urlscan.io logo urlscan.io
SecurityTrails logo

auth.emag.ro Open in urlscan Pro
3.64.222.198  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u6270107.ct.sendgrid.net/ls/click?upn=-2Bvjqr9qJ25Ep96AGUB4aAUmCL0hCTJypBpRB6yeJlYnNXFbSR2O85TreCPZc0VwuZrZ6dHnECsvNSoFG-...
Effective URL: https://auth.emag.ro/user/login
Submission: On April 05 via manual from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 24 HTTP transactions. The main IP is 3.64.222.198, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is auth.emag.ro.
TLS certificate: Issued by Amazon on December 25th 2021. Valid for: a year.
This is the only time auth.emag.ro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.28 11377 (SENDGRID)
2 2 46.174.147.25 47388 (EMAG-AS)
1 5 3.64.222.198 16509 (AMAZON-02)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 104.16.168.131 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
7 104.16.169.131 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
24 7
1    167.89.118.28 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net
u6270107.ct.sendgrid.net
2    46.174.147.25 (Romania)

ASN47388 (EMAG-AS, RO)
www.emag.ro
5    3.64.222.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-222-198.eu-central-1.compute.amazonaws.com
auth.emag.ro
5    2a02:26f0:3500:11::215:14c9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s13emagst.akamaized.net
3    104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)
newassets.hcaptcha.com
hcaptcha.com
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
10 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 8386
newassets.hcaptcha.com — Cisco Umbrella Rank: 11761
484 KB
7 emag.ro
www.emag.ro — Cisco Umbrella Rank: 67260
auth.emag.ro
12 KB
5 akamaized.net
s13emagst.akamaized.net — Cisco Umbrella Rank: 85783
58 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
106 KB
1 sendgrid.net
u6270107.ct.sendgrid.net
254 B
24 6
Domain Requested by
7 newassets.hcaptcha.com hcaptcha.com
newassets.hcaptcha.com
5 s13emagst.akamaized.net auth.emag.ro
5 auth.emag.ro 1 redirects auth.emag.ro
3 www.google-analytics.com www.googletagmanager.com
auth.emag.ro
3 hcaptcha.com auth.emag.ro
newassets.hcaptcha.com
2 www.googletagmanager.com auth.emag.ro
www.googletagmanager.com
2 www.emag.ro 2 redirects
1 u6270107.ct.sendgrid.net 1 redirects
24 8

This site contains links to these domains. Also see Links.

Domain
www.emag.ro
www.facebook.com
accounts.google.com
appleid.apple.com
anpc.ro
Subject Issuer Validity Valid
auth.emag.ro
Amazon		 2021-12-25 -
2023-01-22		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://auth.emag.ro/user/login
Frame ID: 0AD73DB542C960605D53622E4EED3D9F
Requests: 20 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/f5a464c/static/hcaptcha-challenge.html
Frame ID: 5E6BCA4724DF6D0340D03C292939382B
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/f5a464c/static/hcaptcha-checkbox.html
Frame ID: C6633632166B41F167DD348D7C0BACBF
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

eMAG.ro - Libertate în fiecare zi

Page URL History Show full URLs

  1. https://u6270107.ct.sendgrid.net/ls/click?upn=-2Bvjqr9qJ25Ep96AGUB4aAUmCL0hCTJypBpRB6yeJlYnNXFbSR2O85TreCPZc0... HTTP 302
    https://www.emag.ro/user/myaccount?ref_id=883756102 HTTP 307
    https://www.emag.ro/user/login?redirect_key=%2Fuser%2Fmyaccount%3Fref_id%3D883756102 HTTP 302
    https://auth.emag.ro/user/authorize?response_type=code&client_id=c9160171685823f0&redirect_uri=ht... HTTP 302
    https://auth.emag.ro/user/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*accounts\.google\.com/o/oauth2
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

