urlscan.io logo urlscan.io
SecurityTrails logo

ory.vn Open in urlscan Pro
2a06:98c1:3120::7  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ad.atdmt.com/s/go;adv=Pallen2046;c.a=462011;p.a=462020;a.a=4;qpb=1;cache=114611;?h=acct0wa.web.app/pall9yWnq0...
Effective URL: https://ory.vn/wp-access.php
Submission: On April 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 9 domains to perform 46 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is ory.vn.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 2nd 2021. Valid for: a year.
This is the only time ory.vn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Outlook Web Access (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 2a03:2880:f01... 32934 (FACEBOOK)
1 2620:0:890::100 54113 (FASTLY)
1 1 202.75.51.55 17971 (TMVADS-AP...)
1 3 2a06:98c1:312... 13335 (CLOUDFLAR...)
40 34.210.174.112 ()
1 13.32.111.25 16509 (AMAZON-02)
1 2a00:1450:400... ()
1 2a00:1450:400... ()
46 7
1    2a03:2880:f01c:202:face:b00c:0:8c (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
ad.atdmt.com
1    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
acct0wa.web.app
1    202.75.51.55 (Malaysia)

ASN17971 (TMVADS-AP TM-VADS DC Hosting, MY)
PTR: v1529.securen.net
sianlonaquatic.com
3    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
ory.vn
40    34.210.174.112 (None, )

ASN- ()
www.agreserves.com
agstaging.gurutechnologies.net
1    13.32.111.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-111-25.hel50.r.cloudfront.net
logo.clearbit.com
1    2a00:1450:4001:830::200a (None, )

ASN- ()
fonts.googleapis.com
1    2a00:1450:4001:803::2008 (None, )

ASN- ()
www.googletagmanager.com
Apex Domain
Subdomains		 Transfer
39 agreserves.com
www.agreserves.com
576 KB
3 ory.vn
ory.vn
20 KB
1 gurutechnologies.net
agstaging.gurutechnologies.net
1 googletagmanager.com
www.googletagmanager.com
65 KB
1 googleapis.com
fonts.googleapis.com
2 KB
1 clearbit.com
logo.clearbit.com — Cisco Umbrella Rank: 27639
14 KB
1 sianlonaquatic.com
sianlonaquatic.com
285 B
1 web.app
acct0wa.web.app
571 B
1 atdmt.com
ad.atdmt.com — Cisco Umbrella Rank: 2824
973 B
46 9
Domain Requested by
39 www.agreserves.com ory.vn
www.agreserves.com
3 ory.vn 1 redirects acct0wa.web.app
ory.vn
1 agstaging.gurutechnologies.net www.agreserves.com
1 www.googletagmanager.com www.agreserves.com
1 fonts.googleapis.com www.agreserves.com
1 logo.clearbit.com ory.vn
1 sianlonaquatic.com 1 redirects
1 acct0wa.web.app
1 ad.atdmt.com 1 redirects
46 9

This site contains no links.

Subject Issuer Validity Valid
web.app
GTS CA 1D4		 2022-01-31 -
2022-05-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-02 -
2022-10-01		 a year crt.sh
www.agreserves.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-14 -
2022-06-14		 a year crt.sh
clearbit.com
Amazon		 2022-03-23 -
2023-04-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
agstaging.gurutechnologies.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ory.vn/wp-access.php
Frame ID: 703AD4F536EC6B11E345C28C1C9025F4
Requests: 8 HTTP requests in this frame

Frame: https://www.agreserves.com/
Frame ID: 56EB25AEAEB7702970C8567333A61F8F
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to Agreserves Security and Quarantine Center

Page URL History Show full URLs

  1. https://ad.atdmt.com/s/go;adv=Pallen2046;c.a=462011;p.a=462020;a.a=4;qpb=1;cache=114611;?h=acct0w... HTTP 302
    https://acct0wa.web.app/pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm Page URL
  2. https://sianlonaquatic.com/call.php?url=https://acct0wa.web.app/pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm HTTP 302
    https://ory.vn/wp-shell.php?client-request-id=cGFsbGVuQGFncmVzZXJ2ZXMuY29t HTTP 302
    https://ory.vn/wp-access.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

