urlscan.io logo urlscan.io
SecurityTrails logo

delivery.thefinfor.com Open in urlscan Pro
54.161.241.46  Public Scan

Go To Rescan Add Verdict Report
URL: https://delivery.thefinfor.com/
Submission: On June 02 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 54.161.241.46, located in United States and belongs to AMAZON-AES, US. The main domain is delivery.thefinfor.com.
TLS certificate: Issued by R3 on June 2nd 2023. Valid for: 3 months.
This is the only time delivery.thefinfor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.161.241.46 14618 (AMAZON-AES)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
13 20.209.73.203 8075 (MICROSOFT...)
1 2600:9000:205... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
21 7
1    54.161.241.46 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-241-46.compute-1.amazonaws.com
delivery.thefinfor.com
1    2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    20.209.73.203 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
productforge.blob.core.windows.net
1    2600:9000:2057:3200:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tools.luckyorange.com
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
13 windows.net
productforge.blob.core.windows.net
7 MB
2 gstatic.com
fonts.gstatic.com
64 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 66
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 367
24 KB
1 luckyorange.com
tools.luckyorange.com — Cisco Umbrella Rank: 12438
19 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1121
608 KB
1 thefinfor.com
delivery.thefinfor.com
67 KB
21 7
Domain Requested by
13 productforge.blob.core.windows.net delivery.thefinfor.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com delivery.thefinfor.com
1 cdn.jsdelivr.net delivery.thefinfor.com
1 tools.luckyorange.com delivery.thefinfor.com
1 use.fontawesome.com delivery.thefinfor.com
1 delivery.thefinfor.com
21 7

This site contains no links.

Subject Issuer Validity Valid
delivery.thefinfor.com
R3		 2023-06-02 -
2023-08-31		 3 months crt.sh
use.fontawesome.com
GTS CA 1P5		 2023-05-06 -
2023-08-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 01		 2023-05-17 -
2024-05-11		 a year crt.sh
luckyorange.com
Amazon RSA 2048 M01		 2023-02-27 -
2024-01-16		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://delivery.thefinfor.com/
Frame ID: C55A628006DCC4E73C7FFCCBCD0D61F6
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Albaik's Chicken Delight - AlbaikAlbaik's Chicken Delight - Albaik

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

21
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

7927 kB
Transfer

9099 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
delivery.thefinfor.com/ 		66 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://delivery.thefinfor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.161.241.46 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-241-46.compute-1.amazonaws.com
Software
Apache /
Resource Hash
8bc176095212f1ca7455b615f03a8ddf77b7355330188caee749601dfba5bf2c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 02 Jun 2023 06:13:23 GMT
Server
Apache
Transfer-Encoding
chunked
Via
1.1 vegur
all.js
use.fontawesome.com/releases/v6.1.0/js/ 		2 MB
608 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v6.1.0/js/all.js
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73d4637fbd5f18d34fdd3a72a8b75a9e588207feae1218334c35f369673c9c9

