Report - caitlin-645846.thompson633.sbs/p/vxUFkrHgnIStnHuV

Report Overview

Visited public
2023-12-01 19:20:48
Tags
URL
caitlin-645846.thompson633.sbs/p/vxUFkrHgnIStnHuV_
Finishing URL
securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
IP / ASN
104.21.88.180
#13335 CLOUDFLARENET
Title
Unlock Your Love Life

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-01 05:29:09	539 B	34 kB	216.58.207.227
caitlin-645846.thompson633.sbs	unknown	unknown	No data	No data	518 B	7.9 kB	172.67.151.192
statisticresearch.com	584767	2015-05-28	2015-06-02 13:19:43	2023-11-30 10:02:11	430 B	151 B	52.205.98.117
alice7924.thompson633.sbs	unknown	unknown	No data	No data	561 B	31 kB	172.67.151.192
cdn.jmp-assets.com	unknown	2022-05-10	2022-05-11 10:26:26	2023-11-30 15:35:10	3.1 kB	235 kB	95.101.10.56
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-01 06:26:25	2.2 kB	340 kB	142.250.74.168
tsyndicate.com	13042	2017-03-08	2017-03-16 10:04:54	2023-12-01 08:01:27	514 B	661 B	78.46.40.103
guard.cdtbox.rocks	240008	2015-11-17	2020-08-11 07:30:44	2023-11-30 19:13:33	668 B	204 B	18.213.56.18
cdn.jmpcdn.com	unknown	2023-06-16	2023-07-29 00:23:02	2023-11-30 10:34:14	445 B	4.7 kB	95.101.10.67
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-01 08:02:13	476 B	8.0 kB	142.250.74.106
securecdsw.com	unknown	2023-08-30	2023-08-31 03:46:15	2023-11-27 17:59:15	621 B	9.4 kB	52.50.65.186
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-01 06:50:24	886 B	20 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-01	medium	securecdsw.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (24)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	335 B	2023-03-07	2025-04-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-21 03:06 Times Seen799 Hash 256cdb11ca1f336f8622fb1a3cf066ff 7ea74f8f152c55c902c906d25e05269afa6182ce 829be72b7bae1d4ee42b2a4fdf96eafb3ea702fd50aa661a6ddac9cb045ff334 Loading...

	unknown	ScriptElement	51 B	2023-03-07	2025-04-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-21 03:06 Times Seen798 Hash 7619d426b402631cef50bacfd7ececf9 55afc2b0b31bbde89f60b5e7e4ed62118795a18f d357aefce563a1557da1cdda0ff556bb3189b49b9256d231fbd50a4d4320ec64 Loading...

	cdn.jmp-assets.com/assets/1387/js/backoffer.js	ScriptElement	660 B	2023-03-07	2025-04-21
Pretty URL cdn.jmp-assets.com/assets/1387/js/backoffer.js IP 95.101.10.56 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-21 03:06 Times Seen797 Hash e7e1dc07852a36f89e4be03aa3787316 0dc3f8e7eb943af093cf8f4600fcf0e421891025 33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388 Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js	ScriptElement	36 kB	2023-03-07	2024-08-29
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2024-08-29 18:11 Times Seen2206 Hash 0cb7a0eb328ea70ab360f861314c8820 e3e20eb50dae36f4cbcef1890b1cc7878acb537a 4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9 Loading...

	cdn.jmp-assets.com/prod/push-subscriber.js	ScriptElement	18 kB	2023-03-07	2024-08-29
Pretty URL cdn.jmp-assets.com/prod/push-subscriber.js IP 95.101.10.56 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2024-08-29 18:11 Times Seen662 Hash 6b5bccad39f7057909ad0660f33cc2fa a7995e45d98a311f94c3f6f096a7e414b5a34407 765f676a53b5275cb0bf0835962b72accd340101ac2e32d8a215f8b1047b0941 Loading...

	securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB	ScriptElement	371 B	2023-04-06	2025-02-28
Pretty URL securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB IP 52.50.65.186 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-06 22:50 Last Seen2025-02-28 19:00 Times Seen204 Hash df430fe96c9eab593c1d0487fb007238 e15935dbbff79ecdc3612163caa4a5276f513661 8ed6293b10012592a48cd3711e11c125a7508c9aaecb6bd7882e9144aff947b6 Loading...

	moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/shims/firebase.js		2.3 kB	2023-05-05	2025-05-07
Pretty URL moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/shims/firebase.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38 Last Seen2025-05-07 23:08 Times Seen10726 Hash 32d439c9ec8c789e843ae58b6774681c deb2c661dacf46eb3a1eacbba3e430dcf10cc395 f65e83801e16f98e150ae8843afb4c98c0b3ac0fa7fbe5a5ec687b08119732d6 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5R6C28C	ScriptElement	168 kB	2023-12-01	2023-12-01
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5R6C28C IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 14:39 Last Seen2023-12-01 23:14 Times Seen3 Hash d08aaf9a3bc7abbcdb50bedd9c2dbdd7 2d2b24b281278105c4a46d4a6a905e56f1484851 4c8e08462a940ca3f660c5d748fce9405fa50361b9949f0170558f9b21283459 Loading...

	securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB IP 52.50.65.186 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 03:22 Times Seen4633615 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX	ScriptElement	197 kB	2023-12-01	2023-12-01
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 20:20 Last Seen2023-12-01 23:14 Times Seen3 Hash c337a817611510e5a8ecee57586f721e ab35e12653573036f1fbdfa1d889ad8113181c9f 372418151ed558748e77df34f45ed4ce20b4086fcc0bce15613162ea56246300 Loading...

	www.googletagmanager.com/gtag/js?id=G-C3EPRPS8FB&l=dataLayer&cx=c	ScriptElement	246 kB	2023-12-01	2023-12-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-C3EPRPS8FB&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 20:20 Last Seen2023-12-01 20:20 Times Seen1 Hash 405df8b2b11e977a7a98173c650c0e95 23e69bb4d7696232c552cd7c4ec2c87fa8a14e19 54840d606f251cfba79da7a7c98d82668f6a3761ae5f143586986df27c9723b5 Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-app.js	ScriptElement	25 kB	2023-03-07	2024-08-29
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-app.js IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2024-08-29 18:11 Times Seen2206 Hash 9164d0e8a317eceb870cca88c9683127 4617c910005f7100b4ff26a458a8b4463e33cdc6 15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931 Loading...

	cdn.jmp-assets.com/prod/push-lang-config.js	ScriptElement	7.9 kB	2023-03-07	2025-04-21
Pretty URL cdn.jmp-assets.com/prod/push-lang-config.js IP 95.101.10.56 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-21 03:06 Times Seen792 Hash 7152525f63649929a736f6efb78b58a5 5bf8138b39eaeebdf4681ad31fac3a02075e36ad f1f5518e39341d6f4189be101a85c496add2a43b569a809bd3193d52f3e61de1 Loading...

	securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB IP 52.50.65.186 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 03:22 Times Seen4633615 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	ScriptElement	337 B	2023-03-12	2025-04-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:36 Last Seen2025-04-21 03:06 Times Seen797 Hash 427360d6b3baf34ee24f41ce2b1aa48e 4afbf9439ca48f94083603a93a396be8b8d6d459 fbb9b67ce2bea5ff0185b5b6c611e2c6c60a5a3bfd8fe632a39938acc59a52bc Loading...

	securecdsw.com/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL securecdsw.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 03:18 Times Seen341313 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5R6C28C	ScriptElement	168 kB	2023-12-01	2023-12-02
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5R6C28C IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 20:20 Last Seen2023-12-02 07:34 Times Seen4 Hash 5857750bf10f5467e3b4eb267210fcac 671cd137df3ceabd156b2527fc8ac9e6fb8203a8 3209a45c02d036ae250c3bfbaa8fdf8614026cad2879c6822c97cbeb4c062866 Loading...

	cdn.jmp-assets.com/assets/1144/js/jquery.min.js	ScriptElement	86 kB	2023-03-07	2025-05-09
Pretty URL cdn.jmp-assets.com/assets/1144/js/jquery.min.js IP 95.101.10.56 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 03:18 Times Seen173836 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	cdn.jmp-assets.com/assets/1144/js/translatesrules.js	ScriptElement	24 kB	2023-04-06	2025-03-20
Pretty URL cdn.jmp-assets.com/assets/1144/js/translatesrules.js IP 95.101.10.56 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-06 22:50 Last Seen2025-03-20 15:13 Times Seen38 Hash a6c6e4b316cb3175791b63e883f4e324 e5f0148509a596800b3bdeee8304ee0b92e65a6b a0ad1a75ead65166d848faffc2520589c58b74ae992349da20de2bdbe8a54dfa Loading...

	securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB IP 52.50.65.186 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 03:22 Times Seen4633615 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 03:18 Times Seen340514 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	unknown	ScriptElement	222 B	2023-11-27	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 19:08 Last Seen2024-08-20 17:42 Times Seen23 Hash 6ef00187d60e974f4779ef37e96f4f38 d8c2cb95e9175a1f9cc4bbb542fd96ffd3b9bee9 a5cb2dc0279b5605f32aa79b98e41245fd77ece2d5e3b859a7985860ce0e6133 Loading...

