urlscan.io logo urlscan.io
SecurityTrails logo

www.sandhillslogin.com Open in urlscan Pro
104.18.5.194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sandhillslogin.com/
Effective URL: https://www.sandhillslogin.com/
Submission: On April 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 21 HTTP transactions. The main IP is 104.18.5.194, located in and belongs to CLOUDFLARENET, US. The main domain is www.sandhillslogin.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2023. Valid for: a year.
This is the only time www.sandhillslogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 104.18.5.194 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2600:9000:20e... 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.43.14 8068 (MICROSOFT...)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 12
5    104.18.5.194 (None, )

ASN13335 (CLOUDFLARENET, US)
sandhillslogin.com
www.sandhillslogin.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2600:9000:20eb:c200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
Apex Domain
Subdomains		 Transfer
5 sandhillslogin.com
sandhillslogin.com
www.sandhillslogin.com
50 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
www.linkedin.com — Cisco Umbrella Rank: 779
px4.ads.linkedin.com — Cisco Umbrella Rank: 6554
3 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 519
13 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
region1.google-analytics.com — Cisco Umbrella Rank: 1718
20 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
239 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
136 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
159 KB
1 google.de
ampcid.google.de — Cisco Umbrella Rank: 43848
373 B
1 google.com
ampcid.google.com — Cisco Umbrella Rank: 2680
444 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604
369 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1365
5 KB
21 11
Domain Requested by
4 www.sandhillslogin.com www.sandhillslogin.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.sandhillslogin.com
2 www.facebook.com www.sandhillslogin.com
2 px.ads.linkedin.com 2 redirects
2 connect.facebook.net www.sandhillslogin.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.sandhillslogin.com
www.googletagmanager.com
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 px4.ads.linkedin.com www.sandhillslogin.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 snap.licdn.com www.googletagmanager.com
1 sandhillslogin.com 1 redirects
21 15

This site contains no links.

Subject Issuer Validity Valid
sandhillslogin.com
Cloudflare Inc ECC CA-3		 2023-04-09 -
2024-04-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-01 -
2023-05-02		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-02-24 -
2023-08-06		 5 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.sandhillslogin.com/
Frame ID: 60816A0660746622C8CA917BCBC29081
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sandhills STS

Page URL History Show full URLs

  1. http://sandhillslogin.com/ HTTP 301
    https://www.sandhillslogin.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

95 %
HTTPS

85 %
IPv6

11
Domains

15
Subdomains

12
IPs

3
Countries

385 kB
Transfer

1248 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sandhillslogin.com/ HTTP 301
    https://www.sandhillslogin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4254892&time=1682351112087&url=https%3A%2F%2Fwww.sandhillslogin.com%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4254892%26time%3D1682351112087%26url%3Dhttps%253A%252F%252Fwww.sandhillslogin.com%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4254892&time=1682351112087&url=https%3A%2F%2Fwww.sandhillslogin.com%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4254892&time=1682351112087&url=https%3A%2F%2Fwww.sandhillslogin.com%2F&liSync=true&e_ipv6=AQKkZQcHI8PUAgAAAYez8MFMGFsKSXIZHVJqMcJU2WH8bHKqO8lTauq705Nzp7rmIbY5Wpzc

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sandhillslogin.com/
Redirect Chain
  • http://sandhillslogin.com/
  • https://www.sandhillslogin.com/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sandhillslogin.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.5.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8aa41d2d1ffec83f6bd701aa3d7a78fa4f88fed677526c4f9eb422c3a13eb608

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
7bcf78c8197fbbeb-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 24 Apr 2023 15:45:11 GMT
expires
-1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
4.0
x-powered-by
ASP.NET

