urlscan.io logo urlscan.io
SecurityTrails logo

bggcdje.datesrud.com Open in urlscan Pro
5.104.107.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.swbenefits.live/
Effective URL: https://bggcdje.datesrud.com/s/45a8b607c20a2
Submission: On December 24 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 26 HTTP transactions. The main IP is 5.104.107.248, located in Düsseldorf, Germany and belongs to MYLOC-AS WIIT AG, DE. The main domain is bggcdje.datesrud.com.
TLS certificate: Issued by R10 on December 21st 2024. Valid for: 3 months.
This is the only time bggcdje.datesrud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 205.234.175.105 30081 (CACHENETW...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.163 15169 (GOOGLE)
1 104.16.123.96 13335 (CLOUDFLAR...)
8 5.104.107.248 24961 (MYLOC-AS ...)
1 2001:4860:480... 15169 (GOOGLE)
3 104.18.10.207 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
26 13
2    2a00:1450:4001:80b::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.swbenefits.live
2    2a00:1450:4001:827::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    205.234.175.105 (United States)

ASN30081 (CACHENETWORKS, US)
cdn.nsimg.net
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
media1.tenor.com
1    216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f3.1e100.net
fonts.gstatic.com
1    104.16.123.96 (None, )

ASN13335 (CLOUDFLARENET, US)
www.cloudflare.com
8    5.104.107.248 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS WIIT AG, DE)
PTR: srv11409.dus4.dedicated.server-hosting.expert
bggcdje.datesrud.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
8 datesrud.com
bggcdje.datesrud.com
147 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255
31 KB
3 nsimg.net
cdn.nsimg.net — Cisco Umbrella Rank: 214321
271 KB
2 cloudflare.com
www.cloudflare.com — Cisco Umbrella Rank: 5957
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
ajax.googleapis.com — Cisco Umbrella Rank: 415
34 KB
2 blogger.com
www.blogger.com — Cisco Umbrella Rank: 12722
59 KB
2 swbenefits.live
www.swbenefits.live
10 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 gstatic.com
fonts.gstatic.com
125 KB
1 tenor.com
media1.tenor.com — Cisco Umbrella Rank: 27346
1 MB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
26 11
Domain Requested by
8 bggcdje.datesrud.com www.swbenefits.live
bggcdje.datesrud.com
3 maxcdn.bootstrapcdn.com bggcdje.datesrud.com
3 cdn.nsimg.net www.swbenefits.live
2 www.blogger.com www.swbenefits.live
2 www.swbenefits.live www.swbenefits.live
1 cdnjs.cloudflare.com bggcdje.datesrud.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.cloudflare.com www.swbenefits.live
1 fonts.gstatic.com fonts.googleapis.com
1 media1.tenor.com www.swbenefits.live
1 ajax.googleapis.com www.swbenefits.live
1 fonts.googleapis.com www.swbenefits.live
1 www.googletagmanager.com www.swbenefits.live
26 13

This site contains no links.

Subject Issuer Validity Valid
*.blogger.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
nsimg.net
R11		 2024-11-21 -
2025-02-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
c.tenor.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
www.cloudflare.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
datesrud.com
R10		 2024-12-21 -
2025-03-21		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bggcdje.datesrud.com/s/45a8b607c20a2
Frame ID: 30905CEA73BC6D5555DD1264410C84DC
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

❤♥❤♥❤♥❤♥❤♥❤♥❤♥❤♥❤♥❤♥❤

Page URL History Show full URLs

  1. http://www.swbenefits.live/ HTTP 307
    https://www.swbenefits.live/ HTTP 307
    http://www.swbenefits.live/ Page URL
  2. https://bggcdje.datesrud.com/s/45a8b607c20a2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

88 %
HTTPS

54 %
IPv6

11
Domains

13
Subdomains

13
IPs

3
Countries

1974 kB
Transfer

2646 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.swbenefits.live/ HTTP 307
    https://www.swbenefits.live/ HTTP 307
    http://www.swbenefits.live/ Page URL
  2. https://bggcdje.datesrud.com/s/45a8b607c20a2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.swbenefits.live/ HTTP 307
  • https://www.swbenefits.live/ HTTP 307
  • http://www.swbenefits.live/

