pages.semperis.com Open in urlscan Pro
18.196.95.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sales.semperis.com/t/11566/c/98ce39db-7f1c-4298-9bcc-b825d47cf35c/NB2HI4DTHIXS6YTJOQXGY6JPMRRXG2DBMRXXO===/bit-ly-d...
Effective URL:
https://pages.semperis.com/dcshadow/
Submission: On June 11 via manual (June 11th 2020, 1:46:52 pm UTC) from CA

Summary HTTP 29 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 17 domains to perform 29 HTTP transactions. The main IP is 18.196.95.178, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is pages.semperis.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 19th 2020. Valid for: 3 months.

This is the only time pages.semperis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.204.164.159 34.204.164.159	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.170.108.172 35.170.108.172	14618 (AMAZON-AES) (AMAZON-AES)
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1	18.196.95.178 18.196.95.178	16509 (AMAZON-02) (AMAZON-02)
3	143.204.247.16 143.204.247.16	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
6	23.59.68.16 23.59.68.16	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
4	13.225.73.41 13.225.73.41	16509 (AMAZON-02) (AMAZON-02)
1	184.51.10.56 184.51.10.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	18.211.73.61 18.211.73.61	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
29	14

1 34.204.164.159 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-164-159.compute-1.amazonaws.com

sales.semperis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.170.108.172 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-108-172.compute-1.amazonaws.com

app.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.95.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-95-178.eu-central-1.compute.amazonaws.com

pages.semperis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.247.16 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-247-16.cph50.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.59.68.16 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-59-68-16.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.73.41 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-41.fra2.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.10.56 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-10-56.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.211.73.61 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-73-61.compute-1.amazonaws.com

tracking.leadlander.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	addthis.com s7.addthis.com m.addthis.com	217 KB
4	cloudfront.net d9hhrg4mnvzow.cloudfront.net	114 KB
3	gstatic.com fonts.gstatic.com	40 KB
3	leadlander.com 1 redirects tracking.leadlander.com	18 KB
3	unbounce.com builder-assets.unbounce.com	39 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	youtube.com www.youtube.com
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	25 KB
2	semperis.com 1 redirects sales.semperis.com pages.semperis.com	12 KB
1	google.de www.google.de	106 B
1	google.com 1 redirects www.google.com	181 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	150 B
1	addthisedge.com v1.addthisedge.com	2 KB
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	bit.ly 1 redirects bit.ly	257 B
1	salesloft.com 1 redirects app.salesloft.com	509 B
29	17

	Domain	Requested by
4	d9hhrg4mnvzow.cloudfront.net	pages.semperis.com
4	s7.addthis.com	pages.semperis.com s7.addthis.com
3	fonts.gstatic.com	builder-assets.unbounce.com
3	tracking.leadlander.com	1 redirects pages.semperis.com
3	builder-assets.unbounce.com	pages.semperis.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	www.youtube.com	pages.semperis.com
1	www.google.de	pages.semperis.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	fonts.googleapis.com	builder-assets.unbounce.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	www.googletagmanager.com	pages.semperis.com
1	ajax.googleapis.com	pages.semperis.com
1	pages.semperis.com
1	bit.ly	1 redirects
1	app.salesloft.com	1 redirects
1	sales.semperis.com	1 redirects
29	20

This site contains links to these domains. Also see Links.

Domain
www.addthis.com

Subject Issuer	Validity	Valid
pages.semperis.com Let's Encrypt Authority X3	`2020-04-19` - `2020-07-18`	3 months	crt.sh
*.unbounce.com Amazon	`2020-04-08` - `2021-05-08`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.leadlander.com Go Daddy Secure Certificate Authority - G2	`2020-04-28` - `2022-04-28`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://pages.semperis.com/dcshadow/
Frame ID: 17F4531BC9E9C142D34C4E86361E136E
Requests: 27 HTTP requests in this frame

