s3.amazonaws.com Open in urlscan Pro
52.216.62.56 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://l.e-mail.hearstmags.com/rts/go2.aspx?h=978467&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK&x=navala...
Effective URL:
https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html?websrc=e3mKfxPkPWCNG9UR1Z65LODBgM...
Submission: On December 23 via manual (December 23rd 2022, 2:43:55 pm UTC) from US — Scanned from DE

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 26 HTTP transactions. The main IP is 52.216.62.56, located in Ashburn, United States and belongs to AMAZON-02, US. The main domain is s3.amazonaws.com.
TLS certificate: Issued by Amazon on April 1st 2022. Valid for: a year.

This is the only time s3.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Outlook Web Access (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 2	173.213.4.162 173.213.4.162	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
1 3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.216.62.56 52.216.62.56	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:350... 2a02:26f0:3500:594::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.208.255.201 74.208.255.201	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
26	9

2 173.213.4.162 (United States) 2 redirects

ASN53316 (ASN-CHEETA-MAIL, US)

l.e-mail.hearstmags.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

navalaifabricators.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.62.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:594::356e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.208.255.201 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: mail.ionos.com

mail.ionos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	79 KB
6	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 757 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2384	85 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	123 KB
4	s-microsoft.com c.s-microsoft.com — Cisco Umbrella Rank: 10979	125 KB
3	navalaifabricators.com 1 redirects navalaifabricators.com	13 KB
2	amazonaws.com s3.amazonaws.com	39 KB
2	hearstmags.com 2 redirects l.e-mail.hearstmags.com	1 KB
1	ionos.com mail.ionos.com — Cisco Umbrella Rank: 341986 Failed	37 KB
26	8

	Domain	Requested by
6	cdnjs.cloudflare.com	s3.amazonaws.com
4	cdn.jsdelivr.net	s3.amazonaws.com
4	c.s-microsoft.com	s3.amazonaws.com
4	stackpath.bootstrapcdn.com	s3.amazonaws.com
3	navalaifabricators.com	1 redirects navalaifabricators.com
2	maxcdn.bootstrapcdn.com	s3.amazonaws.com
2	s3.amazonaws.com	navalaifabricators.com s3.amazonaws.com
2	l.e-mail.hearstmags.com	2 redirects
1	mail.ionos.com	s3.amazonaws.com
26	9

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-05` - `2023-07-05`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
www.microsoft.com Microsoft Azure TLS Issuing CA 06	`2022-10-04` - `2023-09-29`	a year	crt.sh
mail.ionos.com GeoTrust EV RSA CA 2018	`2022-09-30` - `2023-10-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html?websrc=e3mKfxPkPWCNG9UR1Z65LODBgMj7kJpNTP1qkNS7CZaRfnZDgAR9KkpEerXHB9Bs4F8xO2u5yPjOsYT5EmA5PUnEZO10ilXqVc8Dpg8gIIY3aNcgQnTl3qcsZ64pxHEbYhcfeVuxAljzFF6S8QdwBRR53mlTBg148WXLmVov4baoBN8OU5nhShTDXprVXutmJh2H3vG6LC61Sat9TaLTsxG2BLR069RbjyAGOGfbf1iChu79jyOnrE0fbJG9sFL5dKHEb3mxseH1gbVbSfItHYkcGZwzLIL3n7iw8RDJl7CLdm&dispatch=371&id=428108
Frame ID: 41CAA2596BB74D7834E6F7504077E910
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

- Mail

Page URL History Show full URLs

http://l.e-mail.hearstmags.com/rts/go2.aspx?h=978467&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqK... HTTP 302
https://l.e-mail.hearstmags.com/rts/go2.aspx?h=978467&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqK... HTTP 302
https://navalaifabricators.com//servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s+xesvHJIiPPK1FANuKCJ6GfA... HTTP 301
https://navalaifabricators.com/servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s+xesvHJIiPPK1FANuKCJ6GfAM... Page URL
https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html Page URL
https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html?websrc=e3mKfx... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