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.swbenefits.live/
Redirect Chain
  • http://www.swbenefits.live/
  • https://www.swbenefits.live/
  • http://www.swbenefits.live/
26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.swbenefits.live/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e7c95f1ce793d18dca31da1034644b408f84c71e2acf211041b6a46c1a513c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
6837
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Dec 2024 13:24:33 GMT
ETag
W/"a7a63a319e0fcd57be3ccc5eb5e304af92a55e7c451863b63384f9f27dc63aeb"
Expires
Tue, 24 Dec 2024 13:24:33 GMT
Last-Modified
Tue, 01 Oct 2024 15:53:24 GMT
Server
GSE
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Location
http://www.swbenefits.live/
Non-Authoritative-Reason
HttpsUpgrades
3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Requested by
Host: www.swbenefits.live
URL: http://www.swbenefits.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www.swbenefits.live/

Response headers

content-encoding
gzip
age
337553
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 15:38:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 15:38:40 GMT
last-modified
Fri, 20 Dec 2024 09:52:18 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
7756
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		323 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T23W8LHZYM
Requested by
Host: www.swbenefits.live
URL: http://www.swbenefits.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www.swbenefits.live/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 24 Dec 2024 13:24:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 13:24:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109885
x-xss-protection
0
server
Google Tag Manager
normalize.css
cdn.nsimg.net/cache/landing/common/20171108/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.nsimg.net/cache/landing/common/20171108/normalize.css
Requested by
Host: www.swbenefits.live
URL: http://www.swbenefits.live/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
205.234.175.105 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
Software
CFS 1124 /
Resource Hash
b31ceb90e3eec258e254659bc5588f275e197b05cb2471490e7d1bbfee61b036

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www.swbenefits.live/

Response headers

content-encoding
gzip
etag
W/"5a037bcc-1e27"
x-cf2
H
expires
Wed, 09 Jul 2025 10:43:21 GMT
x-cf1
34239:fC.waw1:co:1699575431:cacheN.waw1-01:M
date
Tue, 24 Dec 2024 13:24:33 GMT
cf4ttl
31526866.000
content-type
text/css
x-cff
B
last-modified
Wed, 08 Nov 2017 21:49:00 GMT
vary
Accept-Encoding
x-cf-reqid
c60f97d87ccac39ff9aad71434b574cc
cf4age
9134
cache-control
max-age=31536000
x-cf3
H
accept-ranges
bytes
content-length
2448
x-cf-tsc
1720530937
server
CFS 1124
icon
fonts.googleapis.com/ 		569 B
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.swbenefits.live
URL: http://www.swbenefits.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www.swbenefits.live/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 13:24:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 13:24:33 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 24 Dec 2024 13:24:33 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js
Requested by
Host: www.swbenefits.live
URL: http://www.swbenefits.live/
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www.swbenefits.live/

Response headers

Content-Encoding
gzip
Age
300535
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
X-Content-Type-Options
nosniff
Expires
Sun, 21 Dec 2025 01:55:38 GMT
Date
Sat, 21 Dec 2024 01:55:38 GMT
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Content-Type
text/javascript; charset=UTF-8
Vary
Accept-Encoding
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Cross-Origin-Resource-Policy
cross-origin
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
33593
X-XSS-Protection
0
Server
sffe
wide-awake-high-heels.gif
media1.tenor.com/m/-ju71mv7grEAAAAC/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media1.tenor.com/m/-ju71mv7grEAAAAC/wide-awake-high-heels.gif
Requested by
Host: www.swbenefits.live
URL: http://www.swbenefits.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www.swbenefits.live/

Response headers

cache-control
public,max-age=3600
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1213908
date
Tue, 24 Dec 2024 13:24:33 GMT
x-xss-protection
0
content-type
image/gif
vary
Origin,Accept
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
cookienotice.js
www.swbenefits.live/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.swbenefits.live/js/cookienotice.js
Requested by
Host: www.swbenefits.live
URL: http://www.swbenefits.live/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www.swbenefits.live/

