Submitted URL: https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE
Effective URL: https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cm...
Submission: On September 04 via api from JP — Scanned from JP

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3035::6815:4ba5, located in United States and belongs to CLOUDFLARENET, US. The main domain is www48.con-webs.com.
TLS certificate: Issued by GTS CA 1P5 on August 23rd 2023. Valid for: 3 months.
This is the only time www48.con-webs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.160.64.15 46469 (GETRESPON...)
8 205.185.216.10 20446 (STACKPATH...)
2 34.96.102.137 396982 (GOOGLE-CL...)
2 178.16.117.14 198881 (IMPLIX-PL-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
8 2606:4700:303... 13335 (CLOUDFLAR...)
33 7
Apex Domain
Subdomains
Transfer
8 con-webs.com
www48.con-webs.com
126 KB
8 gr-cdn.com
us-as.gr-cdn.com — Cisco Umbrella Rank: 87584
us-an.gr-cdn.com — Cisco Umbrella Rank: 52050
443 KB
2 getresponse.com
ga.getresponse.com — Cisco Umbrella Rank: 43832
ga2.getresponse.com — Cisco Umbrella Rank: 46904
1 KB
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 3333
2 KB
2 gr8.com
680b5.gr8.com
9 KB
1 digiserve.site
digiserve.site
2 KB
33 6
Domain Requested by
8 www48.con-webs.com digiserve.site
www48.con-webs.com
7 us-as.gr-cdn.com 680b5.gr8.com
2 dev.visualwebsiteoptimizer.com 680b5.gr8.com
2 680b5.gr8.com us-as.gr-cdn.com
1 digiserve.site
1 ga2.getresponse.com us-an.gr-cdn.com
1 us-an.gr-cdn.com ga.getresponse.com
1 ga.getresponse.com 680b5.gr8.com
33 8

This site contains no links.

Subject Issuer Validity Valid
*.gr8.com
RapidSSL TLS RSA CA G1
2023-08-28 -
2024-08-30
a year crt.sh
*.gr-cdn.com
Go Daddy Secure Certificate Authority - G2
2023-03-27 -
2024-04-10
a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2
2023-07-06 -
2024-07-06
a year crt.sh
*.getresponse.com
Go Daddy Secure Certificate Authority - G2
2023-03-27 -
2024-04-11
a year crt.sh
digiserve.site
GTS CA 1P5
2023-08-16 -
2023-11-14
3 months crt.sh
con-webs.com
GTS CA 1P5
2023-08-23 -
2023-11-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
Frame ID: 67882048E0BDF8B86A78349957E506A0
Requests: 34 HTTP requests in this frame

Screenshot

Page Title

DDoS protection | By 6ix

Page URL History Show full URLs

  1. https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASA... Page URL
  2. https://digiserve.site/ Page URL
  3. https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqS... Page URL
  4. https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqS... Page URL