26
Requests

96 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

500 kB
Transfer

1218 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://l.e-mail.hearstmags.com/rts/go2.aspx?h=978467&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK&x=navalaifabricators.com//servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s%2BxesvHJIiPPK1FANuKCJ6GfAMd48q1%2BzWokVctJ64uv0ACkt39%2Bs%3D|B2219DG3C|14.9700|i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK/jhgf HTTP 302
https://l.e-mail.hearstmags.com/rts/go2.aspx?h=978467&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK&x=navalaifabricators.com//servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s%2BxesvHJIiPPK1FANuKCJ6GfAMd48q1%2BzWokVctJ64uv0ACkt39%2Bs%3D|B2219DG3C|14.9700|i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK/jhgf HTTP 302
https://navalaifabricators.com//servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s+xesvHJIiPPK1FANuKCJ6GfAMd48q1+zWokVctJ64uv0ACkt39+s=&cds_response_key=B2219DG3C&cds_misc_1=14.9700&cds_misc_30=used_to_make_last_paramater_pass_correctly?source=Engage&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK/jhgf HTTP 301
https://navalaifabricators.com/servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s+xesvHJIiPPK1FANuKCJ6GfAMd48q1+zWokVctJ64uv0ACkt39+s=&cds_response_key=B2219DG3C&cds_misc_1=14.9700&cds_misc_30=used_to_make_last_paramater_pass_correctly?source=Engage&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK/jhgf Page URL
https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html Page URL
https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html?websrc=e3mKfxPkPWCNG9UR1Z65LODBgMj7kJpNTP1qkNS7CZaRfnZDgAR9KkpEerXHB9Bs4F8xO2u5yPjOsYT5EmA5PUnEZO10ilXqVc8Dpg8gIIY3aNcgQnTl3qcsZ64pxHEbYhcfeVuxAljzFF6S8QdwBRR53mlTBg148WXLmVov4baoBN8OU5nhShTDXprVXutmJh2H3vG6LC61Sat9TaLTsxG2BLR069RbjyAGOGfbf1iChu79jyOnrE0fbJG9sFL5dKHEb3mxseH1gbVbSfItHYkcGZwzLIL3n7iw8RDJl7CLdm&dispatch=371&id=428108 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://l.e-mail.hearstmags.com/rts/go2.aspx?h=978467&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK&x=navalaifabricators.com//servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s%2BxesvHJIiPPK1FANuKCJ6GfAMd48q1%2BzWokVctJ64uv0ACkt39%2Bs%3D|B2219DG3C|14.9700|i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK/jhgf HTTP 302
https://l.e-mail.hearstmags.com/rts/go2.aspx?h=978467&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK&x=navalaifabricators.com//servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s%2BxesvHJIiPPK1FANuKCJ6GfAMd48q1%2BzWokVctJ64uv0ACkt39%2Bs%3D|B2219DG3C|14.9700|i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK/jhgf HTTP 302
https://navalaifabricators.com//servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s+xesvHJIiPPK1FANuKCJ6GfAMd48q1+zWokVctJ64uv0ACkt39+s=&cds_response_key=B2219DG3C&cds_misc_1=14.9700&cds_misc_30=used_to_make_last_paramater_pass_correctly?source=Engage&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK/jhgf HTTP 301
https://navalaifabricators.com/servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s+xesvHJIiPPK1FANuKCJ6GfAMd48q1+zWokVctJ64uv0ACkt39+s=&cds_response_key=B2219DG3C&cds_misc_1=14.9700&cds_misc_30=used_to_make_last_paramater_pass_correctly?source=Engage&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK/jhgf

26 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

EmailGateway
navalaifabricators.com/servlet/
Redirect Chain

http://l.e-mail.hearstmags.com/rts/go2.aspx?h=978467&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK&x=navalaifabricators.com//servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s%...
https://l.e-mail.hearstmags.com/rts/go2.aspx?h=978467&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK&x=navalaifabricators.com//servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s...
https://navalaifabricators.com//servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s+xesvHJIiPPK1FANuKCJ6GfAMd48q1+zWokVctJ64uv0ACkt39+s=&cds_response_key=B2219DG3C&cds_misc_1=14.9700&cds_misc_30=us...
https://navalaifabricators.com/servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s+xesvHJIiPPK1FANuKCJ6GfAMd48q1+zWokVctJ64uv0ACkt39+s=&cds_response_key=B2219DG3C&cds_misc_1=14.9700&cds_misc_30=use...

