6d1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.streetmetrics.io/pixel/959b5904-7579-4f24-9288-f6b2e9c96d0d

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6d1a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:58:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
content-length: 44
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2CblQmfM8Q4Z5khJRRrt11tY2e%2BqNueXmFVfaAELdPcW%2FKYLVo2lDw9cpM4PqWqz4T4D%2FBbuK%2ByJv%2BcWdyrw%2F6o2IGBiBH96qJlFgNvViY9G%2FwdqynahNRHlPsJYw1TRFybfxY%2FsOVPSaY8DnFvKs2iOqSp"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cf-ray: 820521c51a280155-CDG

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 86ms
27ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-49404584-2&cid=204987845.1699019904&jid=888342503&gjid=11963790&_gid=1090303529.1699019904&_u=aGDAAEAABAAAACAAI~&z=1947767936

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.gofanvan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Nov 2023 13:58:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.gofanvan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 79ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-09Q7QDEPVM&gtm=45je3b11v869237597z872329432&_p=1699019904376&gcd=11l1l1l1l1&cid=204987845.1699019904&ul=en-us&sr=1600x1200&_s=1&dp=%2F&sid=1699019904&sct=1&seg=0&dl=http%3A%2F%2Fwww.gofanvan.com%2F&dt=%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92app_%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92app%E4%B8%8B%E8%BD%BD_%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92%E6%97%A0%E9%99%90%E8%A7%82%E7%9C%8B%E7%89%88&en=page_view&_fv=1&_ss=1&ep.brand=AFSI&ep.page_category=Home&ep.page_name=&ep.link_title=&ep.language_locale=en-US&ep.google_click_id=&tfd=3719
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-09Q7QDEPVM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 13:58:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.gofanvan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 72ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-09Q7QDEPVM&gtm=45je3b11v869237597&_p=1699019904376&gcd=11l1l1l1l1&cid=204987845.1699019904&ul=en-us&sr=1600x1200&_eu=AEA&_s=2&dp=%2F&sid=1699019904&sct=1&seg=0&dl=http%3A%2F%2Fwww.gofanvan.com%2F&dt=%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92app_%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92app%E4%B8%8B%E8%BD%BD_%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92%E6%97%A0%E9%99%90%E8%A7%82%E7%9C%8B%E7%89%88&en=scroll&ep.brand=AFSI&ep.page_category=Home&ep.page_name=&ep.link_title=&ep.language_locale=en-US&ep.google_click_id=&epn.percent_scrolled=90&_et=8&tfd=3737
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-09Q7QDEPVM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 13:58:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.gofanvan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 208ms
121ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=30669eb8-55d7-44d3-b81e-8cc15a6f3033&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6374a65d-32be-4043-8c7c-0f9fa3814a2d&tw_document_href=http%3A%2F%2Fwww.gofanvan.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzpqj&type=javascript&version=2.3.29

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-response-time: 102
date: Fri, 03 Nov 2023 13:58:24 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 67c16bda59b406bb
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 247969a69e0a56ebc7fb877c111711ac93c11cf4be9ab1d39d973e308a913f74
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 197ms
131ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=30669eb8-55d7-44d3-b81e-8cc15a6f3033&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6374a65d-32be-4043-8c7c-0f9fa3814a2d&tw_document_href=http%3A%2F%2Fwww.gofanvan.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzpqj&type=javascript&version=2.3.29

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-response-time: 109
date: Fri, 03 Nov 2023 13:58:24 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 3285a3bb2c04be0d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7b6813502a68dca903e75668acdecd863f71d219dba627d0fdb5b6f4513d7c42
content-length: 43

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 105ms
46ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-49404584-2&cid=204987845.1699019904&jid=888342503&_u=aGDAAEAABAAAACAAI~&z=1448347717

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 13:58:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 104ms
46ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-49404584-2&cid=204987845.1699019904&jid=888342503&_u=aGDAAEAABAAAACAAI~&z=1448347717

