urlscan.io logo urlscan.io
SecurityTrails logo

cnsgtfmd.com Open in urlscan Pro
188.114.97.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://clkmt.com/?repid=1043&offerid=913&sub1=09s
Effective URL: https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
Submission: On December 29 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 21 HTTP transactions. The main IP is 188.114.97.9, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is cnsgtfmd.com.
TLS certificate: Issued by GTS CA 1P5 on December 14th 2023. Valid for: 3 months.
This is the only time cnsgtfmd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2 163.171.131.207 54994 (ML-1432-5...)
12 188.114.97.9 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 152.199.19.160 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
21 7
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
clkmt.com
2    163.171.131.207 (France)

ASN54994 (ML-1432-54994, CA)
9e2722ab.registersafely.com
12    188.114.97.9 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cnsgtfmd.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
3    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
12 cnsgtfmd.com
cnsgtfmd.com
111 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
191 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340
fonts.googleapis.com — Cisco Umbrella Rank: 29
32 KB
2 registersafely.com
9e2722ab.registersafely.com
1 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2338
12 KB
1 clkmt.com
clkmt.com
1 KB
21 7
Domain Requested by
12 cnsgtfmd.com cnsgtfmd.com
ajax.googleapis.com
3 www.googletagmanager.com cnsgtfmd.com
www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 9e2722ab.registersafely.com 2 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com cnsgtfmd.com
1 ajax.aspnetcdn.com cnsgtfmd.com
1 ajax.googleapis.com cnsgtfmd.com
1 clkmt.com 1 redirects
21 9

This site contains no links.

Subject Issuer Validity Valid
cnsgtfmd.com
GTS CA 1P5		 2023-12-14 -
2024-03-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
Frame ID: 89DBB112C23346A79BA68E16E9C5FB31
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://clkmt.com/?repid=1043&offerid=913&sub1=09s HTTP 302
    http://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=fd827074&x_r=NlGtnt&x_a=1043&x... HTTP 301
    https://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=fd827074&x_r=NlGtnt&x_a=1043&x... HTTP 302
    https://cnsgtfmd.com/user/?ofid=18&a_aid=9e2722ab&a_bid=fd827074&x_r=NlGtnt&x_a=1043&x_c=09s&site... Page URL
  2. https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

7
IPs

4
Countries

367 kB
Transfer

992 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://clkmt.com/?repid=1043&offerid=913&sub1=09s HTTP 302
    http://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=fd827074&x_r=NlGtnt&x_a=1043&x_c=09s HTTP 301
    https://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=fd827074&x_r=NlGtnt&x_a=1043&x_c=09s HTTP 302
    https://cnsgtfmd.com/user/?ofid=18&a_aid=9e2722ab&a_bid=fd827074&x_r=NlGtnt&x_a=1043&x_c=09s&sitekey=69b4d2e1b8a025e8&rtr=1&rtid=4256935437 Page URL
  2. https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://clkmt.com/?repid=1043&offerid=913&sub1=09s HTTP 302
  • http://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=fd827074&x_r=NlGtnt&x_a=1043&x_c=09s HTTP 301
  • https://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=fd827074&x_r=NlGtnt&x_a=1043&x_c=09s HTTP 302
  • https://cnsgtfmd.com/user/?ofid=18&a_aid=9e2722ab&a_bid=fd827074&x_r=NlGtnt&x_a=1043&x_c=09s&sitekey=69b4d2e1b8a025e8&rtr=1&rtid=4256935437