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
7bcf78c36c3f363f-FRA
Cache-Control
private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Mon, 24 Apr 2023 15:45:10 GMT
Location
https://www.sandhillslogin.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
4.0
X-Powered-By
ASP.NET
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
modernizr
www.sandhillslogin.com/bundles/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sandhillslogin.com/bundles/js/modernizr?v=qVODBytEBVVePTNtSFXgRX0NCEjh9U_Oj8ePaSiRcGg1
Requested by
Host: www.sandhillslogin.com
URL: https://www.sandhillslogin.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.5.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e5c283757f4c989d17cc064ae4a058b466a4b912356adaab87f06da80b7da39f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:45:11 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 24 Apr 2023 15:45:11 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
public
cf-ray
7bcf78ccfb8bbbeb-FRA
content-length
5233
expires
Tue, 23 Apr 2024 15:45:11 GMT
site
www.sandhillslogin.com/bundles/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sandhillslogin.com/bundles/css/site?v=9gQwKiNNZ952PPDW3fIKDSzS03EBUc8a75NXmaTeyBU1
Requested by
Host: www.sandhillslogin.com
URL: https://www.sandhillslogin.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.5.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8fb165ba80152f9b00f7c1d0041574ca209e5e945567b22827d2995114ba86b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:45:11 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 24 Apr 2023 15:45:11 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
content-type
text/css; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
public
cf-ray
7bcf78ccfb8cbbeb-FRA
content-length
1067
expires
Tue, 23 Apr 2024 15:45:11 GMT
jquery
www.sandhillslogin.com/bundles/js/ 		91 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sandhillslogin.com/bundles/js/jquery?v=JzhfglzUfmVF2qo-weTo-kvXJ9AJvIRBLmu11PgpbVY1
Requested by
Host: www.sandhillslogin.com
URL: https://www.sandhillslogin.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.5.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4f7602d5c90b10fe90158dec644785df672c2f340257b04b21884e03ea0e7e32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:45:11 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 24 Apr 2023 15:45:11 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
public
cf-ray
7bcf78ccfb8dbbeb-FRA
content-length
42512
expires
Tue, 23 Apr 2024 15:45:11 GMT
gtm.js
www.googletagmanager.com/ 		345 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N6K7FFV
Requested by
Host: www.sandhillslogin.com
URL: https://www.sandhillslogin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
060f5179e9874fe65c2a8e2cb87c516a22cb204a6081b697c4c8a2d58a1736b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:45:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86616
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Apr 2023 15:45:11 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6K7FFV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 24 Apr 2023 14:27:45 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4647
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 24 Apr 2023 16:27:45 GMT
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sandhillslogin.com
URL: https://www.sandhillslogin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 24 Apr 2023 15:45:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
XMeXFj33FVI9w/GOEPBIUEKLX14k5wtrhf3k4VCS2ZXnTZp/+ucceeF3QmphVVsijp7Q7DBwH0xV2wKiK0bWRg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6K7FFV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 24 Apr 2023 15:45:11 GMT
last-modified
Thu, 20 Apr 2023 19:01:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5BD72AD1B76C4BCB9A9F4421DEF64B56 Ref B: FRAEDGE1718 Ref C: 2023-04-24T15:45:12Z
etag
"808c558fba73d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12036
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6K7FFV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:45:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=81666
accept-ranges
bytes
content-length
4777
js
www.googletagmanager.com/gtag/ 		210 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZQCH6QZFWG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N6K7FFV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
238ac23b86f20624cb0707c8d90d5fc06ca279d52c8b4bb2d46cfaf0ef43291c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:45:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76049
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 24 Apr 2023 15:45:12 GMT
token
cdn.linkedin.oribi.io/partner/4254892/domain/sandhillslogin.com/ 		36 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4254892/domain/sandhillslogin.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:c200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.sandhillslogin.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:45:12 GMT
content-encoding
gzip
via
1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
WnlEL7EYl858NP4nyqd5B3DV7JHERuXOc7W0yJ8bQ1BYiXsgqBGeNA==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4254892&time=1682351112087&url=https%3A%2F%2Fwww.sandhillslogin.com%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4254892%26time%3D1682351112087%26url%3Dhttps%253A%252F%252Fwww.sandhillslogin.com...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4254892&time=1682351112087&url=https%3A%2F%2Fwww.sandhillslogin.com%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4254892&time=1682351112087&url=https%3A%2F%2Fwww.sandhillslogin.com%2F&liSync=true&e_ipv6=AQKkZQcHI8PUAgAAAYez8MFMGFsKSXIZHVJqMcJU2WH8bHKqO8lTauq...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4254892&time=1682351112087&url=https%3A%2F%2Fwww.sandhillslogin.com%2F&liSync=true&e_ipv6=AQKkZQcHI8PUAgAAAYez8MFMGFsKSXIZHVJqMcJU2WH8bHKqO8lTauq705Nzp7rmIbY5Wpzc
Requested by
Host: www.sandhillslogin.com
URL: https://www.sandhillslogin.com/
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:45:12 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 1EC055746A41471C84EE85FE4F491F73 Ref B: VIEEDGE2621 Ref C: 2023-04-24T15:45:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6FuR1XqBMV5BJXmpuqA==

Redirect headers

date
Mon, 24 Apr 2023 15:45:12 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 4A8A958665094F9880F0E913C45E01BC Ref B: FRAEDGE1419 Ref C: 2023-04-24T15:45:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4254892&time=1682351112087&url=https%3A%2F%2Fwww.sandhillslogin.com%2F&liSync=true&e_ipv6=AQKkZQcHI8PUAgAAAYez8MFMGFsKSXIZHVJqMcJU2WH8bHKqO8lTauq705Nzp7rmIbY5Wpzc
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6FuRy/DHGYqVQnM7e8A==
141980866484966
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/141980866484966?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9c3a8d821b16d88f77f6773a10f87657d4cde3bfa5bfa4b01ce9fce041d5f1ff
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 24 Apr 2023 15:45:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110424
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
91e0GB37L3mdq45tst2VBiLr8IKZhe7iJGp4adIy13ekfQxbgOvosbuqIeFSiFsxTlP5pGCd31hK4yTy+11gjw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
16009125.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/16009125.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 24 Apr 2023 15:45:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E0D165D03304417586DCA71ECDFE98CF Ref B: FRAEDGE1718 Ref C: 2023-04-24T15:45:12Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=16009125&tm=gtm002&Ver=2&mid=46457ed3-725e-427c-bfc5-a8eb4115fe26&sid=ffc20b20e2b611edade2df96b1af7a92&vid=ffc21e10e2b611edaa1f339771068cd4&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sandhills%20STS&p=https%3A%2F%2Fwww.sandhillslogin.com%2F&r=&lt=2143&evt=pageLoad&sv=1&rn=795070
Requested by
Host: www.sandhillslogin.com
URL: https://www.sandhillslogin.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 15:45:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3B56596AA4BC479BA7FEA517A141E310 Ref B: FRAEDGE1718 Ref C: 2023-04-24T15:45:12Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=141980866484966&ev=PageView&dl=https%3A%2F%2Fwww.sandhillslogin.com%2F&rl=&if=false&ts=1682351112140&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682351112139.993558086&it=1682351112097&coo=false&rqm=GET
Requested by
Host: www.sandhillslogin.com
URL: https://www.sandhillslogin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 24 Apr 2023 15:45:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZQCH6QZFWG&gtm=45je34j0&_p=2051668554&cid=272107854.1682351112&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Fwww.sandhillslogin.com%2F&sid=1682351112&sct=1&seg=0&dt=Sandhills%20STS&en=page_view&_fv=1&_nsi=1&_ss=1&ep.useAmpClientId=true&ep.customTask=function(b)%7Btry%7Ba%26%26b.set(%22dimension%22%2BString(a)%2Cb.get(%22clientId%22))%7Dcatch(c)%7Bconsole.log(c)%7D%7D&ep.authenticationLoggedIn=false&ep.containerId=GTM-N6K7FFV&ep.containerVersion=321&ep.globalUserTimezoneTimestamp=Mon%20Apr%2024%202023%2015%3A45%3A12%20GMT%2B0000%20(GMT)&ep.globalSessionId=1682351112028.zct1s1a7&epn.globalUserTimezoneOffset=0&ep.globalJsNavigatorUserAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&ep.globalResponsiveBreakpoint=desktop&ep.globalShowClosestFirstEnabled=false&ep.item_category=null&ep.item_category_id=null&ep.allowLinker=true&ep.IsMobileAppContext=null
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZQCH6QZFWG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 15:45:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sandhillslogin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sandhillslogin.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 15:45:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.sandhillslogin.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
publisher:getClientId
ampcid.google.de/v1/ 		3 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.sandhillslogin.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 24 Apr 2023 15:45:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.sandhillslogin.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
collect
www.google-analytics.com/j/ 		3 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2051668554&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandhillslogin.com%2F&ul=en-us&de=UTF-8&dt=Sandhills%20STS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAQCACAFK~&jid=220650339&gjid=1257173506&cid=272107854.1682351112&tid=UA-18085307-182&_gid=1114153072.1682351112&_r=1&_slc=1&gtm=45He34j0n81N6K7FFV&cd1=false&cd2=GTM-N6K7FFV&cd3=321&cd5=Mon%20Apr%2024%202023%2015%3A45%3A12%20GMT%2B0000%20(GMT)&cd6=1682351112037.v1e26soh&cd7=0&cd8=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F112.0.5615.121%20Safari%2F537.36&cd9=desktop&cd11=Global%20-%20Page%20Views&cd12=false&cd14=null&cd15=null&cd22=https%3A%2F%2Fwww.sandhillslogin.com%2F&cd24=null&cd10=272107854.1682351112&z=1430853436
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sandhillslogin.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Apr 2023 15:45:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sandhillslogin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=141980866484966&ev=Microdata&dl=https%3A%2F%2Fwww.sandhillslogin.com%2F&rl=&if=false&ts=1682351113643&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sandhills%20STS%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.102&r=stable&ec=1&o=30&fbp=fb.1.1682351112139.993558086&it=1682351112097&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sandhillslogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 24 Apr 2023 15:45:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| html5 object| Modernizr object| dataLayer function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq string| _linkedin_data_partner_id function| lintrk boolean| _already_called_lintrk function| UET function| UET_init function| UET_push object| ueto_2bbe1c753c object| uetq object| gaGlobal object| gaplugins object| gaData