46
Requests

100 %
HTTPS

63 %
IPv6

9
Domains

9
Subdomains

7
IPs

3
Countries

677 kB
Transfer

1955 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ad.atdmt.com/s/go;adv=Pallen2046;c.a=462011;p.a=462020;a.a=4;qpb=1;cache=114611;?h=acct0wa.web.app/pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm HTTP 302
    https://acct0wa.web.app/pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm Page URL
  2. https://sianlonaquatic.com/call.php?url=https://acct0wa.web.app/pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm HTTP 302
    https://ory.vn/wp-shell.php?client-request-id=cGFsbGVuQGFncmVzZXJ2ZXMuY29t HTTP 302
    https://ory.vn/wp-access.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ad.atdmt.com/s/go;adv=Pallen2046;c.a=462011;p.a=462020;a.a=4;qpb=1;cache=114611;?h=acct0wa.web.app/pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm HTTP 302
  • https://acct0wa.web.app/pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm
acct0wa.web.app/
Redirect Chain
  • https://ad.atdmt.com/s/go;adv=Pallen2046;c.a=462011;p.a=462020;a.a=4;qpb=1;cache=114611;?h=acct0wa.web.app/pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm
  • https://acct0wa.web.app/pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm
443 B
571 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acct0wa.web.app/pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=3600
content-encoding
gzip
content-length
263
content-type
text/html; charset=utf-8
date
Fri, 01 Apr 2022 09:27:11 GMT
etag
"120ec97c61f123ac69d7bf9ace7f5578423d61df83f9e02a6deadb40de99f92e"
last-modified
Fri, 01 Apr 2022 07:43:12 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-icn1450073-ICN
x-timer
S1648805231.232770,VS0,VE94

Redirect headers

cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-origin
date
Fri, 01 Apr 2022 09:27:10 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
location
https://acct0wa.web.app/pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm
pragma
no-cache
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options
nosniff
x-fb-debug
jg7ABJL5jqfBLkXB06FR61kXuKISWncDmVfBDkhb7obMAg5vIzm1VZtj4V5VgbbPrBPhRw3IBRhSTP04xL641Q==
x-fb-rlafr
0
x-frame-options
DENY
x-xss-protection
0
Primary Request wp-access.php
ory.vn/
Redirect Chain
  • https://sianlonaquatic.com/call.php?url=https://acct0wa.web.app/pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm
  • https://ory.vn/wp-shell.php?client-request-id=cGFsbGVuQGFncmVzZXJ2ZXMuY29t
  • https://ory.vn/wp-access.php
51 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ory.vn/wp-access.php
Requested by
Host: acct0wa.web.app
URL: https://acct0wa.web.app/pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
a6cf4418ffb842df87ad5f7b288d54cbfb5959370e115f1f88822fc92a9f4eed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acct0wa.web.app/pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
6f5049a8dd569c01-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 01 Apr 2022 09:27:14 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mhSlu6GtFTXHZqn2kM4Lg2iw5Wg4Lg86lWG1bFVmw5h8h61YP%2BbU8OfWksOI%2BnTJP4wCAJH1w5j3tJ4DjoMvvl3opTtDaFRuWAZn%2Fll1MHzyNR2YhmeHE2fXxFrgrRgSNjYZUI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
6f5049a6b91d9c01-FRA
content-type
text/html; charset=UTF-8
date
Fri, 01 Apr 2022 09:27:14 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
wp-access.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URfuTjs47%2F5LXWpS%2By8Q4oD3Kd8lX8UljuLCZNQEzQg0FN5%2BFIgeDXrHqDnSzOaPhf9wVVYHYql15o0u84mtJ8Kp%2FON%2B1CNZ5XUgWXfEPu2NWMqambr6bjYjmLj34HH9A9mB3u0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6710ee6e22d5e3e82f70554804806c37aac5789b110d944383ea393d93eb627a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
/
www.agreserves.com/ Frame 56EB 		59 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/
Requested by
Host: ory.vn
URL: https://ory.vn/wp-access.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 / PHP/7.4.20
Resource Hash
e9ddbd78486e85e86eeb5b71743969266cdd7f09de0bf2a2414879ff7a3b8c90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ory.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding
gzip
content-length
10990
content-type
text/html; charset=UTF-8
date
Fri, 01 Apr 2022 09:27:15 GMT
link
<https://www.agreserves.com/wp-json/>; rel="https://api.w.org/" <https://www.agreserves.com/wp-json/wp/v2/pages/12>; rel="alternate"; type="application/json" <https://www.agreserves.com/>; rel=shortlink
server
nginx/1.18.0
vary
Accept-Encoding
x-powered-by
PHP/7.4.20
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4de8fc175826d9f78fce9f9f2b71a63fe832fc7507e0394125c823b0909fa54a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
agreserves.com
logo.clearbit.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logo.clearbit.com/agreserves.com
Requested by
Host: ory.vn
URL: https://ory.vn/wp-access.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.111.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-111-25.hel50.r.cloudfront.net
Software
envoy /
Resource Hash
839bc6f394e02979b31e95d675322d2fa8ff04d12c63a1de28c18871bc3ad0f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ory.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 10:18:34 GMT
via
1.1 990cfd108795128378d881c92b299b66.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
envoy
age
256120
content-security-policy-report-only
default-src: 'self'; report-uri https://o13610.ingest.sentry.io/api/6173537/security/?sentry_key=7ac906c405c04da0bad984892f88d1bb
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
HEL50-C1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
3YxLaPYtqutE4Arz9gKiCDJpTG1GUHOGNoTaXH-R7eRlfv3BppI8Hw==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
segoeui-regular.ttf
ory.vn/owa/auth/15.1.2242/themes/resources/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://ory.vn/owa/auth/15.1.2242/themes/resources/segoeui-regular.ttf
Requested by
Host: ory.vn
URL: https://ory.vn/wp-access.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash

Request headers

Referer
https://ory.vn/wp-access.php
Origin
https://ory.vn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOZ9LVr%2Bsohlv7E1daQH6q1%2F%2B%2BGZN6%2B6h%2BSy8E%2F38nUy6ykUC5ET0Du%2B4RoQj%2B81sOMedD1T9U98%2Ba9KWt2L8KfwocXQ1TX%2BVD%2BEa85jroVKTpgzHucWwQhT7ALe0YRrNQf2N1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
6f5049ab0bb4918f-FRA
link
<https://ory.vn/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
style.min.css
www.agreserves.com/wp-includes/css/dist/block-library/ Frame 56EB 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.1
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Tue, 22 Feb 2022 17:12:53 GMT
server
nginx/1.18.0
etag
"145a9-5d89e75a8da92-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
11191
style.min.css
www.agreserves.com/wp-content/themes/hello-elementor/ Frame 56EB 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/themes/hello-elementor/style.min.css?ver=2.3.1
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5ddb2729aaae248b99bc553da916346ac6a8d144b7b1afde0ddcdf0eeda1589c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 14:45:53 GMT
server
nginx/1.18.0
etag
"19e6-5c24b4cf90c47-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2304
style.css
www.agreserves.com/wp-content/themes/hello-theme-child-master/ Frame 56EB 		517 B
470 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/themes/hello-theme-child-master/style.css?ver=1.0.0
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
539d4f0988dfd1c8d53ea73bc6c3a2c381da6b49f603e62ca6d27ae7d5807f2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 14:45:53 GMT
server
nginx/1.18.0
etag
"205-5c24b4cfa15e9-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
294
theme.min.css
www.agreserves.com/wp-content/themes/hello-elementor/ Frame 56EB 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.3.1
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
cf6787a72f1d1013b60c768f8e6db80fd19249cdea059b86253980177ee1a0c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 14:45:53 GMT
server
nginx/1.18.0
etag
"151b-5c24b4cf91be7-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1474
elementor-icons.min.css
www.agreserves.com/wp-content/plugins/elementor/assets/lib/eicons/css/ Frame 56EB 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
etag
"4350-5c62b159dd1f7-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3598
animations.min.css
www.agreserves.com/wp-content/plugins/elementor/assets/lib/animations/ Frame 56EB 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.2.5
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
etag
"4824-5c62b159d9377-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2592
frontend.min.css
www.agreserves.com/wp-content/plugins/elementor/assets/css/ Frame 56EB 		115 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.2.5
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3f9c38934fc41ee2a85f1a6e1ad59e96f7f1e73b9b4e653394708715d5ab32c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
etag
"1cc44-5c62b159d83d7-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
16770
post-7.css
www.agreserves.com/wp-content/uploads/elementor/css/ Frame 56EB 		2 KB
729 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/uploads/elementor/css/post-7.css?ver=1625263247
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f5d489b0b61ac1314e4354e701ec78a6d96dae6f8f77be7fa376ecab363692d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:47 GMT
server
nginx/1.18.0
etag
"772-5c62b16876828-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
552
frontend.min.css
www.agreserves.com/wp-content/plugins/elementor-pro/assets/css/ Frame 56EB 		206 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.2.2
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
68e46d074d88c5b45f552e28c2449f8361a2036b2767ea459f2c941aa6a43eba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 14:45:53 GMT
server
nginx/1.18.0
etag
"337c2-5c24b4cfcd50c-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
23124
post-12.css
www.agreserves.com/wp-content/uploads/elementor/css/ Frame 56EB 		3 KB
771 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/uploads/elementor/css/post-12.css?ver=1625263250
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
af8471450dc136696b216867241ba2a5e2de3ee4b711d2a72d8ec49d85cc9ec5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:50 GMT
server
nginx/1.18.0
etag
"bec-5c62b16b492e9-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
594
post-26.css