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 13:58:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 980292278791072 Show response
connect.facebook.net/signals/config/ 124 KB
33 KB 38ms
14ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/980292278791072?v=2.9.138&r=stable&domain=www.gofanvan.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cefcda13529ed66142dd177226e9d6faf6bcf583890d9a9a028ca2130da572a5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Nov 2023 13:58:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33414
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: HPNS0g8qLd5tIk3RIMW7ny2PkyRyzU2p3Zamg+HSk0JREs+9GY41FcR0nbtxhIx8+fAJdRNjXAvgAVytY5/sfg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 83ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=980292278791072&ev=PageView&dl=http%3A%2F%2Fwww.gofanvan.com&rl=&if=false&ts=1699019904849&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1699019904835.484071222&cs_est=true&pm=1&hrl=b364c8&ler=empty&it=1699019904733&coo=false&cs_cc=1&cas=2145870122178056&rqm=GET

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Nov 2023 13:58:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK pj Show response
e.acuityplatform.com/ 149 B
591 B 125ms
37ms Script
text/javascript 154.59.122.94
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://e.acuityplatform.com/pj?pk=6945439238423952339&pu=http%3A%2F%2Fwww.gofanvan.com%2F&pixelKey=6945439238423952339
Requested by: Host: origin.acuityplatform.com
URL: https://origin.acuityplatform.com/event/v2/pixel.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 154.59.122.94 Secaucus, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: /
Resource Hash: e4142b08bb91c6729ce36efd4ad1ef33c7a9b8b02f75066b0c2d0c748392fc4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: *
content-length: 149
content-type: text/javascript

GET
H/1.1 200
OK dnb_coretag_v5.min.js Show response
cdn-0.d41.co/tags/ 74 KB
25 KB 70ms
29ms Script
application/javascript 18.64.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-0.d41.co/tags/dnb_coretag_v5.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFMJ69
Protocol: HTTP/1.1
Server: 18.64.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-101.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5550fc0f2e7f9c356e72130670291ad4dc71f6ed65a2f856d3092f6bc0c28030

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 c25b1f7aa410c3a4dd235dd71a0d38e8.cloudfront.net (CloudFront)
Date: Fri, 03 Nov 2023 13:34:59 GMT
Last-Modified: Thu, 18 Nov 2021 14:57:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: TXL50-P3
Age: 1425
ETag: W/"13bc1e6c74c25b3098a3b54b58b70b3c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: OZKfQ_SYQYhbpOl2OT8urSaSDgIb96Qt2debmnyCyVTt8tZEX78rUw==

GET
H/1.1 200
OK api Show response
api1944.d41.co/ 44 B
709 B 123ms
123ms Fetch
application/json 54.163.64.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://api1944.d41.co/api?req=api1944&form=json

Requested by

Host: cdn-0.d41.co
URL: http://cdn-0.d41.co/tags/dnb_coretag_v5.min.js

Protocol

HTTP/1.1

Server

54.163.64.102 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-163-64-102.compute-1.amazonaws.com

Software

Resource Hash

dbab4e063d603516e132adf2c298cb16782a431e99fcbc14ca665aed0f841842

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';
Date: Fri, 03 Nov 2023 13:58:25 GMT
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
access-control-allow-origin: http://www.gofanvan.com
Cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 44
X-XSS-Protection: 1; mode=block

GET
H2 200 zb.css
www.muguacdn.com/webfile/css/ Frame CBE3 2 KB
840 B 5270ms
3062ms Stylesheet
text/css 103.215.36.141

General

Check archive.org

Show headers Download Go to

Full URL

https://www.muguacdn.com:8888/webfile/css/zb.css

Requested by

Host: ssdioe0242.xyz
URL: https://ssdioe0242.xyz/?channelCode=gg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.215.36.141 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

16c68a33d67f14f0e0d7f580b295ed7736c721d4db2d998ff9be09475f58ee17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssdioe0242.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:58:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 28 Jun 2023 07:00:34 GMT
server: nginx
etag: W/"649bda92-761"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *

GET
H2 200 consoleban.js Show response
www.muguacdn.com/webfile/js/ Frame CBE3 3 KB
1 KB 5289ms
3082ms Script
application/javascript 103.215.36.141

General

Check archive.org

Show headers Download Go to

Full URL

https://www.muguacdn.com:8888/webfile/js/consoleban.js

Requested by

Host: ssdioe0242.xyz
URL: https://ssdioe0242.xyz/?channelCode=gg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.215.36.141 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

fd9aed963c56694f2725f74e8c5c95a84b0766e0ebe5866cd11f7f21f2613e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssdioe0242.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:58:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 03 Jul 2023 10:53:59 GMT
server: nginx
etag: W/"64a2a8c7-a16"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 d0921c4c87f24.jpg
www.muguacdn.com/webfile/image/ Frame CBE3 14 KB
0 6123ms
3916ms Image
image/jpeg 103.215.36.141

