noveltydollar.com Open in urlscan Pro
62.171.178.140  Malicious Activity! Public Scan

Submitted URL: http://camecom.it/css/secure.php
Effective URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Submission: On July 26 via manual from US

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 40 HTTP transactions. The main IP is 62.171.178.140, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is noveltydollar.com.
This is the only time noveltydollar.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SECU Credit Union (Financial)

Domain & IP information

Domain Requested by
21 myaccounts.secumd.org noveltydollar.com
myaccounts.secumd.org
4 noveltydollar.com noveltydollar.com
3 iris.alkamitech.com noveltydollar.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com noveltydollar.com
2 code.jquery.com noveltydollar.com
2 assets.orb.alkamitech.com noveltydollar.com
assets.orb.alkamitech.com
1 ajax.aspnetcdn.com noveltydollar.com
1 stackpath.bootstrapcdn.com noveltydollar.com
1 libs.salemove.com noveltydollar.com
1 fonts.googleapis.com noveltydollar.com
1 camecom.it 1 redirects
40 12
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1
2021-06-28 -
2021-09-20
3 months crt.sh
*.orb.alkamitech.com
Entrust Certification Authority - L1K
2020-01-27 -
2022-01-27
2 years crt.sh
myaccounts.secumd.org
Entrust Certification Authority - L1M
2019-10-24 -
2021-10-24
2 years crt.sh
iris.alkamitech.com
Amazon
2021-07-23 -
2022-08-21
a year crt.sh
*.glia.com
Amazon
2021-06-26 -
2022-07-25
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2020-11-16 -
2021-11-10
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh

This page contains 1 frames:

Primary Page: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Frame ID: 391F967EAB169F7058B7B0EE4FCE4654
Requests: 41 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://camecom.it/css/secure.php HTTP 302
    http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /Unix/i

Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+foundation[^>"]+css/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

40
Requests

90 %
HTTPS

62 %
IPv6

11
Domains

12
Subdomains

13
IPs

4
Countries

2267 kB
Transfer

3260 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://camecom.it/css/secure.php HTTP 302
    http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Redirect Chain
  • http://camecom.it/css/secure.php
  • http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
37 KB
37 KB
Document
General
Full URL
http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
HTTP/1.1
Server
62.171.178.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi455206.contaboserver.net
Software
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips / PHP/7.1.1
Resource Hash
d11fd6eda3768319a87575a5d1e9df4a12e18a511ac9e92329b7e37452f8610b

Request headers

Host
noveltydollar.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 18:53:42 GMT
Server
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By
PHP/7.1.1
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=84toqqtev8hrs5k5kt3s549d69; path=/
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 26 Jul 2021 18:53:39 GMT
Server
Apache
X-Powered-By
PHP/7.2.34 PleskLin
Location
http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Cache-Control
max-age=0, public
Expires
Mon, 26 Jul 2021 18:53:39 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
20
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/
6 KB
778 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 17:47:25 GMT
server
ESF
date
Mon, 26 Jul 2021 18:53:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Jul 2021 18:53:42 GMT
font-icons.css
assets.orb.alkamitech.com/production/icons/SECU/font/
111 KB
8 KB
Stylesheet
General
Full URL
https://assets.orb.alkamitech.com/production/icons/SECU/font/font-icons.css
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3600:4:819e:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c651a4a9e16b97152909cce1e7ef975d59e477dc21c2196b94804e1e34408da7

