urlscan.io logo urlscan.io
SecurityTrails logo

ms.ecircularplug.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://track.grantoro.tech/click?pid=1555&offer_id=3332&sub1=sex
Effective URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Submission: On May 15 via manual from CA — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 26 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is ms.ecircularplug.com.
TLS certificate: Issued by E1 on May 2nd 2024. Valid for: 3 months.
This is the only time ms.ecircularplug.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 35.204.59.16 396982 (GOOGLE-CL...)
17 188.114.96.3 13335 (CLOUDFLAR...)
6 172.64.147.188 13335 (CLOUDFLAR...)
1 142.250.185.74 15169 (GOOGLE)
1 142.250.74.195 15169 (GOOGLE)
26 5
2    35.204.59.16 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.59.204.35.bc.googleusercontent.com
track.grantoro.tech
17    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
ms.ecircularplug.com
6    172.64.147.188 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
1    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
fonts.googleapis.com
1    142.250.74.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
17 ecircularplug.com
ms.ecircularplug.com
711 KB
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1866
ka-p.fontawesome.com — Cisco Umbrella Rank: 3346
76 KB
2 grantoro.tech
track.grantoro.tech
514 B
1 gstatic.com
fonts.gstatic.com
21 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
919 B
26 5
Domain Requested by
17 ms.ecircularplug.com ms.ecircularplug.com
4 ka-p.fontawesome.com kit.fontawesome.com
ms.ecircularplug.com
2 kit.fontawesome.com ms.ecircularplug.com
kit.fontawesome.com
2 track.grantoro.tech 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com ms.ecircularplug.com
26 6

This site contains no links.

Subject Issuer Validity Valid
ecircularplug.com
E1		 2024-05-02 -
2024-07-31		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Frame ID: 7E7B05899DE6461BFD482B0A0011C1CF
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My Selfies

Page URL History Show full URLs

  1. https://track.grantoro.tech/click?pid=1555&offer_id=3332&sub1=sex HTTP 302
    https://track.grantoro.tech/click?pid=1555&offer_id=27&sub1=sex&sub2=&sub3=&sub5=3332 HTTP 302
    https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac68... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

96 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

808 kB
Transfer

7928 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://track.grantoro.tech/click?pid=1555&offer_id=3332&sub1=sex HTTP 302
    https://track.grantoro.tech/click?pid=1555&offer_id=27&sub1=sex&sub2=&sub3=&sub5=3332 HTTP 302
    https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ms.ecircularplug.com/tools/landers/st/015ms/
Redirect Chain
  • https://track.grantoro.tech/click?pid=1555&offer_id=3332&sub1=sex
  • https://track.grantoro.tech/click?pid=1555&offer_id=27&sub1=sex&sub2=&sub3=&sub5=3332
  • https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b76078ec2a7ba775d5eb4eead8a24eda05a20d9f11f7bf9f5832c3fe37e6640c

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8842a5a84a2c99fa-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 15 May 2024 11:04:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tpQf28myK7G8mD5WtlNRrBMXEWD0VhfXyo8N7gdEHcdqHaFwJYfmd8OJTkbMHKK0Rcl6z%2F7egxLlzNHQyXTEkE9bl0G3u4b2c4ta9c%2BygbcJDGwDtdVCwgE7b4LolzXqodqhQL9uFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