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.muguacdn.com:8888/webfile/image/d0921c4c87f24.jpg

Requested by

Host: ssdioe0242.xyz
URL: https://ssdioe0242.xyz/?channelCode=gg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.215.36.141 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssdioe0242.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:58:30 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 30 Jun 2023 09:42:42 GMT
server: nginx
etag: "649ea392-16f8f"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 94095

GET
H2 200 06e1c2876cb0d.js
www.muguacdn.com/webfile/image/ Frame CBE3 115 KB
0 5560ms
3353ms Image
application/javascript 103.215.36.141

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.muguacdn.com:8888/webfile/image/06e1c2876cb0d.js

Requested by

Host: ssdioe0242.xyz
URL: https://ssdioe0242.xyz/?channelCode=gg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.215.36.141 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssdioe0242.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:58:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 30 Jun 2023 09:42:08 GMT
server: nginx
etag: W/"649ea370-e9ec7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET 36d2a1ddd0b1f.js
www.muguacdn.com/webfile/image/ Frame CBE3 0
0

GET 452a24210c066.js
www.muguacdn.com/webfile/image/ Frame CBE3 0
0

GET aafe0d1b4a9d3.jpg
www.muguacdn.com/webfile/image/ Frame CBE3 0
0

GET a703755daf32a.png
www.muguacdn.com/webfile/image/ Frame CBE3 0
0

GET 87c0715ca89fa.js
www.muguacdn.com/webfile/image/ Frame CBE3 0
0

GET
H2 200 jquery-3.4.1.min.js Show response
www.muguacdn.com/webfile/js/ Frame CBE3 86 KB
34 KB 832ms
831ms Script
application/javascript 103.215.36.141

General

Check archive.org

Show headers Download Go to

Full URL

https://www.muguacdn.com:8888/webfile/js/jquery-3.4.1.min.js

Requested by

Host: ssdioe0242.xyz
URL: https://ssdioe0242.xyz/?channelCode=gg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.215.36.141 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssdioe0242.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:58:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 28 Jun 2023 07:00:34 GMT
server: nginx
etag: W/"649bda92-15851"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET qrcode.min.js
www.muguacdn.com/webfile/js/ Frame CBE3 0
0

GET openinstall.js
www.muguacdn.com/webfile/js/ Frame CBE3 0
0

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 437ms
437ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1888619133&si=f6424ccaf3c021f74833af7f9ec45467&v=1.3.0&lv=1&sn=25031&r=0&ww=1600&u=http%3A%2F%2Fwww.gofanvan.com%2F&tt=%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92app_%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92app%E4%B8%8B%E8%BD%BD_%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92%E6%97%A0%E9%99%90%E8%A7%82%E7%9C%8B%E7%89%88

Requested by

Host: www.gofanvan.com
URL: http://www.gofanvan.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Nov 2023 13:58:26 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 32ms
31ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-09Q7QDEPVM&gtm=45je3b11v869237597z872329432&_p=1699019904376&gcd=11l1l1l1l1&cid=204987845.1699019904&ul=en-us&sr=1600x1200&_s=3&dp=%2F&sid=1699019904&sct=1&seg=0&dl=http%3A%2F%2Fwww.gofanvan.com%2F&dt=%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92app_%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92app%E4%B8%8B%E8%BD%BD_%E6%89%A3%E6%89%A3%E4%BC%A0%E5%AA%92%E6%97%A0%E9%99%90%E8%A7%82%E7%9C%8B%E7%89%88&en=custom_scroll&ep.brand=AFSI&ep.page_category=Home&ep.page_name=&ep.link_title=&ep.language_locale=en-US&ep.google_click_id=&_et=4&tfd=8737
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-09Q7QDEPVM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.gofanvan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 13:58:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.gofanvan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.muguacdn.com
URL: https://www.muguacdn.com:8888/webfile/image/36d2a1ddd0b1f.js

Domain: www.muguacdn.com
URL: https://www.muguacdn.com:8888/webfile/image/452a24210c066.js

Domain: www.muguacdn.com
URL: https://www.muguacdn.com:8888/webfile/image/aafe0d1b4a9d3.jpg