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cnsgtfmd.com/user/
Redirect Chain
  • http://clkmt.com/?repid=1043&offerid=913&sub1=09s
  • http://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=fd827074&x_r=NlGtnt&x_a=1043&x_c=09s
  • https://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=18&a_aid=9e2722ab&a_bid=fd827074&x_r=NlGtnt&x_a=1043&x_c=09s
  • https://cnsgtfmd.com/user/?ofid=18&a_aid=9e2722ab&a_bid=fd827074&x_r=NlGtnt&x_a=1043&x_c=09s&sitekey=69b4d2e1b8a025e8&rtr=1&rtid=4256935437
339 B
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cnsgtfmd.com/user/?ofid=18&a_aid=9e2722ab&a_bid=fd827074&x_r=NlGtnt&x_a=1043&x_c=09s&sitekey=69b4d2e1b8a025e8&rtr=1&rtid=4256935437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83cf07bc38a35c4c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 29 Dec 2023 03:41:57 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2aFhW96ZSHe0wd%2BioX1JP7nOPGN5MZuO%2FtaZDM6d%2FK804aTvLVHTX%2B2CGF89iLgtjTnf%2FpCMbvIRF1AckNwY8%2FetYj%2BB76WjJIeWvA8C7m46s9U1hWTfXne7R5XaRc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Fri, 29 Dec 2023 03:41:56 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://cnsgtfmd.com/user/?ofid=18&a_aid=9e2722ab&a_bid=fd827074&x_r=NlGtnt&x_a=1043&x_c=09s&sitekey=69b4d2e1b8a025e8&rtr=1&rtid=4256935437
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
waf/4.35.2-0.el7
x-via
1.1 PS-LAX-01iL8141:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:5 (Cdn Cache Server V2.0), 1.1 PSfgblPAR1nw230:1 (Cdn Cache Server V2.0)
x-ws-request-id
658e4003_PSfgblPAR1ke67_12091-47804
Primary Request /
cnsgtfmd.com/user/ 		23 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c4f90f1f67e27df8c3726f2993db6b72e7bd4156225f5c2ec26814401255615

Request headers

Referer
https://cnsgtfmd.com/user/?ofid=18&a_aid=9e2722ab&a_bid=fd827074&x_r=NlGtnt&x_a=1043&x_c=09s&sitekey=69b4d2e1b8a025e8&rtr=1&rtid=4256935437
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83cf07bfdb455c4c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 29 Dec 2023 03:41:57 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mq5%2BYK%2FQtSPTsa0Ybs6cYo9RF6OjR9PD%2FBNg1amJaBscEpjq6P6vZvsk6RKcIwzrSkJ%2Fm%2FENhhumX1%2FjPZ2CxCdN84%2BGMcrVaMhNeS0mxIHElt%2FgorZzP5pvCz1IPKs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
26cpgd.css
cnsgtfmd.com/common_tpls/compact2C/css/ 		167 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cnsgtfmd.com/common_tpls/compact2C/css/26cpgd.css
Requested by
Host: cnsgtfmd.com
URL: https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eb8b3e8dc9c601a2019a26bc3978b2c1ca2d0e500eef162393e618e6e41b652

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 03:41:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 11 May 2017 19:26:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5914badf-29bb4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sU829G7amRY3KhRqik6zINItkBY6DPwnGedaqKA9A1axiKnJ%2BmWCHBNKhKJ8fcgbk88P5omao%2BhSe7mUTzzmkyCekGjHlG0dPi35jXHTjKxY9nKtvAnJ7V%2FN%2BFs290%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
83cf07c1efe8b8ba-AMS
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: cnsgtfmd.com
URL: https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cnsgtfmd.com/
Origin
https://cnsgtfmd.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 12:15:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
573971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 12:15:46 GMT
bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
Requested by
Host: cnsgtfmd.com
URL: https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AF) /
Resource Hash
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cnsgtfmd.com/
Origin
https://cnsgtfmd.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 03:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15189956
x-cache
HIT
content-length
12247
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:09:58 GMT
server
ECAcc (ama/48AF)
etag
"194598e6cb33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
form_support.js
cnsgtfmd.com/common_tpls/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnsgtfmd.com/common_tpls/js/form_support.js?v=1516308712
Requested by
Host: cnsgtfmd.com
URL: https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 03:41:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 18 Nov 2022 21:23:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6377f7d9-ed7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbYch9iPYgfaWo1qIKFGfcHkjvGaYXmDFGvocVeWktU1Nv4L0rzLbmx%2FyuxjFVodR0vt8ThGkz9bN8kAIToblSc%2FWU%2FLFDYLOYt97FmzUdTamlrBmlQhaDkd8pMZwKY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83cf07c1fff1b8ba-AMS
alt-svc
h3=":443"; ma=86400
validate_form_v2.js
cnsgtfmd.com/common_tpls/js/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnsgtfmd.com/common_tpls/js/validate_form_v2.js?jsv=29
Requested by
Host: cnsgtfmd.com
URL: https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3f9ad8a6b5ee12a78a32d898be23898f6d340765e340873e0253feb3b0e8825