Frame: https://www.youtube.com/embed/hUyL3j30lmo?wmode=opaque
Frame ID: 1528852545C8BBFFA77C0E178DE8B0AB
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/hUyL3j30lmo?wmode=opaque
Frame ID: 49E5DA5D10195DAA2A877ACC476306D3
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 4635BA9CFC4151A558D11646D5C56A3B
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 65FF0FC9C9A85D41F4C3486678F3B8EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sales.semperis.com/t/11566/c/98ce39db-7f1c-4298-9bcc-b825d47cf35c/NB2HI4DTHIXS6YTJOQXGY6JPMRRXG... HTTP 302
https://app.salesloft.com/t/11566/c/98ce39db-7f1c-4298-9bcc-b825d47cf35c/NB2HI4DTHIXS6YTJOQXGY6JPMRRXG... HTTP 302
https://bit.ly/dcshadow HTTP 301
https://pages.semperis.com/dcshadow/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

29
Requests

93 %
HTTPS

50 %
IPv6

17
Domains

20
Subdomains

14
IPs

4
Countries

520 kB
Transfer

1312 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sales.semperis.com/t/11566/c/98ce39db-7f1c-4298-9bcc-b825d47cf35c/NB2HI4DTHIXS6YTJOQXGY6JPMRRXG2DBMRXXO===/bit-ly-dcshadow HTTP 302
https://app.salesloft.com/t/11566/c/98ce39db-7f1c-4298-9bcc-b825d47cf35c/NB2HI4DTHIXS6YTJOQXGY6JPMRRXG2DBMRXXO===/bit-ly-dcshadow HTTP 302
https://bit.ly/dcshadow HTTP 301
https://pages.semperis.com/dcshadow/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2129671164&t=pageview&_s=1&dl=https%3A%2F%2Fpages.semperis.com%2Fdcshadow%2F&ul=en-us&de=UTF-8&dt=How%20to%20Defend%20Against%20DCShadow&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=99277103&gjid=52411120&cid=1713700916.1591883178&tid=UA-67860315-1&_gid=1722804034.1591883178&_r=1&gtm=2ou640&z=1066504480 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-67860315-1&cid=1713700916.1591883178&jid=99277103&_gid=1722804034.1591883178&gjid=52411120&_v=j82&z=1066504480 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-67860315-1&cid=1713700916.1591883178&jid=99277103&_v=j82&z=1066504480 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-67860315-1&cid=1713700916.1591883178&jid=99277103&_v=j82&z=1066504480&slf_rd=1&random=1870323245

Request Chain 29

https://tracking.leadlander.com/api/tracking?accountId=31354&page=https%3A%2F%2Fpages.semperis.com%2Fdcshadow%2F&referer=&fp=51f928c7bf3815ea04df2172cdbf6261 HTTP 302
https://tracking.leadlander.com/tracking.png

29 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
pages.semperis.com/dcshadow/
Redirect Chain

https://sales.semperis.com/t/11566/c/98ce39db-7f1c-4298-9bcc-b825d47cf35c/NB2HI4DTHIXS6YTJOQXGY6JPMRRXG2DBMRXXO===/bit-ly-dcshadow
https://app.salesloft.com/t/11566/c/98ce39db-7f1c-4298-9bcc-b825d47cf35c/NB2HI4DTHIXS6YTJOQXGY6JPMRRXG2DBMRXXO===/bit-ly-dcshadow
https://bit.ly/dcshadow
https://pages.semperis.com/dcshadow/

72 KB
12 KB

129ms
46ms

Document
text/html

18.196.95.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.semperis.com/dcshadow/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.196.95.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-95-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: cb517079a89323ae96a85ecf072af990b46b0cbc13e9ea23ac7bb1e493162eef

Request headers

Host: pages.semperis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 13:46:17 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
p3p: CP="This is not a privacy policy."
x-unbounce-pageid: 79c4162c-a656-493d-854a-0ed4bb37896b
etag: e09b4b14dce204525e49704b1e5222ac
content-location: https://pages.semperis.com/dcshadow/
x-unbounce-visitorid: 82.102.18.1141591929852177705
last-modified: Tue, 26 May 2020 14:54:51 GMT
x-unbounce-variant: a
link: <https://pages.semperis.com/dcshadow/>; rel="canonical"
set-cookie: ubpv=a%2C79c4162c-a656-493d-854a-0ed4bb37896b; Max-Age=15897600; Expires=Sat, 12 Dec 2020 13:46:17 GMT; Path=/dcshadow/ ubrs=weighted; Path=/dcshadow/ ubvs=82.102.18.1141591929852177705; Max-Age=15552000; Expires=Tue, 08 Dec 2020 13:46:17 GMT; Path=/ ubvt=82.102.18.1141591929852177705; Max-Age=259200; Expires=Sun, 14 Jun 2020 13:46:17 GMT; Path=/; Domain=semperis.com
content-encoding: gzip
x-proxy-backend: page-server
connection: close

