clients-sessions.mkh.center Open in urlscan Pro
108.168.254.107  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response clients-sessions.mkh.center/	47 KB 16 KB	1338ms 571ms	Document text/html	108.168.254.107 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://clients-sessions.mkh.center/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 108.168.254.107 Dallas, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 6b.fe.a86c.ip4.static.sl-reverse.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash d3ac0556f933c5c14df229901c7f7f2bbab8a480a554d6c3203cf01d9bbb6a25 Request headers :method GET :authority clients-sessions.mkh.center :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers cache-control private content-type text/html; charset=utf-8 content-encoding gzip vary Accept-Encoding server Microsoft-IIS/10.0 fpm FP12-Portals access-control-allow-origin * timing-allow-origin * fpm-session readonly p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" x-aspnet-version 4.0.30319 set-cookie cpAffData=,,,https%3a%2f%2fclients-sessions.mkh.center%2f; domain=cincopa.com; expires=Sun, 11-Oct-2026 09:55:38 GMT; path=/; secure; SameSite=None cpAffDataDate=10/11/2021 9:55:38 AM; domain=cincopa.com; expires=Sun, 11-Oct-2026 09:55:38 GMT; path=/; secure; SameSite=None fpm-runtime | 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite3.1 | 1 rewrite3.2 | 1 rewrite4 | 8 baseKillerAppsPage.cs:69 | 8 baseKillerAppsPage.cs:4878 | 8 cms:60 | 8 after sleep | 9 cms:125 | 9 cms:249 | 311 cms:251 | 311 cms:385 | 311 baseKillerAppsPage.cs:6929 | 312 baseKillerAppsPage.cs:2096 | 312 before LoginCincopa | 312 after LoginCincopa | 312 cms:409 | 313 end x-powered-by ASP.NET access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT, HEAD date Mon, 11 Oct 2021 09:55:38 GMT content-length 15022
GET H2	200	cincopaicons2019.css wwwcdn.cincopa.com/_cms/design15/css/fonts/	13 KB 3 KB	25ms 8ms	Stylesheet text/css	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://wwwcdn.cincopa.com/_cms/design15/css/fonts/cincopaicons2019.css?fts=2021-04-06T08:40:28.2719648Z Requested by Host: clients-sessions.mkh.center URL: https://clients-sessions.mkh.center/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash d1920cce55b0aed9d6761bad28bed7514fde03bb6128fdc8ca801c2bb88c9422 Request headers Accept-Language de-DE,de;q=0.9 Referer https://clients-sessions.mkh.center/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 09:55:38 GMT content-encoding gzip fpm FP12-Cincopa age 3372182 x-powered-by ASP.NET x-cache HIT, HIT fpm-runtime | 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 2 rewrite4 | 2 rewrite5 | 2 rewrite6 | 2 end content-length 2923 x-served-by cache-dal21236-DAL, cache-hhn4024-HHN access-control-allow-origin * last-modified Tue, 06 Apr 2021 08:40:28 GMT server Microsoft-IIS/10.0 x-timer S1633946138.461136,VS0,VE1 etag "a0e5f37ec02ad71:0" vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT, HEAD content-type text/css via 1.1 varnish, 1.1 varnish cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept x-cache-hits 1, 1
GET H2	200	style.css wwwcdn.cincopa.com/_cms/portal/basic/css/	386 KB 254 KB	25ms 8ms	Stylesheet text/css	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://wwwcdn.cincopa.com/_cms/portal/basic/css/style.css?fts=2021-05-11T05:32:43.7652287Z Requested by Host: clients-sessions.mkh.center URL: https://clients-sessions.mkh.center/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 384d4912d57a0ad716978f525d736f9a57208f877c2d6009dde3d0dbb91f3a51 Request headers Accept-Language de-DE,de;q=0.9 Referer https://clients-sessions.mkh.center/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 09:55:38 GMT content-encoding gzip fpm FP12-Cincopa age 1328208 x-powered-by ASP.NET x-cache HIT, HIT fpm-runtime | 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite3.1 | 1 rewrite3.2 | 1 rewrite4 | 1 rewrite5 | 2 rewrite6 | 2 end content-length 259542 x-served-by cache-dal21276-DAL, cache-hhn4024-HHN access-control-allow-origin * last-modified Tue, 11 May 2021 05:32:43 GMT server Microsoft-IIS/10.0 x-timer S1633946138.461264,VS0,VE1 etag "3fd33d112746d71:0" vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT, HEAD content-type text/css via 1.1 varnish, 1.1 varnish cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept x-cache-hits 1, 1