24
Requests

100 %
HTTPS

38 %
IPv6

6
Domains

8
Subdomains

7
IPs

4
Countries

676 kB
Transfer

1822 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u6270107.ct.sendgrid.net/ls/click?upn=-2Bvjqr9qJ25Ep96AGUB4aAUmCL0hCTJypBpRB6yeJlYnNXFbSR2O85TreCPZc0VwuZrZ6dHnECsvNSoFG-2BGaeig-3D-3D2UaA_V-2BppfCjHuGEJQFzVBO6Jalg-2F-2BPnNHwI8LRdoUkAE0IBtPcPMXq4i3BkHM9vrVt7LWRwTVpSWfSIdvq36VPkLTAF9prWRQ0TdJfdU0DwyS4rWBXIaFr-2BACm4yFOrvqh0MaOeRXtJl-2BxnNjSuVWQeRPatYi-2B08K-2FADyzss-2BVY7idVoM1sIPCAWNSNHo45bDYpph-2Bn0CCGtV7gpmTj2HGzmeEZ4uhV4bACqeEqaTNNXcAnplG-2B1djugJBKyaMd1NBTda6iouR-2FJmaq0PD6aAyUIYES7c7Xcs8ClcM3dgkU33agScqqM64MU-2B1hvc6dVquF29ArJfc7TYHw-2BmHSLugUKY-2Fy7UEfqpotb2t2o-2Fpa4BLJvAWH785iEMJFuVIIzVKRIl0T2kGEsjGX5BZo2WZbphg-3D-3D HTTP 302
    https://www.emag.ro/user/myaccount?ref_id=883756102 HTTP 307
    https://www.emag.ro/user/login?redirect_key=%2Fuser%2Fmyaccount%3Fref_id%3D883756102 HTTP 302
    https://auth.emag.ro/user/authorize?response_type=code&client_id=c9160171685823f0&redirect_uri=https%3A%2F%2Fwww.emag.ro%2Ftoken&scope=user%3Ainfo+user%3Asecurity& HTTP 302
    https://auth.emag.ro/user/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
auth.emag.ro/user/
Redirect Chain
  • https://u6270107.ct.sendgrid.net/ls/click?upn=-2Bvjqr9qJ25Ep96AGUB4aAUmCL0hCTJypBpRB6yeJlYnNXFbSR2O85TreCPZc0VwuZrZ6dHnECsvNSoFG-2BGaeig-3D-3D2UaA_V-2BppfCjHuGEJQFzVBO6Jalg-2F-2BPnNHwI8LRdoUkAE0IBt...
  • https://www.emag.ro/user/myaccount?ref_id=883756102
  • https://www.emag.ro/user/login?redirect_key=%2Fuser%2Fmyaccount%3Fref_id%3D883756102
  • https://auth.emag.ro/user/authorize?response_type=code&client_id=c9160171685823f0&redirect_uri=https%3A%2F%2Fwww.emag.ro%2Ftoken&scope=user%3Ainfo+user%3Asecurity&
  • https://auth.emag.ro/user/login
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.emag.ro/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.222.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-222-198.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1f29d4870ff725f87ffcd031773548b76ea21b92ac5adeb13a6bf0f9684ee6ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

allow
GET, POST
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 05 Apr 2022 12:25:19 GMT
expires
Tue, 05 Apr 2022 12:25:19 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000;
x-action
Site User Auth login
x-action-ua
Site User Auth login
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ltuid
1649161519.586-8ec6931cd35acaaf4fa1219c942c235b121d343b
x-meta-data
2209455519828611715
x-trace-id
dad4d80127079938323529f64079dc925af882e8a1804c46
x-xss-protection
1; mode=block