Request headers

Referer
https://delivery.thefinfor.com/
Origin
https://delivery.thefinfor.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 06:13:24 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MDQGC94T260QE7R9
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Bf9Rnrty21KoRZVRiJ5zROT9rmYH8h2J6/VrHx8lYIS1h1U8wq5TbGPrk7MLf7zRtCaBiemqWec=
last-modified
Tue, 15 Mar 2022 17:48:57 GMT
server
cloudflare
etag
W/"f01791c9b4e6f81293a7ac52a4fd6f47"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c98VVos1QeDKOQpB6wK4BjIWAlnWwr3YJyx%2F0OUCunLjJBZw2vrBrI7pzrjlNmb4S2SPmn9%2FpyYByt5mtwLkKsdV8xx5kLDewSl%2FapxH36rOIu9O1As4cVoO0GemlbktY%2Fxyr65Q5Pl3WeJW3JVMdKly"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31556926
cf-ray
7d0d8cd808d435e4-FRA
css
fonts.googleapis.com/ 		3 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ed09379db599eeeb498b4a890b797a5d5ca7346d77251edafc219e6d361ad18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Jun 2023 06:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 04:55:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Jun 2023 06:13:23 GMT
css
fonts.googleapis.com/ 		9 KB
786 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:400,100,300,700
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a1817cd146d9d11286139a1f76f6d2bed1c53c3aa65a33aa9b5828088dce3c19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Jun 2023 06:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 05:10:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Jun 2023 06:13:23 GMT
agency.css
productforge.blob.core.windows.net/page-assets/ 		215 KB
215 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://productforge.blob.core.windows.net/page-assets/agency.css
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.209.73.203 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
92f9968de61bf1d7f794de10be1296245ee54106a5b1cddfb8aff023b78e610d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 02 Jun 2023 06:13:23 GMT
Last-Modified
Sat, 25 Mar 2023 13:48:58 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
BMO8mc7aPHtH4JYPyi+R7A==
ETag
0x8DB2D37AF3D855C
Content-Type
text/css
x-ms-request-id
075bb8f9-a01e-005c-7119-950a89000000
x-ms-version
2009-09-19
Content-Length
220165
agency-custom.css
productforge.blob.core.windows.net/template-agency/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://productforge.blob.core.windows.net/template-agency/agency-custom.css
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.209.73.203 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
66081afb9b53a6ae04571ac516cbb8cf10865d84b5d8b58cce3f1c1a0babae19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 02 Jun 2023 06:13:23 GMT
Last-Modified
Wed, 05 Apr 2023 21:45:15 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
L1uKj3qg++oyfvyaEly4qQ==
ETag
0x8DB361F0A959EDC
Content-Type
text/css
x-ms-request-id
f8ca6edc-601e-0031-6a19-95bec2000000
x-ms-version
2009-09-19
Content-Length
1342
frame.js
tools.luckyorange.com/core/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/core/frame.js?v=3e48ba5
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3200:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8e65d2f80115c8b0fa2c26cce598b99aa247aa1f7b008cdff2bc96c2e976058