access-control-allow-origin
*
content-length
0
date
Wed, 15 May 2024 11:04:25 GMT
location
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
server
nginx
x-adjust-use-original-forwarded-for
1
animate.css
ms.ecircularplug.com/tools/landers/st/015ms/css/ 		76 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ms.ecircularplug.com/tools/landers/st/015ms/css/animate.css
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8150a6e66442996f64560b128d0effe532ed5eabdf0a8c6176c8c4e8ed502e6f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632de471-12fb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hxuV1fjlzrWj4%2BQBZ1mwXBrRhPJU7At2AoIxy7KH%2FTmKKuni23oh7RItEVinDxXuI7V2aGE%2B2V9CDuI72l%2Fsx3g%2BPHt5ZrN9ljZAiuau197GCsv5ee4oSVua%2F71Kcs7JG0BstOLzYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8842a5acb9e3a241-YYZ
alt-svc
h3=":443"; ma=86400
owl.carousel.min.css
ms.ecircularplug.com/tools/landers/st/015ms/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ms.ecircularplug.com/tools/landers/st/015ms/assets/owl.carousel.min.css
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632de471-d17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kJjc8BXMKG%2FaKlzdTxgO6mrSsVojNjFB2EUZYHCUv3tngBxCkf6IsdHWjHla2TORxgMmSN20huI0%2FvuiakFs6ssW3oFeJOOpzrmIfb5amaayDmIFrDNG%2FutC0VQP%2B9PqOAeiFEbalQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8842a5acb9e4a241-YYZ
alt-svc
h3=":443"; ma=86400
owl.theme.default.min.css
ms.ecircularplug.com/tools/landers/st/015ms/assets/ 		1013 B
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ms.ecircularplug.com/tools/landers/st/015ms/assets/owl.theme.default.min.css
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632de471-3f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2BwWYRqYhbiXBB3STS7s8oaSfWomGHQdTMDdTZQJM7aE3PV9R5igtahe2gdRSGQEfWHVejSa9JZqf1sPq8pbMTVuPntsPhw5nI0aJ64D%2BIZTHtq3JzoIje4%2F2P51b0RCNjLv9zjDKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8842a5acc9eba241-YYZ
alt-svc
h3=":443"; ma=86400
spanel.css
ms.ecircularplug.com/tools/landers/st/015ms/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ms.ecircularplug.com/tools/landers/st/015ms/css/spanel.css
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d947739ffa1af8f08a85ebf795214081c32e6c2c4433e1cdd5466b6c68bcbea

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632de471-1e04"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F0Lr0r%2B8GeswRm0F4A1bzpQAgLC1UZHthBDn11tN9DHX1fsO6DIFCUM4%2BKRnbU0gEMfuSXF6i2OImKrXYgeDnTviN8wfjCcR9VMe72%2BEh1KyvlWaelV1nQkZEYu2RE6n0CuLR0Zl7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8842a5acc9f0a241-YYZ
alt-svc
h3=":443"; ma=86400
main.css
ms.ecircularplug.com/tools/landers/st/015ms/css/ 		356 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ms.ecircularplug.com/tools/landers/st/015ms/css/main.css
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5cbabd220b3a297f0af839cec8186935709b8d12c03e6ee76b2c30edf904cb6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632de471-59142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rN%2BfQmfZ0%2FpdD%2B0QZ18Votb%2F769nkMDIlgKUVMGt9peTHTno5PVoed2%2B%2BdwbHgxYHOxrYalwseM5naUq3Y7j%2F%2BJ7z%2F5xMTbVdzM644fuRXBf7%2Fpr8Z3MulOqas6tsoteRTKIHASqmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8842a5acc9f3a241-YYZ
alt-svc
h3=":443"; ma=86400
modernizr.custom.js
ms.ecircularplug.com/tools/landers/st/015ms/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ms.ecircularplug.com/tools/landers/st/015ms/js/modernizr.custom.js
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bb282068677d8cfae23193ede34e1c43fd6f1ed2703e3c3990f7f5f20eb8343

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632de471-2bbd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnO6y6BwOUe2jMw3kw4fR1D%2FgZ%2F2r6f7NL8EIDxD2jtPABsJ0EPAwevs5TxSKJSBLWGTD6O30HSJOC%2B%2B3YdZGQUdAPRYoihZTbBqirOfJz5TCvLiwN%2F%2Biamo5u9SZX446dFDV4%2BeXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8842a5acc9f5a241-YYZ
alt-svc
h3=":443"; ma=86400
logo.png
ms.ecircularplug.com/tools/landers/st/015ms/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms.ecircularplug.com/tools/landers/st/015ms/images/logo.png
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e27efcd0fd483ae0684a5846d4f9ce292a4066ceb9767fbb74d30147a8f2735