Redirect headers

status: 301
server: nginx
date: Thu, 11 Jun 2020 13:46:17 GMT
content-type: text/html; charset=utf-8
content-length: 123
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://pages.semperis.com/dcshadow/
referrer-policy: unsafe-url
set-cookie: _bit=k5bdKh-bc8d1aa788598920d7-00E; Domain=bit.ly; Expires=Tue, 08 Dec 2020 13:46:17 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 157ms
51ms Stylesheet
text/css 143.204.247.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: pages.semperis.com
URL: https://pages.semperis.com/dcshadow/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.247.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-247-16.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Aug 2019 20:25:01 GMT
content-encoding: gzip
age: 25377677
x-cache: Hit from cloudfront
status: 200
content-length: 2902
last-modified: Thu, 22 Aug 2019 19:53:56 GMT
server: AmazonS3
etag: "63fb79af017357f63eae4727ab3d449b"
x-amz-version-id: fPOpFYmh_g.73FSvMy4fG3zmEt1YIMWC
via: 1.1 8cd193739d511303cb3678dc24369a0c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: c8VOWihsy-4QKqXQzz9m9AuTeiKe-ul66IN5Ek3eWQc-L2GIDD0N2A==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
24 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: pages.semperis.com
URL: https://pages.semperis.com/dcshadow/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 May 2020 03:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1334692
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24715
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 May 2021 03:01:25 GMT

GET
H2 200 jquery-shims.bundle-0983003.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
2 KB 157ms
52ms Script
application/javascript 143.204.247.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-0983003.z.js
Requested by: Host: pages.semperis.com
URL: https://pages.semperis.com/dcshadow/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.247.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-247-16.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 15:37:24 GMT
content-encoding: gzip
age: 22975734
x-cache: Hit from cloudfront
status: 200
content-length: 1993
last-modified: Wed, 18 Sep 2019 23:11:21 GMT
server: AmazonS3
etag: "7c9114410fc438f91e5c71d46d61c123"
x-amz-version-id: 6dpc.D_dU43b_ip388rx9Vag5d2wfRaz
via: 1.1 8cd193739d511303cb3678dc24369a0c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: CKclkCNrdk1jv4wkZ-qX6GlDTd1U0EiNojZzFxb-qZG4mO7I1dp0DQ==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 182ms
102ms Script
application/javascript 23.59.68.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: pages.semperis.com
URL: https://pages.semperis.com/dcshadow/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.59.68.16 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-59-68-16.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

079c30478215da1e544443314dabb6ab1251fa2ae56447ace992ade3bbe3fd0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 20:09:59 GMT
server: nginx/1.15.8
etag: W/"5ed6b217-582c2"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Thu, 11 Jun 2020 13:46:17 GMT
x-host: s7.addthis.com
content-length: 116281

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-67860315-1

Requested by

Host: pages.semperis.com
URL: https://pages.semperis.com/dcshadow/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a1ad70a3ea1a23d14a7f1712f223ca6dd39d6e8f22d63530ac44d0d63a9a5ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 13:46:17 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33220
x-xss-protection: 0
last-modified: Thu, 11 Jun 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jun 2020 13:46:17 GMT

GET
H2 200 main.bundle-5c6e41c.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 62ms
62ms Script
application/javascript 143.204.247.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by: Host: pages.semperis.com
URL: https://pages.semperis.com/dcshadow/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.247.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-247-16.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 29 Apr 2020 21:46:14 GMT
content-encoding: gzip
age: 3686404
x-cache: Hit from cloudfront
status: 200
content-length: 33645
last-modified: Wed, 29 Apr 2020 19:49:39 GMT
server: AmazonS3
etag: "e3cd90068d75377439e6202b33a169c9"
x-amz-version-id: JBFUS0AkE5K2tQgjpSYJVwZCr8Y4Yfgg
via: 1.1 8cd193739d511303cb3678dc24369a0c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: QAFZsJdts8eDN3S63tDMgQCPeWIEbJI5RP39DIAloTe-4voWCbfCaA==