Page Statistics

33
Requests

70 %
HTTPS

33 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

584 kB
Transfer

2137 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE Page URL
  2. https://digiserve.site/ Page URL
  3. https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc= Page URL
  4. https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
680b5.gr8.com/
32 KB
8 KB
Document
General
Full URL
https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.15 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
/
Resource Hash
a19380a069d3af8da0d63a5082a0ec6faae8f889296970526f531356ea6d59d6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 14:33:06 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
reset-styles.9722e6e66dc6d51a0eac.css
us-as.gr-cdn.com/javascripts/core/lps/dist/
925 B
722 B
Stylesheet
General
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/reset-styles.9722e6e66dc6d51a0eac.css
Requested by
Host: 680b5.gr8.com
URL: https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
1ce5f3fe604178444613f80a6398d8c55abe621d453b1241b575194023466396
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://680b5.gr8.com/
Origin
https://680b5.gr8.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:33:06 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 29 Aug 2023 11:32:48 GMT
etag
W/"64edd760-39d"
x-hw
1693837986.dop248.si2.t,1693837986.cds296.si2.hn,1693837986.cds245.si2.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
501
core-styles.171fced46ca2e94fb223.css
us-as.gr-cdn.com/javascripts/core/lps/dist/
26 KB
7 KB
Stylesheet
General
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/core-styles.171fced46ca2e94fb223.css
Requested by
Host: 680b5.gr8.com
URL: https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f57907286fdd63fc685600e9ddaa36d10229c930b2da657b7e46c1f79dec1eac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://680b5.gr8.com/
Origin
https://680b5.gr8.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:33:06 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 18 Apr 2023 08:03:31 GMT
etag
"643e4ed3-6888"
x-hw
1693837986.dop248.si2.t,1693837986.cds296.si2.hn,1693837986.cds217.si2.c
content-type
text/css
access-control-allow-origin
*
k8s
app-prod-smb
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
6963
webform-styles.9beb0da31a4479c11d2e.css
us-as.gr-cdn.com/javascripts/core/lps/dist/
31 KB
5 KB
Stylesheet
General
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/webform-styles.9beb0da31a4479c11d2e.css
Requested by
Host: 680b5.gr8.com
URL: https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
aa944c144b3d443543056dbfc6fedbc9626c6e47e88b39f79b28832ee20fbb34
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://680b5.gr8.com/
Origin
https://680b5.gr8.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:33:06 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 18 Apr 2023 08:03:33 GMT
etag
W/"643e4ed5-7c7b"
x-hw
1693837986.dop248.si2.t,1693837986.cds296.si2.hn,1693837986.cds032.si2.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4853
style.css
us-as.gr-cdn.com/images/common/templates/landing/117/1/css/
5 KB
968 B
Stylesheet
General
Full URL
https://us-as.gr-cdn.com/images/common/templates/landing/117/1/css/style.css
Requested by
Host: 680b5.gr8.com
URL: https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
835ca702c43f59d2cdf004b9f2526a037c5e07a378c723681eaa46da4af0b898
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://680b5.gr8.com/
Origin
https://680b5.gr8.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:33:06 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Mon, 28 Aug 2023 08:12:03 GMT
etag
"64ec56d3-12bc"
x-hw
1693837986.dop248.si2.t,1693837986.cds296.si2.hn,1693837986.cds225.si2.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400, public
accept-ranges
bytes
content-length
830
manifest.b32595e925aa7c67875b.js
us-as.gr-cdn.com/javascripts/core/lps/dist/
5 KB
2 KB
Script
General
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/manifest.b32595e925aa7c67875b.js
Requested by
Host: 680b5.gr8.com
URL: https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
fe6b84021bb99f232690f26765b37db228d4a8fadbfa7088a7226bbebdc5badc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://680b5.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:33:06 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 21 Dec 2022 11:50:47 GMT
etag
W/"63a2f317-12c6"
x-hw
1693837986.dop241.si2.t,1693837986.cds298.si2.hn,1693837986.cds297.si2.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2270
vendor.chunk.c31db2ddaf51ca74d70f.js
us-as.gr-cdn.com/javascripts/core/lps/dist/
680 KB
187 KB
Script
General
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/vendor.chunk.c31db2ddaf51ca74d70f.js
Requested by
Host: 680b5.gr8.com
URL: https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
9aaa87169a947ea15244258058b03d7b0b2db32e7167c9f6844b1296bc5d81cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://680b5.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:33:06 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 25 Jul 2023 07:46:26 GMT
etag
"64bf7dd2-a9e3c"
x-hw
1693837986.dop241.si2.t,1693837986.cds298.si2.hn,1693837986.cds230.si2.c
content-type
application/javascript
access-control-allow-origin
*
k8s
app-prod-smb
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
191571
show.chunk.b35804d40f414ad70f8f.js
us-as.gr-cdn.com/javascripts/core/lps/dist/
878 KB
225 KB
Script
General
Full URL
https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.b35804d40f414ad70f8f.js
Requested by
Host: 680b5.gr8.com
URL: https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
bf3b2cb330070a6339a6ad8ae1c944d746e96b3e46ccf3160d6e0da889407d94
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://680b5.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:33:06 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 25 Jul 2023 07:46:26 GMT
etag
"64bf7dd2-db81f"
x-hw
1693837986.dop241.si2.t,1693837986.cds298.si2.hn,1693837986.cds271.si2.c
content-type
application/javascript
access-control-allow-origin
*
k8s
app-prod-smb
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
230307
j.php
dev.visualwebsiteoptimizer.com/
3 KB
2 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=4859&u=https%3A%2F%2F680b5.gr8.com%2F%3FcampaignId%3D2814954817%26amp%3Bgclid%3DEAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE&r=0.7585470000554455
Requested by
Host: 680b5.gr8.com
URL: https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gtok1 /
Resource Hash
939e02afc6ceb88d407682d8145e47e84a78662a5a191ee62f193970beda5f95