Redirect headers

allow
GET, POST
cache-control
max-age=0, must-revalidate, private
content-type
text/html; charset=UTF-8
date
Tue, 05 Apr 2022 12:25:19 GMT
expires
Tue, 05 Apr 2022 12:25:19 GMT
location
/user/login
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000;
x-action
Site User Auth Authorize
x-action-ua
Site User Auth Authorize
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ltuid
1649161519.586-8ec6931cd35acaaf4fa1219c942c235b121d343b
x-meta-data
2209455519828611715
x-trace-id
c647bc66b7d1c43fabf9a557ff2cee296198693c34bd1e9d
x-xss-protection
1; mode=block
app-876e419472a.css
s13emagst.akamaized.net/auth.emag/site/css/ 		60 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s13emagst.akamaized.net/auth.emag/site/css/app-876e419472a.css
Requested by
Host: auth.emag.ro
URL: https://auth.emag.ro/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:11::215:14c9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8b0303e3589f54c76ca5eff0790f32bed914f7f8ced924d87e2ae922e394cdb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:19 GMT
content-encoding
gzip
last-modified
Tue, 22 Feb 2022 12:44:46 GMT
server
AkamaiNetStorage
etag
"876e419472c648fbf9cdf27ecba1dc28:1645533886.940623"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=27910125
accept-ranges
bytes
content-length
17272
expires
Wed, 22 Feb 2023 13:14:04 GMT
style-5pcpem1f2w.min.css
auth.emag.ro/phstyles/ 		71 B
772 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.emag.ro/phstyles/style-5pcpem1f2w.min.css
Requested by
Host: auth.emag.ro
URL: https://auth.emag.ro/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.222.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-222-198.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3908abf694634b8766500015617fab8721b43529cb899ddf0fc6caecdf1d5b1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:19 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 31 Mar 2022 10:47:10 GMT
server
nginx
etag
"624586ae-47"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
71
x-content-type-options
nosniff
logo.svg
s13emagst.akamaized.net/layout/all/images/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s13emagst.akamaized.net/layout/all/images/logo/logo.svg
Requested by
Host: auth.emag.ro
URL: https://auth.emag.ro/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:11::215:14c9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
efb09f83d0b7ad49ae9e020ac29c2064dd2b7826baa8e56fa126d54d1d3f2c83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:19 GMT
content-encoding
gzip
last-modified
Mon, 29 Jun 2020 08:49:03 GMT
server
AkamaiNetStorage
etag
"e91100c7a1482108e798d7c9be4166e1:1593420543.493829"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=6236857
accept-ranges
bytes
content-length
1170
expires
Thu, 16 Jun 2022 16:52:56 GMT
app-f7bd577e32a.js
s13emagst.akamaized.net/auth.emag/site/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s13emagst.akamaized.net/auth.emag/site/js/app-f7bd577e32a.js
Requested by
Host: auth.emag.ro
URL: https://auth.emag.ro/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:11::215:14c9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b1f1def61a32051f02f701e32128cfdfefa595d8dff0d0b1317cc9f4f684b87d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:19 GMT
content-encoding
gzip
last-modified
Wed, 10 Nov 2021 11:59:42 GMT
server
AkamaiNetStorage
etag
"f7bd577e329c034608cb75a5ed5b61f0:1636545582.666143"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=18929740
accept-ranges
bytes
content-length
4709
expires
Thu, 10 Nov 2022 14:40:59 GMT
api.js
hcaptcha.com/1/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js?hl=ro&onload=CAPTCHAReadyCallback
Requested by
Host: auth.emag.ro