www.agreserves.com/wp-content/uploads/elementor/css/ Frame 56EB 		3 KB
813 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/uploads/elementor/css/post-26.css?ver=1625263247
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dbd91b8627d8c73f1d53a221a68658709af9f32c4132f04ff3d1d0dfc9f7453a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:47 GMT
server
nginx/1.18.0
etag
"d38-5c62b168c1b4e-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
636
post-203.css
www.agreserves.com/wp-content/uploads/elementor/css/ Frame 56EB 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/uploads/elementor/css/post-203.css?ver=1625263247
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c0969f842bfc24337cc3d10983d5e70c95d80bffee6a7cd60e13ff597357b7a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:47 GMT
server
nginx/1.18.0
etag
"28bb-5c62b168d82b0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1277
css
fonts.googleapis.com/ Frame 56EB 		31 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.9.1
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
dc3eefe6b1857505fcff69054bb2c7381a95448d621179e0df280cc3859413c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 08:32:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 01 Apr 2022 09:27:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Apr 2022 09:27:15 GMT
fontawesome.min.css
www.agreserves.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 56EB 		57 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
etag
"e238-5c62b159dc257-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
12581
solid.min.css
www.agreserves.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 56EB 		669 B
487 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
etag
"29d-5c62b159dc257-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
310
brands.min.css
www.agreserves.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 56EB 		675 B
485 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.1
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
71008cf308a9bb2a3a3ddaa973f816c0d3a11db5cc9e7bdd5498089423019b3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
etag
"2a3-5c62b159dc257-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
308
pintra-redirect.js
www.agreserves.com/wp-content/plugins/wpo365-login/apps/dist/ Frame 56EB 		64 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/wpo365-login/apps/dist/pintra-redirect.js?ver=13.0
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e5acdc89c5c349715e6c856a903772d0a11e82c3a31362cf2bf5b640acfd77e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:26 GMT
server
nginx/1.18.0
etag
"10048-5c62b154c5622-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
17250
js
www.googletagmanager.com/gtag/ Frame 56EB 		176 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NT9CWC00W1
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c26a7dec67f431e97e05fc693014ee548f59f7526484fd300624a01357f97ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66038
x-xss-protection
0
expires
Fri, 01 Apr 2022 09:27:16 GMT
lazysizes.min.js
www.agreserves.com/wp-content/plugins/ewww-image-optimizer/includes/ Frame 56EB 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=619.0
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
89aaac3ef27de02df9986e06bed7ce1d5e2a4841ed8c516783251f093087f0b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:29 GMT
server
nginx/1.18.0
etag
"2dfc-5c62b157c8e27-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4922
jquery.min.js
www.agreserves.com/wp-includes/js/jquery/ Frame 56EB 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:16 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 05:13:25 GMT
server
nginx/1.18.0
etag
"15db1-5c79b3addf06f-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30908
jquery-migrate.min.js
www.agreserves.com/wp-includes/js/jquery/ Frame 56EB 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx/1.18.0
etag
"2bd8-5b45debe27b80-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4169
jquery.smartmenus.min.js
www.agreserves.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ Frame 56EB 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:16 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 14:45:53 GMT
server
nginx/1.18.0
etag
"6272-5c24b4cfe6b4e-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7157
webpack-pro.runtime.min.js
www.agreserves.com/wp-content/plugins/elementor-pro/assets/js/ Frame 56EB 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.2.2