Domain: www.muguacdn.com
URL: https://www.muguacdn.com:8888/webfile/image/a703755daf32a.png

Domain: www.muguacdn.com
URL: https://www.muguacdn.com:8888/webfile/image/87c0715ca89fa.js

Domain: www.muguacdn.com
URL: https://www.muguacdn.com:8888/webfile/js/qrcode.min.js

Domain: www.muguacdn.com
URL: https://www.muguacdn.com:8888/webfile/js/openinstall.js

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gofanvan.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 88eqtm38de39slav3pc9nem554
.gofanvan.com/	1970-01-20 15:58:26	Name: _gid Value: GA1.2.1090303529.1699019904
.gofanvan.com/	1970-01-20 18:06:35	Name: _gcl_au Value: 1.1.1935828429.1699019905
.gofanvan.com/	1970-01-20 15:56:59	Name: _gat_UA-49404584-2 Value: 1
.gofanvan.com/	1970-01-20 15:56:59	Name: _gat_UA-116118065-1 Value: 1
.gofanvan.com/	1970-01-21 01:32:59	Name: _ga Value: GA1.1.204987845.1699019904
.gofanvan.com/	1970-01-21 01:32:59	Name: _ga_09Q7QDEPVM Value: GS1.1.1699019904.1.0.1699019904.0.0.0
.simpli.fi/	1970-01-21 00:44:02	Name: suid Value: B49EA0798A444E59AA5F76F297B9B2E9
.gofanvan.com/	1970-01-20 18:06:35	Name: _fbp Value: fb.1.1699019904835.484071222
.t.co/	1970-01-21 01:32:59	Name: muc_ads Value: 43c0f765-23ef-4125-b4e1-4969031776c3
.twitter.com/	1970-01-21 01:32:59	Name: personalization_id Value: "v1_amiEkRUJu2OxUXWnyZLCrg=="
.acuityplatform.com/	1970-01-21 00:42:35	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPr7hnZlcnNpb27C+w=="
.acuityplatform.com/	1970-01-21 00:42:35	Name: auid Value: 848116148452
.hm.baidu.com/	1970-01-21 01:32:59	Name: HMACCOUNT_BFESS Value: C7B1862727E3C1AB
.www.gofanvan.com/	1970-01-21 00:42:35	Name: Hm_lvt_f6424ccaf3c021f74833af7f9ec45467 Value: 1699019906
.www.gofanvan.com/	1969-12-31 23:59:59	Name: Hm_lpvt_f6424ccaf3c021f74833af7f9ec45467 Value: 1699019906