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://680b5.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:33:06 GMT
content-encoding
gzip
via
1.1 google
server
gtok1
etag
W/"1693811137"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ga.js
ga.getresponse.com/script/91ba00f0-c52c-484d-ac1a-b98cefb43e5c/
620 B
1 KB
Script
General
Full URL
https://ga.getresponse.com/script/91ba00f0-c52c-484d-ac1a-b98cefb43e5c/ga.js
Requested by
Host: 680b5.gr8.com
URL: https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.16.117.14 , Poland, ASN198881 (IMPLIX-PL-AS, PL),
Reverse DNS
14.117.16.178.implix.com
Software
/
Resource Hash
5d4a5b2b8f7689761b7dcce9ef5da5e6a942306d3533fa1cb1e4b2d6920aad94
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://680b5.gr8.com/
Origin
https://680b5.gr8.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 04 Sep 2023 14:33:07 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-response-id
90796799-c8ae-4b54-9d60-61ae59b1d8d0
content-length
620
x-xss-protection
0
referrer-policy
no-referrer
etag
W/"26c-3d5JKHuiVMUYac8vjbDK94vfA4M"
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://680b5.gr8.com
x-download-options
noopen
access-control-allow-credentials
true
v.gif
dev.visualwebsiteoptimizer.com/
35 B
214 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=4859&d=680b5.gr8.com&u=D7CA1067FA668465FA62E804B60969399&h=1a9c67758673d81bb7715038389fae1f&t=false&r=0.9890699651595818
Requested by
Host: 680b5.gr8.com
URL: https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://680b5.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 14:33:06 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
v2.1.35.8.umd.js
us-an.gr-cdn.com/
46 KB
14 KB
Script
General
Full URL
https://us-an.gr-cdn.com/v2.1.35.8.umd.js
Requested by
Host: ga.getresponse.com
URL: https://ga.getresponse.com/script/91ba00f0-c52c-484d-ac1a-b98cefb43e5c/ga.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
AmazonS3 /
Resource Hash
6522658b3d6163f22401344d3de681fd92f5f9de3d6697e3dd592d17bcb6e426