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
gcPf5.f8R4A1HzdIc7x4XrZC9YrnjUoW
content-encoding
gzip
etag
"9f551ce9f410fc91dfa3d780d890be1e"
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
8152
last-modified
Tue, 20 Jul 2021 16:45:07 GMT
server
AmazonS3
date
Mon, 26 Jul 2021 18:53:43 GMT
content-type
text/css; charset=utf-8
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
max-age=630720000, no-cache, no-transform, public
accept-ranges
bytes
x-amz-cf-id
gA9syzhwMBPDSrNruSBHFYVqGW2Biu4qyl_k7gLG1IXUuF24y4SI1A==
expires
Mon, 15 Jul 2041 16:44:04 GMT
yui-reset.min.css
myaccounts.secumd.org/stylesheets/
793 B
971 B
Stylesheet
General
Full URL
https://myaccounts.secumd.org/stylesheets/yui-reset.min.css?637575540620000000
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
590fcd2ea2a3de691c86ecf564fff1fcb0982271cf723ae4d6e2453c9e6f5434
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-svr
WEB1654120
age
810539
cf-request-id
0b85c3825e000040f35405f000000001
last-modified
Tue, 25 May 2021 15:41:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0fbaa5d7c51d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=2592000
cf-ray
674fd516ffdc40f3-CDG
jquery-ui.min.css
myaccounts.secumd.org/stylesheets/vendor/jquery/
30 KB
8 KB
Stylesheet
General
Full URL
https://myaccounts.secumd.org/stylesheets/vendor/jquery/jquery-ui.min.css?637575540640000000
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
750c3592e1cd90e918a5e459c88f0394851dc4c1812386baeace68e36d65ae54
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-svr
WEB164366
age
895124
cf-request-id
0b85c3825e000040f303abc000000001
last-modified
Tue, 25 May 2021 15:41:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"028dc5e7c51d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=2592000
cf-ray
674fd516ffde40f3-CDG
jquery.daterangepicker.min.css
myaccounts.secumd.org/stylesheets/vendor/jquery/
3 KB
1 KB
Stylesheet
General
Full URL
https://myaccounts.secumd.org/stylesheets/vendor/jquery/jquery.daterangepicker.min.css?637575540640000000
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab9c55dea4e2d8b7e988cb51b7f82d7dda04336a90e7b9400ac417198590077b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-svr
WEB1626155
age
2041255
cf-request-id
0b85c3825e000040f3ef86e000000001
last-modified
Tue, 25 May 2021 15:41:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"028dc5e7c51d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=2592000
cf-ray
674fd516ffe040f3-CDG
ext-all.min.css
myaccounts.secumd.org/stylesheets/vendor/extjs/
110 KB
18 KB
Stylesheet
General
Full URL
https://myaccounts.secumd.org/stylesheets/vendor/extjs/ext-all.min.css?637575540640000000
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4992fb45a6f31ed224283f31a491cfe23740321dd4cfb7934a1457ff1af3aa4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-svr
WEB1644217
age
866549
cf-request-id
0b85c3825e000040f37c0de000000001
last-modified
Tue, 25 May 2021 15:41:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"028dc5e7c51d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=2592000
cf-ray
674fd516ffe140f3-CDG
base.min.css
myaccounts.secumd.org/stylesheets/
193 KB
33 KB
Stylesheet
General
Full URL
https://myaccounts.secumd.org/stylesheets/base.min.css?637575540620000000
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1591728c0c25372e4793da66a161948a604c6bff62dd8622972c9f5df8cdb417
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-svr
WEB1657198
age
866549
cf-request-id
0b85c3825f000040f33214d000000001
last-modified
Tue, 25 May 2021 15:41:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0fbaa5d7c51d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=2592000
cf-ray
674fd516ffe440f3-CDG
grid.min.css
myaccounts.secumd.org/stylesheets/
5 KB
2 KB
Stylesheet
General
Full URL
https://myaccounts.secumd.org/stylesheets/grid.min.css?637575540620000000
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d0fb89002a24e260c9d36cae8bc692d14a6e284fa87409b188e482445e5cdc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-svr
WEB164366
age
433187
cf-request-id
0b85c3825f000040f3f82fc000000001
last-modified
Tue, 25 May 2021 15:41:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0fbaa5d7c51d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=2592000
cf-ray
674fd516ffe540f3-CDG
sidebar.min.css
myaccounts.secumd.org/stylesheets/
3 KB
1 KB
Stylesheet
General
Full URL
https://myaccounts.secumd.org/stylesheets/sidebar.min.css?637575540620000000
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
279c113d5d5ff4bade5214a361cb00d36fb7c0ed9afc2071b46fa7e7da080d49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-svr
WEB164366
age
810539
cf-request-id
0b85c38262000040f3718be000000001
last-modified
Tue, 25 May 2021 15:41:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0fbaa5d7c51d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=2592000
cf-ray
674fd5170fef40f3-CDG
iris.shim.desktop.min.css
myaccounts.secumd.org/lib/iris/
673 B
658 B
Stylesheet
General
Full URL
https://myaccounts.secumd.org/lib/iris/iris.shim.desktop.min.css?637575540640000000
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59f12ecd0c381fee3367ffac176a581a966727684a5ce94390b4390b2fc06ca4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
x-svr
WEB1654120
cf-request-id
0b85c3825f000040f3e6316000000001
last-modified
Tue, 25 May 2021 15:41:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"028dc5e7c51d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=600
cf-ray
674fd516ffe740f3-CDG
expires
Mon, 26 Jul 2021 19:03:43 GMT
iris.min.css
myaccounts.secumd.org/lib/iris/
95 KB
15 KB
Stylesheet
General
Full URL
https://myaccounts.secumd.org/lib/iris/iris.min.css?637575540600000000
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b9f0c0a5e74bbbde3c314a73fd18b1f5038cbda33e1e58e597dbee8f63d9e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
x-svr
WEB1644217
cf-request-id
0b85c38262000040f33811d000000001
last-modified
Tue, 25 May 2021 15:41:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0ce795c7c51d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=600
cf-ray
674fd5170ff140f3-CDG
expires
Mon, 26 Jul 2021 19:03:43 GMT
iris-foundation.min.css
myaccounts.secumd.org/lib/iris-foundation/
50 KB
7 KB
Stylesheet
General
Full URL
https://myaccounts.secumd.org/lib/iris-foundation/iris-foundation.min.css?637575540600000000
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6fca06e2aac270b488f73bcf0a10d249e2722a015135e60dbb49360c5335a72
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
x-svr
WEB1652184
cf-request-id
0b85c38265000040f369293000000001
last-modified
Tue, 25 May 2021 15:41:00 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0ce795c7c51d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=600
cf-ray
674fd5170ff340f3-CDG
expires
Mon, 26 Jul 2021 19:03:43 GMT
iris-components.shim.desktop.min.css
iris.alkamitech.com/cdn/iris-vue/latest/
1 KB
2 KB
Stylesheet
General
Full URL
https://iris.alkamitech.com/cdn/iris-vue/latest/iris-components.shim.desktop.min.css
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-69.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c61590a86ae352f42d85b6bb9937b32c7a2996e1a565c57e068d1aa3978f79c