GET H2	200	jquery-1.11.2.min.js Show response wwwcdn.cincopa.com/_cms/design15/js/	94 KB 42 KB	25ms 8ms	Script application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://wwwcdn.cincopa.com/_cms/design15/js/jquery-1.11.2.min.js?fts=2015-03-09T10:56:12.7626106Z Requested by Host: clients-sessions.mkh.center URL: https://clients-sessions.mkh.center/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec Request headers Accept-Language de-DE,de;q=0.9 Referer https://clients-sessions.mkh.center/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 09:55:38 GMT content-encoding gzip fpm FP12-Cincopa age 2768009 x-powered-by ASP.NET x-cache HIT, HIT fpm-runtime | 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite4 | 1 rewrite5 | 1 rewrite6 | 1 end content-length 42830 x-served-by cache-dal21258-DAL, cache-hhn4024-HHN access-control-allow-origin * last-modified Mon, 09 Mar 2015 10:56:12 GMT server Microsoft-IIS/10.0 x-timer S1633946138.461321,VS0,VE1 etag "7a8b65a8575ad01:0" vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT, HEAD content-type application/javascript via 1.1 varnish, 1.1 varnish cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept x-cache-hits 1, 1
GET H2	200	libasync.js Show response wwwcdn.cincopa.com/media-platform/runtime/	170 KB 44 KB	24ms 8ms	Script text/plain	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://wwwcdn.cincopa.com/media-platform/runtime/libasync.js Requested by Host: clients-sessions.mkh.center URL: https://clients-sessions.mkh.center/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 08bea7bd4b13648e6829704aa2cb8c9c79dbd8be997511254f8e05e11850f2e4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://clients-sessions.mkh.center/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 09:55:38 GMT content-encoding gzip fpm FP12-Cincopa age 29 x-powered-by ASP.NET x-cache HIT, HIT fpm-runtime | 0 rewrite1 | 0 rewrite2 | 67 end content-length 44455 x-served-by cache-dal21226-DAL, cache-hhn4024-HHN access-control-allow-origin * last-modified Tue, 05 Oct 2021 12:13:53 GMT server Microsoft-IIS/10.0 x-timer S1633946138.461355,VS0,VE1 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT, HEAD via 1.1 varnish, 1.1 varnish expires Tue, 05 Oct 2021 12:18:23 GMT cache-control public accept-ranges bytes timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept x-cache-hits 1, 1
GET H2	200	lib.js Show response wwwcdn.cincopa.com/_cms/portal/basic/	37 KB 10 KB	23ms 7ms	Script application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://wwwcdn.cincopa.com/_cms/portal/basic/lib.js?fts=2021-05-21T16:11:47.6707181Z Requested by Host: clients-sessions.mkh.center URL: https://clients-sessions.mkh.center/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 327fa408dd2cd2a693503cc3ebbafda81cc279495e85b18737af4336e6a52cd5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://clients-sessions.mkh.center/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 09:55:38 GMT content-encoding gzip fpm FP12-Cincopa age 1552645 x-powered-by ASP.NET x-cache HIT, HIT fpm-runtime | 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite4 | 1 rewrite5 | 1 rewrite6 | 1 end content-length 9305 x-served-by cache-dal21261-DAL, cache-hhn4024-HHN access-control-allow-origin * last-modified Fri, 21 May 2021 16:11:47 GMT server Microsoft-IIS/10.0 x-timer S1633946138.461403,VS0,VE0 etag "6dfb1e05c4ed71:0" vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT, HEAD content-type application/javascript via 1.1 varnish, 1.1 varnish cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept x-cache-hits 1, 1