URL: https://auth.emag.ro/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1435ebf3671af3f836b8b226e312df667dd1d49ad199cc073591589ef54af94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:19 GMT
via
1.1 614841c4d4b9d16b3be042dd1938400c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 24 Mar 2022 12:35:33 GMT
server
cloudflare
etag
W/"b800e8a574417b0e551027a552901951"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
x-amz-cf-pop
AMS50-C1
cf-ray
6f72440b6d835c38-FRA
x-amz-cf-id
YSAoacDP0ToaELFOnn3Wgfn9zSvSa9ViraT-2rdU1H1W7bMSAIt3kw==
gtm.js
www.googletagmanager.com/ 		109 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NT867HR
Requested by
Host: auth.emag.ro
URL: https://auth.emag.ro/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d8ca31d1636d92cbb25f1c83f8116aa4ad7ff2e2482920d3011504edce6625f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41789
x-xss-protection
0
last-modified
Tue, 05 Apr 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Apr 2022 12:25:19 GMT
/
auth.emag.ro/profile_async/oLRbK3I-KCWDWxFirIg9gXJ2ejBDRExVTUdkcmphaVY3L0MvQjI1b3QwVEplL2lMV0ErWDhhZkRLV25Cc3lEN0d2MGNvbXBPYzBlWU9ZWkpudFF2TjdQK0JpYzFRbUZrMWY3Tm1NSlc1L1NidmZtR0RiOVhGSE9wY3RPOFNJcT... 		43 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.emag.ro/profile_async/oLRbK3I-KCWDWxFirIg9gXJ2ejBDRExVTUdkcmphaVY3L0MvQjI1b3QwVEplL2lMV0ErWDhhZkRLV25Cc3lEN0d2MGNvbXBPYzBlWU9ZWkpudFF2TjdQK0JpYzFRbUZrMWY3Tm1NSlc1L1NidmZtR0RiOVhGSE9wY3RPOFNJcTN4STVaQnBzbUt6ZXpKU0NlY0lXeHZKcTZjNm0zRkk1Qkp6eEFoMDhzQ2dkV0N2U0U4NVQrbWxFQ0dRd29VR0luU3J0WlBYUkh1UHRUYndDNEVTa0gvWDBXc2Y1ZzA4K1o2N2xoVWc9PQ__/m/?r=1649161519&c=13&sd=0
Requested by
Host: auth.emag.ro
URL: https://auth.emag.ro/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.222.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-222-198.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:19 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000;
content-length
43
x-content-type-options
nosniff
truncated
/ 		320 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d0bda09dc9509669fe29bf4f7b71bfffc0121d77884c38e0c4698422ccbe6d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		462 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d94f6a737d857d936f8bf364135ad6f46254ab8cb1a08cb1e91d5fcb7f0dc0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d643cf824b866641aac9137fab29da110e42b146c5eeae03e04eabaca52c17f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo-67641.png
auth.emag.ro/phstyles/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.emag.ro/phstyles/logo-67641.png
Requested by
Host: auth.emag.ro
URL: https://auth.emag.ro/phstyles/style-5pcpem1f2w.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.222.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-222-198.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1e87e2512d80143954e933de4d94bb2876f991a3f79dbfef2456acbc2eb7723c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/phstyles/style-5pcpem1f2w.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:19 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 31 Mar 2022 10:47:10 GMT
server
nginx
etag
"624586ae-658"
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000;
accept-ranges
bytes
content-length
1624
x-content-type-options
nosniff
opensans-regular-emag-nogsub.woff2
s13emagst.akamaized.net/layout/ro/fonts/open-sans-v3/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s13emagst.akamaized.net/layout/ro/fonts/open-sans-v3/opensans-regular-emag-nogsub.woff2
Requested by
Host: auth.emag.ro
URL: https://auth.emag.ro/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:11::215:14c9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
029e3d3eedbbf236ec830dadb20a8c99d13b7950542831a864ceb6b58e251e47

