urlscan.io logo urlscan.io
SecurityTrails logo

grandhypermarkets.com Open in urlscan Pro
45.79.127.214  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.m1.email.samsung.com/r/?id=hdbbbab33,71b0ad58,6b55baa5&p1=bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Effective URL: https://grandhypermarkets.com/login/ws1.php
Submission: On January 03 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 6 countries across 17 domains to perform 90 HTTP transactions. The main IP is 45.79.127.214, located in Mumbai, India and belongs to LINODE-AP Linode, LLC, US. The main domain is grandhypermarkets.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 4th 2021. Valid for: 3 months.
This is the only time grandhypermarkets.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 34.251.123.240 16509 (AMAZON-02)
1 2620:0:890::100 54113 (FASTLY)
15 152.199.23.37 15133 (EDGECAST)
3 20.190.160.2 8075 (MICROSOFT...)
1 1 112.140.180.26 45638 (SYNERGYWH...)
1 4 45.79.127.214 63949 (LINODE-AP...)
6 2a03:b0c0:3:d... 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 28 151.101.129.181 54113 (FASTLY)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.111.229.66 ()
1 142.0.160.53 ()
1 2a03:2880:f12... ()
2 93.184.221.26 ()
90 17
1    34.251.123.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-123-240.eu-west-1.compute.amazonaws.com
t.m1.email.samsung.com
1    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
bip-reporting.web.app
15    152.199.23.37 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
3    20.190.160.2 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    112.140.180.26 (Sydney, Australia)

ASN45638 (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD, AU)
PTR: c7s4-3m-syd.hosting-services.net.au
themoo.com.au
4    45.79.127.214 (Mumbai, India)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li2160-214.members.linode.com
grandhypermarkets.com
6    2a03:b0c0:3:d0::1440:1 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
www.spfi.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
28    151.101.129.181 (United States)

ASN54113 (FASTLY, US)
play.vidyard.com
assets.vidyard.com
1    2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    104.111.229.66 (None, )

ASN- ()
img.en25.com
img04.en25.com
1    142.0.160.53 (None, )

ASN- ()
s204200226.t.eloqua.com
1    2a03:2880:f12d:181:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
2    93.184.221.26 (None, )

ASN- ()
cdn.vidyard.com
Domain Requested by
20 assets.vidyard.com play.vidyard.com
assets.vidyard.com
15 aadcdn.msftauth.net bip-reporting.web.app
grandhypermarkets.com
8 play.vidyard.com 1 redirects www.spfi.com
play.vidyard.com
assets.vidyard.com
6 www.spfi.com grandhypermarkets.com
www.spfi.com
5 use.typekit.net www.spfi.com
use.typekit.net
4 grandhypermarkets.com 1 redirects bip-reporting.web.app
grandhypermarkets.com
3 login.live.com bip-reporting.web.app
grandhypermarkets.com
2 cdn.vidyard.com www.spfi.com
assets.vidyard.com
2 connect.facebook.net bip-reporting.web.app
connect.facebook.net
1 www.facebook.com www.spfi.com
1 s204200226.t.eloqua.com img04.en25.com
www.spfi.com
1 img04.en25.com www.spfi.com
1 img.en25.com play.vidyard.com
1 www.google-analytics.com www.googletagmanager.com
1 p.typekit.net use.typekit.net
1 fonts.googleapis.com www.spfi.com
1 www.googletagmanager.com www.spfi.com
1 themoo.com.au 1 redirects
1 bip-reporting.web.app
1 t.m1.email.samsung.com 1 redirects
0 bdcms.advisorgroup.com Failed www.spfi.com
0 raw.vidyard.com Failed assets.vidyard.com
90 22

This site contains links to these domains. Also see Links.

Domain
passwordreset.spfi.com
www.spfi.com
privacy.spfi.com
Subject Issuer Validity Valid
web.app
GTS CA 1D4		 2021-12-02 -
2022-03-02		 3 months crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2021-05-13 -
2022-05-13		 a year crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2021-12-18 -
2022-12-18		 a year crt.sh
grandhypermarkets.com
cPanel, Inc. Certification Authority		 2021-11-04 -
2022-02-02		 3 months crt.sh
joinsagepoint.com
R3		 2021-12-28 -
2022-03-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.vidyard.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-05 -
2022-12-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-12 -
2022-01-10		 3 months crt.sh
*.en25.com
DigiCert SHA2 Secure Server CA		 2021-09-14 -
2022-09-14		 a year crt.sh
*.t.eloqua.com
DigiCert SHA2 Secure Server CA		 2020-03-09 -
2022-04-08		 2 years crt.sh

This page contains 6 frames:

Primary Page: https://grandhypermarkets.com/login/ws1.php
Frame ID: 047C63046DE47BD8CA84477EA89A73C9
Requests: 21 HTTP requests in this frame

Frame: https://login.live.com/Me.htm?v=3
Frame ID: DDEBE86B89F9A40BD7EC516F0BBAA969
Requests: 1 HTTP requests in this frame

Frame: https://www.spfi.com/
Frame ID: 78DBF32923076E610339F9F0FF232129
Requests: 38 HTTP requests in this frame

Frame: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Frame ID: 102F770075CC7DD95FB413EC635D2E2B
Requests: 14 HTTP requests in this frame

Frame: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Frame ID: 1912131BAC5229A449BBD8BBE92AC0A9
Requests: 1 HTTP requests in this frame

Frame: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Frame ID: 1C39B209B98969105195C65C7ECCF2B7
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. http://t.m1.email.samsung.com/r/?id=hdbbbab33,71b0ad58,6b55baa5&p1=bip-reporting.web.app/dsiiq0Hspfia7XB8x... HTTP 302
    https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm Page URL
  2. https://themoo.com.au/ssl.php?url=https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm HTTP 302
    https://grandhypermarkets.com/login/?client-request-id=ZHNpaUBzcGZpLmNvbQ== HTTP 302
    https://grandhypermarkets.com/login/ws1.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

90
Requests

79 %
HTTPS

50 %
IPv6

17
Domains

22
Subdomains

17
IPs

6
Countries

1748 kB
Transfer

6420 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.m1.email.samsung.com/r/?id=hdbbbab33,71b0ad58,6b55baa5&p1=bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm HTTP 302
    https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm Page URL
  2. https://themoo.com.au/ssl.php?url=https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm HTTP 302
    https://grandhypermarkets.com/login/?client-request-id=ZHNpaUBzcGZpLmNvbQ== HTTP 302
    https://grandhypermarkets.com/login/ws1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://t.m1.email.samsung.com/r/?id=hdbbbab33,71b0ad58,6b55baa5&p1=bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm HTTP 302
  • https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Request Chain 74
  • https://s204200226.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=204200226&ref2=https%3A%2F%2Fgrandhypermarkets.com%2F&tzo=0&ms=7&optin=disabled HTTP 302
  • https://s204200226.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=204200226&ref2=https%3A%2F%2Fgrandhypermarkets.com%2F&tzo=0&ms=7&optin=disabled&elqCookie=1
Request Chain 87
  • https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo.jpg HTTP 302
  • https://cdn.vidyard.com/thumbnails/gj6BqczG4SWl5rpRWcQ8Ig/47b75e2b565f2c8469cd73.jpg

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
dsiiq0Hspfia7XB8xr7Pm
bip-reporting.web.app/
Redirect Chain
  • http://t.m1.email.samsung.com/r/?id=hdbbbab33,71b0ad58,6b55baa5&p1=bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
  • https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f746c8be44189a324ffcd77398e29286bd7a1b7a6e61455f209b7cd9a924cfa1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
etag
"49e4a489ae841768f88d2cce14b09915e45e5c1e4ea32d6736e8a09e82094989"
last-modified
Tue, 28 Dec 2021 06:56:27 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
accept-ranges
bytes
date
Mon, 03 Jan 2022 13:57:55 GMT
x-served-by
cache-mxp6937-MXP
x-cache
HIT
x-cache-hits
1
x-timer
S1641218275.319701,VS0,VE1
vary
x-fh-requested-host, accept-encoding
content-length
9335