33 KB
7 KB

322ms
321ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navalaifabricators.com/servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s+xesvHJIiPPK1FANuKCJ6GfAMd48q1+zWokVctJ64uv0ACkt39+s=&cds_response_key=B2219DG3C&cds_misc_1=14.9700&cds_misc_30=used_to_make_last_paramater_pass_correctly?source=Engage&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK/jhgf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 77e1df2dba076958-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 23 Dec 2022 14:43:50 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://navalaifabricators.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSClynC%2Feb9edxMV0jzhKBO%2BP3aiEPKjJzvTd3OOTWVK5EAsClxlZih0%2BK3qeKkckUDIoK%2FOoaYx6mXRjdM2Id2D%2B764hBak4d6yh3ITeHfj%2FZCcD4pYJxyubwqrdREI9NSvFB8QfoxYBoBhprics0y1s7DI"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 77e1df262b8a6958-FRA
content-type: text/html; charset=UTF-8
date: Fri, 23 Dec 2022 14:43:50 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://navalaifabricators.com/servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s+xesvHJIiPPK1FANuKCJ6GfAMd48q1+zWokVctJ64uv0ACkt39+s=&cds_response_key=B2219DG3C&cds_misc_1=14.9700&cds_misc_30=used_to_make_last_paramater_pass_correctly?source=Engage&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK/jhgf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RKONUQvflZ%2BeHKLefJjMWrGvyNrrRcRZtnrFKwfeyAlfqYkupl3GvHk%2FATb8aFUURhWIfLwmFm8RAm1udf4wMO4vVoeD4i24VJJh3cja55ZD1OXce%2BDjvFSUZ5r9IdJeujo0mkWe2q99i%2BLQLCB435xLdRx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-redirect-by: WordPress

GET
H3 200 wp-emoji-release.min.js
navalaifabricators.com/wp-includes/js/ 18 KB
5 KB 97ms
97ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://navalaifabricators.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: navalaifabricators.com
URL: https://navalaifabricators.com/servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s+xesvHJIiPPK1FANuKCJ6GfAMd48q1+zWokVctJ64uv0ACkt39+s=&cds_response_key=B2219DG3C&cds_misc_1=14.9700&cds_misc_30=used_to_make_last_paramater_pass_correctly?source=Engage&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK/jhgf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navalaifabricators.com/servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s+xesvHJIiPPK1FANuKCJ6GfAMd48q1+zWokVctJ64uv0ACkt39+s=&cds_response_key=B2219DG3C&cds_misc_1=14.9700&cds_misc_30=used_to_make_last_paramater_pass_correctly?source=Engage&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK/jhgf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:50 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Apr 2022 11:26:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSa2lT%2F06CBO6isedMIbXoOeBFNN%2Fr3fEcW4yyk5%2BxvQ2Cf4UzubpDwNoQXDHPwqqQLFswt9pIhmyNTfTcGrmVweF1aJibGvrHp5Ipgzwh%2BzB5P2Jwx3xuf%2B8200GyZFnjqkrLkorIYdKwkNm2VhEg2Q508u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77e1df301b4a9195-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK blue-index.html Show response
s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/ 19 KB
19 KB 349ms
132ms Document
text/html 52.216.62.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html
Requested by: Host: navalaifabricators.com
URL: https://navalaifabricators.com/servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s+xesvHJIiPPK1FANuKCJ6GfAMd48q1+zWokVctJ64uv0ACkt39+s=&cds_response_key=B2219DG3C&cds_misc_1=14.9700&cds_misc_30=used_to_make_last_paramater_pass_correctly?source=Engage&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK/jhgf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.62.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 83a9c904fcd9ad30dc639d035dd997101bc2c0bb0948cb84deacf00d3d587f24