Response headers

Cache-Control
public, max-age=604800
Content-Encoding
gzip
Cross-Origin-Resource-Policy
cross-origin
Report-To
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
X-Content-Type-Options
nosniff
Expires
Tue, 31 Dec 2024 13:24:33 GMT
Accept-Ranges
bytes
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="blogger-tech"
Content-Length
2026
Date
Tue, 24 Dec 2024 13:24:33 GMT
X-XSS-Protection
0
Content-Type
text/javascript
Vary
Accept-Encoding
Server
sffe
Last-Modified
Tue, 24 Dec 2024 12:52:51 GMT
745881458-widgets.js
www.blogger.com/static/v1/widgets/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/745881458-widgets.js
Requested by
Host: www.swbenefits.live
URL: http://www.swbenefits.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ba46c41d654590985b65a31fbc5f594e6accac3f2811d987f4e12f79fd59213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www.swbenefits.live/

Response headers

content-encoding
gzip
age
473648
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Fri, 19 Dec 2025 01:50:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 01:50:25 GMT
last-modified
Thu, 19 Dec 2024 00:55:39 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
51983
x-xss-protection
0
server
sffe
BebasNeueBold.otf
cdn.nsimg.net/cache/landing/sexy-tour/fonts/20180410/ 		99 KB
100 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.nsimg.net/cache/landing/sexy-tour/fonts/20180410/BebasNeueBold.otf
Requested by
Host: www.swbenefits.live
URL: http://www.swbenefits.live/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
205.234.175.105 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
Software
CFS 1124 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
http://www.swbenefits.live
Referer
http://www.swbenefits.live/

Response headers

etag
"5acd21fc-18d8c"
x-cf2
H
x-cf1
34239:fC.waw1:co:1699575431:cacheN.waw1-01:M
date
Tue, 24 Dec 2024 13:24:33 GMT
cf4ttl
2292597.500
content-type
application/octet-stream
x-cf-reqid
e50ddf9bf0895a9d8051abad6579aaf9
last-modified
Tue, 10 Apr 2018 20:43:40 GMT
x-cff
B
cf4age
385802
x-cf3
H
accept-ranges
bytes
access-control-allow-origin
*
content-length
101772
x-cf-tsc
1720530937
server
CFS 1124
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
http://www.swbenefits.live
Referer
https://fonts.googleapis.com/

Response headers

age
511468
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 15:20:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 15:20:05 GMT
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
128352
x-xss-protection
0
server
sffe
trace
www.cloudflare.com/cdn-cgi/ 		305 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloudflare.com/cdn-cgi/trace
Requested by
Host: www.swbenefits.live
URL: http://www.swbenefits.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.123.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www.swbenefits.live/

Response headers

cache-control
no-cache
content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8f70e98d5d8c22b5-CDG
expires
Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin
*
date
Tue, 24 Dec 2024 13:24:33 GMT
content-type
text/plain
server
cloudflare
x-frame-options
DENY
RobotoRegular.ttf
cdn.nsimg.net/cache/landing/sexy-tour/fonts/20180410/ 		168 KB
168 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.nsimg.net/cache/landing/sexy-tour/fonts/20180410/RobotoRegular.ttf
Requested by
Host: www.swbenefits.live
URL: http://www.swbenefits.live/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
205.234.175.105 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
Software
CFS 1124 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
http://www.swbenefits.live
Referer
http://www.swbenefits.live/

Response headers

etag
"5acd21fc-29e9c"
x-cf2
H
x-cf1
34239:fC.waw1:co:1699575431:cacheN.waw1-01:M
date
Tue, 24 Dec 2024 13:24:33 GMT
cf4ttl
1828581.375
content-type
application/octet-stream
x-cf-reqid
92144d12a480aefb14a756b3dd30b33f
last-modified
Tue, 10 Apr 2018 20:43:40 GMT
x-cff
B
cf4age
849818
x-cf3
H
accept-ranges
bytes
access-control-allow-origin
*
content-length
171676
x-cf-tsc
1717341072
server
CFS 1124
Primary Request 45a8b607c20a2
bggcdje.datesrud.com/s/ 		46 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bggcdje.datesrud.com/s/45a8b607c20a2
Requested by
Host: www.swbenefits.live
URL: http://www.swbenefits.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv11409.dus4.dedicated.server-hosting.expert
Software
openresty /
Resource Hash
52820b236cb95d9a5f1f6ba1df2e092b9cda3f5359a18cd651765a109d43c14e