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 26 Jul 2021 01:42:49 GMT
via
1.1 8698da0cfd5dac9801848770e0d61b63.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 20:20:10 GMT
server
AmazonS3
age
61854
etag
"111b33968e77f9567d76c865f0a3dcaf"
x-amz-meta-cache-control
max-age=600, must-revalidate, public
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-length
1358
x-amz-cf-id
AZMuGa5PfyKXIF4DGy1e9lIZgSLVs6htMVl3Ll5_G1BSO7BI6Rqgjw==
iris-foundation.min.css
iris.alkamitech.com/cdn/iris-foundation/latest/
50 KB
51 KB
Stylesheet
General
Full URL
https://iris.alkamitech.com/cdn/iris-foundation/latest/iris-foundation.min.css
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-69.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6fca06e2aac270b488f73bcf0a10d249e2722a015135e60dbb49360c5335a72

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cache-control
max-age=600, must-revalidate, public
via
1.1 8698da0cfd5dac9801848770e0d61b63.cloudfront.net (CloudFront)
etag
"b8c864cda1f61ea4ffc57ba52f038a41"
last-modified
Wed, 21 Oct 2020 18:53:45 GMT
server
AmazonS3
age
30457
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/css
date
Mon, 26 Jul 2021 10:26:06 GMT
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-length
51310
x-amz-cf-id
QDc2QPQhvwZJLhyTZXVLQAxuZPnlDvLZ7HKLM-DlYZfApCnItBFVAw==
iris-components.min.css
iris.alkamitech.com/cdn/iris-vue/latest/
142 KB
142 KB
Stylesheet
General
Full URL
https://iris.alkamitech.com/cdn/iris-vue/latest/iris-components.min.css
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-69.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95d4fe92dfd1ad1ec032ff932d37d1088bd2723e34081989899bcd1fa1146da2

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-cache-control
max-age=600, must-revalidate, public
via
1.1 8698da0cfd5dac9801848770e0d61b63.cloudfront.net (CloudFront)
etag
"b72ce346787a0d2deb7e048c4d05367e"
last-modified
Thu, 24 Jun 2021 20:20:10 GMT
server
AmazonS3
age
43788
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/css
date
Mon, 26 Jul 2021 06:43:54 GMT
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-length
145029
x-amz-cf-id
wFSdii8lMKEZfh9vDHbeN7oXmIOgdSAfGW9ERc7yVE7CpTLYyeGRIg==
isotope.1.3.3.min.css
myaccounts.secumd.org/Isotope/Styles/
5 KB
2 KB
Stylesheet
General
Full URL
https://myaccounts.secumd.org/Isotope/Styles/isotope.1.3.3.min.css
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffc47ebce714e39e390a1dbce31549676cf6ecc4d8ba4224d0d2d18f88658473
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:43 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 03 Jun 2021 05:52:39 GMT
server
cloudflare
etag
W/"6d7074a93c58d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-svr
WEB1626155
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
674fd516ffe840f3-CDG
cf-request-id
0b85c3825f000040f335269000000001
Authentication-Isotope.min.css
myaccounts.secumd.org/Areas/Authentication/Styles/
2 KB
877 B
Stylesheet
General
Full URL
https://myaccounts.secumd.org/Areas/Authentication/Styles/Authentication-Isotope.min.css?637582964579860005
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f26973638df377445d53f726e35b802001a262f2f2be8d3cf4a7b999abc46076
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:43 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 03 Jun 2021 05:54:17 GMT
server
cloudflare
etag
W/"257e28e43c58d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-svr
WEB1626155
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
674fd5170ff040f3-CDG
cf-request-id
0b85c38262000040f3890b8000000001
theme.desktop.min.css
myaccounts.secumd.org/Orbital/SECU/Themes/SECU/Stylesheets/
46 KB
8 KB
Stylesheet
General
Full URL
https://myaccounts.secumd.org/Orbital/SECU/Themes/SECU/Stylesheets/theme.desktop.min.css?637582954523018470
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
836f6553a56086bde88532c63139483d68495d6b0ca33f73d2a2951109a67690
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:43 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 03 Jun 2021 05:37:40 GMT
server
cloudflare
etag
W/"adbfc3913a58d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-svr
WEB1652184
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
674fd5170ff540f3-CDG
cf-request-id
0b85c38262000040f32e337000000001
fi.desktop.min.css
myaccounts.secumd.org/Orbital/SECU/Stylesheets/
47 KB
10 KB
Stylesheet
General
Full URL
https://myaccounts.secumd.org/Orbital/SECU/Stylesheets/fi.desktop.min.css?637582954522705748
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d7407ce09aa3b4d744645100dbdab1c52785c8c6fef1b08ea64ac6f57bddeba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:43 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 03 Jun 2021 05:37:40 GMT
server
cloudflare
etag
W/"8cfabe913a58d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-svr
WEB1652184
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
674fd5170ff640f3-CDG
cf-request-id
0b85c38263000040f317346000000001
visitor-app.69a3edb4.default.css
libs.salemove.com/
289 KB
117 KB
Stylesheet
General
Full URL
https://libs.salemove.com/visitor-app.69a3edb4.default.css
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9400:0:99b9:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a283d545359c1ec9fe76681198ebb5cb927937c90e5d5a26b37d530c05e7990d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 10:30:30 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 09:21:17 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
md5:c76347f8a6f3888f429ee15883a04a38
age
1239792
etag
W/"c76347f8a6f3888f429ee15883a04a38"
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method,Origin
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
text/css
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
xPi11qg5qpkB_zedpnQMobsbtCgMI_0_aBZm-SNS5zfvOMH0EEj-Cw==
style.css
noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/css/
550 B
852 B
Stylesheet
General
Full URL
http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/css/style.css
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
HTTP/1.1
Server
62.171.178.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi455206.contaboserver.net
Software
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
2b7ba8f492469156cb902ae08aa7f1a4d31cf3cbf59ed9a93990cec7d3f88308