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:26 GMT
cf-cache-status
MISS
last-modified
Wed, 25 May 2022 18:10:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"628e7119-22f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tn8ccPjzahyxo%2B8ZHfJVJxfhtMc2DzYFVoeL3%2FYimvZo6EzkeRTPxAPXixSmGzh4TGS1HsO%2FqaPixAb5wM76iSSl4kQV3LJdmQVBKotHY4B16uVA7CTtTXJJOlpYEzKmOxhJuh%2FMvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8842a5acc9f7a241-YYZ
alt-svc
h3=":443"; ma=86400
content-length
8951
email-decode.min.js
ms.ecircularplug.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ms.ecircularplug.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 May 2024 09:31:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"663b4689-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kAZrXGSfRpTDpxxNQ8GdrJwpUk1%2BZOEX2zKEC9r66X2QQ2mANTER6wPNLgtaWDaiE3x0VVurVeB0k%2FmzSYG4K1hPd87wxPkOgY9kmn6VMOm5jJg5K1mmGZiPgG1NletK2GbBlO2tXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8842a5acc9f8a241-YYZ
expires
Fri, 17 May 2024 11:04:26 GMT
jquery.min.js
ms.ecircularplug.com/tools/landers/st/015ms/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ms.ecircularplug.com/tools/landers/st/015ms/js/jquery.min.js
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632de471-15391"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R9QocAdu%2BL16Y%2F8w5tq9FvGesUooAZ%2Ber93Jgr7SUodYCz2l2RT07yTRPw3Oh2n0ShEaT6HZggYHlPt9CVOyP0xYwNs6X9iUWmavc64zOeipJkXXlMK4DlIRzT1DvMC4V0qhvn3kyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8842a5adaa67a241-YYZ
alt-svc
h3=":443"; ma=86400
bootstrap.bundle.min.js
ms.ecircularplug.com/tools/landers/st/015ms/js/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ms.ecircularplug.com/tools/landers/st/015ms/js/bootstrap.bundle.min.js
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632de471-1332b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y5VDUDbtZb%2FOOXlRrJpSPkMVriaTa2OI%2BNeXTMd8Eeny45swJgqd5OEYhgtOege6aTyfbcB8wuXQCHBsjtgLH57fbl3Cy%2F6E8HSoyABr8xdAP1U3%2B%2FMM8MVt6U2iZLbpqfFkaf2xzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8842a5b14cf2a241-YYZ
alt-svc
h3=":443"; ma=86400
owl.carousel.min.js
ms.ecircularplug.com/tools/landers/st/015ms/js/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ms.ecircularplug.com/tools/landers/st/015ms/js/owl.carousel.min.js
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632de471-ad36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M7PtjNfEkMCIERoTPfXh59xtAxI6voBnYNZOUxZkpOA9jHwOWr03uDRuvejhb05zTQe266Mv%2F3t6k14X6KumnQ8N6U1hq9CPY20zh1dP3F0ct38zKGcj%2B%2FKE7ql%2FZgp56GpBcw6vjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8842a5b16d06a241-YYZ
alt-svc
h3=":443"; ma=86400
83bab90c30.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/83bab90c30.js
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c70b25c73e34dfc7626547fbf1e0b26170298eedb1a7c42216220a783a4b37c0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/
Origin
https://ms.ecircularplug.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:28 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8842a5b59c47bae7-MXP
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F84Vbrt5XglHR5i7_GKh
iframeResizer.min.js
ms.ecircularplug.com/common/js/iframeResizer/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ms.ecircularplug.com/common/js/iframeResizer/iframeResizer.min.js
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:50:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632de3d5-2e17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t0ro2Boe0c4ItW8E4XMz3UyNMbYzQw1paPbyZLN46NGiiTa5nzWNX%2FfYbrQMQ6p4AxS3k5NEN5ukQ8wIMqKB%2FK8V9VmTCgq%2Fjay4%2B6LN1druZdlUC1lfKZJUimoQnxbH8RHhPs3sWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8842a5b35ecba241-YYZ
alt-svc
h3=":443"; ma=86400
main.js
ms.ecircularplug.com/tools/landers/st/015ms/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ms.ecircularplug.com/tools/landers/st/015ms/js/main.js
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691bde830cfbf1e43de4ce43d1f7a9d2abea07546458b2bcb8f7813b47fedb12