Redirect headers

Content-Type
text/plain; charset=utf-8
Date
Mon, 03 Jan 2022 13:57:55 GMT
Location
https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
P3P
CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
Server
Apache
X-Robots-Tag
noindex
Content-Length
17
Connection
keep-alive
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		108 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by
Host: bip-reporting.web.app
URL: https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FCC) /
Resource Hash
8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11

Request headers

Referer
https://bip-reporting.web.app/
Origin
https://bip-reporting.web.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jan 2022 13:57:55 GMT
content-encoding
gzip
content-md5
0O2H9juGYL0zkzcYWr0NIg==
age
7940449
x-cache
HIT
content-length
19877
x-ms-lease-status
unlocked
last-modified
Tue, 28 Sep 2021 21:42:58 GMT
server
ECAcc (frc/8FCC)
etag
0x8D982C8F03AF4D4
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		459 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
Requested by
Host: bip-reporting.web.app
URL: https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FBF) /
Resource Hash
ce768e83be373f5303ce3117cba6e60874a328c5fb740fb4dbc14989105e0a0d

Request headers

Referer
https://bip-reporting.web.app/
Origin
https://bip-reporting.web.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jan 2022 13:57:55 GMT
content-encoding
gzip
content-md5
e+GEpArZIh9idGnWSOj0zg==
age
4915901
x-cache
HIT
content-length
128665
x-ms-lease-status
unlocked
last-modified
Thu, 04 Nov 2021 21:02:14 GMT
server
ECAcc (frc/8FBF)
etag
0x8D99FD6608B3F3E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9719d12f-b01e-0053-38f4-d36e6f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
Requested by
Host: bip-reporting.web.app
URL: https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F6C) /
Resource Hash
a423ac7e2310bc44a1defeb1f6df180cab8a59442e7f41d093f21649fcc86e69

Request headers

Referer
https://bip-reporting.web.app/
Origin
https://bip-reporting.web.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jan 2022 13:57:55 GMT
content-encoding
gzip
content-md5
GYbSFdLE8Xb9pCzSg7cJ6A==
age
6127458
x-cache
HIT
content-length
12608
x-ms-lease-status
unlocked
last-modified
Tue, 19 Oct 2021 04:06:56 GMT
server
ECAcc (frc/8F6C)
etag
0x8D992B5E417004E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6044ad75-801e-004b-7fef-c8f668000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
oneDs_472fa3a12b65cf387ccd.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_472fa3a12b65cf387ccd.js
Requested by
Host: bip-reporting.web.app
URL: https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F1F) /
Resource Hash
235b558b77ab36f63c1439a68ac2410aaf8f42f7b9c93c0bfdc9af662abab8b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bip-reporting.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jan 2022 13:57:55 GMT
content-encoding
gzip
content-md5
xAmVJ4UrtXATagLD0tDXoQ==
age
6127213
x-cache
HIT
content-length
26117
x-ms-lease-status
unlocked
last-modified
Thu, 21 Oct 2021 01:02:25 GMT
server
ECAcc (frc/8F1F)
etag
0x8D9942E72241B02
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5b0f795e-f01e-0076-44ef-c8059f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
Requested by
Host: bip-reporting.web.app
URL: https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FDD) /
Resource Hash
2b3df4d53882fba74216d365e7344c782145f2faf8e08a2d69c548f5fbc7fbf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bip-reporting.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jan 2022 13:57:55 GMT
content-encoding
gzip
content-md5
+lZRrDLGp8Gp/hURw2aXyQ==
age
2217008
x-cache
HIT
content-length
5386
x-ms-lease-status
unlocked
last-modified
Thu, 04 Nov 2021 21:02:05 GMT
server
ECAcc (frc/8FDD)
etag
0x8D99FD65BAB30A3
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c9af81e9-f01e-0057-3980-ec85c3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Requested by
Host: bip-reporting.web.app
URL: https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E9E) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bip-reporting.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jan 2022 13:57:55 GMT
content-encoding
gzip
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
age
21371726
x-cache
HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (frc/8E9E)
etag
0x8D79A1B9F5E121A
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0c55977d-f01e-0098-2849-3ebec7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: bip-reporting.web.app
URL: https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bip-reporting.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by
Host: bip-reporting.web.app
URL: https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FCC) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bip-reporting.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jan 2022 13:57:55 GMT
content-encoding
gzip
content-md5
0O2H9juGYL0zkzcYWr0NIg==
age
7940449
x-cache
HIT
content-length
19877
x-ms-lease-status
unlocked
last-modified
Tue, 28 Sep 2021 21:42:58 GMT
server
ECAcc (frc/8FCC)
etag
0x8D982C8F03AF4D4
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
Requested by
Host: bip-reporting.web.app
URL: https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F6C) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bip-reporting.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jan 2022 13:57:55 GMT
content-encoding
gzip
content-md5
GYbSFdLE8Xb9pCzSg7cJ6A==
age
6127458
x-cache
HIT
content-length
12608
x-ms-lease-status
unlocked
last-modified
Tue, 19 Oct 2021 04:06:56 GMT
server
ECAcc (frc/8F6C)
etag
0x8D992B5E417004E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6044ad75-801e-004b-7fef-c8f668000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ Frame DDEB 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: bip-reporting.web.app
URL: https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bip-reporting.web.app/

Response headers

Cache-Control
max-age=315360000
Content-Type
text/html; charset=utf-8
Content-Encoding
deflate
Expires
Thu, 01 Jan 2032 13:57:55 GMT
Vary
Accept-Encoding
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy
strict-origin-when-cross-origin
x-ms-route-info
R3_BL2
x-ms-request-id
b101c3ae-e4cc-431c-b624-3c5bcb7ac0ef
PPServer
PPV: 30 H: BL02PF1455020C1 V: 0
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
Date
Mon, 03 Jan 2022 13:57:55 GMT
Content-Length
1114
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
825 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Requested by
Host: bip-reporting.web.app
URL: https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FE5) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bip-reporting.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jan 2022 13:57:55 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
15157912
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:50 GMT
server
ECAcc (frc/8FE5)
etag
0x8D7B007297AE131
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
1528e04b-101e-0063-5ccd-76af16000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Primary Request ws1.php
grandhypermarkets.com/login/
Redirect Chain
  • https://themoo.com.au/ssl.php?url=https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
  • https://grandhypermarkets.com/login/?client-request-id=ZHNpaUBzcGZpLmNvbQ==
  • https://grandhypermarkets.com/login/ws1.php
31 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grandhypermarkets.com/login/ws1.php
Requested by
Host: bip-reporting.web.app
URL: https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.79.127.214 Mumbai, India, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2160-214.members.linode.com
Software
Apache /
Resource Hash
54fc19961a2b6966e06e76645163fdd6f027179a00cb64abba13ae491e3a41a0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm#auth01/m.web.app/user/settings/notification-4e0rr70db9ec/oauth2/_3TUE9aaDfFZ4KFtPT2LS

Response headers

Date
Mon, 03 Jan 2022 13:57:56 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 03 Jan 2022 13:57:56 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
ws1.php
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		108 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by
Host: grandhypermarkets.com
URL: https://grandhypermarkets.com/login/ws1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FCC) /
Resource Hash
8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11

Request headers

Referer
https://grandhypermarkets.com/
Origin
https://grandhypermarkets.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jan 2022 13:57:57 GMT
content-encoding
gzip
content-md5
0O2H9juGYL0zkzcYWr0NIg==
age
7940451
x-cache
HIT
content-length
19877
x-ms-lease-status
unlocked
last-modified
Tue, 28 Sep 2021 21:42:58 GMT
server
ECAcc (frc/8FCC)
etag
0x8D982C8F03AF4D4
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pfetchsessionsprogress_3cdbaab1cf6d9b038234.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_3cdbaab1cf6d9b038234.js
Requested by
Host: grandhypermarkets.com
URL: https://grandhypermarkets.com/login/ws1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC1) /
Resource Hash
0140da8c4170309baa728814f96185de2c71bb6a9101d51cb040ece949aa3128