	securecdsw.com/sandbox%20eval%20code		123 B	2023-05-05	2025-05-07
Pretty URL securecdsw.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38 Last Seen2025-05-07 20:32 Times Seen8312 Hash 239166f4d1bda569909c9af241098419 ad3987a93224de5c735c7c380daf5bfaecf60ac8 255566913e81e0587539abba68839777480779575271b734e817e7093f4dceec Loading...

	statisticresearch.com/user-segments/?pid=TH	ScriptElement	62 B	2023-03-07	2024-08-29
Pretty URL statisticresearch.com/user-segments/?pid=TH IP 52.205.98.117 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2024-08-29 18:11 Times Seen664 Hash ac0b622721bcfcdc85cdebb98ad03bf9 f1981b6dff8ad407bbb760ac6cfd57ae7c921fa0 7b2a79e668b985367b96ed97f0b5544d66cfd8fc78dc1d09110aa62dc1586179 Loading...

HTTP Transactions (23)

URL IP Response Size

www.gstatic.com/firebasejs/5.0.2/firebase-app.js

142.250.74.131

200 OK

8.6 kB

URL GET HTTP/2
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (25088)
Size
8.6 kB (8604 bytes)
Hash
9164d0e8a317eceb870cca88c9683127
4617c910005f7100b4ff26a458a8b4463e33cdc6
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931

HTTP Headers

GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:31:32 GMT
expires: Fri, 29 Nov 2024 05:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 136139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jmp-assets.com/prod/push-subscriber.js

95.101.10.56

200 OK

4.4 kB

URL GET HTTP/1.1
cdn.jmp-assets.com/prod/push-subscriber.js
IP
95.101.10.56:443
ASN
#20940 Akamai International B.V.

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerLet's Encrypt
Subjectcdn.smrt-content.com
Fingerprint03:D6:FD:35:FA:B6:D4:FB:ED:F8:61:DE:5B:D8:80:78:6C:47:6A:32
ValidityFri, 03 Nov 2023 16:12:26 GMT - Thu, 01 Feb 2024 16:12:25 GMT

File type
ASCII text
Size
4.4 kB (4395 bytes)
Hash
6b5bccad39f7057909ad0660f33cc2fa
a7995e45d98a311f94c3f6f096a7e414b5a34407
765f676a53b5275cb0bf0835962b72accd340101ac2e32d8a215f8b1047b0941

HTTP Headers

GET /prod/push-subscriber.js HTTP/1.1
Host: cdn.jmp-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 29 Mar 2022 15:19:51 GMT
ETag: "6b5bccad39f7057909ad0660f33cc2fa"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C3
X-Amz-Cf-Id: ZYeyEUjVfozwVHu4cvD2yRWXyoEpdjgR_UyNsFpXUKnSHG4ckehEag==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 01 Dec 2023 19:20:31 GMT
Content-Length: 4395
Connection: keep-alive

cdn.jmp-assets.com/assets/1387/js/backoffer.js

95.101.10.56

200 OK

660 B

URL GET HTTP/1.1
cdn.jmp-assets.com/assets/1387/js/backoffer.js
IP
95.101.10.56:443
ASN
#20940 Akamai International B.V.

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerLet's Encrypt
Subjectcdn.smrt-content.com
Fingerprint03:D6:FD:35:FA:B6:D4:FB:ED:F8:61:DE:5B:D8:80:78:6C:47:6A:32
ValidityFri, 03 Nov 2023 16:12:26 GMT - Thu, 01 Feb 2024 16:12:25 GMT

File type
ASCII text, with CRLF line terminators
Size
660 B (660 bytes)
Hash
e7e1dc07852a36f89e4be03aa3787316
0dc3f8e7eb943af093cf8f4600fcf0e421891025
33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388

HTTP Headers

GET /assets/1387/js/backoffer.js HTTP/1.1
Host: cdn.jmp-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 660
Last-Modified: Thu, 06 May 2021 12:38:04 GMT
ETag: "e7e1dc07852a36f89e4be03aa3787316"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: Ct4gwLcTloBEVOXNAkPHVE_nt09klAc2VQmBXL2NgHnXp5GYhbW-rA==
Date: Fri, 01 Dec 2023 19:20:31 GMT
Connection: keep-alive

cdn.jmp-assets.com/prod/push-lang-config.js

95.101.10.56

200 OK

2.4 kB

URL GET HTTP/1.1
cdn.jmp-assets.com/prod/push-lang-config.js
IP
95.101.10.56:443
ASN
#20940 Akamai International B.V.

