login.flowwebsites.nl Open in urlscan Pro
77.104.160.118 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.login.flowwebsites.nl/
Effective URL:
https://login.flowwebsites.nl/
Submission: On February 23 via automatic, source certstream-suspicious (February 23rd 2020, 2:13:00 am UTC)

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 11 HTTP transactions. The main IP is 77.104.160.118, located in Bulgaria and belongs to SINGLEHOP-LLC, US. The main domain is login.flowwebsites.nl.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 23rd 2020. Valid for: 3 months.

This is the only time login.flowwebsites.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 8	77.104.160.118 77.104.160.118		32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	74.208.230.218 74.208.230.218		8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
2	2a00:1450:400... 2a00:1450:4001:824::200e		15169 (GOOGLE) (GOOGLE)
11	3

8 77.104.160.118 (Bulgaria) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: ip-77-104-160-118.siteground.com

www.login.flowwebsites.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.flowwebsites.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.208.230.218 (United States)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: u20835219.onlinehome-server.com

app.marketplan.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	flowwebsites.nl 1 redirects www.login.flowwebsites.nl login.flowwebsites.nl	374 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	marketplan.io app.marketplan.io	2 KB
11	3

	Domain	Requested by
7	login.flowwebsites.nl	login.flowwebsites.nl
2	www.google-analytics.com	login.flowwebsites.nl
2	app.marketplan.io	login.flowwebsites.nl app.marketplan.io
1	www.login.flowwebsites.nl	1 redirects
11	4

This site contains links to these domains. Also see Links.

Domain
flowwebsites.nl

Subject Issuer	Validity	Valid
login.flowwebsites.nl Let's Encrypt Authority X3	`2020-02-23` - `2020-05-23`	3 months	crt.sh
app.marketplan.io Let's Encrypt Authority X3	`2020-01-29` - `2020-04-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.flowwebsites.nl/
Frame ID: AAB2F1E84F1EC80DBFE30FA4E3DBDADC
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.login.flowwebsites.nl/ HTTP 301
https://login.flowwebsites.nl/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

11
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

394 kB
Transfer

1414 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://flowwebsites.nl/
Title: flowwebsites.nl

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.login.flowwebsites.nl/ HTTP 301
https://login.flowwebsites.nl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
login.flowwebsites.nl/
Redirect Chain

https://www.login.flowwebsites.nl/
https://login.flowwebsites.nl/

76 KB
18 KB

78ms
30ms

Document
text/html

77.104.160.118
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://login.flowwebsites.nl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.104.160.118 , Bulgaria, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: ip-77-104-160-118.siteground.com
Software: nginx /
Resource Hash: 0f38d05446d74757f46fecdb0dcf10a79b096e8380f4fd0af549c3bf0f9caa58

Request headers

:method: GET
:authority: login.flowwebsites.nl
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: document

Response headers

status: 200
server: nginx
date: Sun, 23 Feb 2020 02:12:44 GMT
content-type: text/html; charset=UTF-8
content-length: 18223
vary: Accept-Encoding,User-Agent
last-modified: Sun, 23 Feb 2020 02:11:16 GMT
cache-control: max-age=0
expires: Sun, 23 Feb 2020 02:12:44 GMT
content-encoding: gzip
host-header: 624d5be7be38418a3e2a818cc8b7029b
x-proxy-cache: MISS
accept-ranges: bytes

Redirect headers

status: 301
server: nginx
date: Sun, 23 Feb 2020 02:12:44 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-redirect-by: WordPress
set-cookie: PHPSESSID=02d0b16540e9e54a44c9d049c6d4652c; path=/ _wp_session=6829f004f52e26657077c74cdc2a6322%7C%7C1582467163%7C%7C1642039963; expires=Sun, 23-Feb-2020 14:12:43 GMT; Max-Age=43200; path=/
vary: Accept-Encoding
location: https://login.flowwebsites.nl/
host-header: 624d5be7be38418a3e2a818cc8b7029b
x-proxy-cache: MISS