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amtrustfinancial.com
analytics.twitter.com
api1944.d41.co
cdn-0.d41.co
cdnjs.cloudflare.com
connect.facebook.net
e.acuityplatform.com
fonts.googleapis.com
fonts.gstatic.com
hm.baidu.com
origin.acuityplatform.com
pixel.streetmetrics.io
region1.google-analytics.com
ssdioe0242.xyz
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tag.simpli.fi
thefontzone.com
use.fontawesome.com
www.facebook.com
www.gofanvan.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.muguacdn.com
www.muguacdn.com
103.215.36.141
103.235.46.191
104.244.42.195
104.244.42.5
107.162.145.170
146.75.116.157
154.59.122.94
154.92.245.81
18.172.226.51
18.172.226.57
18.64.103.101
2001:4860:4802:34::36
23.57.31.196
2606:4700::6811:190e
2606:4700:e0::ac40:660b
2606:4700:e0::ac40:6d1a
2a00:1450:4001:800::200e
2a00:1450:4001:801::2003
2a00:1450:4001:806::2003
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2004
2a00:1450:400c:c0c::9c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.162.38.61
35.234.162.151
45.204.244.227
54.163.64.102
61.4.118.232
03c22ae111e8f46a46b153ab71e772e8da6f67f5adffcb46eb1394b489fa4bba
0750be575b9faf74611be800cf1307f0e81da31d565ede12232dee6d18bb5622
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d0ec59dba1f1a109e723185123451e15c9d63a8b59c0f4b8ab20d4895d9863f
16c68a33d67f14f0e0d7f580b295ed7736c721d4db2d998ff9be09475f58ee17
1923083115d47a1f2b2f8b11830c8b2a6f557942085909ee32b114ac0e4ebb01
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
257daef59700b65d38e869ef8edf3625013eac03ca3952b53b3d11eaf62ad8a7
3beea1ab5bb7559d6b8cbde371b589f841171b9acfc244a80bbf7fae88b7bb44
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
49962e37ac194b49ef778d577253d2721f9118c98bc778bc557dd1f1c54b2c68
5550fc0f2e7f9c356e72130670291ad4dc71f6ed65a2f856d3092f6bc0c28030
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
64aa4c1ba28586a85407faad92ce93d1d0b12654868464951e81df0d4a49683f
65e5e0eead2d624827110ad678b0214c2f481de3419814efbb43370920438482
6a0c848063b51aee6860b1501c3567ab6b7dc5e6e9ca55e2043e4ad7e3d12fb5
6f294962d8caf3657a07504d3bd6fd605bc692e65467567d621f6f672c4cf638
70d66dbd8b6212f0e2c15f20c6a2337b77a07e6738ffbd52431bd70027623814
7565ecaa561390f020221f83a8bebf9e101d0c721ad28b6242a9c377fa479d05
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d85cc1e7af5e9c78ce63c70ea06b903b3f13b418a278af1990b62eb6a4eef95
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89cf66cb9de8da20fc15e9953845dd4d1de2c0fb465c827a09d818449222c533
8a82cc83a33a9c20499d4283b92b75483f34f2defb2174edde64a721ae2231ac
908453ea86584d4a3acf20a82fb4ccb53fe99d97e7ee54be556f465653d0708a
95b39284792a314f83598e0404f30076babaea47894abe2e97a5b8abe3cea992
9e668a1b50299bd65857d3d1a68ff3199ed48fdf7d6654990e1adc29abddf6fb
9edca158cd7aa7d57dd400b77a6fccb0b22187fda4a53558a8a61e89c742fe40
a1079dd5bbce1a75dcc7d381240a343cc3c319ce0efe19373451a7504d7bd7ea
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afcfa433d142d6f10e33a9a4f164a0fe427f3818ea9234f628b2ba13c0d30954
bbe62f3bbdef809095783f1941070481d53a361e456cb1ddadc68910ebb9e65c
bceddbb3a8bc2e836e861f0df2f652f0d5bbaf29b37272b748847e3bd9bdf37b
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cc308be27791dc58e7ce19f0d245ef66b8eb6975b8c7ae22d97c09927c84dc48
cefcda13529ed66142dd177226e9d6faf6bcf583890d9a9a028ca2130da572a5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d15efbacc5da885b2918049176ae093ac55d0049c4c8c7d0f986e07269860420
d70ad384274d7ad851a6ed14367f4df3559b7c4aa4fbfd4f94b136426dce4532
dafc62fed2b1a2b569547be31ff3e9f58c4e702e85c021c3a2ffe2bcfbd35a9d
dbab4e063d603516e132adf2c298cb16782a431e99fcbc14ca665aed0f841842
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1de4c1f2e6d7d51bcc5e360f4a59407ae9813309e5e98de5089191858dc4fbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4142b08bb91c6729ce36efd4ad1ef33c7a9b8b02f75066b0c2d0c748392fc4e
e9e54de5ec7d3721d0c06b19cdd36fa808e312f43f879f99dae5d2e8b369e887
ee74662fa7968939e4f88ae72372432a502fcd71092a754f8680e8fb07bbeeab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3efeeb5de0b4e9dc7529bc58ff3ff356e6394e0d53c4d1baa41ffd98009da18
f6a68ad4b1a8fdc1afa652c51b0b2d99770939a2c5bf265d5755fcc6dd7649d5
fd9aed963c56694f2725f74e8c5c95a84b0766e0ebe5866cd11f7f21f2613e25

www.gofanvan.com Open in urlscan Pro 154.92.245.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

44 %HTTPS

43 %IPv6

25 Domains

28 Subdomains

30 IPs

5 Countries

3364 kBTransfer

5022 kBSize

16 Cookies

0 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

www.gofanvan.com Open in urlscan Pro
154.92.245.81 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

44 %
HTTPS

43 %
IPv6

25
Domains

28
Subdomains

30
IPs

5
Countries

3364 kB
Transfer

5022 kB
Size

16
Cookies

86 HTTP transactions
0 data transactions