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://680b5.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:33:07 GMT
content-encoding
gzip
x-amz-version-id
null
last-modified
Wed, 30 Aug 2023 10:54:59 GMT
server
AmazonS3
x-amz-request-id
VTPHFCHVXDEV99H2
etag
"68207d7c373c070522b6f2e2e4329a22"
x-amz-server-side-encryption
AES256
x-hw
1693837987.dop241.si2.t,1693837987.cds298.si2.hn,1693837987.cds260.si2.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31091091
accept-ranges
bytes
content-length
14315
x-amz-id-2
K57+cgw9VD8nD7C3n+NdDlUjdNuv7iNAFRIDOFTCdAU+EVKZ7EaF1D/HQVHwTrX+Wgf7NQ1hKEpDyMu2IL9w+30zo2pcAY3u
index.php
ga2.getresponse.com/
0
0
Fetch
General
Full URL
https://ga2.getresponse.com/index.php?ver=3&url=https%3A%2F%2F680b5.gr8.com%2F%3FcampaignId%3D2814954817%26amp%3Bgclid%3DEAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE&uid=%7B%22uuid%22%3A%22920aed77-5170-4536-9a44-43b7470e5656%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22gr8.com%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2Cnull%5D%2C%222%22%3A%5B%22aid%22%2C%2291ba00f0-c52c-484d-ac1a-b98cefb43e5c%22%5D%7D&h=23&m=33&s=7&res=1600x1200&gt_ms=291
Requested by
Host: us-an.gr-cdn.com
URL: https://us-an.gr-cdn.com/v2.1.35.8.umd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.16.117.14 , Poland, ASN198881 (IMPLIX-PL-AS, PL),
Reverse DNS
14.117.16.178.implix.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://680b5.gr8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 04 Sep 2023 14:33:08 GMT
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
expect-ct
max-age=0
vary
Accept-Encoding
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-response-id
cfc91cdf-2079-4107-a153-5709688f8d8d
x-xss-protection
0
truncated
/
8 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
669fd08af609549d8326aa07f32d8f8e29ed4fa16b0c1d67956ba19555c5981d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
/
680b5.gr8.com/
0
814 B
XHR
General
Full URL
https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE
Requested by
Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/vendor.chunk.c31db2ddaf51ca74d70f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.160.64.15 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS
norevdns.getresponse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://680b5.gr8.com/?campaignId=2814954817&gclid=EAIaIQobChMIxf3ApLSMgQMVBzfUAR0Dfw-JEAAYASAAEgKg4_D_BwE
X-Requested-With
XMLHttpRequest
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 14:33:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
x-frame-options
sameorigin
content-type
application/json
cache-control
no-store, no-cache, must-revalidate
feature-policy
accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
csrf-token
a9f2d58c-6a07-44ff-bcd2-211dadf55698
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
digiserve.site/
4 KB
2 KB
Document
General
Full URL
https://digiserve.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://680b5.gr8.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8016f22668072645-NRT
content-encoding
br
content-type
text/html
date
Mon, 04 Sep 2023 14:33:09 GMT
last-modified
Fri, 01 Sep 2023 15:47:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3wK8nxlP7Qu313RaJhXOW9Mnsy1HqpXcux0ZnNAreRNxzB85D6uLcPvWfBU6IgOlqu%2BFMZOKrHBKAk6jDcX5vTJ4PuKbjmjZ3%2BqjqFfRvuXJfX9ZnTWbNf%2B8S9o%2FWDXetdNqDAv0W5WicwNcg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
www48.con-webs.com/
1 KB
1 KB
Document
General
Full URL
https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
Requested by
Host: digiserve.site
URL: https://digiserve.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4ba5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bbb640423951e2875d6b79878caafddc9971f382e0b6114ab433a042f816fb0

Request headers

Referer
https://digiserve.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8016f229de512080-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 14:33:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLL2EtLETgyFsOp9Ri9WRtIPi3xwMMop0O78S7VEisXNCFVaHsQ%2Bstpba7oUpGmUosIN1C5t6mc%2BlSC5%2FY3fWXSsN%2FiRHFP4qwO0uUv6ZEI%2Fto%2B%2FidIDao1xJhYs997jKbE5QJn3RrjmLHPtsoih5T8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Rolling.gif
www48.con-webs.com/images/
77 KB
77 KB
Image
General
Full URL
https://www48.con-webs.com/images/Rolling.gif
Requested by
Host: www48.con-webs.com
URL: https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4ba5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc752cdbee751e8e9e13ee0ba39b8dfb0abe2160e8135b62c837d3fa5945e8cf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:33:10 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Jul 2021 18:34:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1330a-5c7924c21f600"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJDJP9bGX9953Mhwb3lWTd5RgMWVBJ0hThgzb7GQdQW6Xm2ZBY62dpyylsl%2FWfknsKfiSFucSVo8qC5LGTvpzqujRr3bGYTbgMKxPvXlikqVpA7G2irRzq%2BA8VWyIYF9r1rbYkGskarE%2F%2FjBv81%2BORU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8016f22b7f852080-NRT
alt-svc
h3=":443"; ma=86400
content-length
78602
boot.css
www48.con-webs.com/DDoS/css/
298 B
494 B
Stylesheet
General
Full URL
https://www48.con-webs.com/DDoS/css/boot.css
Requested by
Host: www48.con-webs.com
URL: https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4ba5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15b5d7f7dd0e66fdac8181c7fa3f81f1126a9f17f1aaaff6e3e0f599e3a00204