GET
H2 200 4edd5565502b97b1a04bbe977737270d.css
login.flowwebsites.nl/wp-content/cache/min/1/ 656 KB
89 KB 45ms
44ms Stylesheet
text/css 77.104.160.118
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://login.flowwebsites.nl/wp-content/cache/min/1/4edd5565502b97b1a04bbe977737270d.css
Requested by: Host: login.flowwebsites.nl
URL: https://login.flowwebsites.nl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.104.160.118 , Bulgaria, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: ip-77-104-160-118.siteground.com
Software: nginx /
Resource Hash: 76f70c540b7ce3ea3edd6cf2d49f2f6ae4c1886312adc68557105bf9476dd05b

Request headers

Referer: https://login.flowwebsites.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: style

Response headers

date: Sun, 23 Feb 2020 02:12:44 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 15:48:43 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
expires: Tue, 24 Mar 2020 02:12:44 GMT
cache-control: max-age=2592000, public
host-header: 624d5be7be38418a3e2a818cc8b7029b
x-proxy-cache: MISS

GET
H2 200 woocommerce-smallscreen.min.css
login.flowwebsites.nl/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/ 6 KB
1 KB 33ms
32ms Stylesheet
text/css 77.104.160.118
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://login.flowwebsites.nl/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=2.0.1
Requested by: Host: login.flowwebsites.nl
URL: https://login.flowwebsites.nl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.104.160.118 , Bulgaria, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: ip-77-104-160-118.siteground.com
Software: nginx /
Resource Hash: eb43e8f62a0a26affd917433d135eff06b5108ebff2045ab38d37b24e56c7365

Request headers

Referer: https://login.flowwebsites.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: style

Response headers

date: Sun, 23 Feb 2020 02:12:44 GMT
content-encoding: gzip
last-modified: Mon, 26 Aug 2019 17:50:33 GMT
server: nginx
host-header: 624d5be7be38418a3e2a818cc8b7029b
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
expires: Tue, 24 Mar 2020 02:12:44 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 975
x-proxy-cache: MISS

GET
H2 200 lazyload.min.js Show response
login.flowwebsites.nl/wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/ 5 KB
2 KB 47ms
46ms Script
application/javascript 77.104.160.118
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://login.flowwebsites.nl/wp-content/plugins/wp-rocket/assets/js/lazyload/11.0.6/lazyload.min.js
Requested by: Host: login.flowwebsites.nl
URL: https://login.flowwebsites.nl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.104.160.118 , Bulgaria, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: ip-77-104-160-118.siteground.com
Software: nginx /
Resource Hash: fd9b21475370627e77a6988f76c0bf93a005f9e66c4f2e9fd62e5c2de5976dc9

Request headers

Referer: https://login.flowwebsites.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: script

Response headers

date: Sun, 23 Feb 2020 02:12:44 GMT
content-encoding: gzip
last-modified: Sat, 31 Aug 2019 11:49:03 GMT
server: nginx
host-header: 624d5be7be38418a3e2a818cc8b7029b
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
expires: Mon, 22 Feb 2021 02:12:44 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2058
x-proxy-cache: MISS

GET
H2 200 64f1bc5b0c626cd996ff465fcb13e7a6.js Show response
login.flowwebsites.nl/wp-content/cache/min/1/ 495 KB
134 KB 63ms
62ms Script
application/javascript 77.104.160.118
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://login.flowwebsites.nl/wp-content/cache/min/1/64f1bc5b0c626cd996ff465fcb13e7a6.js
Requested by: Host: login.flowwebsites.nl
URL: https://login.flowwebsites.nl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.104.160.118 , Bulgaria, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: ip-77-104-160-118.siteground.com
Software: nginx /
Resource Hash: 080a27508cf543b4cf4c2b57bca8d3fb202c4331338f70666bc24e5ea3dfd2b5

Request headers

Referer: https://login.flowwebsites.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: script

Response headers

date: Sun, 23 Feb 2020 02:12:44 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 15:48:42 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
expires: Mon, 22 Feb 2021 02:12:44 GMT
cache-control: max-age=31536000, public
host-header: 624d5be7be38418a3e2a818cc8b7029b
x-proxy-cache: MISS