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
noveltydollar.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Cookie
PHPSESSID=84toqqtev8hrs5k5kt3s549d69
Connection
keep-alive
Cache-Control
no-cache
Referer
http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 18:53:42 GMT
Last-Modified
Fri, 23 Jul 2021 11:51:52 GMT
Server
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
ETag
"226-5c7c907840600"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
550
Logo
myaccounts.secumd.org/Image/
3 KB
3 KB
Image
General
Full URL
https://myaccounts.secumd.org/Image/Logo?CacheIdentifier=
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
815838e5848947528ac175d31ba32c7deef87b3f16ecad0dac23e2899eb84db0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:43 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-svr
WEB1626155
cf-ray
674fd517283940f3-CDG
content-length
2879
cf-request-id
0b85c3827d000040f33d3b9000000001
last-modified
Mon, 26 Jul 2021 18:53:43 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/png
cache-control
private, max-age=604800, s-maxage=0
x-robots-tag
none
expires
Mon, 02 Aug 2021 18:53:43 GMT
print.min.css
myaccounts.secumd.org/stylesheets/
8 KB
2 KB
Stylesheet
General
Full URL
https://myaccounts.secumd.org/stylesheets/print.min.css?637575540620000000
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a277dd9a22a97f512f9024dbe82acb5468a168ec43bad3146b2cda9d93afd2fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:42 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-svr
WEB1652184
age
810539
cf-request-id
0b85c3827e000040f33a823000000001
last-modified
Tue, 25 May 2021 15:41:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"0fbaa5d7c51d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
max-age=2592000
cf-ray
674fd517284040f3-CDG
app-store-badge.svg
myaccounts.secumd.org/Isotope/Images/
11 KB
4 KB
Image
General
Full URL
https://myaccounts.secumd.org/Isotope/Images/app-store-badge.svg
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86c9954e1457d27db013c1f10a96ffaba845e5af7765c4ef9df4ac1549e47d67
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 03 Jun 2021 05:52:39 GMT
server
cloudflare
etag
W/"68fc8aa93c58d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/svg+xml
x-svr
WEB1654120
cf-ray
674fd517283a40f3-CDG
cf-request-id
0b85c3827d000040f31b0c1000000001
google-play-badge.svg
myaccounts.secumd.org/Isotope/Images/
9 KB
4 KB
Image
General
Full URL
https://myaccounts.secumd.org/Isotope/Images/google-play-badge.svg
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dcf765854f1fe869b1674016feb1638870c1066f156f8d7dfd47b53d0dc093f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 03 Jun 2021 05:52:39 GMT
server
cloudflare
etag
W/"68fc8aa93c58d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/svg+xml
x-svr
WEB1654120
cf-ray
674fd517283b40f3-CDG
cf-request-id
0b85c3827d000040f305a5b000000001
app_store_badge.png
myaccounts.secumd.org/Orbital/SECU/Themes/SECU/Images/
2 KB
2 KB
Image
General
Full URL
https://myaccounts.secumd.org/Orbital/SECU/Themes/SECU/Images/app_store_badge.png
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e7caaccd8026212f28ef57aa28d1d438bb5463c082cd3f9ac2548785ece5cf0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:43 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 03 Jun 2021 05:37:35 GMT
server
cloudflare
etag
"7c83968e3a58d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
x-svr
WEB1654120
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
674fd517283c40f3-CDG
content-length
1752
cf-request-id
0b85c38284000040f305a5c000000001
google-play-badge.png
myaccounts.secumd.org/Orbital/SECU/Themes/SECU/Images/
5 KB
5 KB
Image
General
Full URL
https://myaccounts.secumd.org/Orbital/SECU/Themes/SECU/Images/google-play-badge.png
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bed34ddf95887f57b42acae2c0604c9780f39f99eca3d5a14133745ab78cfa3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:43 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 03 Jun 2021 05:37:35 GMT
server
cloudflare
etag
"7c83968e3a58d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
x-svr
WEB1654120
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
674fd517283e40f3-CDG
content-length
5261
cf-request-id
0b85c3827e000040f30087f000000001