Request headers

Referer
https://delivery.thefinfor.com/
Origin
https://delivery.thefinfor.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 06:13:25 GMT
content-encoding
gzip
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
18440
last-modified
Sat, 13 May 2023 00:32:37 GMT
server
AmazonS3
etag
"b3d1c6c873ef9f674472f6df74babf46"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
6NpshvJHmeinAC91vWsXXPOUSi8zQpm3HmBJURxek45mg5mxtBBm9g==
10f7b874-81b7-4663-bfc6-e80856f0e389.jpg
productforge.blob.core.windows.net/images/ 		769 KB
769 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://productforge.blob.core.windows.net/images/10f7b874-81b7-4663-bfc6-e80856f0e389.jpg
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.209.73.203 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0c668e5adc7174321ce96d99c851b06bd096b2248bfb0f4fcfc1abcbaf2b1e07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 02 Jun 2023 06:13:23 GMT
Last-Modified
Tue, 09 May 2023 13:26:41 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB5091068C9408
Content-Type
application/octet-stream
x-ms-request-id
075bba0f-a01e-005c-6b19-950a89000000
x-ms-version
2009-09-19
Content-Length
787387
09aa6433-fc22-4857-978c-aaf582bd58f1.jpg
productforge.blob.core.windows.net/images/ 		769 KB
769 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://productforge.blob.core.windows.net/images/09aa6433-fc22-4857-978c-aaf582bd58f1.jpg
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.209.73.203 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
577beb29edbda775117b29670284bf8ccb4218d9178704b11f2d5c9fa91b2f9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 02 Jun 2023 06:13:24 GMT
Last-Modified
Tue, 09 May 2023 13:26:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB5091061B3ED9
Content-Type
application/octet-stream
x-ms-request-id
f8ca7077-601e-0031-6619-95bec2000000
x-ms-version
2009-09-19
Content-Length
787387
4a849075-1723-41d5-9bea-12d6b1032c64.jpg
productforge.blob.core.windows.net/images/ 		769 KB
769 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://productforge.blob.core.windows.net/images/4a849075-1723-41d5-9bea-12d6b1032c64.jpg
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.209.73.203 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
74cfe7ea2d213c6c51cc7237e9dfb401d91814c160fafd94445504476a101a06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 02 Jun 2023 06:13:24 GMT
Last-Modified
Tue, 09 May 2023 13:26:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB50910607F3A0
Content-Type
application/octet-stream
x-ms-request-id
075bba57-a01e-005c-2b19-950a89000000
x-ms-version
2009-09-19
Content-Length
787387
c567fac8-329a-42e1-8f35-b3d34a8e467d.jpg
productforge.blob.core.windows.net/images/ 		769 KB
769 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://productforge.blob.core.windows.net/images/c567fac8-329a-42e1-8f35-b3d34a8e467d.jpg
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.209.73.203 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3316631f9140b9a145ee27bac2ab922c4cac026d40c2df2bff7944eb75db7a26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 02 Jun 2023 06:13:24 GMT
Last-Modified
Tue, 09 May 2023 13:26:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB50910607F3A0
Content-Type
application/octet-stream
x-ms-request-id
7371c0df-401e-0019-1c19-95df6a000000
x-ms-version
2009-09-19
Content-Length
787387
1ef6412b-187b-4819-b575-e3946914e514.jpg
productforge.blob.core.windows.net/images/ 		769 KB
769 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://productforge.blob.core.windows.net/images/1ef6412b-187b-4819-b575-e3946914e514.jpg
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.209.73.203 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9fc5d3c8bee65a510c58da58ff4cd39b30e09fb0b3657b2e2268bca47015c89f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 02 Jun 2023 06:13:24 GMT
Last-Modified
Tue, 09 May 2023 13:26:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB50910618A9BB
Content-Type
application/octet-stream
x-ms-request-id
9efdb520-c01e-0007-4a19-9533b2000000
x-ms-version
2009-09-19
Content-Length
787387
080e2959-5547-4c2a-8fbc-5ea8bb5d595b.jpg
productforge.blob.core.windows.net/images/ 		769 KB
769 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://productforge.blob.core.windows.net/images/080e2959-5547-4c2a-8fbc-5ea8bb5d595b.jpg
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.209.73.203 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8a103ac051ed081d52ff6c3cba80ac569a75e56cf3028d75798bff8601a7e18f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 02 Jun 2023 06:13:24 GMT
Last-Modified
Tue, 09 May 2023 13:26:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB509106237307
Content-Type
application/octet-stream
x-ms-request-id
86d63007-801e-0064-6919-95ae49000000
x-ms-version
2009-09-19
Content-Length
787387
286d13b9-6473-4af9-93a0-56ccb3504a70.jpg
productforge.blob.core.windows.net/images/ 		769 KB
769 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://productforge.blob.core.windows.net/images/286d13b9-6473-4af9-93a0-56ccb3504a70.jpg
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.209.73.203 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
299f1c49a9a066dde983e59b5e170e0b97d000a7da4f8f43ec8b343ccf301e0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 02 Jun 2023 06:13:26 GMT
Last-Modified
Tue, 09 May 2023 13:26:41 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB5091068A4CAA
Content-Type
application/octet-stream
x-ms-request-id
60afe7e3-b01e-0022-0419-959ace000000
x-ms-version
2009-09-19
Content-Length
787387
28cefdbb-c3cf-440e-a171-aafcd0b0067b.jpg
productforge.blob.core.windows.net/images/ 		769 KB
769 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://productforge.blob.core.windows.net/images/28cefdbb-c3cf-440e-a171-aafcd0b0067b.jpg
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.209.73.203 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
45dd02ca98e3a6b5cfee81525b57508593f066282a6c1bab4f74d541bc5d4508