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:33:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Mar 2023 18:27:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"12a-5f667ace05280-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mmld8fVtYfWHaVi3%2BwuNEK1zWD1NoIwuFXWaBZ2FashZrwYsPvkjumPtY5PwHHCFTjTFQ%2Fe4x5TaWfvHuM9Yq2qGT2IsZVfwRaooCM9SU767ML9XcDExAkZFyb%2BI2lN9aKR7peOwrI5V89MjHpwwbZo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8016f22b7f862080-NRT
alt-svc
h3=":443"; ma=86400
Primary Request /
www48.con-webs.com/
291 KB
34 KB
Document
General
Full URL
https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
Requested by
Host: www48.con-webs.com
URL: https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4ba5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e19ad4548bef6a8c74cb1e2ded265f85ac94bff020ff49e7682aac68669cd9

Request headers

Referer
https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8016f2316a06e04f-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 14:33:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWizVX8VZo11FgRS5IPRPuIktsdtmFThtZbEmMzvM0UQdqTnwqHwyUmkYaEc86Wxe38D5uCn5WlP%2BzPgvkMBbnvqBYGo6RvtwLWC8DRn2G8h7%2BjniPrgtn4DH%2FwSPyfgklQr1RlkRgWvTxgORP3SuIk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
core.css
www48.con-webs.com/terra_files/TerraMail_files/
24 KB
6 KB
Stylesheet
General
Full URL
https://www48.con-webs.com/terra_files/TerraMail_files/core.css
Requested by
Host: www48.con-webs.com
URL: https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4ba5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50dab21cc8d77be54e50ac80c4449c32fcbaab32ca8e0bfbde67b366fd733b4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:33:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 10:12:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"60de-5f5e8124ff100-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVzmw964WV9Vn4%2BAQonEJUGPBhFWshcWpDUdivesgiHKCrIs%2BAtwcaxMGmHOQaK7aEIsS1Tg2uto4mDpVDXEZ1pOVJjSo9fXla3hxyW%2FhCoJmBXyfZXP%2B2yhsQ598H164MJ%2BCRFG5s9fpBAWy7m0SWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8016f2333c81e04f-NRT
alt-svc
h3=":443"; ma=86400
context2.css
www48.con-webs.com/terra_files/TerraMail_files/
24 KB
6 KB
Stylesheet
General
Full URL
https://www48.con-webs.com/terra_files/TerraMail_files/context2.css
Requested by
Host: www48.con-webs.com
URL: https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4ba5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a342613ee0097818cb1d7195811b84cce65d38b9b30850c844ce61f06935d8c5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:33:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 10:12:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"60d0-5f5e8124ff100-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPT%2Fwo4Yam6qAj7kDhpLCGj%2FPm%2BFVnnTpPC8brBXX16%2BarcSQmiCpg2PHi4rY%2FrKcbShChJhP0CyqdszAbfzzNNHwcyZCk2ISkmAxAUSihTGBdoeOO%2BhZ0VM7aScRSFHf%2FeaPVnxGWBYByYfMTcB4Iw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8016f2333c86e04f-NRT
alt-svc
h3=":443"; ma=86400
navbar.css
www48.con-webs.com/terra_files/TerraMail_files/
0
0