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f63f9da97a793227b906f8baf1ef3299ed5fa10ec94ad03f920a863c613dce1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 14:45:53 GMT
server
nginx/1.18.0
etag
"15a0-5c24b4cfe1d2e-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2427
webpack.runtime.min.js
www.agreserves.com/wp-content/plugins/elementor/assets/js/ Frame 56EB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.2.5
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b5641645c15c48b3ff5ce52e718563e1d04d18492e552eb126862768327e2855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
etag
"12a1-5c62b159d4556-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2091
frontend-modules.min.js
www.agreserves.com/wp-content/plugins/elementor/assets/js/ Frame 56EB 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.2.5
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d8e1bb6afaee4a9709470e6bc6712a4288aab63eff4a430e75935d0095648bb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:16 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
etag
"fd92-5c62b159d4556-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
21732
jquery.sticky.min.js
www.agreserves.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ Frame 56EB 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.2.2
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 14:45:53 GMT
server
nginx/1.18.0
etag
"19c3-5c24b4cfe6b4e-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1895
frontend.min.js
www.agreserves.com/wp-content/plugins/elementor-pro/assets/js/ Frame 56EB 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.2.2
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
12ab3055558fe541bbd70df670dfeaa2f778cc13cd1074b7c5e79ed1a20f86ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:16 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 14:45:53 GMT
server
nginx/1.18.0
etag
"df25-5c24b4cfd908d-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
17410
waypoints.min.js
www.agreserves.com/wp-content/plugins/elementor/assets/lib/waypoints/ Frame 56EB 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
etag
"2fa6-5c62b159dc257-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2993
core.min.js
www.agreserves.com/wp-includes/js/jquery/ui/ Frame 56EB 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Tue, 22 Feb 2022 17:12:53 GMT
server
nginx/1.18.0
etag
"50ea-5d89e75a87cd2-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
6875
swiper.min.js
www.agreserves.com/wp-content/plugins/elementor/assets/lib/swiper/ Frame 56EB 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
etag
"21f91-5c62b159d9377-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
35491
share-link.min.js
www.agreserves.com/wp-content/plugins/elementor/assets/lib/share-link/ Frame 56EB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.2.5
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
etag
"a12-5c62b159da317-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1099
dialog.min.js
www.agreserves.com/wp-content/plugins/elementor/assets/lib/dialog/ Frame 56EB 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:15 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
etag
"2a6f-5c62b159da317-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3510
frontend.min.js
www.agreserves.com/wp-content/plugins/elementor/assets/js/ Frame 56EB 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.5
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
17f076500dca787c42b1dd6238ce50a0752771eafd040e8512c713a7ec947c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:16 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
etag
"1086a-5c62b159d4556-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
19645
preloaded-elements-handlers.min.js
www.agreserves.com/wp-content/plugins/elementor-pro/assets/js/ Frame 56EB 		153 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.2.2
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3c3ef9998414972b985076a5202e016ad4a71f9052eb1da62be10ed8f2752cc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:16 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 14:45:53 GMT
server
nginx/1.18.0
etag
"264a1-5c24b4cfdcf0d-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
37353
preloaded-modules.min.js
www.agreserves.com/wp-content/plugins/elementor/assets/js/ Frame 56EB 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.2.5
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d882dbd828af87ed3434862bf608a2dee6d347817ae547421c9b2051ce29a905