GET
H2 200 hUyL3j30lmo
www.youtube.com/embed/ Frame 1528 0
0 158ms
157ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/hUyL3j30lmo?wmode=opaque

Requested by

Host: pages.semperis.com
URL: https://pages.semperis.com/dcshadow/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/hUyL3j30lmo?wmode=opaque
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pages.semperis.com/dcshadow/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://pages.semperis.com/dcshadow/

Response headers

status: 200
cache-control: no-cache
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Thu, 11 Jun 2020 13:46:17 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=zMbJziNdSGE; path=/; domain=.youtube.com; secure; expires=Tue, 08-Dec-2020 13:46:17 GMT; httponly; samesite=None YSC=i3MKZioP9zE; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=zMbJziNdSGE; path=/; domain=.youtube.com; secure; expires=Tue, 08-Dec-2020 13:46:17 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Thu, 11-Jun-2020 14:16:17 GMT
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 hUyL3j30lmo
www.youtube.com/embed/ Frame 49E5 0
0 158ms
157ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/hUyL3j30lmo?wmode=opaque

Requested by

Host: pages.semperis.com
URL: https://pages.semperis.com/dcshadow/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/hUyL3j30lmo?wmode=opaque
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pages.semperis.com/dcshadow/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://pages.semperis.com/dcshadow/

Response headers

status: 200
cache-control: no-cache
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Jun 2020 13:46:17 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=f_1RW5U9_fw; path=/; domain=.youtube.com; secure; expires=Tue, 08-Dec-2020 13:46:17 GMT; httponly; samesite=None YSC=Q9ZIS8-C1sU; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Thu, 11-Jun-2020 14:16:17 GMT VISITOR_INFO1_LIVE=f_1RW5U9_fw; path=/; domain=.youtube.com; secure; expires=Tue, 08-Dec-2020 13:46:17 GMT; httponly; samesite=None
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 4303a196-road-black-shadow-transportation-traffic-7d5769-1024_0000000sg0i500000e01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.semperis.com/dcshadow/ 105 KB
106 KB 523ms
459ms Image
image/jpeg 13.225.73.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.semperis.com/dcshadow/4303a196-road-black-shadow-transportation-traffic-7d5769-1024_0000000sg0i500000e01o.jpg
Requested by: Host: pages.semperis.com
URL: https://pages.semperis.com/dcshadow/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f33419975b8145501f3c1c428e1d59e729be51296746d008bbeea8efaa6235cb

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 13:46:19 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
last-modified: Tue, 26 May 2020 14:54:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "acc6dae6fbb10250046d83f38ff0775d"
x-cache: Miss from cloudfront
x-amz-version-id: 6PW2DJQfwZ2INfMYGSyqIEi4Cl_ogLMm
status: 200
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/jpeg
content-length: 107778
x-amz-cf-id: j3Sz0vAd0TdXS7ZKPmuL9At_QR806glQY41w3t3UdRQgXNx2HJkJyg==

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 4635 0
0

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 132ms
43ms Script
application/x-javascript 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 13:46:17 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 8907F22DCE06444D
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=41273
accept-ranges: bytes
content-length: 948
x-amz-id-2: A2ikoj2qyrE20XsgkZBcBqcpmdagcM2zgMw8ZT9hXLSa7UPt3zIuE0lNoCBVThaPfar361NTAUU=

GET
H2 200 lt.min.js Show response
tracking.leadlander.com/ 17 KB
17 KB 322ms
101ms Script
application/javascript 18.211.73.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.leadlander.com/lt.min.js

Requested by

Host: pages.semperis.com
URL: https://pages.semperis.com/dcshadow/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.211.73.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-73-61.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

5df7be00fc6004e7cb398488ad628bbea14bfa2865273c0742913ce148642add

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jun 2020 13:46:18 GMT
last-modified: Tue, 07 Apr 2020 17:45:40 GMT
server: Kestrel
etag: "1d60d045a4c3ee6"
strict-transport-security: max-age=2592000
content-type: application/javascript
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 17638
expires: -1