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632de471-1970"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Hn0sg5qmP33wMz7CsmnNxW6sqdy7bN6YUjJMByGt%2FT8Sohr5BkPE1ox%2BXoitYrfccB3kPCSBxVtIrlQpuvYP9nUz6wVZ%2B1CsfIg76Eg%2FxWQR%2BMPFj%2BK5%2BUBUS%2FBWC10tu%2FqYFYVGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8842a5b35ecfa241-YYZ
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		2 KB
919 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mukta:wght@300&family=Odibee+Sans&display=swap
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
f47be41ffa2b75be0d0712411cb4648cecf6ac6037d25c6fdd08ebdcca8dcd06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 15 May 2024 11:04:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 May 2024 11:04:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 May 2024 11:04:27 GMT
bg-video.jpg
ms.ecircularplug.com/tools/landers/st/015ms/images/ 		529 KB
530 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ms.ecircularplug.com/tools/landers/st/015ms/images/bg-video.jpg
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeb86fd651677f098d91d91a004f2768b0ff718cba6474da1fabcf6dc257be8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/css/main.css
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:27 GMT
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"632de471-844c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P4IjRIJxKkE8wqWtZMOU7X9imZNdAr5B1Ry5Nw7SlhHmBes2YMo7jHW8nvg2WGNODn8Coem84mGG1ik9B75c5fGJB7gn0Fb7XvV4BLgv%2BOKJ9c3lQyPRAM60IjNbIKxohw7zdWrMHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8842a5b35ec3a241-YYZ
alt-svc
h3=":443"; ma=86400
content-length
541888
films.tintin-webfont.woff2
ms.ecircularplug.com/tools/landers/st/015ms/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ms.ecircularplug.com/tools/landers/st/015ms/fonts/films.tintin-webfont.woff2
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
888d10b6ec8d4b3aa3006fd28a502242dc336054361bc4fe7aa72be906989eb5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/css/main.css
Origin
https://ms.ecircularplug.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:27 GMT
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"632de471-3f24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LdM1erHX%2FpyKjQUb%2FZeivhslGiE1tLOl4uu%2F7dF3sdRJQD69CGjTmbOhVklTrPxDlO17J%2BHWd%2Fsb81N4iKErdUfz879WLv2DTa0ilrJgzNW5RKktpki%2FOuDnEIQVsuGfOskQqCQpxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8842a5b3bf1aa241-YYZ
alt-svc
h3=":443"; ma=86400
content-length
16164
iJWHBXyXfDDVXbFqj2md8WA.woff2
fonts.gstatic.com/s/mukta/v14/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mukta/v14/iJWHBXyXfDDVXbFqj2md8WA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mukta:wght@300&family=Odibee+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
18efe70c0ef13ab8ccac687d4cfd1a56e6acc691ec1bd7f242127e5cc0d6afd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://ms.ecircularplug.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:26:19 GMT
x-content-type-options
nosniff
age
2288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21140
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:48:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 May 2025 10:26:19 GMT
video_desktop.mp4
ms.ecircularplug.com/tools/landers/st/015ms/images/ 		6 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://ms.ecircularplug.com/tools/landers/st/015ms/images/video_desktop.mp4
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:27 GMT
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"632de471-12023da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jl%2FpbqASX1vHpHvlVSbqbJaHc43r5H3NLd5alH0kfGTf3HFYRrYplZXKKeb%2B4cCGp9JfJAVsJCIAISRrpZibJtcIrQuxERcQOiYd9a3LdwYBTQdJ58j9EcMXQ1df7PDyhSrx8z3DAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
Content-Range
bytes 0-18883545/18883546
cache-control
max-age=14400
cf-ray
8842a5b39f0da241-YYZ
alt-svc
h3=":443"; ma=86400
Content-Length
18883546
pro.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ 		315 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=83bab90c30
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/83bab90c30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
438993
etag
"610ae215-d3b2"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8842a5b98a5fbae7-MXP
content-length
54194
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=83bab90c30
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/83bab90c30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
438994
etag
"610ae215-1062"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8842a5b98a62bae7-MXP
content-length
4194
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ 		27 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=83bab90c30
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/83bab90c30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
438993
etag
"610ae215-a2b"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8842a5b98a5cbae7-MXP
content-length
2603
kit-upload.css
kit.fontawesome.com/83bab90c30/125532205/ 		0
142 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/83bab90c30/125532205/kit-upload.css
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/83bab90c30.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:28 GMT
cf-cache-status
HIT
age
438994
content-length
0
x-request-id
F84VbvOMkbPrfPiywlgh
server
cloudflare
etag
54af53b207eef226d6511e0a88e3038e
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges
bytes
cf-ray
8842a5b97a48bae7-MXP
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
pro-fa-light-300-5.3.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-light-300-5.3.0.woff2
Requested by
Host: ms.ecircularplug.com
URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ebccd8ceceaed567584b9768b10be209699ffddbf85e22f443218f2d358513