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerLet's Encrypt
Subjectcdn.smrt-content.com
Fingerprint03:D6:FD:35:FA:B6:D4:FB:ED:F8:61:DE:5B:D8:80:78:6C:47:6A:32
ValidityFri, 03 Nov 2023 16:12:26 GMT - Thu, 01 Feb 2024 16:12:25 GMT

File type
Unicode text, UTF-8 text, with very long lines (7658), with no line terminators
Size
2.4 kB (2366 bytes)
Hash
7152525f63649929a736f6efb78b58a5
5bf8138b39eaeebdf4681ad31fac3a02075e36ad
f1f5518e39341d6f4189be101a85c496add2a43b569a809bd3193d52f3e61de1

HTTP Headers

GET /prod/push-lang-config.js HTTP/1.1
Host: cdn.jmp-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT
ETag: "7152525f63649929a736f6efb78b58a5"
x-amz-meta-s3cmd-attrs: atime:1644921890/ctime:1644921887/gid:20/gname:staff/md5:7152525f63649929a736f6efb78b58a5/mode:33188/mtime:1644921887/uid:501/uname:nimspy
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: EyZZgpjeSVI5bZ65quK1ibmASd3k9YGFQNJJw86sflsz5sUolQ5lig==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 01 Dec 2023 19:20:31 GMT
Content-Length: 2366
Connection: keep-alive

cdn.jmp-assets.com/assets/1144/js/translatesrules.js

95.101.10.56

200 OK

9.7 kB

URL GET HTTP/1.1
cdn.jmp-assets.com/assets/1144/js/translatesrules.js
IP
95.101.10.56:443
ASN
#20940 Akamai International B.V.

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerLet's Encrypt
Subjectcdn.smrt-content.com
Fingerprint03:D6:FD:35:FA:B6:D4:FB:ED:F8:61:DE:5B:D8:80:78:6C:47:6A:32
ValidityFri, 03 Nov 2023 16:12:26 GMT - Thu, 01 Feb 2024 16:12:25 GMT

File type
Unicode text, UTF-8 text
Size
9.7 kB (9749 bytes)
Hash
f889c7341bca7408551f0da6879237a9
59f37f71d2904f5ae49b855fa1c875be6abc191b
ba095086dfc7c6f59db3925d30d45b1e9ef3a49a97d823918e14a663201ccdf1

HTTP Headers

GET /assets/1144/js/translatesrules.js HTTP/1.1
Host: cdn.jmp-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Last-Modified: Tue, 02 Feb 2021 11:29:28 GMT
ETag: "f889c7341bca7408551f0da6879237a9"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: pvpMe67loKVcs4HrX2HCGBSiYQ8ESXrxgej4M83NKFIcWrX67kVYgw==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 01 Dec 2023 19:20:31 GMT
Content-Length: 9749
Connection: keep-alive

www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js

142.250.74.131

200 OK

10 kB

URL GET HTTP/3
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (35547)
Size
10 kB (10017 bytes)
Hash
0cb7a0eb328ea70ab360f861314c8820
e3e20eb50dae36f4cbcef1890b1cc7878acb537a
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9

HTTP Headers

GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 16:02:14 GMT
expires: Thu, 28 Nov 2024 16:02:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 184697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

alice7924.thompson633.sbs/S0FMSUhfV0VMQVMsUk9UQVRPUixhbGV4YW5kcmlhMTcxMjU4MyxNTlg

172.67.151.192

302 Found

30 kB

URL User Request GET HTTP/3
alice7924.thompson633.sbs/S0FMSUhfV0VMQVMsUk9UQVRPUixhbGV4YW5kcmlhMTcxMjU4MyxNTlg
IP
172.67.151.192:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectthompson633.sbs
FingerprintF5:7E:9F:68:B8:99:B9:55:C8:BB:EC:FA:03:55:99:5B:83:E5:AA:14
ValidityThu, 16 Nov 2023 11:51:28 GMT - Wed, 14 Feb 2024 11:51:27 GMT

File type
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Size
30 kB (29855 bytes)
Hash
2fa28552f1ee4e1382ee43930b53afb8
803670da6a35378bf4eb73acc8e72fe4feb5ca30
ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494

HTTP Headers

GET /S0FMSUhfV0VMQVMsUk9UQVRPUixhbGV4YW5kcmlhMTcxMjU4MyxNTlg HTTP/1.1
Host: alice7924.thompson633.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 01 Dec 2023 19:20:30 GMT
content-type: text/html; charset=UTF-8
location: https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhUenHPXG0lLFELzrtq9BgRoBko9sWQzJqsQKhcbuFosAJGUVlv2dMMKGnkZTbPELsHozlcF3IYBpv1WekYM9vGrfZAOBElgA7DJayo%2B7fad7pBJGraJgXMvHCT9cBXHJ%2F7FsDdkDvIwbSWm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82edb012ab0e568f-OSL
alt-svc: h3=":443"; ma=86400

cdn.jmp-assets.com/assets/1144/css/main.css

95.101.10.56

200 OK

2.1 kB

URL GET HTTP/1.1
cdn.jmp-assets.com/assets/1144/css/main.css
IP
95.101.10.56:443
ASN
#20940 Akamai International B.V.