Request headers

Referer: https://navalaifabricators.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: public,max-age=86400
Content-Length: 19190
Content-Type: text/html
Date: Fri, 23 Dec 2022 14:43:51 GMT
ETag: "5753cdb7333d74e7a9adb785baebeac9"
Last-Modified: Wed, 30 Nov 2022 21:23:07 GMT
Server: AmazonS3
x-amz-id-2: VzW+p4XgiJEyynPzIbNPB+SiNTzP6E4juo/d0hCfautyEl75Q5zFcWS415nTaTJV+RbrXXZQ9Q8=
x-amz-meta-app-version: test
x-amz-meta-appname: bubble-new
x-amz-request-id: 5V6JT8RET5X7Y1SS
x-amz-server-side-encryption: AES256
x-amz-version-id: ZmEd_ks1g0H7sx72XTUQlegI.22UTc30

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 51ms
27ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s3.amazonaws.com/
Origin: https://s3.amazonaws.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 863
age: 38247
cdn-cachedat: 11/18/2022 06:18:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e0c965daf4f2dfb802a99110ff91065f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 77e1df327d4a8ffe-FRA
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 44ms
16ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s3.amazonaws.com/
Origin: https://s3.amazonaws.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 38247
cdn-cachedat: 11/18/2022 06:18:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c2361b74cc8eb507cc0fccc6c79329f5
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 77e1df327ddb9c04-FRA
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 33 KB
34 KB 78ms
14ms Font
font/woff2 2a02:26f0:3500:594::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:594::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://s3.amazonaws.com/
Origin: https://s3.amazonaws.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:50 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "588d483e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=262702
accept-ranges: bytes
content-length: 34052
expires: Mon, 26 Dec 2022 15:42:12 GMT

GET
H2 200 vue@2.6.12 Show response
cdn.jsdelivr.net/npm/ 91 KB
35 KB 33ms
16ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.6.12

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29296ccacaa9ed35ed168fc51e36f54fd6f8db9c7786bbf38cc59a27229ba5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21757
x-jsd-version: 2.6.12
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19152-FRA, cache-yyz4535-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"16de6-5V3x99bCiO5z1Dm6sm3QBv/uevM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1Y0VPfi3hFa78dM0raRPTUJSO9%2BZ02PL5dUBVNzIYEe1ANjH2VO5P2P9%2BwTa%2BAcpxbxaWyZIuXZfY3TWbBvxk%2FFpo2Hs3HjqEpJlUNaHofzCwXHfSJDI7mYrahydNdNy2n4MVK0n4zzmObRd8I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 77e1df32dfca2be4-FRA

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 43ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3694896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8mChGbTGAHOq8X6zYeY5s37ByNoLLj30aB7oV7wuCY5B57x473QsMQ5h5QeIfiddlr1lOQ2qmNBbEKHCpHYib6%2Btz8%2BNd%2BWsYZWwE1DoWDZcbRypXeUFCXcUb2pOOIijBvM7S7ySEOKouU%2FtGx0nwJB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77e1df32ebf89945-FRA
expires: Wed, 13 Dec 2023 14:43:50 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 41ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 931316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6458
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDJMYJ6HFPFWy1boIclmW%2B%2BrmrjZ2lR0sc1PAqtHuhaUUcz1XuYdbu%2Fw5d94ETp5rRbtung%2FrnZUg3B0KvXtt5pkNoFkWrpAkWt87XWljmoKZvsw%2B91wt4vey69jnBdy1fy1Ske2AiMT5MjBuQIo5rgU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77e1df32ebf99945-FRA
expires: Wed, 13 Dec 2023 14:43:50 GMT

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
15 KB 30ms
21ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 565, 718, 718
age: 25741304
cdn-cachedat: 2021-06-08 18:02:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a9c552a6ef500abddb12a9852509d4ed
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 77e1df32cbfa9091-FRA
cdn-requestpullsuccess: True