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 02 Jun 2023 06:13:24 GMT
Last-Modified
Tue, 09 May 2023 13:26:41 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB5091066AB333
Content-Type
application/octet-stream
x-ms-request-id
075bba9b-a01e-005c-6e19-950a89000000
x-ms-version
2009-09-19
Content-Length
787387
e337aa13-3cae-4972-9e22-0597c8d22fe8.jpg
productforge.blob.core.windows.net/images/ 		769 KB
769 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://productforge.blob.core.windows.net/images/e337aa13-3cae-4972-9e22-0597c8d22fe8.jpg
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.209.73.203 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
08af6db734efefbb5bad694d6e92eb59440e9881a92249c74c5519ac7f3df300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 02 Jun 2023 06:13:24 GMT
Last-Modified
Tue, 09 May 2023 13:26:40 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DB50910656F356
Content-Type
application/octet-stream
x-ms-request-id
7371c18e-401e-0019-3d19-95df6a000000
x-ms-version
2009-09-19
Content-Length
787387
close-icon.svg
productforge.blob.core.windows.net/template-agency/ 		333 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://productforge.blob.core.windows.net/template-agency/close-icon.svg
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.209.73.203 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1411b3f7a17af0b05a2b5c8659c9a3203e1c6dd7baf3ea9ee31642c781672ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 02 Jun 2023 06:13:24 GMT
Last-Modified
Fri, 17 Mar 2023 00:02:35 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
66LzCy2cFjTd788wRgEHuA==
ETag
0x8DB267AEA2B9091
Content-Type
image/svg+xml
x-ms-request-id
f8ca71d0-601e-0031-1019-95bec2000000
x-ms-version
2009-09-19
Content-Length
333
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 02 Jun 2023 06:13:24 GMT
x-content-type-options
nosniff
content-encoding
br
age
6801219
x-jsd-version
5.1.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
24376
x-served-by
cache-fra-eddf8230091-FRA
x-jsd-version-type
version
etag
W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
agency.js
productforge.blob.core.windows.net/page-assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://productforge.blob.core.windows.net/page-assets/agency.js
Requested by
Host: delivery.thefinfor.com
URL: https://delivery.thefinfor.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.209.73.203 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
76cb281047aa73d3d58878f6e50ffe3c29b2502ef1c43701789e5c6892fa149b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://delivery.thefinfor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 02 Jun 2023 06:13:23 GMT
Last-Modified
Thu, 16 Mar 2023 22:02:32 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
1qmuig16JlRhFn/7qJXd/A==
ETag
0x8DB266A244C1350
Content-Type
text/javascript
x-ms-request-id
075bb97c-a01e-005c-6819-950a89000000
x-ms-version
2009-09-19
Content-Length
1637
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://delivery.thefinfor.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 27 May 2023 18:31:37 GMT
x-content-type-options
nosniff
age
474107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 18:31:37 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v25/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v25/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,100,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://delivery.thefinfor.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 27 May 2023 15:47:27 GMT
x-content-type-options
nosniff
age
483957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34432
x-xss-protection
0
last-modified
Tue, 02 May 2023 17:01:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 15:47:27 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome number| uidEvent object| bootstrap object| LO

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
delivery.thefinfor.com
fonts.googleapis.com
fonts.gstatic.com
productforge.blob.core.windows.net
tools.luckyorange.com
use.fontawesome.com
20.209.73.203
2600:9000:2057:3200:18:6c16:27c0:93a1
2606:4700:e2::ac40:850f
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a04:4e42:400::485
54.161.241.46
08af6db734efefbb5bad694d6e92eb59440e9881a92249c74c5519ac7f3df300
0c668e5adc7174321ce96d99c851b06bd096b2248bfb0f4fcfc1abcbaf2b1e07
1411b3f7a17af0b05a2b5c8659c9a3203e1c6dd7baf3ea9ee31642c781672ef5
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
299f1c49a9a066dde983e59b5e170e0b97d000a7da4f8f43ec8b343ccf301e0f
3316631f9140b9a145ee27bac2ab922c4cac026d40c2df2bff7944eb75db7a26
45dd02ca98e3a6b5cfee81525b57508593f066282a6c1bab4f74d541bc5d4508
577beb29edbda775117b29670284bf8ccb4218d9178704b11f2d5c9fa91b2f9d
66081afb9b53a6ae04571ac516cbb8cf10865d84b5d8b58cce3f1c1a0babae19
6ed09379db599eeeb498b4a890b797a5d5ca7346d77251edafc219e6d361ad18
74cfe7ea2d213c6c51cc7237e9dfb401d91814c160fafd94445504476a101a06
76cb281047aa73d3d58878f6e50ffe3c29b2502ef1c43701789e5c6892fa149b
8a103ac051ed081d52ff6c3cba80ac569a75e56cf3028d75798bff8601a7e18f
8bc176095212f1ca7455b615f03a8ddf77b7355330188caee749601dfba5bf2c
92f9968de61bf1d7f794de10be1296245ee54106a5b1cddfb8aff023b78e610d
9fc5d3c8bee65a510c58da58ff4cd39b30e09fb0b3657b2e2268bca47015c89f
a1817cd146d9d11286139a1f76f6d2bed1c53c3aa65a33aa9b5828088dce3c19
a73d4637fbd5f18d34fdd3a72a8b75a9e588207feae1218334c35f369673c9c9
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
e8e65d2f80115c8b0fa2c26cce598b99aa247aa1f7b008cdff2bc96c2e976058
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3