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerLet's Encrypt
Subjectcdn.smrt-content.com
Fingerprint03:D6:FD:35:FA:B6:D4:FB:ED:F8:61:DE:5B:D8:80:78:6C:47:6A:32
ValidityFri, 03 Nov 2023 16:12:26 GMT - Thu, 01 Feb 2024 16:12:25 GMT

File type
ASCII text, with CRLF line terminators
Size
2.1 kB (2061 bytes)
Hash
fb41dc3d2a4826c0dd868c64bae7c77c
30e95a6ae578cfcabba01a36776ce43f14cf612e
84d3dac028e21e53a2165aaef13ed1def8340e2a0cc7e92a1127c7d877378201

HTTP Headers

GET /assets/1144/css/main.css HTTP/1.1
Host: cdn.jmp-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 02 Feb 2021 11:39:55 GMT
ETag: "fb41dc3d2a4826c0dd868c64bae7c77c"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: fAZAMlZTQFSLLBgUgUpiVz804qpJgMCp6seYUwdmpjTlf2-iQBFYgw==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 01 Dec 2023 19:20:31 GMT
Content-Length: 2061
Connection: keep-alive

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0\012- data
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://securecdsw.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 23:21:56 GMT
expires: Fri, 29 Nov 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 71915
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX

142.250.74.168

200 OK

71 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3026)
Size
71 kB (70810 bytes)
Hash
c337a817611510e5a8ecee57586f721e
ab35e12653573036f1fbdfa1d889ad8113181c9f
372418151ed558748e77df34f45ed4ce20b4086fcc0bce15613162ea56246300

HTTP Headers

GET /gtm.js?id=GTM-TR8VQRX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Dec 2023 19:20:31 GMT
expires: Fri, 01 Dec 2023 19:20:31 GMT
cache-control: private, max-age=900
last-modified: Fri, 01 Dec 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70810
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-C3EPRPS8FB&l=dataLayer&cx=c

142.250.74.168

200 OK

86 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-C3EPRPS8FB&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3034)
Size
86 kB (85510 bytes)
Hash
405df8b2b11e977a7a98173c650c0e95
23e69bb4d7696232c552cd7c4ec2c87fa8a14e19
54840d606f251cfba79da7a7c98d82668f6a3761ae5f143586986df27c9723b5

HTTP Headers

GET /gtag/js?id=G-C3EPRPS8FB&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Dec 2023 19:20:32 GMT
expires: Fri, 01 Dec 2023 19:20:32 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85510
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtm.js?id=GTM-5R6C28C

142.250.74.168

200 OK

60 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-5R6C28C
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3872)
Size
60 kB (60205 bytes)
Hash
d08aaf9a3bc7abbcdb50bedd9c2dbdd7
2d2b24b281278105c4a46d4a6a905e56f1484851
4c8e08462a940ca3f660c5d748fce9405fa50361b9949f0170558f9b21283459

HTTP Headers

GET /gtm.js?id=GTM-5R6C28C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Dec 2023 19:20:32 GMT
expires: Fri, 01 Dec 2023 19:20:32 GMT
cache-control: private, max-age=900
last-modified: Fri, 01 Dec 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 60205
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtm.js?id=GTM-5R6C28C

142.250.74.168

200 OK

60 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-5R6C28C
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3872)
Size
60 kB (60205 bytes)
Hash
d08aaf9a3bc7abbcdb50bedd9c2dbdd7
2d2b24b281278105c4a46d4a6a905e56f1484851
4c8e08462a940ca3f660c5d748fce9405fa50361b9949f0170558f9b21283459

HTTP Headers

GET /gtm.js?id=GTM-5R6C28C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Dec 2023 19:20:32 GMT
expires: Fri, 01 Dec 2023 19:20:32 GMT
cache-control: private, max-age=900
last-modified: Fri, 01 Dec 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 60205
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtm.js?id=GTM-5R6C28C

142.250.74.168

200 OK

60 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-5R6C28C
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3872)
Size
60 kB (60203 bytes)
Hash
5857750bf10f5467e3b4eb267210fcac
671cd137df3ceabd156b2527fc8ac9e6fb8203a8
3209a45c02d036ae250c3bfbaa8fdf8614026cad2879c6822c97cbeb4c062866

HTTP Headers

GET /gtm.js?id=GTM-5R6C28C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 01 Dec 2023 19:20:32 GMT
expires: Fri, 01 Dec 2023 19:20:32 GMT
cache-control: private, max-age=900
last-modified: Fri, 01 Dec 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 60203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead}