job_1.0.js
www48.con-webs.com/module/
0
0

f.txt
www48.con-webs.com/terra_files/TerraMail_files/
224 B
640 B
Script
General
Full URL
https://www48.con-webs.com/terra_files/TerraMail_files/f.txt
Requested by
Host: www48.con-webs.com
URL: https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4ba5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb687dab933d6e3e25e1f2e757bfd515228c9ddae106496070d380cf4146347f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:33:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Mar 2023 10:12:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e0-5f5e8126e7580-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWHQChnusbtthlGSCEI4OsEBQc1q04NnLqj2YoRC4J09kgtJkGLoMPhKpuNp27i%2BdtuHcqrQGJOU2z1lEO5MInXeTc%2FbF9ctZwRGVASdADUl%2B9AXQn9Xlnc6EI7jrMMFd1nBBSmpdAF%2BC9hAeNf4Wkc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cf-ray
8016f2333c8ce04f-NRT
alt-svc
h3=":443"; ma=86400
f(1).txt
www48.con-webs.com/terra_files/TerraMail_files/
224 B
639 B
Script
General
Full URL
https://www48.con-webs.com/terra_files/TerraMail_files/f(1).txt
Requested by
Host: www48.con-webs.com
URL: https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4ba5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dcc4767f167825bfeb40332fcbfc6ea47efeaf0205f255e5919da4376edec61

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www48.con-webs.com/?identity=EYyOUHxjfmJ3YrfPjrqDXfxwlXUGzw14bazljpvkw0Prj2BVv06zYKF&flow=fRbqSGNzkRFBGMRcLDwYgV4cmtZAoz9bIWV8f5NHwIjEY1EHxwjLDIjZ8ac2x3dF7KIqpX1lxAvqxy9g5OoI9x9&link=WSs4TFIvREMrNTdsYXl2UXI4TkVWWENDRGZyU0lmMHY5SDJCcUJBZ1R3OUtKays3TEV0OExNSllpQWlPYklFalNmVFA3d1lnQ2ptV0NrK2NhYkp3aDBKcG5XNTRFM0dJMVNLS1YwaWl0ME5BV0wxaUhYSnlBZGdxVENhdHVIbnc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 14:33:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Mar 2023 10:12:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e0-5f5e8128cfa00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFV6wjLDIhAZZwmMSaHDaXhy6PFX3MFKRO7Yl0hJYmMp7p4ke18fUAczOXVetpnCpeHQv0RBL739KotepQtE17LTjXNp1JIa%2BSKsFk3xn9W7CcnzCvsZOzvyde0s4etalMaJPcAYtf1M%2F0NJovG1nrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cf-ray
8016f2333c8ee04f-NRT
alt-svc
h3=":443"; ma=86400
logo_terraServicos.svg
www48.con-webs.com/terra_files/TerraMail_files/
0
0

logo_terraEmpresas.svg
www48.con-webs.com/terra_files/TerraMail_files/
0
0

vivinho-pequeno_v4.svg
www48.con-webs.com/terra_files/TerraMail_files/
0
0

banner-ds_v1.png
www48.con-webs.com/terra_files/TerraMail_files/
0
0

TER_276_Novas_Pecas_Campanha_Ingles_BN_273x40_V0_HL.gif
www48.con-webs.com/terra_files/TerraMail_files/
0
0

tr
www48.con-webs.com/terra_files/TerraMail_files/
0
0

tr(1)
www48.con-webs.com/terra_files/TerraMail_files/
0
0

tr(2)
www48.con-webs.com/terra_files/TerraMail_files/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www48.con-webs.com
URL
https://www48.con-webs.com/terra_files/TerraMail_files/navbar.css
Domain
www48.con-webs.com
URL
https://www48.con-webs.com/module/job_1.0.js
Domain
www48.con-webs.com
URL
https://www48.con-webs.com/terra_files/TerraMail_files/logo_terraServicos.svg
Domain
www48.con-webs.com
URL
https://www48.con-webs.com/terra_files/TerraMail_files/logo_terraEmpresas.svg
Domain
www48.con-webs.com
URL
https://www48.con-webs.com/terra_files/TerraMail_files/vivinho-pequeno_v4.svg
Domain
www48.con-webs.com
URL
https://www48.con-webs.com/terra_files/TerraMail_files/banner-ds_v1.png
Domain
www48.con-webs.com
URL
https://www48.con-webs.com/terra_files/TerraMail_files/TER_276_Novas_Pecas_Campanha_Ingles_BN_273x40_V0_HL.gif
Domain
www48.con-webs.com
URL
https://www48.con-webs.com/terra_files/TerraMail_files/tr
Domain
www48.con-webs.com
URL
https://www48.con-webs.com/terra_files/TerraMail_files/tr(1)
Domain
www48.con-webs.com
URL
https://www48.con-webs.com/terra_files/TerraMail_files/tr(2)