GET H2	200	FinalLogo.png mediacdn.cincopa.com/v2/1083596/94!46eFAAAAAAw4hB/0/	2 MB 2 MB	9ms 7ms	Image image/x-png	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://mediacdn.cincopa.com/v2/1083596/94!46eFAAAAAAw4hB/0/FinalLogo.png Requested by Host: clients-sessions.mkh.center URL: https://clients-sessions.mkh.center/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 162a200d58d5f9ff5a588dfad45d500594bc6811507f3e7217ed840b1581c3b9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://clients-sessions.mkh.center/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 09:55:38 GMT via 1.1 varnish, 1.1 varnish content-type image/x-png x-aspnet-version 4.0.30319 age 29 x-powered-by ASP.NET x-cache MISS, HIT content-length 2047403 fpm FP45-Cincopa x-served-by cache-iah17236-IAH, cache-hhn4024-HHN cpdebug icos last-modified Wed, 21 Apr 2021 00:59:15 GMT server Microsoft-IIS/10.0 x-timer S1633946139.502660,VS0,VE1 access-control-max-age 2592000 access-control-allow-methods GET, POST xlast-modified Mon, 01 Jan 0001 00:00:00 GMT access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-REQUESTED-WITH,X-FILE-NAME,X-FILE-SIZE,X-TOTAL-LENGTH,Content-Type,Content-Range,Range,unique-id x-cache-hits 0, 1
GET H2	200	gtm.js Show response www.googletagmanager.com/	100 KB 40 KB	68ms 27ms	Script application/javascript	172.217.16.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MHTH4HP Requested by Host: clients-sessions.mkh.center URL: https://clients-sessions.mkh.center/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.136 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f136.1e100.net Software Google Tag Manager / Resource Hash 83f475483e3c3f881b7d2aa6741645bc496ceab85026c4b51ffa4ad4f995aca2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://clients-sessions.mkh.center/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 09:55:38 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40000 x-xss-protection 0 last-modified Mon, 11 Oct 2021 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 11 Oct 2021 09:55:38 GMT
GET H2	200	oa.aspx analytics.cincopa.com/	0 253 B	793ms 262ms	Image text/html	169.55.60.58 SOFTLAYER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.cincopa.com/oa.aspx?uid=pages&fid=clients-sessions.mkh.center&setref=https%3A%2F%2Fclients-sessions.mkh.center%2F Requested by Host: clients-sessions.mkh.center URL: https://clients-sessions.mkh.center/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 169.55.60.58 , United States, ASN36351 (SOFTLAYER, US), Reverse DNS 3a.3c.37a9.ip4.static.sl-reverse.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://clients-sessions.mkh.center/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 09:55:38 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT, HEAD content-type text/html access-control-allow-origin * cache-control private access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0 fpm FP22-Analytics
GET H2	200	mtc.js Show response wwwcdn.cincopa.com/_cms/design19/	132 KB 47 KB	7ms 7ms	Script application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://wwwcdn.cincopa.com/_cms/design19/mtc.js?aajCT9HDz7nXjA&fts=2020-01-23T10:28:57.2525762Z Requested by Host: clients-sessions.mkh.center URL: https://clients-sessions.mkh.center/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 8a63f2f01ab6abfa565c30d232fd03ca8c289ad5df958ad4f44a12c47aad2e7b Request headers Accept-Language de-DE,de;q=0.9 Referer https://clients-sessions.mkh.center/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 