loading.gif
noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/img/
38 KB
38 KB
Image
General
Full URL
http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/img/loading.gif
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
HTTP/1.1
Server
62.171.178.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi455206.contaboserver.net
Software
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
noveltydollar.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Cookie
PHPSESSID=84toqqtev8hrs5k5kt3s549d69
Connection
keep-alive
Cache-Control
no-cache
Referer
http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 18:53:42 GMT
Last-Modified
Fri, 23 Jul 2021 11:51:54 GMT
Server
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
ETag
"96ec-5c7c907a28a80"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
38636
jquery-3.2.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:42 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2017 19:01:15 GMT
server
nginx
etag
W/"58d026fb-15283"
vary
Accept-Encoding
x-hw
1627325622.dop128.fr8.t,1627325622.cds266.fr8.hc,1627325622.cds133.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
jquery-3.3.1.slim.min.js
code.jquery.com/
68 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Origin
http://noveltydollar.com
Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:42 GMT
content-encoding
gzip
last-modified
Sat, 20 Jan 2018 17:26:44 GMT
server
nginx
etag
W/"5a637bd4-1111d"
vary
Accept-Encoding
x-hw
1627325622.dop236.fr8.t,1627325622.cds286.fr8.hn,1627325622.cds274.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24038
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/
20 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
http://noveltydollar.com
Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10872540
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6458
cf-request-id
08fdb5b4d7000005ed6ca49000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-500f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gv8Uz15UpZKKmo9jfmYR%2FkJxvz%2F3Ru0k9MczDluKy7dogf9aSEa2pdguF7rF9hhRHuzrXcHB%2BALkUrAHeGGZiEafPFxyPmxVh%2FVSYnWkEjN7257Ape3tiz3Y3iWMeu5keX9ZMExAKQKLMWgBG8QR1Xt9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
674fd514dda705bf-FRA
expires
Sat, 16 Jul 2022 18:53:42 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/
49 KB
14 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
http://noveltydollar.com
Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
565, 718, 718
age
6483
cdn-cachedat
2021-06-08 18:02:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
72d652966f1f06bf0380bc6ed8fc0f96
cf-ray
674fd514d92b2b41-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jquery-3.3.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/
85 KB
30 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F2D) /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11786235
x-cache
HIT
content-length
30394
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jan 2018 19:27:49 GMT
server
ECAcc (frc/8F2D)
etag
"80288516b793d31:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
jquery.mask.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/
20 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://noveltydollar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
303460
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4517
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-4e98"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gwe%2F%2BNljjmKLdzKXG%2ByGTo%2FX1k95%2BU15N78Ku9FwBC0w6S63BDUTkWdkqpzCz4JB4IbIR3MGkUepCc47GMZWG9cS3LhbEB2OU2hPvnCqv5E2YY%2F4OwqlUuVhxM%2B%2FTEJsqRLrL1FGBKRRWRRBzIUQuF%2BB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
674fd514ddc205b3-FRA
expires
Sat, 16 Jul 2022 18:53:42 GMT
actions.js
noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/js/
1 KB
2 KB
Script
General
Full URL
http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/js/actions.js
Requested by
Host: noveltydollar.com
URL: http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Protocol
HTTP/1.1
Server
62.171.178.140 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi455206.contaboserver.net
Software
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
70e85a009826725354b61dda5e78f14418a117f6d4646550d2c55c499ec64a50