Request headers

Referer
https://auth.emag.ro/
Origin
https://auth.emag.ro
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:19 GMT
last-modified
Sat, 11 Jul 2020 11:29:06 GMT
server
AkamaiNetStorage
etag
"025bc0d0abc8210943d356ca44b52a1e:1594466946.167111"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=7719328
accept-ranges
bytes
content-length
17252
expires
Sun, 03 Jul 2022 20:40:47 GMT
opensans-semibold-emag-nogsub.woff2
s13emagst.akamaized.net/layout/ro/fonts/open-sans-v3/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s13emagst.akamaized.net/layout/ro/fonts/open-sans-v3/opensans-semibold-emag-nogsub.woff2
Requested by
Host: auth.emag.ro
URL: https://auth.emag.ro/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:11::215:14c9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d0ccde875e1b284ef693d8212e5a22a80d28dc537efd4349df1e3455650efa31

Request headers

Referer
https://auth.emag.ro/
Origin
https://auth.emag.ro
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:19 GMT
last-modified
Sat, 11 Jul 2020 11:29:07 GMT
server
AkamaiNetStorage
etag
"e4cc282e5646c3904b6146705ba59bc0:1594466947.119596"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=10519347
accept-ranges
bytes
content-length
17916
expires
Fri, 05 Aug 2022 06:27:46 GMT
hcaptcha-challenge.html
newassets.hcaptcha.com/captcha/v1/f5a464c/static/ Frame 5E6B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/f5a464c/static/hcaptcha-challenge.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?hl=ro&onload=CAPTCHAReadyCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e3f0d1b9ddbd55cf6313c5bb235f72c759a510f139dcd2d10e92f9950b51ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/user/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
81611
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
6f72440bbe1b5c38-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 05 Apr 2022 12:25:19 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 24 Mar 2022 12:35:33 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 63cf97e5788a160a76e89d4e12e2ca28.cloudfront.net (CloudFront)
x-amz-cf-id
Pf9K3cnUsmQbxVfLkP-8FM0oixhJpQHzOa252rAOn_DVlyOPcKmDYA==
x-amz-cf-pop
AMS50-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha-checkbox.html
newassets.hcaptcha.com/captcha/v1/f5a464c/static/ Frame C663 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/f5a464c/static/hcaptcha-checkbox.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?hl=ro&onload=CAPTCHAReadyCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14284deb234f148e9f8f95346824710f47f2d5940dd3cbd638a565a2c2468632
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/user/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
81611
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
6f72440bbe1e5c38-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 05 Apr 2022 12:25:19 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 24 Mar 2022 12:35:33 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
x-amz-cf-id
JzN8ea64gDDzY830B9toDbkZUFaAK_CAMv990Iw1V6bzanqFJ5RX0Q==
x-amz-cf-pop
AMS50-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
ro.json
newassets.hcaptcha.com/captcha/v1/f5a464c/static/i18n/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/f5a464c/static/i18n/ro.json
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?hl=ro&onload=CAPTCHAReadyCallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68038b797b1cae8999bf7cf1c4828f53c9056fae67c7d1e84990397b622ba036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
65127
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3048
access-control-allow-origin
*
last-modified
Thu, 24 Mar 2022 12:35:33 GMT
server
cloudflare
etag
"db9162b52f729d707e34425976f41516"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
via
1.1 b475a5f7d95ff68ca0dc588e3c9a3230.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
ARN1-C1
accept-ranges
bytes
cf-ray
6f72440bf92f9bfe-FRA
x-amz-cf-id
QMA2nWRDp6_lUQZQEbLWoJZhKOw5yURCiCqUMhweWWbkVy_iojOIpQ==
ro.json
newassets.hcaptcha.com/captcha/v1/f5a464c/static/i18n/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/f5a464c/static/i18n/ro.json
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?hl=ro&onload=CAPTCHAReadyCallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68038b797b1cae8999bf7cf1c4828f53c9056fae67c7d1e84990397b622ba036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
65127
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3048
access-control-allow-origin
*
last-modified
Thu, 24 Mar 2022 12:35:33 GMT
server
cloudflare
etag
"db9162b52f729d707e34425976f41516"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
via
1.1 b475a5f7d95ff68ca0dc588e3c9a3230.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
ARN1-C1
accept-ranges
bytes
cf-ray
6f72440bf92c9bfe-FRA
x-amz-cf-id
QMA2nWRDp6_lUQZQEbLWoJZhKOw5yURCiCqUMhweWWbkVy_iojOIpQ==
js
www.googletagmanager.com/gtag/ 		176 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JJCSV4C7C3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NT867HR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2e76e9d296baef77a43340d7fa36c01f83f2bec045f504e5da83a1ad19125c61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:20 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65808
x-xss-protection
0
expires
Tue, 05 Apr 2022 12:25:20 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NT867HR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3030
date
Tue, 05 Apr 2022 11:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Apr 2022 13:34:50 GMT