09:55:38 GMT content-encoding gzip fpm FP12-Cincopa age 1935902 x-powered-by ASP.NET x-cache HIT, HIT fpm-runtime | 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite4 | 1 rewrite5 | 1 rewrite6 | 1 end content-length 48018 x-served-by cache-dal21229-DAL, cache-hhn4024-HHN access-control-allow-origin * last-modified Thu, 23 Jan 2020 10:28:57 GMT server Microsoft-IIS/10.0 x-timer S1633946139.561097,VS0,VE1 etag "c24443ebd7d1d51:0" vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT, HEAD content-type application/javascript via 1.1 varnish, 1.1 varnish cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept x-cache-hits 1, 1
GET H2	200	email_integration_ajax.aspx Show response www.cincopa.com/media-platform/	520 B 2 KB	212ms 194ms	XHR application/json	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.cincopa.com/media-platform/email_integration_ajax.aspx?cmd=get_blob&integration=hubspot&uid=AgCAsXRNubJu Requested by Host: wwwcdn.cincopa.com URL: https://wwwcdn.cincopa.com/_cms/design15/js/jquery-1.11.2.min.js?fts=2015-03-09T10:56:12.7626106Z Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash a1f52846ac3db480043c320ffafd2666f37e5187ce78752b564c986526d8671c Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://clients-sessions.mkh.center/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 09:55:38 GMT via 1.1 varnish, 1.1 varnish fpm FP12-Cincopa x-powered-by ASP.NET x-cache MISS, MISS p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" fpm-runtime | 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 1 rewrite3.1 | 1 rewrite3.2 | 1 rewrite4 | 1 rewrite5 | 1 rewrite6 | 1 baseKillerAppsPage.cs:69 | 1 baseKillerAppsPage.cs:4878 | 1 baseKillerAppsPage.cs:4883 | 1 baseKillerAppsPage.cs:6929 | 1 baseKillerAppsPage.cs:2096 | 1 before LoginCincopa | 2 after LoginCincopa | 70 end content-length 520 x-served-by cache-dal21272-DAL, cache-hhn4030-HHN pragma no-cache access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept fpm-session readonly server Microsoft-IIS/10.0 x-timer S1633946139.583866,VS0,VE188 access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * expires Mon, 11 Oct 2021 09:54:38 GMT cache-control private, no-store accept-ranges bytes timing-allow-origin * x-aspnet-version 4.0.30319 x-cache-hits 0, 0
GET H2	200	ping.json Show response api.cincopa.com/v2/	125 B 780 B	782ms 261ms	XHR application/json	108.168.254.107 SOFTLAYER
General Check archive.org Show headers Download Go to Full URL https://api.cincopa.com/v2/ping.json?api_token=session Requested by Host: wwwcdn.cincopa.com URL: https://wwwcdn.cincopa.com/_cms/design15/js/jquery-1.11.2.min.js?fts=2015-03-09T10:56:12.7626106Z Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 108.168.254.107 Dallas, United States, ASN36351 (SOFTLAYER, US), Reverse DNS 6b.fe.a86c.ip4.static.sl-reverse.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 2d146abd1a37ff8b663e86925d8f51b61cbdc5542f75b4acb956a7d39b439e5a Request headers Accept */* Referer https://clients-sessions.mkh.center/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 09:55:39 GMT content-encoding gzip fpm FP12-Cincopa x-powered-by ASP.NET fpm-runtime | 0 rewrite1 | 0 rewrite2 | 0 rewrite3 | 2 rewrite3.1 | 2 rewrite3.2 | 2 rewrite4 | 2 rewrite5 | 2 rewrite6 | 2 baseKillerAppsPage.cs:69 | 2 baseKillerAppsPage.cs:4878 | 3 baseKillerAppsPage.cs:4883 | 3 baseKillerAppsPage.cs:6929 | 3 baseKillerAppsPage.cs:2096 | 3 before LoginCincopa | 3 after LoginCincopa | 4 end content-length 119 pragma no-cache access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept fpm-session readonly server Microsoft-IIS/10.0 access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT, HEAD content-type application/json; charset=utf-8 access-control-allow-origin https://clients-sessions.mkh.center cache-control private, no-store access-control-allow-credentials true timing-allow-origin * x-aspnet-version 4.0.30319 expires Mon, 11 Oct 2021 09:54:39 GMT