Request headers

Referer
http://www.swbenefits.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
must-revalidate, no-cache, no-store, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 24 Dec 2024 13:24:33 GMT
expires
0
pragma
no-cache
server
openresty
vary
Accept-Encoding
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-T23W8LHZYM&gtm=45je4cc1v9179875346za200&_p=1735046673400&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1652795853.1735046674&ul=fr-fr&sr=1600x1200&are=1&frm=0&pscdl=noapi&_s=1&sid=1735046673&sct=1&seg=0&dl=http%3A%2F%2Fwww.swbenefits.live%2F&dt=swbenefits.live&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=644
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T23W8LHZYM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://www.swbenefits.live/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
http://www.swbenefits.live
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 13:24:33 GMT
content-type
text/plain
server
Golfe2
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
Requested by
Host: bggcdje.datesrud.com
URL: https://bggcdje.datesrud.com/s/45a8b607c20a2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bggcdje.datesrud.com
Referer
https://bggcdje.datesrud.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
MISS
etag
"2f624089c65f12185e79925bc5a7fc42"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 13:24:33 GMT
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
11/19/2024 08:27:26
cdn-requestpullcode
200
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3c1069ea823eea10662779c8dd84c4ef
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.06
cf-ray
8f70e98ffcabd171-CDG
access-control-allow-origin
*
cdn-edgestorageid
946
server
cloudflare
cdn-requestcountrycode
FR
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap-theme.min.css
Requested by
Host: bggcdje.datesrud.com
URL: https://bggcdje.datesrud.com/s/45a8b607c20a2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c6ccd19e5c16faefbef429d042458b82c80af040f450b1ee208dba88d5b0df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bggcdje.datesrud.com
Referer
https://bggcdje.datesrud.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
MISS
etag
"46d96593303e4c8666f497bb7602c999"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 13:24:33 GMT
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
11/18/2024 16:33:18
cdn-requestpullcode
200
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
d331970bad77f44fcc99452ef4d72e68
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.07
cf-ray
8f70e98ffca9d171-CDG
access-control-allow-origin
*
cdn-edgestorageid
1219
server
cloudflare
cdn-requestcountrycode
FR
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: bggcdje.datesrud.com
URL: https://bggcdje.datesrud.com/s/45a8b607c20a2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://bggcdje.datesrud.com
Referer
https://bggcdje.datesrud.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
MISS
etag
"269550530cc127b6aa5a35925a7de6ce"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 13:24:33 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
11/25/2024 17:04:55
cdn-requestpullcode
200
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
1
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ecda442baffe05e718dddc9b7c20900e
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.06
cf-ray
8f70e98ffca3d171-CDG
access-control-allow-origin
*
cdn-edgestorageid
947
server
cloudflare
cdn-requestcountrycode
FR
style.css
bggcdje.datesrud.com/bundle/309/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bggcdje.datesrud.com/bundle/309/assets/css/style.css
Requested by
Host: bggcdje.datesrud.com
URL: https://bggcdje.datesrud.com/s/45a8b607c20a2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv11409.dus4.dedicated.server-hosting.expert
Software
openresty /
Resource Hash
bd85766f0a623b4c0969c7171789647fe37013a45c4e6598d240c78f8ba5999f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bggcdje.datesrud.com/s/45a8b607c20a2

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"5e7cc2c5-e92"
expires
Thu, 23 Jan 2025 13:24:33 GMT
date
Tue, 24 Dec 2024 13:24:33 GMT
content-type
text/css
vary
Accept-Encoding
server
openresty
last-modified
Thu, 26 Mar 2020 14:57:09 GMT
10.jpg
bggcdje.datesrud.com/bundle/309/assets/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bggcdje.datesrud.com/bundle/309/assets/img/10.jpg
Requested by
Host: bggcdje.datesrud.com
URL: https://bggcdje.datesrud.com/s/45a8b607c20a2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv11409.dus4.dedicated.server-hosting.expert
Software
openresty /
Resource Hash
1a33d50e52e8ccaf250a99aba8f5776837df72f490764beb29762d087161e87e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bggcdje.datesrud.com/s/45a8b607c20a2