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5ce590cf76973da9/ 9 KB
2 KB 386ms
385ms Script
application/javascript 23.59.68.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5ce590cf76973da9/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.59.68.16 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-59-68-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3cbad66fe5e736c8d8eaaa3a376c1d946629aaa8ec2728dcd1bfcb0685a3a997

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 13:46:18 GMT
content-encoding: gzip
etag: -433137093--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 1875

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 228ms
227ms Script
application/javascript 23.59.68.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5ee235a97cc3f203&bkl=0&bl=1&pdt=2673&sid=5ee235a97cc3f203&pub=ra-5ce590cf76973da9&rev=v8.28.6-wp&ln=en&pc=men&cb=0&ab=-&dp=pages.semperis.com&fp=dcshadow%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=DCShadow%20Attack%20Active%20Directory%20Security%20AD%20Replication&colc=1591883177862&jsl=1&uvs=5ee235a94c8b65c1000&skipb=1&callback=addthis.cbs.jsonp__08062721174813770
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.59.68.16 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-59-68-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 166362e8c72cd2ea9b3f9bafdf9fe128a153bf8e7c4773956796aa9533e3facf

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 11 Jun 2020 13:46:18 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 65FF 0
0 94ms
94ms Document
text/html 23.59.68.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.59.68.16 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-59-68-16.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pages.semperis.com/dcshadow/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://pages.semperis.com/dcshadow/

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Thu, 11 Jun 2020 13:46:17 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
BLOB 200
OK 6e8514a0-c646-47ab-9c5c-3889a990c2a5
https://pages.semperis.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.semperis.com/6e8514a0-c646-47ab-9c5c-3889a990c2a5
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5603
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 6 KB
776 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:regular,500,700

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1091137386bb78c1e1b750a90e5049db27b228212c2453f9009f91f4ad6ff44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Jun 2020 13:46:17 GMT
server: ESF
date: Thu, 11 Jun 2020 13:46:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jun 2020 13:46:17 GMT

GET
H2 200 804dd39f-semperis-logo-white-text_07601i000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.semperis.com/dcshadow/ 3 KB
3 KB 400ms
400ms Image
image/png 13.225.73.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.semperis.com/dcshadow/804dd39f-semperis-logo-white-text_07601i000000000000028.png
Requested by: Host: pages.semperis.com
URL: https://pages.semperis.com/dcshadow/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7cee4397261bdd559694cbd7b806418a108fd809a0f4ca5d69ac90ab2fe7df45

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 13:46:19 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
last-modified: Tue, 26 May 2020 14:54:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "bb72b8dfdce00ab729830a7b00ac65f4"
x-cache: Miss from cloudfront
x-amz-version-id: hfGCUv_WwpS0fCDpOPzUfHD81IlKPF8M
status: 200
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 3025
x-amz-cf-id: 1LXri4Amc2ExBA12VUnR5hz4bFuznG398cS1doTDONgtRzMUGfPpWg==

GET
H2 200 b1008fe0-microsoft-partner_09801d000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.semperis.com/dcshadow/ 3 KB
3 KB 503ms
502ms Image
image/png 13.225.73.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.semperis.com/dcshadow/b1008fe0-microsoft-partner_09801d000000000000028.png
Requested by: Host: pages.semperis.com
URL: https://pages.semperis.com/dcshadow/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 492616c7071f72b84d48a777d64e0a9ad564174c72dc0ba40476256867c3078f

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 13:46:19 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
last-modified: Tue, 26 May 2020 14:54:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "59677e325136ad2f92e4dc93beb9a22d"
x-cache: Miss from cloudfront
x-amz-version-id: rlCo8Q3tZTavfEkSlD8lBBUhNK8cNFh6
status: 200
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/png
content-length: 3060
x-amz-cf-id: bDxtin-1YfTXGiFKAerjTcJYSScRr1kinIID1kcUMBII3bu4dyAC0A==

GET
H2 200 d79b9bae-dsc-5175-1_03v02k00000000000001o.JPG
d9hhrg4mnvzow.cloudfront.net/pages.semperis.com/dcshadow/ 2 KB
2 KB 417ms
416ms Image
image/jpeg 13.225.73.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.semperis.com/dcshadow/d79b9bae-dsc-5175-1_03v02k00000000000001o.JPG
Requested by: Host: pages.semperis.com
URL: https://pages.semperis.com/dcshadow/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 778576ec1c740a34fc68c1589a09a11f1d99b0f5fdeef5ded9a16db37c2cbb5b