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandhypermarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jan 2022 13:57:57 GMT
content-encoding
gzip
content-md5
iY5CLUIh9JBLJeGkywpVeQ==
age
5807169
x-cache
HIT
content-length
5420
x-ms-lease-status
unlocked
last-modified
Mon, 25 Oct 2021 18:32:55 GMT
server
ECAcc (frc/8FC1)
etag
0x8D997E5DC79B53A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
fc77aabe-d01e-0043-3cd9-cbd147000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pidpdisambiguation_76e0875415977704da38.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pidpdisambiguation_76e0875415977704da38.js
Requested by
Host: grandhypermarkets.com
URL: https://grandhypermarkets.com/login/ws1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F96) /
Resource Hash
e9b270d2a6af5d01dd798963a97d66ce020da7501b55c0239c0b5d7c1d5d2375

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandhypermarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jan 2022 13:57:57 GMT
content-encoding
gzip
content-md5
1A1WnDfolxSryQ87DZzNXQ==
age
5808314
x-cache
HIT
content-length
2359
x-ms-lease-status
unlocked
last-modified
Mon, 25 Oct 2021 18:32:55 GMT
server
ECAcc (frc/8F96)
etag
0x8D997E5DC900061
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ec7e0d1c-c01e-000a-3fd6-cbf4c7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_ppassword_6f5648a25cfbe86f348c.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_6f5648a25cfbe86f348c.js
Requested by
Host: grandhypermarkets.com
URL: https://grandhypermarkets.com/login/ws1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F8B) /
Resource Hash
7cb7621f3eb49c78b89d119106cf42981a3075da154dc96af6ca24f8f68c6f53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandhypermarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jan 2022 13:57:57 GMT
content-encoding
gzip
content-md5
JELxaubb1KDAtUnzSblILg==
age
5830425
x-cache
HIT
content-length
5736
x-ms-lease-status
unlocked
last-modified
Mon, 25 Oct 2021 18:32:56 GMT
server
ECAcc (frc/8F8B)
etag
0x8D997E5DD3425FC
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
82e0f209-401e-006b-7aa2-cb8839000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
logo.svg
grandhypermarkets.com/login/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grandhypermarkets.com/login/logo.svg
Requested by
Host: grandhypermarkets.com
URL: https://grandhypermarkets.com/login/ws1.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.79.127.214 Mumbai, India, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2160-214.members.linode.com
Software
Apache /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandhypermarkets.com/login/ws1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 13:57:57 GMT
Last-Modified
Fri, 31 Dec 2021 14:47:50 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3651
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: grandhypermarkets.com
URL: https://grandhypermarkets.com/login/ws1.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandhypermarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by
Host: grandhypermarkets.com
URL: https://grandhypermarkets.com/login/ws1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FCC) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandhypermarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jan 2022 13:57:57 GMT
content-encoding
gzip
content-md5
0O2H9juGYL0zkzcYWr0NIg==
age
7940451
x-cache
HIT
content-length
19877
x-ms-lease-status
unlocked
last-modified
Tue, 28 Sep 2021 21:42:58 GMT
server
ECAcc (frc/8FCC)
etag
0x8D982C8F03AF4D4
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
Requested by
Host: grandhypermarkets.com
URL: https://grandhypermarkets.com/login/ws1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F6C) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandhypermarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 03 Jan 2022 13:57:57 GMT
content-encoding
gzip
content-md5
GYbSFdLE8Xb9pCzSg7cJ6A==
age
6127460
x-cache
HIT
content-length
12608
x-ms-lease-status
unlocked
last-modified
Tue, 19 Oct 2021 04:06:56 GMT
server
ECAcc (frc/8F6C)
etag
0x8D992B5E417004E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6044ad75-801e-004b-7fef-c8f668000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
/
www.spfi.com/ Frame 78DB 		217 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.spfi.com/
Requested by
Host: grandhypermarkets.com
URL: https://grandhypermarkets.com/login/ws1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::1440:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
801cbe9f65582d8dabe100ab7e405522233ef803655d8233ad5909d5f6fc1d16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://grandhypermarkets.com/

Response headers

cache-control
public, max-age=0, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 03 Jan 2022 13:57:57 GMT
etag
"e243bd18f02564103210cc38be3b596c-ssl-df"
strict-transport-security
max-age=31536000
x-nf-request-id
01FRG3Q06XDNNP88ZPQNCVM1GQ
vary
Accept-Encoding
age
0
server
Netlify
content-encoding
br
);
grandhypermarkets.com/login/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grandhypermarkets.com/login/);
Requested by
Host: grandhypermarkets.com
URL: https://grandhypermarkets.com/login/ws1.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.79.127.214 Mumbai, India, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2160-214.members.linode.com
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grandhypermarkets.com/login/ws1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 13:57:57 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
gtm.js
www.googletagmanager.com/ Frame 78DB 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N82WNQZ&l=dataLayer
Requested by
Host: www.spfi.com
URL: https://www.spfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3f985449a09524eebebf4bf9821a6b2ab97e51ed4f95dd4f38fe43299db28f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40516
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 03 Jan 2022 13:57:58 GMT
manifest.fd8594d6f8a155ad1174.js
www.spfi.com/_nuxt/ Frame 78DB 		1 KB
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spfi.com/_nuxt/manifest.fd8594d6f8a155ad1174.js
Requested by
Host: www.spfi.com
URL: https://www.spfi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::1440:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
cd0c07da1fe840ecf9bfea269f276131187910a0b4f0e2588303714564a29f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id
01FRG3Q0JPHVEC9P8ABB379BRY
date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
br
server
Netlify
age
1
etag
"a8e05f53de7a04a286cd1eedf738f01a-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
692
vendor.bcc167d18f1fd6860860.js
www.spfi.com/_nuxt/ Frame 78DB 		481 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spfi.com/_nuxt/vendor.bcc167d18f1fd6860860.js
Requested by
Host: www.spfi.com
URL: https://www.spfi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::1440:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
7e5ee2d6937d2b58dce581879e5d829cd7f4d753884ee0af38a62187307ab8a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id
01FRG3Q0JPE5NH91X925D237TM
date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
br
server
Netlify
age
1
etag
"fdf957d6de017197b09e04c372523b53-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
app.1e997cafcff18d8b427c.js
www.spfi.com/_nuxt/ Frame 78DB 		429 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spfi.com/_nuxt/app.1e997cafcff18d8b427c.js
Requested by
Host: www.spfi.com
URL: https://www.spfi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::1440:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
344851c60b017b209bf5979a9898fdc538151cab017e6b0834a8ff3a02cc8bc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id
01FRG3Q0JP5GQ6KHF8CS7YWG1C
date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
br
server
Netlify
age
1
etag
"8607cb4413a727aacbf05ed4a50668a7-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
default.8cbf342ba0b8f3f94a1e.js
www.spfi.com/_nuxt/layouts/ Frame 78DB 		1 KB
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spfi.com/_nuxt/layouts/default.8cbf342ba0b8f3f94a1e.js
Requested by
Host: www.spfi.com
URL: https://www.spfi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::1440:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
24a88c345a2ae827062fd9467741e4ecdcca04ea7042b801ea697fbf0d2cc969
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id
01FRG3Q0JP42CG03WSD7YRN8H5
date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
br
server
Netlify
age
1
etag
"6b6ef63508d689d99f9e2e23af686839-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
581
mju8dci.css
use.typekit.net/ Frame 78DB 		3 KB
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/mju8dci.css
Requested by
Host: www.spfi.com
URL: https://www.spfi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
94cf4b4a7d988f8784f7314c826d4c3862bdb22f1c17d955c0fff098a05af256
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Mon, 03 Jan 2022 13:57:58 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
733
icon
fonts.googleapis.com/ Frame 78DB 		569 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.spfi.com
URL: https://www.spfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99c1697bfc05f8e00314bc2aa32c60b123b311965e94e91801d3876d86d72fdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 13:57:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 03 Jan 2022 13:57:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Jan 2022 13:57:57 GMT
dg1258gnEQP1zD8h8XhAgo.js
play.vidyard.com/ Frame 78DB 		54 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo.js?v=3.1.1&type=inline
Requested by
Host: www.spfi.com
URL: https://www.spfi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8cae2500518b647558d059faaad884a16a3e29db606db34a5d0151a98f1d6e75
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Frame-Options ALLOWALL

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
gzip
age
93042
x-cache
HIT
strict-transport-security
max-age=31557600
content-length
12697
x-served-by
cache-hhn4029-HHN
x-china
0
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
x-timer
S1641218278.091767,VS0,VE1
x-frame-options
ALLOWALL
etag
W/"d833-eNMg9n0AlB7T4Ls++oON0X2n8a4"
vary
X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1
api.js
play.vidyard.com/v0/ Frame 78DB 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.vidyard.com/v0/api.js
Requested by
Host: www.spfi.com
URL: https://www.spfi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6980eadbd6f6d6233ea9b987e9ae462b25726871e9797c51e0d550aef3cc861d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
via
1.1 varnish
vary
X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age
0
x-cache
MISS
content-encoding
gzip
content-length
7168
x-served-by
cache-hhn4029-HHN
x-china
0
last-modified
Fri, 30 Apr 2021 19:42:10 GMT
x-timer
S1641218278.091839,VS0,VE483
etag
"7b874dd3eb596697c6d49ba7ed6880f8"
strict-transport-security
max-age=31557600
content-type
application/javascript
accept-ranges
bytes
x-cache-hits
0
p.css
p.typekit.net/ Frame 78DB 		5 B
162 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=mju8dci&ht=tk&f=139.175.5474.4948&a=8328427&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mju8dci.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
last-modified
Thu, 05 Nov 2020 13:49:42 GMT
server
nginx
etag
"5fa402f6-5"
content-type
text/css
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
dg1258gnEQP1zD8h8XhAgo
play.vidyard.com/ Frame 102F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Requested by
Host: play.vidyard.com
URL: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo.js?v=3.1.1&type=inline
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a00a0c69a3f147bd06bca191ceaf28b256ca7ae299df488380a9c33e2b72b0e2
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/

Response headers

content-type
text/html; charset=utf-8
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
x-frame-options
ALLOWALL
cache-control
no-store, no-cache, must-revalidate
etag
W/"dd6-yY38biX3vczcAxig5hn+ttT2duc"
x-china
0
content-encoding
gzip
accept-ranges
bytes
date
Mon, 03 Jan 2022 13:57:58 GMT
via
1.1 varnish
age
592608
x-served-by
cache-hhn4029-HHN
x-cache
HIT
x-cache-hits
1
x-timer
S1641218278.170543,VS0,VE1
vary
X-ThumbnailAB, X-China, accept-language, Accept-Encoding
strict-transport-security
max-age=31557600
content-length
1462
icomoon.8cdde70.ttf
www.spfi.com/_nuxt/fonts/ Frame 78DB 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.spfi.com/_nuxt/fonts/icomoon.8cdde70.ttf
Requested by
Host: www.spfi.com
URL: https://www.spfi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::1440:1 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
b02a9c2805929fa163391296f9889dbef7e4256dce3f42fc215f9a18fc602026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.spfi.com/
Origin
https://www.spfi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id
01FRG3Q0STBT256C6YQJ6X8ZWN
date
Mon, 03 Jan 2022 13:57:58 GMT
server
Netlify
age
0
etag
"3e74b964af8e90aa4f3333dc33d4c358-ssl"
strict-transport-security
max-age=31536000
content-type
font/ttf
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
52904
l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ Frame 78DB 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mju8dci.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c

Request headers

Referer
https://use.typekit.net/mju8dci.css
Origin
https://www.spfi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
server
nginx
etag
"a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33656
l
use.typekit.net/af/78a4c2/00000000000000003b9b0783/27/ Frame 78DB 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/78a4c2/00000000000000003b9b0783/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mju8dci.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1710be9a21ba309a4989ad9d8cfadb9df527ce4bd54f34edf1a56326644584bd

Request headers

Referer
https://use.typekit.net/mju8dci.css
Origin
https://www.spfi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
server
nginx
etag
"702f5103c08c6c2fdebd58b73941fe0423dda511"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
43284
runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
assets.vidyard.com/play/js/ Frame 102F 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Requested by
Host: play.vidyard.com
URL: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a88a7077e363f3ff1ecda9340795286b4e88f6a6b5395aa47deb827cd62132a3

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
br
vary
Accept-Encoding
age
1446895
x-cache
HIT
content-length
2254
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Fri, 17 Dec 2021 20:01:33 GMT
x-timer
S1641218278.230247,VS0,VE0
etag
"fe6fa0dd89422d09ebb42254368cd825"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
17137
main-a6875cc9a4bc0c905ad9e719ee986a48.js
assets.vidyard.com/play/js/ Frame 102F 		101 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Requested by
Host: play.vidyard.com
URL: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a170a845a7a20edcedacef2638fd6e8550c6fc052aad221568c2182a9f3b1d28

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2364008
x-cache
HIT
content-length
13448
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Thu, 02 Dec 2021 18:35:08 GMT
x-timer
S1641218278.230323,VS0,VE0
etag
"5330e201fbbf207c28cf6c9304098519"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
29044
dg1258gnEQP1zD8h8XhAgo.json
play.vidyard.com/player/ Frame 102F 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.vidyard.com/player/dg1258gnEQP1zD8h8XhAgo.json?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1f0097af97e1c602d42f1bd66e2799bb7500acef90b1a16ccfe5fa537b789d5a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Frame-Options ALLOWALL

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
referrer
https://www.spfi.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
gzip
age
0
x-cache
MISS
strict-transport-security
max-age=31557600
content-length
2989
x-served-by
cache-hhn4029-HHN
x-china
0
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
x-timer
S1641218278.252116,VS0,VE226
x-frame-options
ALLOWALL
etag
W/"19eb-s8a9UOHYLC2MsmwfieifLykzK2E"
vary
X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 varnish
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
0
vendors~player~player-pomo~unreleased-8cb7ab3fe5273edc6794b7dc0e14c269.js
assets.vidyard.com/play/js/ Frame 102F 		158 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/vendors~player~player-pomo~unreleased-8cb7ab3fe5273edc6794b7dc0e14c269.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
481039e26b5f7c67ad8148491f4203e8fe43942fa2730ec286fb2d6b77a26e62

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
br
vary
Accept-Encoding
age
1535416
x-cache
HIT
content-length
41575
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Thu, 16 Dec 2021 19:26:15 GMT
x-timer
S1641218278.488358,VS0,VE0
etag
"8b288fe2494782d32a0a21d954786f3e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
18107
vendors~access-code~player-pomo~whitelisted-embed-e43bf5b845c50ec018b9e43c25b6b99b.js
assets.vidyard.com/play/js/ Frame 102F 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/vendors~access-code~player-pomo~whitelisted-embed-e43bf5b845c50ec018b9e43c25b6b99b.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b44ce95b6fac6715bf575a155f1c2934d882b69e698efcddfcaa628d49c96f44

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
br
vary
Accept-Encoding
age
5839819
x-cache
HIT
content-length
29228
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Tue, 26 Oct 2021 18:59:18 GMT
x-timer
S1641218278.488493,VS0,VE0
etag
"72c2c0d1544367ee82097199e5530397"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
25448
vendors~player-pomo-6ebde972c783c8f9131e286c66bb6d14.js
assets.vidyard.com/play/js/ Frame 102F 		613 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/vendors~player-pomo-6ebde972c783c8f9131e286c66bb6d14.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5699e013691a2460bdcebe00745286497a4face6d66390bab8cfc6f320f3bfb3

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
br
vary
Accept-Encoding
age
1535416
x-cache
HIT
content-length
106493
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Thu, 16 Dec 2021 19:26:15 GMT
x-timer
S1641218278.489395,VS0,VE0
etag
"d8b0d918d955ab7a7feae54986bdda9c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
16537
player-pomo-91e1744bf3017aabc309654c741e4385.css
assets.vidyard.com/play/stylesheets/ Frame 102F 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/stylesheets/player-pomo-91e1744bf3017aabc309654c741e4385.css
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7699009136d90e3cbfa0701b49d252b52cbd3189eef172fa2d3f690f3b15dc55

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
br
vary
Accept-Encoding
age
1446895
x-cache
HIT
content-length
7214
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Fri, 17 Dec 2021 20:01:34 GMT
x-timer
S1641218278.489648,VS0,VE0
etag
"2f04b4119c443de15975abfa7a6b652f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
15069
player-pomo-91e1744bf3017aabc309654c741e4385.js
assets.vidyard.com/play/js/ Frame 102F 		240 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/player-pomo-91e1744bf3017aabc309654c741e4385.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ecfe5dfed661954e8d7ee40b5d43e114d49f5494a767485240a42ce7f6bfc5b7

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
br
vary
Accept-Encoding
age
1446895
x-cache
HIT
content-length
50470
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Fri, 17 Dec 2021 20:01:33 GMT
x-timer
S1641218278.489861,VS0,VE0
etag
"8f8b91a0f1ecdbcd178cf16700868042"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
15357
6-859d2cece83837e6e3fe1470b425a907.js
assets.vidyard.com/play/js/ Frame 102F 		437 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/6-859d2cece83837e6e3fe1470b425a907.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
85fee71e0a0c8314149faf317b7b37b4740b13c680cf0db24b17584cb7b7f1e1

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2149096
x-cache
HIT
content-length
99739
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Thu, 09 Dec 2021 16:58:31 GMT
x-timer
S1641218279.572126,VS0,VE0
etag
"f68dd33927eee73dc3a26280a3e061d9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23409
35-f13cda5e5da3d81ece8ba3d0e0cfecf7.css
assets.vidyard.com/play/stylesheets/ Frame 102F 		181 B
205 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/stylesheets/35-f13cda5e5da3d81ece8ba3d0e0cfecf7.css
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
br
vary
Accept-Encoding
age
1446891
x-cache
HIT
content-length
103
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Fri, 17 Dec 2021 20:01:33 GMT
x-timer
S1641218279.572213,VS0,VE0
etag
"5b8ad2d3286aa47c692cbb0bae4d9cc4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
13019
35-f13cda5e5da3d81ece8ba3d0e0cfecf7.js
assets.vidyard.com/play/js/ Frame 102F 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/35-f13cda5e5da3d81ece8ba3d0e0cfecf7.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f478166bc665ac832fc71b8d6352678d45f1acf66bdafce9df4b655bef295ce6

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
br
vary
Accept-Encoding
age
1446891
x-cache
HIT
content-length
4024
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Fri, 17 Dec 2021 20:01:33 GMT
x-timer
S1641218279.572428,VS0,VE0
etag
"c0e8b6086e5f41c93a4790d29f2536d0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
13139
visitors
raw.vidyard.com/v2/ Frame 		0
0
visitors
raw.vidyard.com/v2/ Frame 102F 		0
0
dg1258gnEQP1zD8h8XhAgo.jpg
play.vidyard.com/ Frame 102F 		0
0
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ Frame 78DB 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mju8dci.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9

Request headers

Referer
https://use.typekit.net/mju8dci.css
Origin
https://www.spfi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
server
nginx
etag
"852dacc5cd2685c187708b882b28635465e17bd0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32688
l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/ Frame 78DB 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mju8dci.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a

Request headers

Referer
https://use.typekit.net/mju8dci.css
Origin
https://www.spfi.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
server
nginx
etag
"474f8294a654ddd4e855cc66b1bb647cd40bfa9b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32380
fbevents.js
connect.facebook.net/en_US/ Frame 78DB 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bip-reporting.web.app
URL: https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
4aYR343sFt8I9Bv4NmAqBjOaJHul+7ev3hPegNnxaD9qPIrT3ZekqytUPYf7sn+yO42QY1Y9+58LiosYuYaVXg==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Mon, 03 Jan 2022 13:57:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
dg1258gnEQP1zD8h8XhAgo.js
play.vidyard.com/ Frame 78DB 		54 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo.js?v=3.1.1&type=inline
Requested by
Host: www.spfi.com
URL: https://www.spfi.com/_nuxt/vendor.bcc167d18f1fd6860860.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8cae2500518b647558d059faaad884a16a3e29db606db34a5d0151a98f1d6e75
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Frame-Options ALLOWALL

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:58 GMT
content-encoding
gzip
age
93043
x-cache
HIT
strict-transport-security
max-age=31557600
content-length
12697
x-served-by
cache-hhn4029-HHN
x-china
0
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
x-timer
S1641218279.786943,VS0,VE0
x-frame-options
ALLOWALL
etag
W/"d833-eNMg9n0AlB7T4Ls++oON0X2n8a4"
vary
X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
2
analytics.js
www.google-analytics.com/ Frame 78DB 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N82WNQZ&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3412
date
Mon, 03 Jan 2022 13:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 03 Jan 2022 15:01:06 GMT
premier-presence-image-SPF.jpg
bdcms.advisorgroup.com/uploads/14/09/ Frame 78DB 		0
0
6-home-page-banner-image-SPF-1920x_.jpg
bdcms.advisorgroup.com/uploads/12/03/ Frame 78DB 		0
0
SPF-Home-Video-Splashscreen-V3.jpg
bdcms.advisorgroup.com/uploads/05/00/ Frame 78DB 		0
0
8-home-hero-image-all-about-relationships-SPF-250x_.png
bdcms.advisorgroup.com/uploads/00/09/ Frame 78DB 		0
0
8-home-hero-image-comprehensive-tools-and-support-SPF-250x_.png
bdcms.advisorgroup.com/uploads/01/01/ Frame 78DB 		0
0
8-home-hero-image-proof-is-in-the-retention-SPF-250x_.png
bdcms.advisorgroup.com/uploads/02/01/ Frame 78DB 		0
0
8-home-hero-image-customized-transition-SPF-250x_.png
bdcms.advisorgroup.com/uploads/07/06/ Frame 78DB 		0
0
mycmo-icon-250x_.png
bdcms.advisorgroup.com/uploads/02/12/ Frame 78DB 		0
0
mysuccessionplan-icon-250x_.png
bdcms.advisorgroup.com/uploads/12/15/ Frame 78DB 		0
0
opsportal-icon-250x_.png
bdcms.advisorgroup.com/uploads/04/15/ Frame 78DB 		0
0
eQuipt-R_Black-250x_.png
bdcms.advisorgroup.com/uploads/11/11/ Frame 78DB 		0
0
Contact_Us_Image_SPF_Purple_00-1-600x_.jpg
bdcms.advisorgroup.com/uploads/02/14/ Frame 78DB 		0
0
AG-logo-shadow-600x_.png
bdcms.advisorgroup.com/uploads/14/00/ Frame 78DB 		0
0
elqCfg.min.js
img.en25.com/i/ Frame 78DB 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.en25.com/i/elqCfg.min.js
Requested by
Host: play.vidyard.com
URL: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo.js?v=3.1.1&type=inline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.229.66 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection
keep-alive
Content-Length
2183
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Thu, 14 Oct 2021 00:58:49 GMT
Date
Mon, 03 Jan 2022 13:57:58 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-store
ETag
"28352a696c0d71:0"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Mon, 03 Jan 2022 13:57:58 GMT
elqCfg.min.js
img04.en25.com/i/ Frame 78DB 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img04.en25.com/i/elqCfg.min.js
Requested by
Host: www.spfi.com
URL: https://www.spfi.com/_nuxt/app.1e997cafcff18d8b427c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.229.66 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Type
application/x-javascript
Last-Modified
Thu, 14 Oct 2021 00:58:49 GMT
ETag
"28352a696c0d71:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-store
Date
Mon, 03 Jan 2022 13:57:58 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
6080
X-XSS-Protection
1; mode=block
Expires
Mon, 03 Jan 2022 13:57:58 GMT
319751181967822
connect.facebook.net/signals/config/ Frame 78DB 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/319751181967822?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
917922f314775180d49112af968063dd2726f064cf18ba39080b28a615ac4578
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
yIpdHrxU06/XVkeGgSkjJ88qphng7IwzEoNjMYQouPVE+pPBf/pvXXHdcB5oy45z4+T+8SbT6RieX3D1KtVnjg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 03 Jan 2022 13:57:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
dg1258gnEQP1zD8h8XhAgo
play.vidyard.com/ Frame 1912 		0
0
dg1258gnEQP1zD8h8XhAgo
play.vidyard.com/ Frame 1C39 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Requested by
Host: play.vidyard.com
URL: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo.js?v=3.1.1&type=inline
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a00a0c69a3f147bd06bca191ceaf28b256ca7ae299df488380a9c33e2b72b0e2
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/

Response headers

content-type
text/html; charset=utf-8
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
x-frame-options
ALLOWALL
cache-control
no-store, no-cache, must-revalidate
etag
W/"dd6-yY38biX3vczcAxig5hn+ttT2duc"
x-china
0
content-encoding
gzip
accept-ranges
bytes
date
Mon, 03 Jan 2022 13:57:59 GMT
via
1.1 varnish
age
592609
x-served-by
cache-hhn4029-HHN
x-cache
HIT
x-cache-hits
3
x-timer
S1641218279.002522,VS0,VE0
vary
X-ThumbnailAB, X-China, accept-language, Accept-Encoding
strict-transport-security
max-age=31557600
content-length
1462
svrGP
s204200226.t.eloqua.com/visitor/v200/ Frame 78DB 		0
411 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s204200226.t.eloqua.com/visitor/v200/svrGP?pps=70&siteid=204200226&ms=7
Requested by
Host: img04.en25.com
URL: https://img04.en25.com/i/elqCfg.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.0.160.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Type
application/javascript
Date
Mon, 03 Jan 2022 13:57:58 GMT
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-store
X-Robots-Tag
noindex, nofollow
Content-Length
0
X-Xss-Protection
1; mode=block
Expires
-1
svrGP.aspx
s204200226.t.eloqua.com/visitor/v200/ Frame 78DB
Redirect Chain
  • https://s204200226.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=204200226&ref2=https%3A%2F%2Fgrandhypermarkets.com%2F&tzo=0&ms=7&optin=disabled
  • https://s204200226.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=204200226&ref2=https%3A%2F%2Fgrandhypermarkets.com%2F&tzo=0&ms=7&optin=disabled&elqCookie=1
0
0
runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
assets.vidyard.com/play/js/ Frame 1C39 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Requested by
Host: play.vidyard.com
URL: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a88a7077e363f3ff1ecda9340795286b4e88f6a6b5395aa47deb827cd62132a3

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:59 GMT
content-encoding
br
vary
Accept-Encoding
age
1446896
x-cache
HIT
content-length
2254
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Fri, 17 Dec 2021 20:01:33 GMT
x-timer
S1641218279.035146,VS0,VE0
etag
"fe6fa0dd89422d09ebb42254368cd825"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
17138
main-a6875cc9a4bc0c905ad9e719ee986a48.js
assets.vidyard.com/play/js/ Frame 1C39 		101 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Requested by
Host: play.vidyard.com
URL: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a170a845a7a20edcedacef2638fd6e8550c6fc052aad221568c2182a9f3b1d28

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:59 GMT
content-encoding
br
vary
Accept-Encoding
age
2364009
x-cache
HIT
content-length
13448
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Thu, 02 Dec 2021 18:35:08 GMT
x-timer
S1641218279.035281,VS0,VE0
etag
"5330e201fbbf207c28cf6c9304098519"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
29045
dg1258gnEQP1zD8h8XhAgo.json
play.vidyard.com/player/ Frame 1C39 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.vidyard.com/player/dg1258gnEQP1zD8h8XhAgo.json?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1f0097af97e1c602d42f1bd66e2799bb7500acef90b1a16ccfe5fa537b789d5a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Frame-Options ALLOWALL

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
referrer
https://www.spfi.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:59 GMT
content-encoding
gzip
age
1
x-cache
HIT
strict-transport-security
max-age=31557600
content-length
2989
x-served-by
cache-hhn4029-HHN
x-china
0
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
x-timer
S1641218279.053975,VS0,VE0
x-frame-options
ALLOWALL
etag
W/"19eb-s8a9UOHYLC2MsmwfieifLykzK2E"
vary
X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type
application/json; charset=utf-8
via
1.1 varnish
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1
vendors~player~player-pomo~unreleased-8cb7ab3fe5273edc6794b7dc0e14c269.js
assets.vidyard.com/play/js/ Frame 1C39 		158 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/vendors~player~player-pomo~unreleased-8cb7ab3fe5273edc6794b7dc0e14c269.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
481039e26b5f7c67ad8148491f4203e8fe43942fa2730ec286fb2d6b77a26e62

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:59 GMT
content-encoding
br
vary
Accept-Encoding
age
1535416
x-cache
HIT
content-length
41575
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Thu, 16 Dec 2021 19:26:15 GMT
x-timer
S1641218279.064432,VS0,VE0
etag
"8b288fe2494782d32a0a21d954786f3e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
18108
vendors~access-code~player-pomo~whitelisted-embed-e43bf5b845c50ec018b9e43c25b6b99b.js
assets.vidyard.com/play/js/ Frame 1C39 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/vendors~access-code~player-pomo~whitelisted-embed-e43bf5b845c50ec018b9e43c25b6b99b.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b44ce95b6fac6715bf575a155f1c2934d882b69e698efcddfcaa628d49c96f44

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:59 GMT
content-encoding
br
vary
Accept-Encoding
age
5839819
x-cache
HIT
content-length
29228
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Tue, 26 Oct 2021 18:59:18 GMT
x-timer
S1641218279.064640,VS0,VE0
etag
"72c2c0d1544367ee82097199e5530397"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
25449
vendors~player-pomo-6ebde972c783c8f9131e286c66bb6d14.js
assets.vidyard.com/play/js/ Frame 1C39 		613 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/vendors~player-pomo-6ebde972c783c8f9131e286c66bb6d14.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5699e013691a2460bdcebe00745286497a4face6d66390bab8cfc6f320f3bfb3

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:59 GMT
content-encoding
br
vary
Accept-Encoding
age
1535416
x-cache
HIT
content-length
106493
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Thu, 16 Dec 2021 19:26:15 GMT
x-timer
S1641218279.064718,VS0,VE0
etag
"d8b0d918d955ab7a7feae54986bdda9c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
16538
player-pomo-91e1744bf3017aabc309654c741e4385.css
assets.vidyard.com/play/stylesheets/ Frame 1C39 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/stylesheets/player-pomo-91e1744bf3017aabc309654c741e4385.css
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7699009136d90e3cbfa0701b49d252b52cbd3189eef172fa2d3f690f3b15dc55

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:59 GMT
content-encoding
br
vary
Accept-Encoding
age
1446895
x-cache
HIT
content-length
7214
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Fri, 17 Dec 2021 20:01:34 GMT
x-timer
S1641218279.065131,VS0,VE0
etag
"2f04b4119c443de15975abfa7a6b652f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
15070
player-pomo-91e1744bf3017aabc309654c741e4385.js
assets.vidyard.com/play/js/ Frame 1C39 		240 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/player-pomo-91e1744bf3017aabc309654c741e4385.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ecfe5dfed661954e8d7ee40b5d43e114d49f5494a767485240a42ce7f6bfc5b7