Response headers

cache-control
max-age=2592000
etag
"5e7cc2c5-2f84"
expires
Thu, 23 Jan 2025 13:24:33 GMT
content-length
12164
date
Tue, 24 Dec 2024 13:24:33 GMT
content-type
image/jpeg
last-modified
Thu, 26 Mar 2020 14:57:09 GMT
server
openresty
2.jpg
bggcdje.datesrud.com/bundle/309/assets/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bggcdje.datesrud.com/bundle/309/assets/img/2.jpg
Requested by
Host: bggcdje.datesrud.com
URL: https://bggcdje.datesrud.com/s/45a8b607c20a2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv11409.dus4.dedicated.server-hosting.expert
Software
openresty /
Resource Hash
ea5a1198da5ae11bd6f12a870503faf500be7fa0fc4968feed8a3f3021e186fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bggcdje.datesrud.com/s/45a8b607c20a2

Response headers

cache-control
max-age=2592000
etag
"5e7cc2c5-4bb3"
expires
Thu, 23 Jan 2025 13:24:33 GMT
content-length
19379
date
Tue, 24 Dec 2024 13:24:33 GMT
content-type
image/jpeg
last-modified
Thu, 26 Mar 2020 14:57:09 GMT
server
openresty
jquery.js
bggcdje.datesrud.com/bundle/309/assets/js/ 		121 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bggcdje.datesrud.com/bundle/309/assets/js/jquery.js
Requested by
Host: bggcdje.datesrud.com
URL: https://bggcdje.datesrud.com/s/45a8b607c20a2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv11409.dus4.dedicated.server-hosting.expert
Software
openresty /
Resource Hash
2f233b872ca676966a2195754f756672d60a4497a595d5237a40a00cc49f87f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bggcdje.datesrud.com/s/45a8b607c20a2

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"5e7cc2c5-1e35d"
expires
Thu, 23 Jan 2025 13:24:33 GMT
date
Tue, 24 Dec 2024 13:24:33 GMT
content-type
application/javascript
vary
Accept-Encoding
server
openresty
last-modified
Thu, 26 Mar 2020 14:57:09 GMT
typed.min.js
cdnjs.cloudflare.com/ajax/libs/typed.js/1.1.7/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/typed.js/1.1.7/typed.min.js
Requested by
Host: bggcdje.datesrud.com
URL: https://bggcdje.datesrud.com/s/45a8b607c20a2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5755506320c27c9aa5865dc12671aef21a6876d92b8bb55a7c0ce492f7762bc7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bggcdje.datesrud.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb04010-14ce"
age
408408
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MlLWrpfk4NQshW68C2MQICeleqfJRu%2FSWCvd0oyyo0nBZSLMNm%2FKLU2IBK3QCrCPDSg6hRRHkJe2QJUpIVSpC8ELL4dLIw39OcHgcugcd4W9190Pv8x33EYXQMQL8im7PxS5tRvj"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 13:24:33 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 24 Dec 2024 13:24:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:17:20 GMT
vary
Accept-Encoding
priority
u=2,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f70e9901f5ebb27-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
1627
server
cloudflare
functions.js
bggcdje.datesrud.com/bundle/309/assets/js/ 		1 KB
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bggcdje.datesrud.com/bundle/309/assets/js/functions.js
Requested by
Host: bggcdje.datesrud.com
URL: https://bggcdje.datesrud.com/s/45a8b607c20a2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv11409.dus4.dedicated.server-hosting.expert
Software
openresty /
Resource Hash
c94da5c43b14bd3425cf37c0281e56f45a9bf87e4a6ea1f37bd0bd4b42f106fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bggcdje.datesrud.com/s/45a8b607c20a2

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"5e7cc2c5-524"
expires
Thu, 23 Jan 2025 13:24:33 GMT
date
Tue, 24 Dec 2024 13:24:33 GMT
content-type
application/javascript
vary
Accept-Encoding
server
openresty
last-modified
Thu, 26 Mar 2020 14:57:09 GMT
bg.jpg
bggcdje.datesrud.com/bundle/309/assets/img/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bggcdje.datesrud.com/bundle/309/assets/img/bg.jpg
Requested by
Host: bggcdje.datesrud.com
URL: https://bggcdje.datesrud.com/bundle/309/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv11409.dus4.dedicated.server-hosting.expert
Software
openresty /
Resource Hash
e6203546905c26ecf3eaedf23ff86923ec0c8cb69a5b0ce16a1efedee1ab2b4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bggcdje.datesrud.com/bundle/309/assets/css/style.css