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| get_current_url object| date string| days

11 Cookies

Domain/Path Name / Value
680b5.gr8.com/ Name: squeeze-page
Value: 7f3ggs46lm2bkam2ag7464n6tl
680b5.gr8.com/ Name: h1Xof[variantVersion]
Value: 0
.680b5.gr8.com/ Name: _vwo_uuid_v2
Value: D7CA1067FA668465FA62E804B60969399|1a9c67758673d81bb7715038389fae1f
.gr8.com/ Name: gaDomain-Bm49M4
Value: BYBuRC
.gr8.com/ Name: gaVisitorUuid
Value: 920aed77-5170-4536-9a44-43b7470e5656
680b5.gr8.com/ Name: h1Xof[visit]
Value: zPTtN
680b5.gr8.com/ Name: h1Xof[uniqueVisit]
Value: zPTtN
www48.con-webs.com/ Name: Identity
Value: 4
www48.con-webs.com/ Name: tela
Value: terramail
www48.con-webs.com/ Name: campanha
Value: mec
www48.con-webs.com/ Name: ct_anti_ddos_key
Value: 814a01e7722a3abe690ef729ebabdaae

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

680b5.gr8.com
dev.visualwebsiteoptimizer.com
digiserve.site
ga.getresponse.com
ga2.getresponse.com
us-an.gr-cdn.com
us-as.gr-cdn.com
www48.con-webs.com
www48.con-webs.com
104.160.64.15
178.16.117.14
205.185.216.10
2606:4700:3031::ac43:c6f8
2606:4700:3035::6815:4ba5
34.96.102.137
15b5d7f7dd0e66fdac8181c7fa3f81f1126a9f17f1aaaff6e3e0f599e3a00204
15e19ad4548bef6a8c74cb1e2ded265f85ac94bff020ff49e7682aac68669cd9
1ce5f3fe604178444613f80a6398d8c55abe621d453b1241b575194023466396
5d4a5b2b8f7689761b7dcce9ef5da5e6a942306d3533fa1cb1e4b2d6920aad94
6522658b3d6163f22401344d3de681fd92f5f9de3d6697e3dd592d17bcb6e426
669fd08af609549d8326aa07f32d8f8e29ed4fa16b0c1d67956ba19555c5981d
6bbb640423951e2875d6b79878caafddc9971f382e0b6114ab433a042f816fb0
6dcc4767f167825bfeb40332fcbfc6ea47efeaf0205f255e5919da4376edec61
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835ca702c43f59d2cdf004b9f2526a037c5e07a378c723681eaa46da4af0b898
939e02afc6ceb88d407682d8145e47e84a78662a5a191ee62f193970beda5f95
9aaa87169a947ea15244258058b03d7b0b2db32e7167c9f6844b1296bc5d81cb
a19380a069d3af8da0d63a5082a0ec6faae8f889296970526f531356ea6d59d6
a342613ee0097818cb1d7195811b84cce65d38b9b30850c844ce61f06935d8c5
aa944c144b3d443543056dbfc6fedbc9626c6e47e88b39f79b28832ee20fbb34
bc752cdbee751e8e9e13ee0ba39b8dfb0abe2160e8135b62c837d3fa5945e8cf
bf3b2cb330070a6339a6ad8ae1c944d746e96b3e46ccf3160d6e0da889407d94
c50dab21cc8d77be54e50ac80c4449c32fcbaab32ca8e0bfbde67b366fd733b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f57907286fdd63fc685600e9ddaa36d10229c930b2da657b7e46c1f79dec1eac
fb687dab933d6e3e25e1f2e757bfd515228c9ddae106496070d380cf4146347f
fe6b84021bb99f232690f26765b37db228d4a8fadbfa7088a7226bbebdc5badc