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
noveltydollar.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
Cookie
PHPSESSID=84toqqtev8hrs5k5kt3s549d69
Connection
keep-alive
Cache-Control
no-cache
Referer
http://noveltydollar.com/wp-includes/blocks/secumds.org_focus/secumds.org_focus/W/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 18:53:42 GMT
Last-Modified
Fri, 23 Jul 2021 11:51:54 GMT
Server
Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
ETag
"50e-5c7c907a28a80"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1294
desktop_bg.jpg
myaccounts.secumd.org/Orbital/SECU/Themes/SECU/Images/
1 MB
1 MB
Image
General
Full URL
https://myaccounts.secumd.org/Orbital/SECU/Themes/SECU/Images/desktop_bg.jpg
Requested by
Host: myaccounts.secumd.org
URL: https://myaccounts.secumd.org/Orbital/SECU/Themes/SECU/Stylesheets/theme.desktop.min.css?637582954523018470
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.189.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9284b646657de61300244984f97841e022fe858e08ffe51ce2a4d0d9dec98a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://myaccounts.secumd.org/Orbital/SECU/Themes/SECU/Stylesheets/theme.desktop.min.css?637582954523018470
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:53:43 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 03 Jun 2021 05:37:33 GMT
server
cloudflare
etag
"34a69d8d3a58d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
x-svr
WEB1657198
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
674fd51a0d2b40f3-CDG
content-length
1554479
cf-request-id
0b85c38443000040f376aab000000001
Alkami.woff2
assets.orb.alkamitech.com/production/icons/SECU/font/
40 KB
40 KB
Font
General
Full URL
https://assets.orb.alkamitech.com/production/icons/SECU/font/Alkami.woff2
Requested by
Host: assets.orb.alkamitech.com
URL: https://assets.orb.alkamitech.com/production/icons/SECU/font/font-icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3600:4:819e:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a94aac0eaa1cbac733c84622acd33aa1c7a99efa40c59682b5c0b69b7e82d26