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 03:41:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 19 Oct 2023 00:24:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6530775a-6590"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCzwXptZKIJuu9FDMuwKfjy3%2BOuLk6OSnKetkN9kzv5EurNGiJYrJ1j2adMcAYsrBHOpfY7rQlvpi00mV%2FQEDjibXLeS8g%2FM3P0Qe4JSSpu1XBkra2b%2BgwUh9PCN%2FME%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83cf07c1fff2b8ba-AMS
alt-svc
h3=":443"; ma=86400
ajax-loader.gif
cnsgtfmd.com/common_tpls/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnsgtfmd.com/common_tpls/images/ajax-loader.gif
Requested by
Host: cnsgtfmd.com
URL: https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 03:41:57 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 07 Oct 2013 22:49:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"52533a73-c88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHDpauUUZZ1aWwNXcCPqJZ2hM3wVIhN01BB3B1ojdM568Tboza0IZs53ACm2j3mWL%2Fk04MZKwx%2BleGf9215h5g6Zo1%2Fwq6x6imh1evT69XkVun9OtUxyp3URZPyJGYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83cf07c1fff3b8ba-AMS
alt-svc
h3=":443"; ma=86400
content-length
3208
topcircle.png
cnsgtfmd.com/common_tpls/compact2C/img/26cpg/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnsgtfmd.com/common_tpls/compact2C/img/26cpg/topcircle.png
Requested by
Host: cnsgtfmd.com
URL: https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85d4d8e2a601af94c4a850eec52a1dd612326391ddab567947df2726f942fa1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 03:41:57 GMT
cf-cache-status
MISS
last-modified
Tue, 09 May 2017 14:14:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5911cea8-3da0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AP9CpMmwRYdYcz4zDQmpUGNop7mWvgYrPNeW64yYVonDwlPou04GzdntuXop3Vs4YTYcDjffybxw%2B14Zpz5ODqRO14gkp80T9rdnBVJ8yWf6d0%2By7opQA7pxwW11m3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83cf07c1fff4b8ba-AMS
alt-svc
h3=":443"; ma=86400
content-length
15776
icons.png
cnsgtfmd.com/common_tpls/compact2C/img/26cpg/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnsgtfmd.com/common_tpls/compact2C/img/26cpg/icons.png
Requested by
Host: cnsgtfmd.com
URL: https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
223654533571c9354a133712ca5ffc0d3800188d25f998f7e5891ba5ad76ff53