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:16 GMT
content-encoding
gzip
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
etag
"e2e0-5c62b159d54f7-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
17034
wp-emoji-release.min.js
www.agreserves.com/wp-includes/js/ Frame 56EB 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.1
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:16 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 05:13:25 GMT
server
nginx/1.18.0
etag
"4705-5c79b3ade0010-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4930
truncated
/ Frame 56EB 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/gif
fa-solid-900.woff2
www.agreserves.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ Frame 56EB 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer
https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Origin
https://www.agreserves.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:16 GMT
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"139ac-5c62b159db2b7"
content-length
80300
content-type
font/woff2
fa-brands-400.woff2
www.agreserves.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ Frame 56EB 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Referer
https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.1
Origin
https://www.agreserves.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:16 GMT
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"1327c-5c62b159db2b7"
content-length
78460
content-type
font/woff2
truncated
/ Frame 56EB 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/webp
agreserves-logo@2x-8-e1615917881758-300x66.png
www.agreserves.com/wp-content/uploads/2021/03/ Frame 56EB 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.agreserves.com/wp-content/uploads/2021/03/agreserves-logo@2x-8-e1615917881758-300x66.png
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b15779a7454ebd9abe1905c0676263f684d0fef9320e7cc5f2a6d07f1dcc9509

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.agreserves.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:16 GMT
last-modified
Fri, 14 May 2021 14:45:56 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"26f5-5c24b4d3104ae"
content-length
9973
content-type
image/png
eicons.woff2
www.agreserves.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/ Frame 56EB 		84 KB
84 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.agreserves.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.10.0
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5dd416142a868b8eb9ac36445af1f3652195c6020c0ea339f4d9b14ab9a459df

Request headers

Referer
https://www.agreserves.com/
Origin
https://www.agreserves.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 09:27:16 GMT
last-modified
Fri, 02 Jul 2021 22:00:32 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"14f50-5c62b159dc257"
content-length
85840
content-type
font/woff2
agreserves-home-video-bkgd-3mbps.mp4
agstaging.gurutechnologies.net/wp-content/uploads/2021/03/ Frame 56EB 		32 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://agstaging.gurutechnologies.net/wp-content/uploads/2021/03/agreserves-home-video-bkgd-3mbps.mp4
Requested by
Host: www.agreserves.com
URL: https://www.agreserves.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
34.210.174.112 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
https://www.agreserves.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 01 Apr 2022 09:27:17 GMT
last-modified
Wed, 12 May 2021 21:31:51 GMT
server
nginx/1.18.0
etag
"787e5b-5c228bd2b1db8"
content-type
video/mp4
Content-Range
bytes 0-7896666/7896667
accept-ranges
bytes
Content-Length
7896667

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Outlook Web Access (Online)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| initLogon function| redir function| shw function| hd function| clkSecExp function| kdSecExp function| clkSec function| clkBsc function| checkSubmit function| clkLgn function| clkRtry function| clkReLgn function| gbid function| IsOwaPremiumBrowser function| hres function| LogoffMime function| addPerfMarker number| a_fRC number| g_fFcs number| a_fLOff number| a_fCAC number| a_fEnbSMm function| IsMimeCtlInst function| RndMimeCtl object| mainLogonDiv boolean| showPlaceholderText string| mainLogonDivClassName function| setPlaceholderText function| showPasswordClick object| input

1 Cookies

Domain/Path Name / Value
ory.vn/ Name: PHPSESSID
Value: 9mmnknsqmbfomjjo5j9438pkvr

2 Console Messages

Source Level URL
Text
network error URL: https://acct0wa.web.app/pall9yWnq0Hagr9yWs9yWrv9yWsa7XB8xr7Pm
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ory.vn/owa/auth/15.1.2242/themes/resources/segoeui-regular.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acct0wa.web.app
ad.atdmt.com
agstaging.gurutechnologies.net
fonts.googleapis.com
logo.clearbit.com
ory.vn
sianlonaquatic.com
www.agreserves.com
www.googletagmanager.com
13.32.111.25
202.75.51.55
2620:0:890::100
2a00:1450:4001:803::2008
2a00:1450:4001:830::200a
2a03:2880:f01c:202:face:b00c:0:8c
2a06:98c1:3120::7
34.210.174.112
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7
12ab3055558fe541bbd70df670dfeaa2f778cc13cd1074b7c5e79ed1a20f86ac
17f076500dca787c42b1dd6238ce50a0752771eafd040e8512c713a7ec947c65
1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
3c3ef9998414972b985076a5202e016ad4a71f9052eb1da62be10ed8f2752cc7
3f9c38934fc41ee2a85f1a6e1ad59e96f7f1e73b9b4e653394708715d5ab32c5
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4de8fc175826d9f78fce9f9f2b71a63fe832fc7507e0394125c823b0909fa54a
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
539d4f0988dfd1c8d53ea73bc6c3a2c381da6b49f603e62ca6d27ae7d5807f2e
5dd416142a868b8eb9ac36445af1f3652195c6020c0ea339f4d9b14ab9a459df
5ddb2729aaae248b99bc553da916346ac6a8d144b7b1afde0ddcdf0eeda1589c
6710ee6e22d5e3e82f70554804806c37aac5789b110d944383ea393d93eb627a
68e46d074d88c5b45f552e28c2449f8361a2036b2767ea459f2c941aa6a43eba
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
71008cf308a9bb2a3a3ddaa973f816c0d3a11db5cc9e7bdd5498089423019b3e
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
839bc6f394e02979b31e95d675322d2fa8ff04d12c63a1de28c18871bc3ad0f5
89aaac3ef27de02df9986e06bed7ce1d5e2a4841ed8c516783251f093087f0b6
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473
a6cf4418ffb842df87ad5f7b288d54cbfb5959370e115f1f88822fc92a9f4eed
af8471450dc136696b216867241ba2a5e2de3ee4b711d2a72d8ec49d85cc9ec5
b15779a7454ebd9abe1905c0676263f684d0fef9320e7cc5f2a6d07f1dcc9509
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b5641645c15c48b3ff5ce52e718563e1d04d18492e552eb126862768327e2855
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0969f842bfc24337cc3d10983d5e70c95d80bffee6a7cd60e13ff597357b7a9
c26a7dec67f431e97e05fc693014ee548f59f7526484fd300624a01357f97ecd
cf6787a72f1d1013b60c768f8e6db80fd19249cdea059b86253980177ee1a0c9
d882dbd828af87ed3434862bf608a2dee6d347817ae547421c9b2051ce29a905
d8e1bb6afaee4a9709470e6bc6712a4288aab63eff4a430e75935d0095648bb6
d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b
dbd91b8627d8c73f1d53a221a68658709af9f32c4132f04ff3d1d0dfc9f7453a
dc3eefe6b1857505fcff69054bb2c7381a95448d621179e0df280cc3859413c6
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021
e5acdc89c5c349715e6c856a903772d0a11e82c3a31362cf2bf5b640acfd77e6
e9ddbd78486e85e86eeb5b71743969266cdd7f09de0bf2a2414879ff7a3b8c90
f5d489b0b61ac1314e4354e701ec78a6d96dae6f8f77be7fa376ecab363692d1
f63f9da97a793227b906f8baf1ef3299ed5fa10ec94ad03f920a863c613dce1e
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c