hcaptcha-checkbox.js
newassets.hcaptcha.com/captcha/v1/f5a464c/ Frame C663 		134 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/f5a464c/hcaptcha-checkbox.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/f5a464c/static/hcaptcha-checkbox.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffde1a0c3cdadbfe59c84df8605fa67b9591a7fed8314099efa68b1993a2853d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/f5a464c/static/hcaptcha-checkbox.html
Origin
https://newassets.hcaptcha.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
81620
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43673
access-control-allow-origin
*
last-modified
Thu, 24 Mar 2022 12:35:33 GMT
server
cloudflare
etag
"56844891eb88933baf7c6514ce3fd0f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 1dc2ff77d1e8b23aad1d3301c4982860.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
CDG50-C2
accept-ranges
bytes
cf-ray
6f72440cee9b99e1-CDG
x-amz-cf-id
nPZJDbbG6pVORpDO6GKH4uiEQcZGbX-a8L1AnVW0EuKjzhD0lzwPyw==
hcaptcha-challenge.js
newassets.hcaptcha.com/captcha/v1/f5a464c/ Frame 5E6B 		206 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/f5a464c/hcaptcha-challenge.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/f5a464c/static/hcaptcha-challenge.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c69cd175d164886db57f5d8f7cf7243367ad86b99d3b4b72c786e69d63bc0999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/f5a464c/static/hcaptcha-challenge.html
Origin
https://newassets.hcaptcha.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
81620
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60538
access-control-allow-origin
*
last-modified
Thu, 24 Mar 2022 12:35:33 GMT
server
cloudflare
etag
"936cd92028c431da379e70425cdf4ed4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 8e496b1470aa6e6c871f14bf56d78d58.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
CDG50-C2
accept-ranges
bytes
cf-ray
6f72440cfe9f99e1-CDG
x-amz-cf-id
PontZtAAeQOM6GYwZz1Cgv9uma6eFif6XK3I_q72vmFD36pmv05t_Q==
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JJCSV4C7C3&gtm=2oe3u0&_p=355806534&sr=1600x1200&ul=en-us&cid=6360548675.1649161520&ir=1&_s=1&dl=https%3A%2F%2Fauth.emag.ro%2Fuser%2Flogin&dt=eMAG.ro%20-%20Libertate%20%C3%AEn%20fiecare%20zi&sid=1649161520&sct=1&seg=0&en=page_view&_fv=1&_ss=2&_eu=Q&ep.page_type=AUTH%20page&ep.emag_pageview_id=1649161520-7043.491-325383259&ep.referrer=&up.emag_visitor_id=a%3A1%3A%7Bs%3A7%3A%22user_id%22%3Bi%3A2209455519828611715%3B%7D
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJCSV4C7C3&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Apr 2022 12:25:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://auth.emag.ro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=355806534&t=pageview&_s=1&dl=https%3A%2F%2Fauth.emag.ro%2Fuser%2Flogin&dp=%2Fuser%2Flogin&ul=en-us&de=UTF-8&dt=eMAG.ro%20-%20Libertate%20%C3%AEn%20fiecare%20zi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YIAAAQAB~&cid=6360548675.1649161520&tid=UA-220157-3&_gid=148672424.1649161520&gtm=2wg3u0NT867HR&cd10=AUTH%20page&cd11=a%3A1%3A%7Bs%3A7%3A%22user_id%22%3Bi%3A2209455519828611715%3B%7D&cd23=1649161520-7043.491-325383259&z=296444689
Requested by
Host: auth.emag.ro
URL: https://auth.emag.ro/user/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.emag.ro/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 16:58:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69996
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame C663 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame C663 		522 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=f5a464c&host=auth.emag.ro&sitekey=56cbaadb-1b1c-4e9f-b486-5f29f6005479&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/f5a464c/hcaptcha-checkbox.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33355f33f85373ef8545d4964f9aea742e9c67ad899b451745b436928f759500
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Cache-Control
no-cache
Referer
https://newassets.hcaptcha.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Tue, 05 Apr 2022 12:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6f72440e291c99e1-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
checksiteconfig
hcaptcha.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=f5a464c&host=auth.emag.ro&sitekey=56cbaadb-1b1c-4e9f-b486-5f29f6005479&sc=1&swa=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type
Access-Control-Request-Method
GET
Origin
https://newassets.hcaptcha.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://newassets.hcaptcha.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
6f72440dfd269bfe-FRA
content-length
0
date
Tue, 05 Apr 2022 12:25:20 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
hsw.js
newassets.hcaptcha.com/c/d3f2a96c/ Frame 5E6B 		919 KB
345 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/d3f2a96c/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/f5a464c/hcaptcha-challenge.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/f5a464c/static/hcaptcha-challenge.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 12:25:20 GMT
via
1.1 70f383b1b1176f28876db3111bf71a12.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
47
x-cache
Miss from cloudfront
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 04 Apr 2022 14:48:44 GMT
server
cloudflare
etag
W/"777d618166357c7ea8c00b987c3ad278"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
CDG50-C2
cf-ray
6f72440f6b5099e1-CDG
x-amz-cf-id
P8wqsazyEwoMvvufWibtYa8sXCFUmDHtUGm5C12VSzsu35MSDb5Dbw==