GET
H2 200 lodash.min.js Show response
cdn.jsdelivr.net/npm/lodash@4.17.21/ 71 KB
27 KB 34ms
18ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lodash@4.17.21/lodash.min.js

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21865
x-jsd-version: 4.17.21
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19129-FRA, cache-yyz4541-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"11d37-roVLBAJduLf0j91t7fQed+rkQ5Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYE6l%2BEBb9bC4lDv%2BrdBHaGvbnF%2BcCErJmfC27ZuDeeWjkG0jZNtdP6IS42mcFuetyT0rYxHTsykHnfSuD0SadN7SSf7ePj2JiMv4SZv02HRqWVZhCryMvP8d4n9veDhrbjUaUG5KfcMDL8pWwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 77e1df32dfcc2be4-FRA

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/ 14 KB
5 KB 47ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/axios.min.js

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 153180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Tue, 22 Dec 2020 05:22:54 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fe182ae-3813"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlR7c5VHMywN63rl0yy1IY9URT6UiwPGGLNfFsMW22seVA7254dUIPjqJpPC%2BpIADC2kscY0Ef8RFME2irp%2BYGUVb43M4uY%2BtKbq%2BMXCfg8iPWoqLcCk6BO%2B4yWsbjH%2FGqVMAU4r8n0VxCJwCe%2FQSAUo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77e1df32ebfb9945-FRA
expires: Wed, 13 Dec 2023 14:43:50 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/semibold/ 29 KB
29 KB 62ms
13ms Font
font/woff2 2a02:26f0:3500:594::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/semibold/latest.woff2
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:594::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://s3.amazonaws.com/
Origin: https://s3.amazonaws.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:50 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "5b68d583e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=87970
accept-ranges: bytes
content-length: 29388
expires: Sat, 24 Dec 2022 15:10:00 GMT

GET
H/1.1 200
OK Primary Request blue-index.html Show response
s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/ 19 KB
19 KB 111ms
111ms Document
text/html 52.216.62.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html?websrc=e3mKfxPkPWCNG9UR1Z65LODBgMj7kJpNTP1qkNS7CZaRfnZDgAR9KkpEerXHB9Bs4F8xO2u5yPjOsYT5EmA5PUnEZO10ilXqVc8Dpg8gIIY3aNcgQnTl3qcsZ64pxHEbYhcfeVuxAljzFF6S8QdwBRR53mlTBg148WXLmVov4baoBN8OU5nhShTDXprVXutmJh2H3vG6LC61Sat9TaLTsxG2BLR069RbjyAGOGfbf1iChu79jyOnrE0fbJG9sFL5dKHEb3mxseH1gbVbSfItHYkcGZwzLIL3n7iw8RDJl7CLdm&dispatch=371&id=428108
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.62.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 83a9c904fcd9ad30dc639d035dd997101bc2c0bb0948cb84deacf00d3d587f24

Request headers

Referer: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: public,max-age=86400
Content-Length: 19190
Content-Type: text/html
Date: Fri, 23 Dec 2022 14:43:51 GMT
ETag: "5753cdb7333d74e7a9adb785baebeac9"
Last-Modified: Wed, 30 Nov 2022 21:23:07 GMT
Server: AmazonS3
x-amz-id-2: lq9AjlF7RIdUbCyHQBo5krscIhzcnVuB6msBMXHjBSyR+rzkjkJVSC2kp/J5gNyXudkeQFBJHGo=
x-amz-meta-app-version: test
x-amz-meta-appname: bubble-new
x-amz-request-id: 5V6NAN8BN9JQ853D
x-amz-server-side-encryption: AES256
x-amz-version-id: ZmEd_ks1g0H7sx72XTUQlegI.22UTc30