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ms.ecircularplug.com/
Origin
https://ms.ecircularplug.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 11:04:28 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:58:34 GMT
server
cloudflare
age
401099
etag
"610ae35a-2af0"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8842a5ba5b6ebae7-MXP
content-length
10992
favicon.ico
ms.ecircularplug.com/tools/landers/st/015ms/images/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ms.ecircularplug.com
URL
https://ms.ecircularplug.com/tools/landers/st/015ms/images/favicon.ico

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| html5 object| Modernizr function| $ function| jQuery object| bootstrap object| FontAwesomeKitConfig function| iFrameResize function| scrollToElem function| respondToSubmit function| muteStream function| jF object| video function| playLive

2 Cookies

Domain/Path Name / Value
track.grantoro.tech/ Name: afclick
Value: 664496b937ac680001673c8f
track.grantoro.tech/ Name: afoffers
Value: {"27":1715771065}

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://ms.ecircularplug.com/tools/landers/st/015ms/?&a_aid=grt11&a_bid=17fad95b&x_clickid=664496b937ac680001673c8f&x_pid=1555
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
ka-p.fontawesome.com
kit.fontawesome.com
ms.ecircularplug.com
track.grantoro.tech
ms.ecircularplug.com
142.250.185.74
142.250.74.195
172.64.147.188
188.114.96.3
35.204.59.16
18efe70c0ef13ab8ccac687d4cfd1a56e6acc691ec1bd7f242127e5cc0d6afd2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2e27efcd0fd483ae0684a5846d4f9ce292a4066ceb9767fbb74d30147a8f2735
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
3d947739ffa1af8f08a85ebf795214081c32e6c2c4433e1cdd5466b6c68bcbea
40ebccd8ceceaed567584b9768b10be209699ffddbf85e22f443218f2d358513
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
5bb282068677d8cfae23193ede34e1c43fd6f1ed2703e3c3990f7f5f20eb8343
5eeb86fd651677f098d91d91a004f2768b0ff718cba6474da1fabcf6dc257be8
691bde830cfbf1e43de4ce43d1f7a9d2abea07546458b2bcb8f7813b47fedb12
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
8150a6e66442996f64560b128d0effe532ed5eabdf0a8c6176c8c4e8ed502e6f
888d10b6ec8d4b3aa3006fd28a502242dc336054361bc4fe7aa72be906989eb5
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
b76078ec2a7ba775d5eb4eead8a24eda05a20d9f11f7bf9f5832c3fe37e6640c
c70b25c73e34dfc7626547fbf1e0b26170298eedb1a7c42216220a783a4b37c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cbabd220b3a297f0af839cec8186935709b8d12c03e6ee76b2c30edf904cb6
f47be41ffa2b75be0d0712411cb4648cecf6ac6037d25c6fdd08ebdcca8dcd06