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 13:46:19 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
last-modified: Tue, 26 May 2020 14:54:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "6c9510649afab369ae7375e90de82b63"
x-cache: Miss from cloudfront
x-amz-version-id: W_r990imjmZKi9kLwd._hNIfEtYqNqc4
status: 200
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/jpeg
content-length: 1652
x-amz-cf-id: Xv-zBHEUemV3kEYB3It1cp8yFItdcKLCZ-FzL1weJTSRsD0Busw2kQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-67860315-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 2998
date: Thu, 11 Jun 2020 12:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Thu, 11 Jun 2020 14:56:19 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:regular,500,700
Origin: https://pages.semperis.com

Response headers

date: Thu, 21 May 2020 18:33:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 1797162
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Fri, 21 May 2021 18:33:35 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:regular,500,700
Origin: https://pages.semperis.com

Response headers

date: Mon, 08 Jun 2020 21:14:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:41 GMT
server: sffe
age: 232332
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13640
x-xss-protection: 0
expires: Tue, 08 Jun 2021 21:14:05 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:regular,500,700
Origin: https://pages.semperis.com

Response headers

date: Thu, 21 May 2020 09:52:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 1828426
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Fri, 21 May 2021 09:52:31 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2129671164&t=pageview&_s=1&dl=https%3A%2F%2Fpages.semperis.com%2Fdcshadow%2F&ul=en-us&de=UTF-8&dt=How%20to%20Defend%20Against%20DCShadow&sd=2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-67860315-1&cid=1713700916.1591883178&jid=99277103&_gid=1722804034.1591883178&gjid=52411120&_v=j82&z=1066504480
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-67860315-1&cid=1713700916.1591883178&jid=99277103&_v=j82&z=1066504480
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-67860315-1&cid=1713700916.1591883178&jid=99277103&_v=j82&z=1066504480&slf_rd=1&random=1870323245

42 B
106 B

20ms
20ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-67860315-1&cid=1713700916.1591883178&jid=99277103&_v=j82&z=1066504480&slf_rd=1&random=1870323245

Requested by

Host: pages.semperis.com
URL: https://pages.semperis.com/dcshadow/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jun 2020 13:46:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jun 2020 13:46:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-67860315-1&cid=1713700916.1591883178&jid=99277103&_v=j82&z=1066504480&slf_rd=1&random=1870323245
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 custom-messages.9d2410e8a911195172fb.js Show response
s7.addthis.com/static/ 110 KB
27 KB 54ms
53ms Script
application/javascript 23.59.68.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/custom-messages.9d2410e8a911195172fb.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.59.68.16 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-59-68-16.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e246caa14db13fd5ecd8f91afddb09df0467ec17b1ff8198788a45252bdb3c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 17:51:44 GMT
server: nginx/1.15.8
etag: W/"5d83c030-1b66c"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Thu, 11 Jun 2020 13:46:18 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 27191

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 48ms
47ms Script
application/javascript 23.59.68.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.59.68.16 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-59-68-16.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Thu, 11 Jun 2020 13:46:18 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

tracking.png
tracking.leadlander.com/
Redirect Chain

https://tracking.leadlander.com/api/tracking?accountId=31354&page=https%3A%2F%2Fpages.semperis.com%2Fdcshadow%2F&referer=&fp=51f928c7bf3815ea04df2172cdbf6261
https://tracking.leadlander.com/tracking.png

68 B
296 B

101ms
100ms

Image
image/png

18.211.73.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.leadlander.com/tracking.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.211.73.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-73-61.compute-1.amazonaws.com

Software

Kestrel /

Resource Hash

69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://pages.semperis.com/dcshadow/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jun 2020 13:46:18 GMT
last-modified: Wed, 26 Sep 2018 16:48:51 GMT
server: Kestrel
etag: "1d455b8cd761bc4"
strict-transport-security: max-age=2592000
content-type: image/png
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 68
expires: -1