GET favicon.ico
mail.ionos.com/img/ 0
0

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 52ms
40ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html?websrc=e3mKfxPkPWCNG9UR1Z65LODBgMj7kJpNTP1qkNS7CZaRfnZDgAR9KkpEerXHB9Bs4F8xO2u5yPjOsYT5EmA5PUnEZO10ilXqVc8Dpg8gIIY3aNcgQnTl3qcsZ64pxHEbYhcfeVuxAljzFF6S8QdwBRR53mlTBg148WXLmVov4baoBN8OU5nhShTDXprVXutmJh2H3vG6LC61Sat9TaLTsxG2BLR069RbjyAGOGfbf1iChu79jyOnrE0fbJG9sFL5dKHEb3mxseH1gbVbSfItHYkcGZwzLIL3n7iw8RDJl7CLdm&dispatch=371&id=428108

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s3.amazonaws.com/
Origin: https://s3.amazonaws.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 863
age: 68369
cdn-cachedat: 11/18/2022 06:18:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e0c965daf4f2dfb802a99110ff91065f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 77e1df340d07bb35-FRA
cdn-requestpullsuccess: True

GET
H3 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 38ms
23ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s3.amazonaws.com/
Origin: https://s3.amazonaws.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 38248
cdn-cachedat: 11/18/2022 06:18:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c2361b74cc8eb507cc0fccc6c79329f5
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 77e1df340f969134-FRA
cdn-requestpullsuccess: True

GET
H3 200 vue@2.6.12 Show response
cdn.jsdelivr.net/npm/ 91 KB
35 KB 42ms
26ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.6.12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29296ccacaa9ed35ed168fc51e36f54fd6f8db9c7786bbf38cc59a27229ba5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 23952127
x-jsd-version: 2.6.12
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19139-FRA, cache-hhn4041-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"16de6-5V3x99bCiO5z1Dm6sm3QBv/uevM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtU%2FHwT1go6wAMwqAyR%2BhEUZbs1IgNMEIepJUFLj99KN1t%2FlRuT7RorgLQqNKo7NN6yNsFr%2BtjIfEduzIh5UFja%2BlzKXJWa79VDTWHn2DVEED1l8w2BMCzCqy%2FAQwmLoQ%2Bm2GNlc0cMbL1R5T58%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 77e1df341b3d6973-FRA

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 33ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 25031
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KvRkSotahC%2FFjUE7r%2BsRNiN7rQFpIEoE9PAiweFLm1x7ceRNgMZGST%2BLQip%2FYL1xOXDQEV0YepnirMdKNZJe1urRAWxT%2FI03YMBODxTfIQV%2B7%2BJTCpV903jSREzXG4UDuDW5sbNLPT5KEkb4RChV3R2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77e1df341a502bad-FRA
expires: Wed, 13 Dec 2023 14:43:51 GMT

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 29ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 24785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6458
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrePSwQN8TrGfLTC4C5KiNdyYqTIAf%2B2P6b%2BxVfQKk3V26IaBzqzRCOChr0Iuu68HjXILPCtP3OoUiqM0LwUd5gxszqChbQxoL9Mq%2BoxesVUrP2XXTdu%2Fw85Zl18IQ8lo1DyPnj%2BJvUGGL%2BIdfvF%2FRpg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77e1df341a522bad-FRA
expires: Wed, 13 Dec 2023 14:43:51 GMT

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
15 KB 32ms
29ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 565, 718, 718
age: 25741305
cdn-cachedat: 2021-06-08 18:02:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a9c552a6ef500abddb12a9852509d4ed
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 77e1df340d619091-FRA
cdn-requestpullsuccess: True

GET
H3 200 lodash.min.js Show response
cdn.jsdelivr.net/npm/lodash@4.17.21/ 71 KB
27 KB 33ms
19ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lodash@4.17.21/lodash.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18666417
x-jsd-version: 4.17.21
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19178-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"11d37-roVLBAJduLf0j91t7fQed+rkQ5Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I87yQXpB6qGximKIJCS12gpDJxRdyc9uJ2goQTE13C6D4HoLlxqPF93J4r9hRBTqI%2F9ewi6utp255KE9Df7sCyfk2Y6IkqKZc2NH3Gbt6y5LRHugpQm3RCi%2B9BhtwAAmy8hMLM5o5wZekbEk8EE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 77e1df341b416973-FRA