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 03:41:58 GMT
cf-cache-status
MISS
last-modified
Mon, 08 May 2017 21:37:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5910e51d-63ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R19sX0NEq0elibEQptR%2F4RzTuvwwQx%2F0VZ6Q2ue8RJYYhftM2F8WnGFM9pB3GhvN7JOVunJN69yX6fGJTiyg8vPWZlfRrW8PeF9dFIEMeryCqfRMW%2B0NiwszUHvD6xs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83cf07c4dad1b8ba-AMS
alt-svc
h3=":443"; ma=86400
content-length
25578
iframeResizer.contentWindow.min.js
cnsgtfmd.com/common_tpls/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnsgtfmd.com/common_tpls/js/iframeResizer.contentWindow.min.js
Requested by
Host: cnsgtfmd.com
URL: https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 03:41:58 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 04 Feb 2016 15:06:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"56b368db-3445"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfF8JY8IGSG0N9RSczkcDoLvtwWbnxYXzBLPKlvq%2BuX99HGnZyIZXnHM69wQL8kSdEoJ97kBW7Zze4PY%2B81FqPaJL%2FppcNo90fyZGvnjqwiiDVj%2B2TaWyPjKhmkKMoo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83cf07c5cb98b8ba-AMS
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-208173773-1
Requested by
Host: cnsgtfmd.com
URL: https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
10c89ce81e96f7146b344ed3ce88fce2ca322def7caa638888b7de72a4188812
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cnsgtfmd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 03:41:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69021
x-xss-protection
0
last-modified
Fri, 29 Dec 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 29 Dec 2023 03:41:58 GMT
css
fonts.googleapis.com/ 		3 KB
984 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,900
Requested by
Host: cnsgtfmd.com
URL: https://cnsgtfmd.com/common_tpls/compact2C/css/26cpgd.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
061ef641aec6406e6b4953ec73aa878f9d977a87e7de45210f6a69355ed7f10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cnsgtfmd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Dec 2023 03:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 29 Dec 2023 03:41:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Dec 2023 03:41:58 GMT
gtm.js
www.googletagmanager.com/ 		113 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NSCK9H9
Requested by
Host: cnsgtfmd.com
URL: https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a1b6bfbf117b576597e02ae696e2ffe526e31a986fb04f864170a0f96a886baa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cnsgtfmd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 03:41:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44453
x-xss-protection
0
last-modified
Fri, 29 Dec 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 29 Dec 2023 03:41:58 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-90FLKCEX7T&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-208173773-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9edeeef89dee2f039a6ce03d0e04f73785179af42a88d652ae2617966dc69715
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cnsgtfmd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 03:41:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81202
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 29 Dec 2023 03:41:58 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-208173773-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cnsgtfmd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 29 Dec 2023 02:17:44 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5054
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 29 Dec 2023 04:17:44 GMT
ex.png
cnsgtfmd.com/common_tpls/compact2C/img/26cpg/ 		452 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnsgtfmd.com/common_tpls/compact2C/img/26cpg/ex.png
Requested by
Host: cnsgtfmd.com
URL: https://cnsgtfmd.com/common_tpls/compact2C/css/26cpgd.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c9dc47b37aee9f2dd0d645032845a9359d92c88c936f2ddf17ecc74d6f379fe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cnsgtfmd.com/common_tpls/compact2C/css/26cpgd.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 03:41:58 GMT
cf-cache-status
MISS
last-modified
Tue, 09 May 2017 21:29:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"591234a3-1c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1MDEH7qusRo7v7m3PLVMJzCrfP1jzqdS0%2FABgQH7%2FbQV0EBmnOiD7urx9Y9PqVnYKg1YIsDvWAgC%2Bl5S2hOWgahBl%2F5f%2F5EMIlySnAdsfwiWFDegAZa6JAEhQDdZBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83cf07c8ddabb8ba-AMS
alt-svc
h3=":443"; ma=86400
content-length
452
glyphicons-halflings-regular.woff2
cnsgtfmd.com/common_tpls/common/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cnsgtfmd.com/common_tpls/common/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: cnsgtfmd.com
URL: https://cnsgtfmd.com/common_tpls/compact2C/css/26cpgd.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer
https://cnsgtfmd.com/common_tpls/compact2C/css/26cpgd.css
Origin
https://cnsgtfmd.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 03:41:59 GMT
cf-cache-status
MISS
last-modified
Wed, 15 Apr 2015 00:29:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"552db0fa-466c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNyVavl1vBqIgtH62YPTPJ4Ag9Yyh2qCt0Yo1Xp2Mzevg4SNf4og2dXB53YfCQeDtPvLLJn35vYaxkYfSJOOoinRwme%2BH1Z3Wed8LlSOADVm4nT7R3jI8fee%2Blbj9aw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83cf07c8ddacb8ba-AMS
alt-svc
h3=":443"; ma=86400
content-length
18028
/
cnsgtfmd.com/user/trk/ 		21 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cnsgtfmd.com/user/trk/?rtid=4256935437
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b45d27ef26ef547bb017c3cddd9ed63f72f56aa747793b13ac3349cb4373b4b