GET
H2 200 track.js Show response
app.marketplan.io/ 2 KB
2 KB 389ms
122ms Script
application/javascript 74.208.230.218
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.marketplan.io/track.js?x=1582423964330
Requested by: Host: login.flowwebsites.nl
URL: https://login.flowwebsites.nl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.208.230.218 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS: u20835219.onlinehome-server.com
Software: nginx / PleskLin
Resource Hash: 1f9f3cb42ce7173ac732bca48c7e3f778111582f1b85eabdc0f3d9c0773c286d

Request headers

Referer: https://login.flowwebsites.nl/
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 23 Feb 2020 02:12:44 GMT
etag: "5daebf30-853"
last-modified: Tue, 22 Oct 2019 08:34:56 GMT
server: nginx
access-control-allow-origin: *
x-powered-by: PleskLin
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 2131

GET
H2 200 track.php Show response
app.marketplan.io/ 0
125 B 443ms
198ms XHR
text/html 74.208.230.218
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.marketplan.io/track.php?pid=4020&mpageid=undefined&user=VirtualFlow&ref=&jsurl=https%3A%2F%2Flogin.flowwebsites.nl%2F
Requested by: Host: app.marketplan.io
URL: https://app.marketplan.io/track.js?x=1582423964330
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.208.230.218 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS: u20835219.onlinehome-server.com
Software: nginx / PHP/7.2.19, PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.flowwebsites.nl/
Origin: https://login.flowwebsites.nl
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50

Response headers

status: 200
date: Sun, 23 Feb 2020 02:12:45 GMT
server: nginx
access-control-allow-origin: *
x-powered-by: PHP/7.2.19, PleskLin
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 Achtergrond_Flow.jpg
login.flowwebsites.nl/wp-content/uploads/2018/11/ 128 KB
128 KB 33ms
32ms Image
image/jpeg 77.104.160.118
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.flowwebsites.nl/wp-content/uploads/2018/11/Achtergrond_Flow.jpg
Requested by: Host: login.flowwebsites.nl
URL: https://login.flowwebsites.nl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.104.160.118 , Bulgaria, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: ip-77-104-160-118.siteground.com
Software: nginx /
Resource Hash: c59d09c3b165c45e755dcafc6944c2b3eec97bffb8be93bb9b5539793cf45dab

Request headers

Referer: https://login.flowwebsites.nl/wp-content/cache/min/1/4edd5565502b97b1a04bbe977737270d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

date: Sun, 23 Feb 2020 02:12:44 GMT
last-modified: Mon, 05 Nov 2018 10:04:35 GMT
server: nginx
host-header: 624d5be7be38418a3e2a818cc8b7029b
vary: Accept-Encoding
content-type: image/jpeg
status: 200
expires: Mon, 22 Feb 2021 02:12:44 GMT
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 130760
x-proxy-cache: MISS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: login.flowwebsites.nl
URL: https://login.flowwebsites.nl/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.flowwebsites.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1454
date: Sun, 23 Feb 2020 01:48:30 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Sun, 23 Feb 2020 03:48:30 GMT

POST
H2 200 / Show response
login.flowwebsites.nl/ 908 B
786 B 584ms
584ms XHR
application/json 77.104.160.118
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://login.flowwebsites.nl/?wc-ajax=get_refreshed_fragments
Requested by: Host: login.flowwebsites.nl
URL: https://login.flowwebsites.nl/wp-content/cache/min/1/64f1bc5b0c626cd996ff465fcb13e7a6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.104.160.118 , Bulgaria, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: ip-77-104-160-118.siteground.com
Software: nginx /
Resource Hash: ceae7c0a1103597303d96aaf635812026bbd12ea160f24cf61eb61d6d6a4358f

Request headers

Accept: */*
Referer: https://login.flowwebsites.nl/
Origin: https://login.flowwebsites.nl
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 23 Feb 2020 02:12:45 GMT
content-encoding: gzip
server: nginx
accept-ranges: none
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate
host-header: 624d5be7be38418a3e2a818cc8b7029b
content-length: 383
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1511926720&t=pageview&_s=1&dl=https%3A%2F%2Flogin.flowwebsites.nl%2F&ul=en-us&de=UTF-8&dt=Flow%20Websites&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=65061131&gjid=344506267&cid=1789895474.1582423965&tid=UA-106869511-7&_gid=1355535906.1582423965&_r=1&z=847398379