78.46.40.103

200 OK

43 B

URL GET HTTP/2
tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead}
IP
78.46.40.103:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
FingerprintF2:3C:80:FB:F4:C8:BF:02:DD:BF:23:DD:27:74:AB:0B:89:F6:13:5E
ValiditySun, 12 Nov 2023 09:06:58 GMT - Sat, 10 Feb 2024 09:06:57 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ba036c43037cfe89320d1ef7b64cd43f
88c72d3e26047eb1e45e5564a76427734f120efe
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb

HTTP Headers

GET /api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead} HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 01 Dec 2023 19:20:32 GMT
content-type: image/gif
content-length: 43
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 9c6740c8c3e75001
set-cookie: ts_rt_3f949dfe-3372-4caa-baf0-047f88323cfa=ANmUCUOmR4kbQgQSPEjEBJwwZ8rYSVPmThmDCB9GnFixDMOA; expires=Sat, 30 Nov 2024 19:20:32 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

guard.cdtbox.rocks/color?x=1&forScheme=aHR0cHM6Ly9zZWN1cmVjZHN3LmNvbS9zP2E9NTEyNzUmc209MTI1MSZjbz01MDY0OSZtdD0xOSZzMT1LQUxJSF9XRUxBUyZzMj1TMEZNU1VoZlYwVk1RVk1zT1RFdU9UQXVOREl1TVRVMExFNVBMRmRGUWl4TlRsZ3NRbEpQVjFORlVnJnMzPU5PJnM0PTkxLjkwLjQyLjE1NCZzNT1XRUI=

18.213.56.18

204 No Content

0 B

URL GET HTTP/2
guard.cdtbox.rocks/color?x=1&forScheme=aHR0cHM6Ly9zZWN1cmVjZHN3LmNvbS9zP2E9NTEyNzUmc209MTI1MSZjbz01MDY0OSZtdD0xOSZzMT1LQUxJSF9XRUxBUyZzMj1TMEZNU1VoZlYwVk1RVk1zT1RFdU9UQXVOREl1TVRVMExFNVBMRmRGUWl4TlRsZ3NRbEpQVjFORlVnJnMzPU5PJnM0PTkxLjkwLjQyLjE1NCZzNT1XRUI=
IP
18.213.56.18:443
ASN
#14618 AMAZON-AES

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerAmazon
Subjectguard.cdtbox.rocks
Fingerprint75:59:E6:A4:1A:D6:58:BE:5A:F0:29:5B:2F:A3:E5:E1:B8:68:84:C0
ValiditySun, 14 May 2023 00:00:00 GMT - Tue, 11 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /color?x=1&forScheme=aHR0cHM6Ly9zZWN1cmVjZHN3LmNvbS9zP2E9NTEyNzUmc209MTI1MSZjbz01MDY0OSZtdD0xOSZzMT1LQUxJSF9XRUxBUyZzMj1TMEZNU1VoZlYwVk1RVk1zT1RFdU9UQXVOREl1TVRVMExFNVBMRmRGUWl4TlRsZ3NRbEpQVjFORlVnJnMzPU5PJnM0PTkxLjkwLjQyLjE1NCZzNT1XRUI= HTTP/1.1
Host: guard.cdtbox.rocks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securecdsw.com
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 01 Dec 2023 19:20:32 GMT
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.jmp-assets.com/assets/1144/images/17477724.png

95.101.10.56

200 OK

127 kB

URL GET HTTP/1.1
cdn.jmp-assets.com/assets/1144/images/17477724.png
IP
95.101.10.56:443
ASN
#20940 Akamai International B.V.

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerLet's Encrypt
Subjectcdn.smrt-content.com
Fingerprint03:D6:FD:35:FA:B6:D4:FB:ED:F8:61:DE:5B:D8:80:78:6C:47:6A:32
ValidityFri, 03 Nov 2023 16:12:26 GMT - Thu, 01 Feb 2024 16:12:25 GMT

File type
PNG image data, 540 x 614, 8-bit colormap, non-interlaced\012- data
Size
127 kB (127399 bytes)
Hash
48b5cf504b501519436d17763f4b52bd
b3fe5b65f350ad10b103a0cbbc4e79952358803d
3def9cfd1107dc28c620d5442e44474e820f91e99011e3d9eebc5572f653b509

HTTP Headers

GET /assets/1144/images/17477724.png HTTP/1.1
Host: cdn.jmp-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.jmp-assets.com/assets/1144/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 127399
Last-Modified: Tue, 02 Feb 2021 11:30:11 GMT
ETag: "48b5cf504b501519436d17763f4b52bd"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: GdgoTORaGUHUcohQ3zHsIiXb1Y6JOPFFcWtJUvBREV-3YF_TGytmbg==
Date: Fri, 01 Dec 2023 19:20:32 GMT
Connection: keep-alive

cdn.jmpcdn.com/assets/3420/images/3.ico

95.101.10.67

200 OK

4.3 kB

URL GET HTTP/1.1
cdn.jmpcdn.com/assets/3420/images/3.ico
IP
95.101.10.67:443
ASN
#20940 Akamai International B.V.