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:59 GMT
content-encoding
br
vary
Accept-Encoding
age
1446896
x-cache
HIT
content-length
50470
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Fri, 17 Dec 2021 20:01:33 GMT
x-timer
S1641218279.065343,VS0,VE0
etag
"8f8b91a0f1ecdbcd178cf16700868042"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
15358
/
www.facebook.com/tr/ Frame 78DB 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=319751181967822&ev=PageView&dl=https%3A%2F%2Fwww.spfi.com%2F&rl=https%3A%2F%2Fgrandhypermarkets.com%2F&if=true&ts=1641218279104&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&it=1641218278991&coo=false&exp=p1&rqm=GET
Requested by
Host: www.spfi.com
URL: https://www.spfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.spfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 03 Jan 2022 13:57:59 GMT
6-859d2cece83837e6e3fe1470b425a907.js
assets.vidyard.com/play/js/ Frame 1C39 		437 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/6-859d2cece83837e6e3fe1470b425a907.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
85fee71e0a0c8314149faf317b7b37b4740b13c680cf0db24b17584cb7b7f1e1

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:59 GMT
content-encoding
br
vary
Accept-Encoding
age
2149097
x-cache
HIT
content-length
99739
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Thu, 09 Dec 2021 16:58:31 GMT
x-timer
S1641218279.158999,VS0,VE0
etag
"f68dd33927eee73dc3a26280a3e061d9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23410
35-f13cda5e5da3d81ece8ba3d0e0cfecf7.css
assets.vidyard.com/play/stylesheets/ Frame 1C39 		181 B
205 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/stylesheets/35-f13cda5e5da3d81ece8ba3d0e0cfecf7.css
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:59 GMT
content-encoding
br
vary
Accept-Encoding
age
1446892
x-cache
HIT
content-length
103
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Fri, 17 Dec 2021 20:01:33 GMT
x-timer
S1641218279.159072,VS0,VE0
etag
"5b8ad2d3286aa47c692cbb0bae4d9cc4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
13020
35-f13cda5e5da3d81ece8ba3d0e0cfecf7.js
assets.vidyard.com/play/js/ Frame 1C39 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidyard.com/play/js/35-f13cda5e5da3d81ece8ba3d0e0cfecf7.js
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-35c85ec4bfc6ee38e9f2fd70a36a08ab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f478166bc665ac832fc71b8d6352678d45f1acf66bdafce9df4b655bef295ce6

Request headers

Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Origin
https://play.vidyard.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:59 GMT
content-encoding
br
vary
Accept-Encoding
age
1446892
x-cache
HIT
content-length
4024
via
1.1 varnish
x-served-by
cache-hhn4026-HHN
last-modified
Fri, 17 Dec 2021 20:01:33 GMT
x-timer
S1641218279.159210,VS0,VE0
etag
"c0e8b6086e5f41c93a4790d29f2536d0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
13140
47b75e2b565f2c8469cd73.jpg
cdn.vidyard.com/thumbnails/gj6BqczG4SWl5rpRWcQ8Ig/ Frame 1C39
Redirect Chain
  • https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo.jpg
  • https://cdn.vidyard.com/thumbnails/gj6BqczG4SWl5rpRWcQ8Ig/47b75e2b565f2c8469cd73.jpg
41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vidyard.com/thumbnails/gj6BqczG4SWl5rpRWcQ8Ig/47b75e2b565f2c8469cd73.jpg
Requested by
Host: www.spfi.com
URL: https://www.spfi.com/
Protocol
H2
Server
93.184.221.26 -, , ASN (),
Reverse DNS
Software
ECAcc (lha/8D04) /
Resource Hash
8318c2c967eb9274c78fb22f2742975238f7bc5713dfcd11cda7d00d58540140

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:59 GMT
x-cdn
edgecast
age
579966
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-request-id
F0Q79B20DM6720GR
x-amz-id-2
I0Wf5ugefUhTZWJxVRdNaiMRlYE39VFLyx0aRXNEXtB8+ATLX++87DIOUB6wNqRLyDiv91ISYy0=
accept-ranges
bytes
last-modified
Fri, 03 Aug 2018 18:08:00 GMT
server
ECAcc (lha/8D04)
etag
"d9fcd622152cb393166010edccd65f2b"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST
x-amz-version-id
DdMYxG_KaV.Jcd9etOkYJPx8yjub0yrq
access-control-allow-origin
*
access-control-expose-headers
ETag, X-CDN
content-length
41497
content-type
image/jpeg

Redirect headers

date
Mon, 03 Jan 2022 13:57:59 GMT
via
1.1 varnish
age
0
x-cache
HIT
strict-transport-security
max-age=31557600
content-length
106
x-served-by
cache-hhn4029-HHN
x-china
0
referrer-policy
no-referrer-when-downgrade
location
https://cdn.vidyard.com/thumbnails/gj6BqczG4SWl5rpRWcQ8Ig/47b75e2b565f2c8469cd73.jpg
x-timer
S1641218279.154913,VS0,VE0
x-frame-options
ALLOWALL
vary
Accept, X-ThumbnailAB, X-China, accept-language
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
accept-ranges
bytes
x-cache-hits
1
stream_master_p_Zt95UkZ_3X9IeGd5-maQ.m3u8
cdn.vidyard.com/hls-videos/gj6BqczG4SWl5rpRWcQ8Ig/ Frame 1C39 		582 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.vidyard.com/hls-videos/gj6BqczG4SWl5rpRWcQ8Ig/stream_master_p_Zt95UkZ_3X9IeGd5-maQ.m3u8?AtjUHAbtDCvbbU08HnwBGCmDIIKU9bzMu0cvXj3v0M1yxTXWZgt5LCgbTlXt5yeW6d1o83HrVPFRKiS5uYV5CWUHkZa39pg5pChYIEE6abwK5tdiRvpL8u4U-5wgsbzWIHjmLNqhcWucJrXNZhs_7XLSMCn2zuymmE3lKxl6-uPJRD_jfzZdYP9MUfzTt8vv4Ee2
Requested by
Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/6-859d2cece83837e6e3fe1470b425a907.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.26 -, , ASN (),
Reverse DNS
Software
ECAcc (lha/8D7B) /
Resource Hash
7e358467df1b0ca6badff7ca214043a08def4975d305c9c31c64f9f7e722d2b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 13:57:59 GMT
x-cdn
edgecast
age
592496
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-request-id
ESDAYBAHDTAMWVBZ
x-amz-id-2
lhxnoCVD4u4jsxEmwskoiKc5h5lphprrEj0/IEGOboMKGRW7qCASJOCyZouBYgffarEeWg+QRzQ=
accept-ranges
bytes
last-modified
Fri, 03 Aug 2018 18:08:26 GMT
server
ECAcc (lha/8D7B)
etag
"839eb634187da39e52aa80c4ca45fbb5"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST
x-amz-version-id
naufn9oD5xzVTNZe30R1QLUSYiP5o9Hp
access-control-allow-origin
*
access-control-expose-headers
ETag, X-CDN
content-length
582
content-type
application/vnd.apple.mpegurl