Response headers

cache-control
max-age=2592000
etag
"5e7cc2c5-d336"
expires
Thu, 23 Jan 2025 13:24:33 GMT
content-length
54070
date
Tue, 24 Dec 2024 13:24:33 GMT
content-type
image/jpeg
last-modified
Thu, 26 Mar 2020 14:57:09 GMT
server
openresty
favicon.png
bggcdje.datesrud.com/bundle/309/assets/img/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bggcdje.datesrud.com/bundle/309/assets/img/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv11409.dus4.dedicated.server-hosting.expert
Software
openresty /
Resource Hash
d939f4e0922bf8c52dea5946e5b72af59230babbf06aa740646218be04b0ae6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bggcdje.datesrud.com/s/45a8b607c20a2

Response headers

cache-control
max-age=2592000
etag
"5e7cc2c5-704"
expires
Thu, 23 Jan 2025 13:24:34 GMT
content-length
1796
date
Tue, 24 Dec 2024 13:24:34 GMT
content-type
image/png
last-modified
Thu, 26 Mar 2020 14:57:09 GMT
server
openresty

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Typed object| array function| step function| sendTrack function| Fingerprint2 function| fingerprintGo function| collectTrackParams function| closingConfirm function| handleError function| getParameterByName function| collectParams function| checkRequired function| setLeadInfo function| setCF