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerLet's Encrypt
Subjectcdn.smrt-content.com
Fingerprint03:D6:FD:35:FA:B6:D4:FB:ED:F8:61:DE:5B:D8:80:78:6C:47:6A:32
ValidityFri, 03 Nov 2023 16:12:26 GMT - Thu, 01 Feb 2024 16:12:25 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
0c1b18bdd69c10c8365b6ca30194a319
c8c95cbac1e22e8c5dae3cb98eece80c4f8a411f
0d3ef9cb53dbe6bb8341fbf090e82c989101037dcf4d7bf9c198ef7689b2c08e

HTTP Headers

GET /assets/3420/images/3.ico HTTP/1.1
Host: cdn.jmpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
Content-Length: 4286
Last-Modified: Fri, 16 Jun 2023 22:31:06 GMT
ETag: "0c1b18bdd69c10c8365b6ca30194a319"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P7
X-Amz-Cf-Id: gUD_3CsX3TKf2BM7jrJDP1aeCKZWL6uCQ46L6ANf2lGAmYmDXd84gQ==
Date: Fri, 01 Dec 2023 19:20:33 GMT
Connection: keep-alive

caitlin-645846.thompson633.sbs/p/vxUFkrHgnIStnHuV_

172.67.151.192

302 Found

7.2 kB

URL User Request GET HTTP/2
caitlin-645846.thompson633.sbs/p/vxUFkrHgnIStnHuV_
IP
172.67.151.192:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectthompson633.sbs
FingerprintF5:7E:9F:68:B8:99:B9:55:C8:BB:EC:FA:03:55:99:5B:83:E5:AA:14
ValidityThu, 16 Nov 2023 11:51:28 GMT - Wed, 14 Feb 2024 11:51:27 GMT

File type

Size
7.2 kB (7244 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/vxUFkrHgnIStnHuV_ HTTP/1.1
Host: caitlin-645846.thompson633.sbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 01 Dec 2023 19:20:29 GMT
content-type: text/html; charset=UTF-8
location: https://alice7924.thompson633.sbs/S0FMSUhfV0VMQVMsUk9UQVRPUixhbGV4YW5kcmlhMTcxMjU4MyxNTlg
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCcNAoFi6yPR0m%2F1LnXthJF6KJ4GWFxYtnBBx3BenMpwQ7fT8hwqCtFDDDlGx7Audtb9wDDMXvtskR8H%2Br4yAjP4R7VjT1LEcswsWQdtAr2ormaKMFxoM%2BMb0KbXR%2BJz%2F58STQsJDFnFEkH%2BQ6XelSE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82edb0120e1eb527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap

142.250.74.106

200 OK

7.3 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (7500), with no line terminators
Size
7.3 kB (7320 bytes)
Hash
44e45072574744cdf848bc2f6413fbae
1cede8cd9d70f5210bf8c4c1b14100bb4471e050
45608616cd91019f3f7e1e72d80a66aed13ae1029143fda359697aa5cc16e6e2

HTTP Headers

GET /css?family=Montserrat:400,500,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.jmp-assets.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Dec 2023 19:20:31 GMT
date: Fri, 01 Dec 2023 19:20:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jmp-assets.com/assets/1144/js/jquery.min.js

95.101.10.56

200 OK

86 kB

URL GET HTTP/1.1
cdn.jmp-assets.com/assets/1144/js/jquery.min.js
IP
95.101.10.56:443
ASN
#20940 Akamai International B.V.

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerLet's Encrypt
Subjectcdn.smrt-content.com
Fingerprint03:D6:FD:35:FA:B6:D4:FB:ED:F8:61:DE:5B:D8:80:78:6C:47:6A:32
ValidityFri, 03 Nov 2023 16:12:26 GMT - Thu, 01 Feb 2024 16:12:25 GMT

File type
ASCII text, with very long lines (32065)
Size
86 kB (85578 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /assets/1144/js/jquery.min.js HTTP/1.1
Host: cdn.jmp-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/javascript
Last-Modified: Tue, 02 Feb 2021 11:29:28 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: boUCqkSXETqyXI9GJ0uh9wPxw11Wn1Q-Iq8FiOZu1KHM7kaOYjagxw==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 01 Dec 2023 19:20:31 GMT
Content-Length: 29855
Connection: keep-alive

statisticresearch.com/user-segments/?pid=TH

52.205.98.117

200 OK

62 B

URL GET HTTP/2
statisticresearch.com/user-segments/?pid=TH
IP
52.205.98.117:443
ASN
#14618 AMAZON-AES