GET
H3 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/ 14 KB
5 KB 36ms
23ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/axios.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 25029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Tue, 22 Dec 2020 05:22:54 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fe182ae-3813"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umPhCYiRIonzFDWAi11fcX3GHrcP1DNUgJUkD3yqjhZxOPfoTVAF%2FMkAIu41dIiVLbkR2qe2%2Fhy1Vb%2FG7XY8YsXPSTRPnpU7paZoOviiKW7QxIb7Ud3demTAUeeEV%2F2lN86fLYW0RbCH6wks%2F1Cqog7U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77e1df341a4e2bad-FRA
expires: Wed, 13 Dec 2023 14:43:51 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 33 KB
34 KB 14ms
14ms Font
font/woff2 2a02:26f0:3500:594::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html?websrc=e3mKfxPkPWCNG9UR1Z65LODBgMj7kJpNTP1qkNS7CZaRfnZDgAR9KkpEerXHB9Bs4F8xO2u5yPjOsYT5EmA5PUnEZO10ilXqVc8Dpg8gIIY3aNcgQnTl3qcsZ64pxHEbYhcfeVuxAljzFF6S8QdwBRR53mlTBg148WXLmVov4baoBN8OU5nhShTDXprVXutmJh2H3vG6LC61Sat9TaLTsxG2BLR069RbjyAGOGfbf1iChu79jyOnrE0fbJG9sFL5dKHEb3mxseH1gbVbSfItHYkcGZwzLIL3n7iw8RDJl7CLdm&dispatch=371&id=428108
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:594::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Referer: https://s3.amazonaws.com/
Origin: https://s3.amazonaws.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:51 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "588d483e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=262701
accept-ranges: bytes
content-length: 34052
expires: Mon, 26 Dec 2022 15:42:12 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/semibold/ 29 KB
29 KB 17ms
17ms Font
font/woff2 2a02:26f0:3500:594::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/semibold/latest.woff2
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/appforest_uf/f1669843386161x170665582301068100/blue-index.html?websrc=e3mKfxPkPWCNG9UR1Z65LODBgMj7kJpNTP1qkNS7CZaRfnZDgAR9KkpEerXHB9Bs4F8xO2u5yPjOsYT5EmA5PUnEZO10ilXqVc8Dpg8gIIY3aNcgQnTl3qcsZ64pxHEbYhcfeVuxAljzFF6S8QdwBRR53mlTBg148WXLmVov4baoBN8OU5nhShTDXprVXutmJh2H3vG6LC61Sat9TaLTsxG2BLR069RbjyAGOGfbf1iChu79jyOnrE0fbJG9sFL5dKHEb3mxseH1gbVbSfItHYkcGZwzLIL3n7iw8RDJl7CLdm&dispatch=371&id=428108
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:594::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f

Request headers

Referer: https://s3.amazonaws.com/
Origin: https://s3.amazonaws.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 14:43:51 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "5b68d583e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=87969
accept-ranges: bytes
content-length: 29388
expires: Sat, 24 Dec 2022 15:10:00 GMT

GET
H/1.1 200
OK favicon.ico
mail.ionos.com/img/ 36 KB
37 KB 311ms
246ms Image
image/x-icon 74.208.255.201
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.ionos.com/img/favicon.ico