POST H/1.1	200 OK	event Show response mautic.cincopa.com/mtc/	115 B 1 KB	2040ms 1846ms	XHR application/json	34.226.52.22 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mautic.cincopa.com/mtc/event Requested by Host: wwwcdn.cincopa.com URL: https://wwwcdn.cincopa.com/_cms/design19/mtc.js?aajCT9HDz7nXjA&fts=2020-01-23T10:28:57.2525762Z Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 34.226.52.22 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-226-52-22.compute-1.amazonaws.com Software nginx / Resource Hash fd21c1a204858fb318cd0052272c558bcd7ac20d3d23bfb3d875f8f898b39321 Request headers Referer https://clients-sessions.mkh.center/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Date Mon, 11 Oct 2021 09:55:41 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Access-Control-Allow-Methods PUT, GET, POST, DELETE, OPTIONS Content-Type application/json Access-Control-Allow-Origin https://clients-sessions.mkh.center Access-Control-Max-Age 36000 Cache-Control max-age=0, must-revalidate, private Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Authorization Expires Mon, 11 Oct 2021 09:55:41 GMT
OPTIONS H/1.1	204 No Content	event mautic.cincopa.com/mtc/	0 0	299ms 97ms	Preflight text/html	34.226.52.22 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://mautic.cincopa.com/mtc/event Protocol HTTP/1.1 Server 34.226.52.22 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-226-52-22.compute-1.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers x-requested-with Origin https://clients-sessions.mkh.center User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx Content-Type text/html; charset=UTF-8 Connection keep-alive Cache-Control no-cache, private Date Mon, 11 Oct 2021 09:55:39 GMT Access-Control-Allow-Origin https://clients-sessions.mkh.center Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Authorization Access-Control-Allow-Methods PUT, GET, POST, DELETE, OPTIONS Access-Control-Allow-Credentials true Access-Control-Max-Age 36000
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 20 KB	78ms 23ms	Script text/javascript	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHTH4HP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://clients-sessions.mkh.center/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 11 Aug 2021 00:32:57 GMT server Golfe2 age 6873 date Mon, 11 Oct 2021 08:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Mon, 11 Oct 2021 10:01:06 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 468 B	63ms 21ms	XHR text/plain	74.125.71.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-112189450-1&cid=30007756.1633946139&jid=837303602&gjid=1658566571&_gid=572684409.1633946139&_u=YGBAgEABAAAAAE~&z=2109350492 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.71.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS wn-in-f154.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://clients-sessions.mkh.center/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 11 Oct 2021 09:55:39 GMT content-type text/plain access-control-allow-origin https://clients-sessions.mkh.center cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 194 B	22ms 21ms	Image image/gif	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j93&a=114410570&t=pageview&_s=1&dl=https%3A%2F%2Fclients-sessions.mkh.center%2F&ul=en-us&de=UTF-8&dt=Billboard%20skin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=837303602&gjid=1658566571&cid=30007756.1633946139&tid=UA-112189450-1&_gid=572684409.1633946139&gtm=2wga60MHTH4HP&z=2002388166 Requested by Host: clients-sessions.mkh.center URL: https://clients-sessions.mkh.center/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://clients-sessions.mkh.center/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 