Request headers

Origin
http://noveltydollar.com
Referer
https://assets.orb.alkamitech.com/production/icons/SECU/font/font-icons.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VSZZ19VDYHE3ZUiVYeaxbXIGJAUHSEgw
content-encoding
gzip
etag
"3ec6ae30cdfcdbf2930b8540202e4882"
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-length
40617
access-control-allow-origin
*
last-modified
Wed, 21 Jul 2021 14:37:40 GMT
server
AmazonS3
date
Mon, 26 Jul 2021 18:53:44 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
font/woff2
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control
max-age=630720000, no-cache, no-transform, public
accept-ranges
bytes
x-amz-cf-id
fDmTmpEFlPHVAvSv4akS3nM-eN3SKMFT5JpM5DvxiKWYIls_KLJv8Q==
expires
Tue, 16 Jul 2041 14:35:58 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://noveltydollar.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 12:00:01 GMT
x-content-type-options
nosniff
age
543222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:00:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://noveltydollar.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:26:24 GMT
x-content-type-options
nosniff
age
1639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 18:26:24 GMT
truncated
/
41 KB
41 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9213ac17b151af2419644a4dc52b1e944d29797ffe61dc8d8e0be784114026f9

Request headers

Origin
http://noveltydollar.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SECU Credit Union (Financial)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Popper object| bootstrap