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

74.208.255.201 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

mail.ionos.com

Software

Apache/2.4.38 (Debian) /

Resource Hash

9ebcfbf81c3d5f9091755b45dbfa0a929754e217e694222fdbe98f6049aa6174

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .schlund.de .uicdn.net .statuspage.io .ionos.de .ionos.co.uk .ionos.com .ionos.es .ionos.mx .ionos.fr .ionos.it .ionos.ca; img-src data: 'self' .schlund.de .uicdn.net .ionos.de .ionos.co.uk .ionos.com .ionos.es .ionos.mx .ionos.fr .ionos.it .ionos.ca; frame-src 'self' .ionos.de .ionos.co.uk .ionos.com .ionos.es .ionos.mx .ionos.fr .ionos.it .ionos.ca; style-src 'self' 'unsafe-inline' .schlund.de .uicdn.net .ionos.de .ionos.co.uk .ionos.com .ionos.es .ionos.mx .ionos.fr .ionos.it *.ionos.ca; object-src 'none';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 23 Dec 2022 14:43:51 GMT
Content-Security-Policy: default-src 'self' *.schlund.de *.uicdn.net *.statuspage.io *.ionos.de *.ionos.co.uk *.ionos.com *.ionos.es *.ionos.mx *.ionos.fr *.ionos.it *.ionos.ca; img-src data: 'self' *.schlund.de *.uicdn.net *.ionos.de *.ionos.co.uk *.ionos.com *.ionos.es *.ionos.mx *.ionos.fr *.ionos.it *.ionos.ca; frame-src 'self' *.ionos.de *.ionos.co.uk *.ionos.com *.ionos.es *.ionos.mx *.ionos.fr *.ionos.it *.ionos.ca; style-src 'self' 'unsafe-inline' *.schlund.de *.uicdn.net *.ionos.de *.ionos.co.uk *.ionos.com *.ionos.es *.ionos.mx *.ionos.fr *.ionos.it *.ionos.ca; object-src 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31556926
Connection: keep-alive
Content-Length: 36636
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 02 Feb 2022 14:11:12 GMT
Server: Apache/2.4.38 (Debian)
ETag: "8f1c-5d70997064000"
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
Content-Type: image/x-icon
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=15
Expires: Fri, 23 Dec 2022 14:43:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mail.ionos.com
URL: https://mail.ionos.com/img/favicon.ico

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Outlook Web Access (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			l.e-mail.hearstmags.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: hvqoxe4cbezvyx3mse3hhohc
			l.e-mail.hearstmags.com/	1969-12-31 23:59:59	Name: BIGipServercnv_ats_ssl_pool Value: !5/FnHwOLqmPipcV6OZXeE4ohk16Q6hEmw5t01rG4/jjx2ChUkKV6ATfwqKPJXGCCPkAJTCctqCv8yWY=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://navalaifabricators.com/servlet/EmailGateway?cds_fn=WpoZgJM8DlGgpmUaPhZtU0s+xesvHJIiPPK1FANuKCJ6GfAMd48q1+zWokVctJ64uv0ACkt39+s=&cds_response_key=B2219DG3C&cds_misc_1=14.9700&cds_misc_30=used_to_make_last_paramater_pass_correctly?source=Engage&tp=i-1NHD-Be-1R6O-Nox6H-1p-C3Uy6-1c-2ZJFn-Now0D-l8MQqKl3GC-1bm4QK/jhgf#redacted_email Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.s-microsoft.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
l.e-mail.hearstmags.com
mail.ionos.com
maxcdn.bootstrapcdn.com
navalaifabricators.com
s3.amazonaws.com
stackpath.bootstrapcdn.com
mail.ionos.com
173.213.4.162
2606:4700::6810:5614
2606:4700::6811:190e
2606:4700::6812:acf
2606:4700::6812:bcf
2a02:26f0:3500:594::356e
2a06:98c1:3121::3
52.216.62.56
74.208.255.201
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1
29296ccacaa9ed35ed168fc51e36f54fd6f8db9c7786bbf38cc59a27229ba5c2
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
83a9c904fcd9ad30dc639d035dd997101bc2c0bb0948cb84deacf00d3d587f24
9ebcfbf81c3d5f9091755b45dbfa0a929754e217e694222fdbe98f6049aa6174
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

s3.amazonaws.com Open in urlscan Pro 52.216.62.56 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

96 %HTTPS

67 %IPv6

8 Domains

9 Subdomains

9 IPs

2 Countries

500 kBTransfer

1218 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

s3.amazonaws.com Open in urlscan Pro
52.216.62.56 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

96 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

500 kB
Transfer

1218 kB
Size

2
Cookies

26 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!