Request headers

Accept
*/*
Referer
https://cnsgtfmd.com/user/?SID=a8154fb7f8054d5d7c59614e87cc04fc
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 03:41:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vl1l7CFFnEJ5W%2FBrXDNUgNg5%2FN7bCTwBBDA3jNMWCwj3sE0Lq7t0EaZC68k%2BW24AE39t3yn%2BV8SMxz5a7%2F7WfX5NVKL6d%2Br%2FE8gd2z2Sl6dVF2BT%2BK1Qdti3dJHEsDg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/json;charset=UTF-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store, no-cache, must-revalidate
cf-ray
83cf07c8edb2b8ba-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-90FLKCEX7T&gtm=45je3bt0v9133759248&_p=1703821318502&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1910378836.1703821319&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1703821318&sct=1&seg=0&dl=https%3A%2F%2Fcnsgtfmd.com%2Fuser%2F%3FSID%3Da8154fb7f8054d5d7c59614e87cc04fc&dr=https%3A%2F%2Fcnsgtfmd.com%2Fuser%2F%3Fofid%3D18%26a_aid%3D9e2722ab%26a_bid%3Dfd827074%26x_r%3DNlGtnt%26x_a%3D1043%26x_c%3D09s%26sitekey%3D69b4d2e1b8a025e8%26rtr%3D1%26rtid%3D4256935437&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1510
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-90FLKCEX7T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cnsgtfmd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 03:41:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cnsgtfmd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1710360074&t=pageview&_s=1&dl=https%3A%2F%2Fcnsgtfmd.com%2Fuser%2F%3FSID%3Da8154fb7f8054d5d7c59614e87cc04fc&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1597196375&gjid=2041226118&cid=1910378836.1703821319&tid=UA-208173773-1&_gid=295285564.1703821319&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=774845229
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cnsgtfmd.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 03:41:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cnsgtfmd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| highlight_field function| $ function| jQuery function| selectInList function| uncross function| makeError function| validate_highlight function| validate_form function| sprintf function| vsprintf string| acctPath string| commonPath string| language string| error_extra function| FreezeScreen boolean| pop_errors function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| emsg boolean| isSubmitting object| gaGlobal object| gaplugins object| gaData

10 Cookies

Domain/Path Name / Value
clkmt.com/ Name: PHPSESSID
Value: ahatp0s2au4ct8i5clt3i94ko6
clkmt.com/ Name: prevent_transfer
Value: 1
clkmt.com/ Name: 93fb3649878e9cbd2b87d6e75783dcf7707f5994cac086b6bb1170d315fb10e4
Value: %7B%221043%22%3A%5B%22913%22%5D%7D
9e2722ab.registersafely.com/ Name: HMF_CI
Value: 7baadd57ae14c16e91c25307a6bbba1740bab761dba5f4ffcd3883433b40f5315eef21a0789a7f4de45837951f2fc39b158c3c4c8b86eabb34f0c6f6ca1f0b2e3b
9e2722ab.registersafely.com/ Name: PHPSESSID
Value: d993329de6678adb3f22917f97bf1f84
cnsgtfmd.com/ Name: PHPSESSID
Value: a8154fb7f8054d5d7c59614e87cc04fc
.cnsgtfmd.com/ Name: _ga_90FLKCEX7T
Value: GS1.1.1703821318.1.0.1703821318.0.0.0
.cnsgtfmd.com/ Name: _ga
Value: GA1.2.1910378836.1703821319
.cnsgtfmd.com/ Name: _gid
Value: GA1.2.295285564.1703821319
.cnsgtfmd.com/ Name: _gat_gtag_UA_208173773_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9e2722ab.registersafely.com
ajax.aspnetcdn.com
ajax.googleapis.com
clkmt.com
cnsgtfmd.com
fonts.googleapis.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
152.199.19.160
163.171.131.207
188.114.97.9
2001:4860:4802:34::178
2001:4860:4802:34::36
2a00:1450:4001:80b::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:82a::200a
2a06:98c1:3121::3
061ef641aec6406e6b4953ec73aa878f9d977a87e7de45210f6a69355ed7f10f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
10c89ce81e96f7146b344ed3ce88fce2ca322def7caa638888b7de72a4188812
1c4f90f1f67e27df8c3726f2993db6b72e7bd4156225f5c2ec26814401255615
223654533571c9354a133712ca5ffc0d3800188d25f998f7e5891ba5ad76ff53
4b45d27ef26ef547bb017c3cddd9ed63f72f56aa747793b13ac3349cb4373b4b
4c9dc47b37aee9f2dd0d645032845a9359d92c88c936f2ddf17ecc74d6f379fe
5eb8b3e8dc9c601a2019a26bc3978b2c1ca2d0e500eef162393e618e6e41b652
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
9edeeef89dee2f039a6ce03d0e04f73785179af42a88d652ae2617966dc69715
a1b6bfbf117b576597e02ae696e2ffe526e31a986fb04f864170a0f96a886baa
a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0
b3f9ad8a6b5ee12a78a32d898be23898f6d340765e340873e0253feb3b0e8825
c85d4d8e2a601af94c4a850eec52a1dd612326391ddab567947df2726f942fa1
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c