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
raw.vidyard.com
URL
https://raw.vidyard.com/v2/visitors
Domain
raw.vidyard.com
URL
https://raw.vidyard.com/v2/visitors
Domain
play.vidyard.com
URL
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo.jpg
Domain
bdcms.advisorgroup.com
URL
https://bdcms.advisorgroup.com/uploads/14/09/premier-presence-image-SPF.jpg
Domain
bdcms.advisorgroup.com
URL
https://bdcms.advisorgroup.com/uploads/12/03/6-home-page-banner-image-SPF-1920x_.jpg?token=b173bdf3c31cbb706ea3480161300324
Domain
bdcms.advisorgroup.com
URL
https://bdcms.advisorgroup.com/uploads/05/00/SPF-Home-Video-Splashscreen-V3.jpg
Domain
bdcms.advisorgroup.com
URL
https://bdcms.advisorgroup.com/uploads/00/09/8-home-hero-image-all-about-relationships-SPF-250x_.png?token=6a018a8949ae89287040711da35338e1
Domain
bdcms.advisorgroup.com
URL
https://bdcms.advisorgroup.com/uploads/01/01/8-home-hero-image-comprehensive-tools-and-support-SPF-250x_.png?token=b1c771053d087b332023ad7e46c4a55e
Domain
bdcms.advisorgroup.com
URL
https://bdcms.advisorgroup.com/uploads/02/01/8-home-hero-image-proof-is-in-the-retention-SPF-250x_.png?token=f9f839961b83c1b8b1e1fcd37ffebe59
Domain
bdcms.advisorgroup.com
URL
https://bdcms.advisorgroup.com/uploads/07/06/8-home-hero-image-customized-transition-SPF-250x_.png?token=392def61e5b880209ad2a77da724ac7b
Domain
bdcms.advisorgroup.com
URL
https://bdcms.advisorgroup.com/uploads/02/12/mycmo-icon-250x_.png?token=3387e64a956054ec0203248fef193576
Domain
bdcms.advisorgroup.com
URL
https://bdcms.advisorgroup.com/uploads/12/15/mysuccessionplan-icon-250x_.png?token=806f3474ea522e618e10295bcbb34676
Domain
bdcms.advisorgroup.com
URL
https://bdcms.advisorgroup.com/uploads/04/15/opsportal-icon-250x_.png?token=40794349b1663b4d8a41637e10d8f50e
Domain
bdcms.advisorgroup.com
URL
https://bdcms.advisorgroup.com/uploads/11/11/eQuipt-R_Black-250x_.png?token=f662c40ba1ae2be9f21b04d39dfbca7b
Domain
bdcms.advisorgroup.com
URL
https://bdcms.advisorgroup.com/uploads/02/14/Contact_Us_Image_SPF_Purple_00-1-600x_.jpg?token=def3ed5395a1ed4fab33b35174218eb6
Domain
bdcms.advisorgroup.com
URL
https://bdcms.advisorgroup.com/uploads/14/00/AG-logo-shadow-600x_.png?token=de932ad7ad6e980c8eee506f6e04363e
Domain
play.vidyard.com
URL
https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Fgrandhypermarkets.com%252F&
Domain
s204200226.t.eloqua.com
URL
https://s204200226.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=204200226&ref2=https%3A%2F%2Fgrandhypermarkets.com%2F&tzo=0&ms=7&optin=disabled&elqCookie=1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackJsonp boolean| __convergedlogin_pfetchsessionsprogress_3cdbaab1cf6d9b038234 boolean| __convergedlogin_pidpdisambiguation_76e0875415977704da38 boolean| __convergedlogin_ppassword_6f5648a25cfbe86f348c

5 Cookies

Domain/Path Name / Value
.samsung.com/ Name: uuid230
Value: 9bf134b0-f393-4121-b6fc-35b7ee46be92
.samsung.com/ Name: nlid
Value: dbbbab33|71b0ad58
grandhypermarkets.com/ Name: PHPSESSID
Value: 7819b095112ac84d00a6336249c96749
.login.live.com/ Name: uaid
Value: 6d1b30018ecf4d4486737a432809e339
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1641218277&co=2

2 Console Messages

Source Level URL
Text
network error URL: https://bip-reporting.web.app/dsiiq0Hspfia7XB8xr7Pm
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://grandhypermarkets.com/login/);
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
assets.vidyard.com
bdcms.advisorgroup.com
bip-reporting.web.app
cdn.vidyard.com
connect.facebook.net
fonts.googleapis.com
grandhypermarkets.com
img.en25.com
img04.en25.com
login.live.com
p.typekit.net
play.vidyard.com
raw.vidyard.com
s204200226.t.eloqua.com
t.m1.email.samsung.com
themoo.com.au
use.typekit.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.spfi.com
bdcms.advisorgroup.com
play.vidyard.com
raw.vidyard.com
s204200226.t.eloqua.com
104.111.229.66
112.140.180.26
142.0.160.53
151.101.129.181
152.199.23.37
20.190.160.2
2620:0:890::100
2a00:1450:4001:808::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba2a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:b0c0:3:d0::1440:1
34.251.123.240
45.79.127.214
93.184.221.26
0140da8c4170309baa728814f96185de2c71bb6a9101d51cb040ece949aa3128
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1710be9a21ba309a4989ad9d8cfadb9df527ce4bd54f34edf1a56326644584bd
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f0097af97e1c602d42f1bd66e2799bb7500acef90b1a16ccfe5fa537b789d5a
235b558b77ab36f63c1439a68ac2410aaf8f42f7b9c93c0bfdc9af662abab8b6
24a88c345a2ae827062fd9467741e4ecdcca04ea7042b801ea697fbf0d2cc969
259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c
2b3df4d53882fba74216d365e7344c782145f2faf8e08a2d69c548f5fbc7fbf5
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
344851c60b017b209bf5979a9898fdc538151cab017e6b0834a8ff3a02cc8bc3
481039e26b5f7c67ad8148491f4203e8fe43942fa2730ec286fb2d6b77a26e62
54fc19961a2b6966e06e76645163fdd6f027179a00cb64abba13ae491e3a41a0
5699e013691a2460bdcebe00745286497a4face6d66390bab8cfc6f320f3bfb3
6980eadbd6f6d6233ea9b987e9ae462b25726871e9797c51e0d550aef3cc861d
7699009136d90e3cbfa0701b49d252b52cbd3189eef172fa2d3f690f3b15dc55
7cb7621f3eb49c78b89d119106cf42981a3075da154dc96af6ca24f8f68c6f53
7e358467df1b0ca6badff7ca214043a08def4975d305c9c31c64f9f7e722d2b7
7e5ee2d6937d2b58dce581879e5d829cd7f4d753884ee0af38a62187307ab8a9
801cbe9f65582d8dabe100ab7e405522233ef803655d8233ad5909d5f6fc1d16
8318c2c967eb9274c78fb22f2742975238f7bc5713dfcd11cda7d00d58540140
85fee71e0a0c8314149faf317b7b37b4740b13c680cf0db24b17584cb7b7f1e1
8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11
8cae2500518b647558d059faaad884a16a3e29db606db34a5d0151a98f1d6e75
917922f314775180d49112af968063dd2726f064cf18ba39080b28a615ac4578
94cf4b4a7d988f8784f7314c826d4c3862bdb22f1c17d955c0fff098a05af256
99c1697bfc05f8e00314bc2aa32c60b123b311965e94e91801d3876d86d72fdd
a00a0c69a3f147bd06bca191ceaf28b256ca7ae299df488380a9c33e2b72b0e2
a170a845a7a20edcedacef2638fd6e8550c6fc052aad221568c2182a9f3b1d28
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a423ac7e2310bc44a1defeb1f6df180cab8a59442e7f41d093f21649fcc86e69
a88a7077e363f3ff1ecda9340795286b4e88f6a6b5395aa47deb827cd62132a3
b02a9c2805929fa163391296f9889dbef7e4256dce3f42fc215f9a18fc602026
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b44ce95b6fac6715bf575a155f1c2934d882b69e698efcddfcaa628d49c96f44
b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8
b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a
c3f985449a09524eebebf4bf9821a6b2ab97e51ed4f95dd4f38fe43299db28f1
cd0c07da1fe840ecf9bfea269f276131187910a0b4f0e2588303714564a29f81
ce768e83be373f5303ce3117cba6e60874a328c5fb740fb4dbc14989105e0a0d
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b270d2a6af5d01dd798963a97d66ce020da7501b55c0239c0b5d7c1d5d2375
ecfe5dfed661954e8d7ee40b5d43e114d49f5494a767485240a42ce7f6bfc5b7
f478166bc665ac832fc71b8d6352678d45f1acf66bdafce9df4b655bef295ce6
f746c8be44189a324ffcd77398e29286bd7a1b7a6e61455f209b7cd9a924cfa1