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| dataLayer object| xhttp function| CAPTCHAReadyCallback function| CAPTCHASubmitCallback boolean| isCAPTCHAEnabled object| hcaptcha object| grecaptcha object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal function| onYouTubeIframeAPIReady object| gaplugins object| gaData

17 Cookies

Domain/Path Name / Value
.emag.ro/ Name: EMAGVISITOR
Value: a%3A1%3A%7Bs%3A7%3A%22user_id%22%3Bi%3A2209455519828611715%3B%7D
.emag.ro/ Name: EMAGROSESSID
Value: 7jfd6t6ro2c03l102klvnp60lm
.emag.ro/ Name: ltuid
Value: 1649161519.586-8ec6931cd35acaaf4fa1219c942c235b121d343b
.emag.ro/ Name: EMAGUUID
Value: 1649161520-330512101-22957.169
.emag.ro/ Name: _pdr_internal
Value: GA1.2.6360548675.1649161520
.emag.ro/ Name: site_version_11
Value: not_mobile
.emag.ro/ Name: eab611
Value: b
.emag.ro/ Name: eab620
Value: c
.emag.ro/ Name: eab625
Value: b
.emag.ro/ Name: eab_allocation
Value: eab611=b&eab620=c&eab625=b
.emag.ro/ Name: postlogin
Value: 2xFixWR5ubqTOJVjm13%2BzuA6rgD59hu6RKrz5eX6e8ysmSVtKT2GRa7d6542PEt7OSgsT6BiokWEEvq%2B3U0V7l1ryhvQsm2uhco2HArDydtSpX3FsPW0zNokSprGvRb5JukTmpEAJTg2T7EbBR1c%2FA%3D%3D
.emag.ro/ Name: _pdr_view_id
Value: 1649161520-7043.491-325383259
auth.emag.ro/ Name: PHPSESSID
Value: 7767817a580facccb7c67c62f64d6b77
auth.emag.ro/ Name: AWSALBTG
Value: xwInZG6yn0k38X2lL4D12mvwbHQ+u4FzHtdS3Wwrs9KyjY5Turuv/m1zSNoi5omxS9ImAF0b6QD+341J6NqP8QWeIVIpWYpp+GERQZve3dcwMmNTYHDWPwkWoQT8kyMg7S7AWQxBtydoXYnIzxHYqg92XrBvpz91bPl9HQ4xiOJtFx+6Kw4=
auth.emag.ro/ Name: AWSALBTGCORS
Value: xwInZG6yn0k38X2lL4D12mvwbHQ+u4FzHtdS3Wwrs9KyjY5Turuv/m1zSNoi5omxS9ImAF0b6QD+341J6NqP8QWeIVIpWYpp+GERQZve3dcwMmNTYHDWPwkWoQT8kyMg7S7AWQxBtydoXYnIzxHYqg92XrBvpz91bPl9HQ4xiOJtFx+6Kw4=
.emag.ro/ Name: web4_ga_JJCSV4C7C3
Value: GS1.1.1649161520.1.0.1649161520.0
.emag.ro/ Name: web4_ga
Value: GA1.1.6360548675.1649161520