Redirect headers

status: 302
date: Thu, 11 Jun 2020 13:46:18 GMT
server: Kestrel
access-control-allow-origin: *
location: /tracking.png
content-length: 0
strict-transport-security: max-age=2592000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.addthis.com/	1970-01-19 19:40:11	Name: loc Value: MDAwMDBFVUZSMDAyMjg4MTgyNDA3NTAwMDBDSA==
.addthis.com/	1970-01-19 19:40:11	Name: uvc Value: 1%7C24
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Q9ZIS8-C1sU
.semperis.com/	1970-01-19 10:15:42	Name: ubvt Value: 82.102.18.1141591929852177705
.youtube.com/	1970-01-19 14:30:35	Name: VISITOR_INFO1_LIVE Value: f_1RW5U9_fw
.semperis.com/	1970-01-19 10:11:23	Name: _gat_gtag_UA_67860315_1 Value: 1
.semperis.com/	1970-01-19 10:12:49	Name: _gid Value: GA1.2.1722804034.1591883178
.semperis.com/	1970-01-20 03:42:35	Name: _ga Value: GA1.2.1713700916.1591883178
pages.semperis.com/	1970-01-19 19:40:11	Name: __atuvc Value: 1%7C24
pages.semperis.com/dcshadow/	1970-01-19 14:36:20	Name: ubpv Value: a%2C79c4162c-a656-493d-854a-0ed4bb37896b
.youtube.com/	1970-01-19 10:11:24	Name: GPS Value: 1
pages.semperis.com/dcshadow/	1969-12-31 23:59:59	Name: ubrs Value: weighted
pages.semperis.com/	1970-01-19 10:11:24	Name: __atuvs Value: 5ee235a94c8b65c1000
pages.semperis.com/	1970-01-19 14:30:35	Name: ubvs Value: 82.102.18.1141591929852177705

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.salesloft.com
bit.ly
builder-assets.unbounce.com
d9hhrg4mnvzow.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
m.addthis.com
pages.semperis.com
s7.addthis.com
sales.semperis.com
stats.g.doubleclick.net
tracking.leadlander.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
z.moatads.com
s7.addthis.com
13.225.73.41
143.204.247.16
18.196.95.178
18.211.73.61
184.51.10.56
23.59.68.16
2a00:1450:4001:801::200a
2a00:1450:4001:806::2003
2a00:1450:4001:809::200a
2a00:1450:4001:809::200e
2a00:1450:4001:815::2004
2a00:1450:4001:81b::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:824::2008
2a00:1450:400c:c00::9c
34.204.164.159
35.170.108.172
67.199.248.10
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
079c30478215da1e544443314dabb6ab1251fa2ae56447ace992ade3bbe3fd0c
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b
0a1ad70a3ea1a23d14a7f1712f223ca6dd39d6e8f22d63530ac44d0d63a9a5ca
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
166362e8c72cd2ea9b3f9bafdf9fe128a153bf8e7c4773956796aa9533e3facf
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3cbad66fe5e736c8d8eaaa3a376c1d946629aaa8ec2728dcd1bfcb0685a3a997
492616c7071f72b84d48a777d64e0a9ad564174c72dc0ba40476256867c3078f
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
5df7be00fc6004e7cb398488ad628bbea14bfa2865273c0742913ce148642add
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
778576ec1c740a34fc68c1589a09a11f1d99b0f5fdeef5ded9a16db37c2cbb5b
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7cee4397261bdd559694cbd7b806418a108fd809a0f4ca5d69ac90ab2fe7df45
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
c1091137386bb78c1e1b750a90e5049db27b228212c2453f9009f91f4ad6ff44
cb517079a89323ae96a85ecf072af990b46b0cbc13e9ea23ac7bb1e493162eef
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e246caa14db13fd5ecd8f91afddb09df0467ec17b1ff8198788a45252bdb3c39
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33419975b8145501f3c1c428e1d59e729be51296746d008bbeea8efaa6235cb

pages.semperis.com Open in urlscan Pro 18.196.95.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

93 %HTTPS

50 %IPv6

17 Domains

20 Subdomains

14 IPs

4 Countries

520 kBTransfer

1312 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

pages.semperis.com Open in urlscan Pro
18.196.95.178 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

93 %
HTTPS

50 %
IPv6

17
Domains

20
Subdomains

14
IPs

4
Countries

520 kB
Transfer

1312 kB
Size

14
Cookies

29 HTTP transactions
2 data transactions