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
assets.orb.alkamitech.com
camecom.it
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
iris.alkamitech.com
libs.salemove.com
myaccounts.secumd.org
noveltydollar.com
stackpath.bootstrapcdn.com
104.17.189.18
13.224.111.69
152.199.19.160
2001:4de0:ac18::1:a:1a
2600:9000:2156:3600:4:819e:800:93a1
2600:9000:2156:9400:0:99b9:cd80:93a1
2606:4700::6810:125e
2606:4700::6812:bcf
2a00:1450:4001:800::2003
2a00:1450:4001:812::2003
2a00:1450:4001:831::200a
5.134.122.130
62.171.178.140
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
09d0fb89002a24e260c9d36cae8bc692d14a6e284fa87409b188e482445e5cdc
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1591728c0c25372e4793da66a161948a604c6bff62dd8622972c9f5df8cdb417
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
279c113d5d5ff4bade5214a361cb00d36fb7c0ed9afc2071b46fa7e7da080d49
2b7ba8f492469156cb902ae08aa7f1a4d31cf3cbf59ed9a93990cec7d3f88308
2d7407ce09aa3b4d744645100dbdab1c52785c8c6fef1b08ea64ac6f57bddeba
2dcf765854f1fe869b1674016feb1638870c1066f156f8d7dfd47b53d0dc093f
590fcd2ea2a3de691c86ecf564fff1fcb0982271cf723ae4d6e2453c9e6f5434
59f12ecd0c381fee3367ffac176a581a966727684a5ce94390b4390b2fc06ca4
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
5e7caaccd8026212f28ef57aa28d1d438bb5463c082cd3f9ac2548785ece5cf0
6a94aac0eaa1cbac733c84622acd33aa1c7a99efa40c59682b5c0b69b7e82d26
6c61590a86ae352f42d85b6bb9937b32c7a2996e1a565c57e068d1aa3978f79c
70e85a009826725354b61dda5e78f14418a117f6d4646550d2c55c499ec64a50
750c3592e1cd90e918a5e459c88f0394851dc4c1812386baeace68e36d65ae54
815838e5848947528ac175d31ba32c7deef87b3f16ecad0dac23e2899eb84db0
836f6553a56086bde88532c63139483d68495d6b0ca33f73d2a2951109a67690
86c9954e1457d27db013c1f10a96ffaba845e5af7765c4ef9df4ac1549e47d67
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9213ac17b151af2419644a4dc52b1e944d29797ffe61dc8d8e0be784114026f9
95d4fe92dfd1ad1ec032ff932d37d1088bd2723e34081989899bcd1fa1146da2
9bed34ddf95887f57b42acae2c0604c9780f39f99eca3d5a14133745ab78cfa3
a277dd9a22a97f512f9024dbe82acb5468a168ec43bad3146b2cda9d93afd2fe
a283d545359c1ec9fe76681198ebb5cb927937c90e5d5a26b37d530c05e7990d
ab9c55dea4e2d8b7e988cb51b7f82d7dda04336a90e7b9400ac417198590077b
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
c651a4a9e16b97152909cce1e7ef975d59e477dc21c2196b94804e1e34408da7
c9284b646657de61300244984f97841e022fe858e08ffe51ce2a4d0d9dec98a7
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d11fd6eda3768319a87575a5d1e9df4a12e18a511ac9e92329b7e37452f8610b
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e4b9f0c0a5e74bbbde3c314a73fd18b1f5038cbda33e1e58e597dbee8f63d9e0
f26973638df377445d53f726e35b802001a262f2f2be8d3cf4a7b999abc46076
f4992fb45a6f31ed224283f31a491cfe23740321dd4cfb7934a1457ff1af3aa4
f6fca06e2aac270b488f73bcf0a10d249e2722a015135e60dbb49360c5335a72
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
ffc47ebce714e39e390a1dbce31549676cf6ecc4d8ba4224d0d2d18f88658473