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.emag.ro
hcaptcha.com
newassets.hcaptcha.com
s13emagst.akamaized.net
u6270107.ct.sendgrid.net
www.emag.ro
www.google-analytics.com
www.googletagmanager.com
104.16.168.131
104.16.169.131
167.89.118.28
2a00:1450:4001:812::2008
2a00:1450:4001:813::200e
2a02:26f0:3500:11::215:14c9
3.64.222.198
46.174.147.25
029e3d3eedbbf236ec830dadb20a8c99d13b7950542831a864ceb6b58e251e47
14284deb234f148e9f8f95346824710f47f2d5940dd3cbd638a565a2c2468632
1e87e2512d80143954e933de4d94bb2876f991a3f79dbfef2456acbc2eb7723c
1f29d4870ff725f87ffcd031773548b76ea21b92ac5adeb13a6bf0f9684ee6ce
2d0bda09dc9509669fe29bf4f7b71bfffc0121d77884c38e0c4698422ccbe6d4
2e76e9d296baef77a43340d7fa36c01f83f2bec045f504e5da83a1ad19125c61
33355f33f85373ef8545d4964f9aea742e9c67ad899b451745b436928f759500
3908abf694634b8766500015617fab8721b43529cb899ddf0fc6caecdf1d5b1e
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5d94f6a737d857d936f8bf364135ad6f46254ab8cb1a08cb1e91d5fcb7f0dc0b
68038b797b1cae8999bf7cf1c4828f53c9056fae67c7d1e84990397b622ba036
73e3f0d1b9ddbd55cf6313c5bb235f72c759a510f139dcd2d10e92f9950b51ad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b0303e3589f54c76ca5eff0790f32bed914f7f8ced924d87e2ae922e394cdb0
a1435ebf3671af3f836b8b226e312df667dd1d49ad199cc073591589ef54af94
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b1f1def61a32051f02f701e32128cfdfefa595d8dff0d0b1317cc9f4f684b87d
bcc4290f7041ce142b6f5142eccb9c47c8ad59c1e8142361b7d40659fcd59f9d
c69cd175d164886db57f5d8f7cf7243367ad86b99d3b4b72c786e69d63bc0999
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0ccde875e1b284ef693d8212e5a22a80d28dc537efd4349df1e3455650efa31
d643cf824b866641aac9137fab29da110e42b146c5eeae03e04eabaca52c17f8
d8ca31d1636d92cbb25f1c83f8116aa4ad7ff2e2482920d3011504edce6625f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efb09f83d0b7ad49ae9e020ac29c2064dd2b7826baa8e56fa126d54d1d3f2c83
ffde1a0c3cdadbfe59c84df8605fa67b9591a7fed8314099efa68b1993a2853d