4 Cookies

Domain/Path Name / Value
www.swbenefits.live/ Name: visited
Value: true
.swbenefits.live/ Name: _ga
Value: GA1.1.1652795853.1735046674
.swbenefits.live/ Name: _ga_T23W8LHZYM
Value: GS1.1.1735046673.1.0.1735046673.0.0.0
.datesrud.com/ Name: s
Value: rbU44QpOX8Mfo0%2FAfv9bH5iuhlDJtAZCgo6N%2FTvWL1vgoInSVqb0DWvqepExOcCt7W3getZUl9pbMdMUuukJaCB%2BLvYRH5tb%2FTdQQiJzDdEV5%2Fg76Pyj9NclbgNhk2cvKCEg55LWMCEXP4gpF8rQnAi1R4F6zrTTIy7nKP10%2F1WAKX6jqh17Vn54ReOYojS9iJq2NnZqybFxupm%2FzVPMnQsvAL7k4LktZsVoeaoRgWTth4ANdQBzf7ZAe8Lle57M5MSTTMCOVvhqsNUYQWrchDOEz%2BcgtbT5U9cXPTpS3Z6JwKfFjwsiiYLB0bWlDHPS1IA%2FCs8k9BvE3zdcQKupBhO8dnAqbfURGMs3dpwJAnrBG5WA%2FS8XOg5i7URHEJaKlSDMLdHw1%2FXeuAvDyWR0vxnZWZKuRMxsTxWUpC3bDmgLwKW3Geirsq5g5HTVX9oleXKAWdRxWKajvXZLs5WguMVd6Pkv2KaS1no6NuERHFRIqPkhgdOH2ntihAW82LiLgsgjlKNHs0r4XcuxVtsWRAA8uTJQn8w5WRYmPHPzEEw5000aTQ7ihcfOSFjrIfPb5n%2Be538NVJ%2FJYIX%2FXfuFKxv%2FVk9MJdmOrt3vSsK7GSP3FOBPCnVmMduxWj5kgDiTWxGT8AtuwDL98dMlzBGD52NTa%2BzLY%2Bj1rMbdGrD7byjICquWRQ2gJdXyvQY32djKZ0UBxbMzmzQzRBXg8YIORIEyreYzT3HCFS2rdGIdgdUulnBKjJtO%2FHhHVnRWrfLfe1LOYszNACvWk92SrAeEVJ%2BG6WSXHseZn1NTNqg7dXlu2cXXP9C4cXec4rTwmlfNq88DwcLiRZrjulkvbONJBsbYlgSmrxA8qBW%2B662zC6sQgvsQWVyxNojSp3b%2BDL7op8GLBR77ecS3c%2F79aa89oYevinXWxP8EaNwgBo9ND8ESZEm9vCZmr1iVAxRohAFRvK0JUuS4xd%2BTNhqqOHlXYLiIRXrTh6CY%2FMfzlPdO2vSd3lYoXAkiQESlBe4lJYm8LkxtoJnQBglx6CU2DZAcoy86o5qd8OqM%2F91hWPS9Rnjn2kJbrJ0zR8H%2B0QmcDQn3rJ4rqH%2F%2B88M%2BBc4kG1BvyDw8ESOy03CL6jSBCLnH9CIiWptpvilIt4yc6%2B6NvBhm3PNFuF12DO0znN97RBimmbR0h%2Bfhd1amCrKa1V3fnKze58ACS%2Bin34qxYELrpJN%2Bm1EkC8DbtjM1rzRQt257pyz5LGJ6HUYwJnaMhK6t6tmqYzWLg3BTD1gmICzChTlq5j5zCLLrEblEigRxYByH9uppYZg25rc361bu7jM3HjggXSvdtXm6yOHO%2BTECcrafmN4JuPiXAZ3DQRuf2S2iK3TZn7Cb1JYV5F7txvuVU2hOmAGE4WEcGVXg70nBv0ebWlhKxwHrencLOq53URzr6kvN%2BKPa70Wx16mF61IfL5snOwZiynkXtpoamvlID%2BiKJUX%2FMnynxQwGQzBaO9fMM9itYUpn%2BDD60i3xLIi2DCrggl%2FOSLs7C4BLwnSeb4VbKynOUP502d4su%2F9TWKjIbP6ryvPDAZ5a1Rw1sYvD2HNWOqiKrK%2BuejjtU6xqDd0yQj67pUuxe75sxY9K4VFOQkfcVlwrJMnTteHaw4x7ATJcMWsRJdPBhFKVyFJol2TiCnsq%2FocBSoJdq0PgL3PElTuryIAJj%2BQhs6M2ZLeJkimhc6xHKVpWD4W1J%2FDcH7utQhLg7Zg9TgyXOTBgzXTCYSmxYgwa0GsyTwTld2f0vYoM9kReAU%2BpWygRECPFP1XNpmbmp%2BCJADSGh9NoaSiJ9pRBI27ITq21qluEKywex8%2BaeCwLtHoyPppqiV8xZ6BL%2FPc%2BMNMHPF21un6bfHAeO1Ir1KQK%2FhYt%2BeUlHhG0jxQhRwONxX4VijyC64iV8yP1rzY%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bggcdje.datesrud.com
cdn.nsimg.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
media1.tenor.com
region1.google-analytics.com
www.blogger.com
www.cloudflare.com
www.googletagmanager.com
www.swbenefits.live
104.16.123.96
104.17.24.14
104.18.10.207
2001:4860:4802:34::36
205.234.175.105
216.58.212.163
2a00:1450:4001:802::2008
2a00:1450:4001:80b::2013
2a00:1450:4001:80e::200a
2a00:1450:4001:827::2009
2a00:1450:4001:828::200a
2a00:1450:4001:829::200a
5.104.107.248
1a33d50e52e8ccaf250a99aba8f5776837df72f490764beb29762d087161e87e
2ba46c41d654590985b65a31fbc5f594e6accac3f2811d987f4e12f79fd59213
2f233b872ca676966a2195754f756672d60a4497a595d5237a40a00cc49f87f0
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
52820b236cb95d9a5f1f6ba1df2e092b9cda3f5359a18cd651765a109d43c14e
5755506320c27c9aa5865dc12671aef21a6876d92b8bb55a7c0ce492f7762bc7
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
a3c6ccd19e5c16faefbef429d042458b82c80af040f450b1ee208dba88d5b0df
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
b31ceb90e3eec258e254659bc5588f275e197b05cb2471490e7d1bbfee61b036
bd85766f0a623b4c0969c7171789647fe37013a45c4e6598d240c78f8ba5999f
c94da5c43b14bd3425cf37c0281e56f45a9bf87e4a6ea1f37bd0bd4b42f106fb
d939f4e0922bf8c52dea5946e5b72af59230babbf06aa740646218be04b0ae6d
e6203546905c26ecf3eaedf23ff86923ec0c8cb69a5b0ce16a1efedee1ab2b4e
e7c95f1ce793d18dca31da1034644b408f84c71e2acf211041b6a46c1a513c8b
ea5a1198da5ae11bd6f12a870503faf500be7fa0fc4968feed8a3f3021e186fc
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c