Requested by

Host: login.flowwebsites.nl
URL: https://login.flowwebsites.nl/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.flowwebsites.nl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 Edg/80.0.361.50
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 23 Feb 2020 02:12:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| domain object| marketplan object| llms object| LLMS object| wp_ajax_data object| astra object| complianz string| GoogleAnalyticsObject function| ga function| complianz_enable_cookies object| lazyLoadOptions object| uabb object| affwp_scripts object| affwp_debug_vars object| AFFWP object| let_convert string| c function| getParents function| toggleClass function| astraTriggerEvent string| wpAjaxUrl string| flBuilderUrl object| FLBuilderLayoutConfig function| Ajax object| wc_add_to_cart_params object| woocommerce_params object| wc_cart_fragments_params object| mailchimp_public_data object| mailchimp object| mailchimp_cart object| mailchimp_billing_email object| mailchimp_username_email object| mailchimp_registration_email boolean| mailchimp_submitted_email function| mailchimpReady function| mailchimpGetCurrentUserByHash function| mailchimpHandleBillingEmail object| astraAddon function| lazyLoadThumb function| lazyLoadYoutubeIframe undefined| $ function| jQuery function| EventEmitter object| eventie function| imagesLoaded function| Cookies function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle object| bodyElement object| bowser object| UABBTrigger object| FLBuilderLayout number| particle_js_loaded object| WebuiPopovers object| $mcSite string| sticky_header_on_devices string| site_layout_box_width string| hook_sticky_footer string| sticky_footer_on_devices string| stick_origin_position object| AstraProQuickView object| astraSingleProductAjax object| cookieconsent function| postscribe function| ast_scroll_top object| jQuery112409695684418311161 function| _extends function| _typeof function| LazyLoad object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.flowwebsites.nl/	1970-01-19 07:33:44	Name: _gat Value: 1
			.flowwebsites.nl/	1970-01-19 07:35:10	Name: _gid Value: GA1.2.1355535906.1582423965
			.flowwebsites.nl/	1970-01-20 01:04:55	Name: _ga Value: GA1.2.1789895474.1582423965
			login.flowwebsites.nl/	1969-12-31 23:59:59	Name: llms-tracking Value: {%22nonce%22:%22676b873194%22}

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://app.marketplan.io/track.js?x=1582423964330(Line 3) Message: t
console-api	log	URL: https://login.flowwebsites.nl/wp-content/cache/min/1/64f1bc5b0c626cd996ff465fcb13e7a6.js(Line 3) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://login.flowwebsites.nl/wp-content/cache/min/1/64f1bc5b0c626cd996ff465fcb13e7a6.js(Line 951) Message: opt-in

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.marketplan.io
login.flowwebsites.nl
www.google-analytics.com
www.login.flowwebsites.nl
2a00:1450:4001:824::200e
74.208.230.218
77.104.160.118
080a27508cf543b4cf4c2b57bca8d3fb202c4331338f70666bc24e5ea3dfd2b5
0f38d05446d74757f46fecdb0dcf10a79b096e8380f4fd0af549c3bf0f9caa58
1f9f3cb42ce7173ac732bca48c7e3f778111582f1b85eabdc0f3d9c0773c286d
76f70c540b7ce3ea3edd6cf2d49f2f6ae4c1886312adc68557105bf9476dd05b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
c59d09c3b165c45e755dcafc6944c2b3eec97bffb8be93bb9b5539793cf45dab
ceae7c0a1103597303d96aaf635812026bbd12ea160f24cf61eb61d6d6a4358f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb43e8f62a0a26affd917433d135eff06b5108ebff2045ab38d37b24e56c7365
fd9b21475370627e77a6988f76c0bf93a005f9e66c4f2e9fd62e5c2de5976dc9