10 Oct 2021 16:47:52 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 61667 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| cincopa object| zeSkins object| zeGalleryArray object| _cp_go_hooks number| _cp_last_gallery object| _wp_widget_js_array object| _cp_preloaded_files undefined| loadem undefined| s function| cp_load_widget function| getElement function| cp_add_override function| wp_widget_show function| trace function| GalleryObject function| zeOnMediaJSON function| Ajax string| templastrid number| sendbuffercount object| errortimer object| _cpmp undefined| go string| f object| globalArgs string| wizardJsPath boolean| isDefaultTemplate string| fidFromUrl__ string| _accid string| fidFromUrl string| item_title string| item_desc string| upload_url string| cname_domain string| firstItemThumb object| sso_user_data object| items object| __user_feature string| _is_impersonate string| fid undefined| rid boolean| extMode boolean| assetMode undefined| userID undefined| newUrl object| argJsonUrlMapping object| KEY function| showGallery function| isPageOwner function| getCookie function| setCookie object| mediaSource function| createShare function| sendHubspotData undefined| app undefined| share function| activateEditor object| dataLayer object| oat string| MauticTrackingObject function| mt object| mauticSettings object| jQuery111203386969154382695 object| MauticJS function| s4 string| MauticDomain object| MauticLang function| Fingerprint2 object| mtcId object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			clients-sessions.mkh.center/	1970-01-21 17:40:26	Name: cp_sessionid Value: 8927700268351282
			.mkh.center/	1970-01-20 15:23:38	Name: _ga Value: GA1.2.30007756.1633946139
			.mkh.center/	1970-01-19 21:53:52	Name: _gid Value: GA1.2.572684409.1633946139
			.mkh.center/	1970-01-19 21:52:26	Name: _dc_gtm_UA-112189450-1 Value: 1
			mautic.cincopa.com/	1970-01-20 06:38:02	Name: mautic_device_id Value: 6yhmfki52fmg8z3d6dpipy3
			mautic.cincopa.com/	1969-12-31 23:59:59	Name: mtc_id Value: 2704206
			mautic.cincopa.com/	1969-12-31 23:59:59	Name: mtc_sid Value: 6yhmfki52fmg8z3d6dpipy3
			mautic.cincopa.com/	1970-01-19 21:52:27	Name: mautic_referer_id Value: 8782872
			clients-sessions.mkh.center/	1969-12-31 23:59:59	Name: mtc_id Value: 2704206
			clients-sessions.mkh.center/	1969-12-31 23:59:59	Name: mtc_sid Value: 6yhmfki52fmg8z3d6dpipy3
			clients-sessions.mkh.center/	1969-12-31 23:59:59	Name: mautic_device_id Value: 6yhmfki52fmg8z3d6dpipy3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.cincopa.com
api.cincopa.com
clients-sessions.mkh.center
mautic.cincopa.com
mediacdn.cincopa.com
stats.g.doubleclick.net
www.cincopa.com
www.google-analytics.com
www.googletagmanager.com
wwwcdn.cincopa.com
108.168.254.107
142.250.186.46
151.101.130.133
169.55.60.58
172.217.16.136
34.226.52.22
74.125.71.154
08bea7bd4b13648e6829704aa2cb8c9c79dbd8be997511254f8e05e11850f2e4
162a200d58d5f9ff5a588dfad45d500594bc6811507f3e7217ed840b1581c3b9
2d146abd1a37ff8b663e86925d8f51b61cbdc5542f75b4acb956a7d39b439e5a
327fa408dd2cd2a693503cc3ebbafda81cc279495e85b18737af4336e6a52cd5
384d4912d57a0ad716978f525d736f9a57208f877c2d6009dde3d0dbb91f3a51
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f475483e3c3f881b7d2aa6741645bc496ceab85026c4b51ffa4ad4f995aca2
8a63f2f01ab6abfa565c30d232fd03ca8c289ad5df958ad4f44a12c47aad2e7b
a1f52846ac3db480043c320ffafd2666f37e5187ce78752b564c986526d8671c
a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec
d1920cce55b0aed9d6761bad28bed7514fde03bb6128fdc8ca801c2bb88c9422
d3ac0556f933c5c14df229901c7f7f2bbab8a480a554d6c3203cf01d9bbb6a25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd21c1a204858fb318cd0052272c558bcd7ac20d3d23bfb3d875f8f898b39321
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62