17 Cookies

Domain/Path Name / Value
sandhillslogin.com/ Name: BIGipServerwww.sandhillslogin.com_http_pool
Value: 3296897216.20480.0000
.sandhillslogin.com/ Name: _uetsid
Value: ffc20b20e2b611edade2df96b1af7a92
.sandhillslogin.com/ Name: _uetvid
Value: ffc21e10e2b611edaa1f339771068cd4
.sandhillslogin.com/ Name: _fbp
Value: fb.1.1682351112139.993558086
.bing.com/ Name: MUID
Value: 1D965AD329E06018046E482E28E0619B
.sandhillslogin.com/ Name: _ga_ZQCH6QZFWG
Value: GS1.1.1682351112.1.0.1682351112.0.0.0
www.sandhillslogin.com/ Name: ln_or
Value: eyI0MjU0ODkyIjoiZCJ9
.linkedin.com/ Name: UserMatchHistory
Value: AQKopwLSFAF-0QAAAYez8MAq7zPonThU_w5U7V8pRLB4nyVUqFgr2ySO2Odd3DDR24HQk7UKkFWvxQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLZPIJKuSlrHwAAAYez8MAqQHFNmPpoutICe3NWfVEns5-cofuTBRS1Y6_dMnI6GzMVZyVXeN4kfuZsHytOfw
.linkedin.com/ Name: bcookie
Value: "v=2&02554b26-b043-4b26-8243-9010169f2f0c"
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2908:u=1:x=1:i=1682351112:t=1682437512:v=2:sig=AQH3KG7gNexTaiytM5tV3bI-ePhvxyOB"
.sandhillslogin.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.sandhillslogin.com/ Name: _ga
Value: GA1.2.272107854.1682351112
.sandhillslogin.com/ Name: _gid
Value: GA1.2.1114153072.1682351112
.sandhillslogin.com/ Name: _gat_UA-18085307-182
Value: 1
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230424154512fc8c537e-8cf7-4a9f-8e0f-b47b876cd61eAQGGmxU-XnZPLsRM8T8xlZIHcWpubjaS"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODIzNTExMTI7MjswMjFFRpvKUXSESNhIjrHP52nwqolYmj4HhcZQ+4viWDoqsQ==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.com
ampcid.google.de
bat.bing.com
cdn.linkedin.oribi.io
connect.facebook.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
sandhillslogin.com
snap.licdn.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.sandhillslogin.com
104.18.5.194
13.107.43.14
2001:4860:4802:32::36
2600:9000:20eb:c200:2:53b2:240:93a1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:808::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:829::200e
2a00:1450:4001:831::2008
2a02:26f0:3500:16::215:149b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
060f5179e9874fe65c2a8e2cb87c516a22cb204a6081b697c4c8a2d58a1736b1
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
238ac23b86f20624cb0707c8d90d5fc06ca279d52c8b4bb2d46cfaf0ef43291c
4f7602d5c90b10fe90158dec644785df672c2f340257b04b21884e03ea0e7e32
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
8aa41d2d1ffec83f6bd701aa3d7a78fa4f88fed677526c4f9eb422c3a13eb608
8fb165ba80152f9b00f7c1d0041574ca209e5e945567b22827d2995114ba86b5
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9c3a8d821b16d88f77f6773a10f87657d4cde3bfa5bfa4b01ce9fce041d5f1ff
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c283757f4c989d17cc064ae4a058b466a4b912356adaab87f06da80b7da39f
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f