Requested by
https://securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
Certificate
IssuerAmazon
Subjectstatisticresearch.com
FingerprintFE:D6:14:F1:D7:CD:B0:9D:65:67:60:ED:C2:3D:1E:27:FC:80:4E:0D
ValidityTue, 07 Mar 2023 00:00:00 GMT - Thu, 04 Apr 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
62 B (62 bytes)
Hash
ac0b622721bcfcdc85cdebb98ad03bf9
f1981b6dff8ad407bbb760ac6cfd57ae7c921fa0
7b2a79e668b985367b96ed97f0b5544d66cfd8fc78dc1d09110aa62dc1586179

HTTP Headers

GET /user-segments/?pid=TH HTTP/1.1
Host: statisticresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://securecdsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:20:31 GMT
server: nginx
X-Firefox-Spdy: h2

securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB

52.50.65.186

200 OK

7.2 kB

URL User Request GET HTTP/2
securecdsw.com/s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB
IP
52.50.65.186:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectsecurecdsw.com
Fingerprint8C:73:19:23:47:ED:7E:15:47:13:F4:10:FC:6E:FA:CE:14:7D:47:DC
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7642), with no line terminators
Size
7.2 kB (7244 bytes)
Hash
394a3efcf4f9c08bcab0f58669eebb45
26dfc00a19680bdae11701831ebdf7a845f0386b
30e85a0df6597a93647f2124f68f1afaefb446b0c1dcd13aac3ba3e2c2c34569

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /s?a=51275&sm=1251&co=50649&mt=19&s1=KALIH_WELAS&s2=S0FMSUhfV0VMQVMsOTEuOTAuNDIuMTU0LE5PLFdFQixNTlgsQlJPV1NFUg&s3=NO&s4=91.90.42.154&s5=WEB HTTP/1.1
Host: securecdsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 01 Dec 2023 19:20:30 GMT
content-type: text/html;charset=utf-8
server: nginx
vary: Accept-Encoding, Accept-Encoding
set-cookie: gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.securecdsw.com; Expires=Thu, 29-Feb-2024 19:20:30 GMT; Path=/; Secure; SameSite=None
gdm_visit_freq_v2_1_001=F/gOHpTP87FNFOHCebjtlYvUQeQXzTvLw4pThZxw6fW1MUejYLKDagi9WBFHjgZI; Domain=.securecdsw.com; Expires=Thu, 29-Feb-2024 19:20:30 GMT; Path=/; Secure; SameSite=None
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.securecdsw.com; Expires=Thu, 29-Feb-2024 19:20:30 GMT; Path=/
gdm_visit_freq_v1_1_001=F/gOHpTP87FNFOHCebjtlYvUQeQXzTvLw4pThZxw6fW1MUejYLKDagi9WBFHjgZI; Domain=.securecdsw.com; Expires=Thu, 29-Feb-2024 19:20:30 GMT; Path=/
v_rule_freq_v2_1_001=0momyqPzfHX97/PKKSo1NevduUYfLQ5/UO1wsS3LZ2c=; Domain=.securecdsw.com; Expires=Thu, 29-Feb-2024 19:20:30 GMT; Path=/; Secure; SameSite=None
v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5QCy2bFx2vj5wlfT5XC0ozM=; Domain=.securecdsw.com; Expires=Thu, 29-Feb-2024 19:20:30 GMT; Path=/
gdm_uid_v1_1_001=lPohhZ2Hn5n9J1rHX5Mdoc8BY4d9vZvN+G5DWqHapnH6PxaiaZvdLFwrmvvjAqGf; Domain=.securecdsw.com; Expires=Thu, 29-Feb-2024 19:20:30 GMT; Path=/
v_rule_freq_v1_1_001=0momyqPzfHX97/PKKSo1NevduUYfLQ5/UO1wsS3LZ2c=; Domain=.securecdsw.com; Expires=Thu, 29-Feb-2024 19:20:30 GMT; Path=/
v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5QCy2bFx2vj5wlfT5XC0ozM=; Domain=.securecdsw.com; Expires=Thu, 29-Feb-2024 19:20:30 GMT; Path=/; Secure; SameSite=None
gdm_uid_v2_1_001=lPohhZ2Hn5n9J1rHX5Mdoc8BY4d9vZvN+G5DWqHapnH6PxaiaZvdLFwrmvvjAqGf; Domain=.securecdsw.com; Expires=Thu, 29-Feb-2024 19:20:30 GMT; Path=/; Secure; SameSite=None
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN