infraniumproperties.com Open in urlscan Pro
148.66.138.117 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://infraniumproperties.com/arp/index.html
Submission: On June 23 via api (June 23rd 2024, 1:50:39 am UTC) from US — Scanned from SG

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 30 HTTP transactions. The main IP is 148.66.138.117, located in Singapore, Singapore and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is infraniumproperties.com.
TLS certificate: Issued by infraniumproperties.com on June 10th 2024. Valid for: a year.

This is the only time infraniumproperties.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
2	148.66.138.117 148.66.138.117	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
5	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.200.95 74.125.200.95	15169 (GOOGLE) (GOOGLE)
1 2	23.52.40.171 23.52.40.171	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.52.171.58 23.52.171.58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	23.50.93.75 23.50.93.75	16625 (AKAMAI-AS) (AKAMAI-AS)
30	10

2 148.66.138.117 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)

infraniumproperties.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

izu-css.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.40.171 (Singapore, Singapore) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-52-40-171.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.171.58 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-52-171-58.deploy.static.akamaitechnologies.com

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.50.93.75 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-93-75.deploy.static.akamaitechnologies.com

csp.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 14322 csp.secureserver.net — Cisco Umbrella Rank: 14402	574 B
5	web.app izu-css.web.app	71 KB
2	wsimg.com 1 redirects img1.wsimg.com — Cisco Umbrella Rank: 11139	21 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3406	31 KB
2	infraniumproperties.com infraniumproperties.com	78 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 469	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 816	24 KB
0	topes.com Failed mail.topes.com Failed
30	9

	Domain	Requested by
5	izu-css.web.app	infraniumproperties.com izu-css.web.app
4	csp.secureserver.net	img1.wsimg.com
2	events.api.secureserver.net	img1.wsimg.com
2	img1.wsimg.com	1 redirects infraniumproperties.com
2	infraniumproperties.com
1	stackpath.bootstrapcdn.com	infraniumproperties.com
1	ajax.googleapis.com	infraniumproperties.com
1	maxcdn.bootstrapcdn.com	infraniumproperties.com
1	cdnjs.cloudflare.com	infraniumproperties.com
1	code.jquery.com	infraniumproperties.com
0	mail.topes.com Failed	infraniumproperties.com
30	11

This site contains no links.

Subject Issuer	Validity	Valid
infraniumproperties.com infraniumproperties.com	`2024-06-10` - `2025-06-10`	a year	crt.sh
web.app WR4	`2024-05-21` - `2024-08-19`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2023-07-10` - `2024-08-10`	a year	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2023-10-10` - `2024-11-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://infraniumproperties.com/arp/index.html
Frame ID: 2BE5C119819C1C545B7553E22B37E80E
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

주식회사 토페스...

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

53 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

262 kB
Transfer

1068 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

30 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.html Show response
infraniumproperties.com/arp/ 123 KB
78 KB 883ms
346ms Document
text/html 148.66.138.117
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://infraniumproperties.com/arp/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.117 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 93e83e55ec668409c225d599060b697a8d6ddfce3a9a4837660bf9bee9bb9dab

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 79765
content-type: text/html
date: Sun, 23 Jun 2024 01:50:29 GMT
etag: "3441576-1eb93-61b33e7f2e040-br"
last-modified: Wed, 19 Jun 2024 01:13:29 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 common68f1.css
izu-css.web.app/stress/ 19 KB
4 KB 963ms
205ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://izu-css.web.app/stress/common68f1.css?ver=20201021

Requested by

Host: infraniumproperties.com
URL: https://infraniumproperties.com/arp/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6bceadce2b938bc0b167d5c9032b1a20b15f84f90e6bd63dfd8365aace9ff1bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://infraniumproperties.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-qpg1260-QPG
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sun, 23 Jun 2024 01:50:30 GMT
last-modified: Sun, 09 Jan 2022 18:00:35 GMT
x-timer: S1719107430.377515,VS0,VE1
etag: "0c0df38c29afd026c9e97d7c5e10fb33c6f39a3b113f73b97b1721ec7dead23a-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3468
x-cache-hits: 0

GET jquery-ui.css
mail.topes.com/gw/js/Scripts/jqueryui/ 0
0

GET pudd-1.1.22.min.js
mail.topes.com/gw/js/pudd/js/ 0
0

GET ico_2_de.png
mail.topes.com/gw/Images/ico/ 0
0

GET ico_2_mo.png
mail.topes.com/gw/Images/ico/ 0
0

GET ico_2_login.png
mail.topes.com/gw/Images/ico/ 0
0

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 958ms
207ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: infraniumproperties.com
URL: https://infraniumproperties.com/arp/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://infraniumproperties.com/
Origin: https://infraniumproperties.com
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:50:31 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4390052
x-cache: HIT, HIT
content-length: 23856
x-served-by: cache-lga21963-LGA, cache-qpg120112-QPG
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1719107432.793904,VS0,VE0
etag: W/"28feccc0-10fdd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 20, 209966

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 1054ms
252ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: infraniumproperties.com
URL: https://infraniumproperties.com/arp/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://infraniumproperties.com/
Origin: https://infraniumproperties.com
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:50:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 202456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6157
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8rcWEvnORiIDSsOsWc4HTZZ4Bjn4EnXQ0Qz1wb8WAhcnb%2FHpMUj6dtFnr3doDLnaU%2FZY078X1sR7WUGHrQ8kjoXrxvKFDoOdnlob64E74QQkpFP6JwWZcyx7T3Be41t8j1BtgTMc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8980d3e909a83ff3-SIN
expires: Fri, 13 Jun 2025 01:50:31 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
15 KB 1235ms
436ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: infraniumproperties.com
URL: https://infraniumproperties.com/arp/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://infraniumproperties.com/
Origin: https://infraniumproperties.com
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:50:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1001
strict-transport-security: max-age=31536000; includeSubDomains; preload
cdn-cachedat: 03/18/2024 12:16:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c511ac6ffeac391bf6db5f3c80f33904
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8980d3e90be15fa8-SIN
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 952ms
209ms Script
text/javascript 74.125.200.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: infraniumproperties.com
URL: https://infraniumproperties.com/arp/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f95.1e100.net

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://infraniumproperties.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 14:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Jun 2025 14:36:54 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
16 KB 1066ms
247ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: infraniumproperties.com
URL: https://infraniumproperties.com/arp/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://infraniumproperties.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 852
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3746335
cdn-cachedat: 10/31/2023 18:52:11
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"67176c242e1bdc20603c878dee836df3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: ed766c17cdf45213b1538ae406b7f7a1
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8980d3e92a5e4625-SIN
cdn-requestpullsuccess: True

GET
H2

200

scc-c2.min.js Show response
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

105 KB
21 KB

254ms
253ms

Script
text/javascript

23.52.40.171
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by: Host: infraniumproperties.com
URL: https://infraniumproperties.com/arp/index.html
Protocol: H2
Server: 23.52.40.171 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-52-40-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8f7092c94ef904c57584706cdb5f1fd9fe1efce52ce3105e99b9a7def487f09f

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer: https://infraniumproperties.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: VDVeY4oO8ClQrknn.k4OgPWK0heF1LAr
content-encoding: gzip
date: Sun, 23 Jun 2024 01:50:33 GMT
x-amz-request-id: X1668PBWQAS439GT
x-amz-server-side-encryption: AES256
x-amz-meta-version: 0.4.0
content-length: 20848
x-amz-id-2: gEJqpB+lHtCyjEj/UreJwRKOCiIQuHTyMjh7/Unq6dT7/NDTm1N0rPuwTwDmNIRWa9gf1ia9+UOCyZE7c8bZtw==
last-modified: Fri, 17 May 2024 22:31:26 GMT
etag: "ace51bdb3b35a6b66c74fa115d4caa3f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 02:20:33 GMT

Redirect headers

location: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
access-control-allow-origin: *
date: Sun, 23 Jun 2024 01:50:32 GMT
cache-control: max-age=31536000
timing-allow-origin: *
content-length: 0
expires: Mon, 23 Jun 2025 01:50:32 GMT

GET
H2 200 layout4fcd.css
izu-css.web.app/stress/ 120 KB
15 KB 205ms
204ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://izu-css.web.app/stress/layout4fcd.css?ver=20200213

Requested by

Host: izu-css.web.app
URL: https://izu-css.web.app/stress/common68f1.css?ver=20201021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bcdec5718f5764887793fe729423ea665247e73501cc17807474a0433579e5f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://izu-css.web.app/stress/common68f1.css?ver=20201021
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-qpg1260-QPG
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sun, 23 Jun 2024 01:50:30 GMT
last-modified: Sun, 09 Jan 2022 18:00:35 GMT
x-timer: S1719107431.583599,VS0,VE1
etag: "1d8c414f76951e3044d6f36f8c851e00449de9284ccd2a450879ec481f9846be-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14903
x-cache-hits: 0

GET
H2 200 contents4fcd.css
izu-css.web.app/stress/ 355 KB
50 KB 406ms
405ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://izu-css.web.app/stress/contents4fcd.css?ver=20200213

Requested by

Host: izu-css.web.app
URL: https://izu-css.web.app/stress/common68f1.css?ver=20201021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32758d24a5b7d0712439f1cc71a8f2ff5d8c29d5ce87ee132cdfda67fadc9e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://izu-css.web.app/stress/common68f1.css?ver=20201021
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-qpg1260-QPG
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sun, 23 Jun 2024 01:50:30 GMT
last-modified: Sun, 09 Jan 2022 18:00:35 GMT
x-timer: S1719107431.583559,VS0,VE204
etag: "f0f76ef50984ab924c14a6d2ad68082071ba7dfa1bcc738e5fa9e14ba3d06412-br"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 50966
x-cache-hits: 0

GET
H2 200 recalendar4fcd.css
izu-css.web.app/stress/ 5 KB
1 KB 203ms
203ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://izu-css.web.app/stress/recalendar4fcd.css?ver=20200213

Requested by

Host: izu-css.web.app
URL: https://izu-css.web.app/stress/common68f1.css?ver=20201021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3f07a47b9856ab13597664a466b23618f72e1b6e7787bee24c5a690991054671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://izu-css.web.app/stress/common68f1.css?ver=20201021
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-qpg1260-QPG
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sun, 23 Jun 2024 01:50:30 GMT
last-modified: Sun, 09 Jan 2022 18:00:35 GMT
x-timer: S1719107431.583533,VS0,VE1
etag: "d82486cae0625c8abe98c398ad86d10636d62ed119cdf4e333a031185ad4ea94-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1121
x-cache-hits: 0

GET jquery-1.9.1.min.js
mail.topes.com/gw/js/Scripts/ 0
0

GET common.js
mail.topes.com/gw/js/Scripts/ 0
0

GET aes.js
mail.topes.com/gw/js/Scripts/ 0
0

GET secondCert.js
mail.topes.com/gw/js/ 0
0

GET securityEncUtil.js
mail.topes.com/gw/js/ 0
0

GET
DATA 200
OK truncated
/ 70 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c81b2da5311c44f50b232f07235076ef9fca61488036228ef438a7f71746c61c

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 login_a1_type_txt.png
izu-css.web.app/bg/ 2 KB
1 KB 219ms
215ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://izu-css.web.app/bg/login_a1_type_txt.png

Requested by

Host: izu-css.web.app
URL: https://izu-css.web.app/stress/layout4fcd.css?ver=20200213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0cbadb6d6c35558cba2bb075752a5faaba5376ab4888a98e72f0bdbc7951438e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://izu-css.web.app/stress/layout4fcd.css?ver=20200213
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-qpg1260-QPG
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sun, 23 Jun 2024 01:50:31 GMT
last-modified: Sun, 09 Jan 2022 18:00:35 GMT
x-timer: S1719107431.107208,VS0,VE1
etag: "1d541ba887ed9ceb694fe06a7531d65f7948971d0e4a5fc2ced1c7043dd2a7bc-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1354
x-cache-hits: 0

GET checkbox01.png
izu-css.web.app/Images/bg/ 0
0

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
287 B 1406ms
480ms Fetch
image/gif 23.52.171.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.52.171.58 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-52-171-58.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://infraniumproperties.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Sun, 23 Jun 2024 01:50:37 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://infraniumproperties.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
287 B 1402ms
479ms Fetch
image/gif 23.52.171.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?dh=infraniumproperties.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.0&vg=841e87a7-7eed-4812-b6b3-6a584bfa4b43&vtg=841e87a7-7eed-4812-b6b3-6a584bfa4b43&dp=%2Farp%2Findex.html&trace_id=69f9157fde144612ad340d1f4e25f4da&cts=2024-06-23T01%3A50%3A36.203Z&hit_id=d32ba6a3-1012-4c88-8323-296355f79ddc&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22sg2plzcpnl505605%22%2C%22dcenter%22%3A%22sg2%22%2C%22cp_id%22%3A%227478829%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=1511037982&z=1298469765&tce=1719107429066&tcs=1719107428530&tdc=1719107436197&tdclee=1719107433099&tdcles=1719107433098&tdi=1719107433098&tdl=1719107429418&tdle=1719107428530&tdls=1719107428530&tfs=1719107428529&tns=1719107428528&trqs=1719107429066&tre=1719107429458&trps=1719107429412&tles=1719107436197&tlee=0&nt=navigate&LCP=2391&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.52.171.58 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-52-171-58.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://infraniumproperties.com/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
date: Sun, 23 Jun 2024 01:50:37 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/gif
access-control-allow-origin: https://infraniumproperties.com
cache-control: private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 43
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
infraniumproperties.com/ 3 B
121 B 2260ms
1717ms Other
text/html 148.66.138.117
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://infraniumproperties.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.117 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache / PHP/8.1.28
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://infraniumproperties.com/arp/index.html
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 01:50:36 GMT
content-encoding: br
server: Apache
x-powered-by: PHP/8.1.28
content-length: 7
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ 0
0 1349ms
437ms Preflight
application/json 23.50.93.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.50.93.75 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-93-75.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://infraniumproperties.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Sun, 23 Jun 2024 01:50:37 GMT
Expires: Sun, 23 Jun 2024 01:50:37 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: ZzDZLGABvHcEeog=
x-amzn-requestid: 339b0a09-9cd9-45cc-bc62-164ac7bcd593
x-amzn-trace-id: Root=1-66777f6d-2e0d3761242b0d12304f2514
x-envoy-upstream-service-time: 5

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 497ms
496ms Fetch
application/json 23.50.93.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.50.93.75 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-93-75.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: api-key b18ef4f046435b64a469b32c3c1c20a3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://infraniumproperties.com/
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 23 Jun 2024 01:50:38 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id: Root=1-66777f6e-7fa5fe191ee555ae327e0463
x-amzn-requestid: 5be4e2f8-2b32-4739-abc6-804dd9c9ef9c
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 54
Connection: keep-alive
x-amz-apigw-id: ZzDZQGkUvHcEvfg=
Content-Length: 0
Expires: Sun, 23 Jun 2024 01:50:38 GMT

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 660ms
660ms Fetch
application/json 23.50.93.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.50.93.75 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-93-75.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: api-key 8da2217409854bee82e12dc4ca0b39fb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://infraniumproperties.com/
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 23 Jun 2024 01:50:38 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id: Root=1-66777f6e-626a9ffb20364b1e04cdbb82
x-amzn-requestid: 34c1eacc-4c75-42d4-afb3-d3605e21856b
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 55
Connection: keep-alive
x-amz-apigw-id: ZzDZREq1PHcELBQ=
Content-Length: 0
Expires: Sun, 23 Jun 2024 01:50:38 GMT

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ 0
0 1349ms
437ms Preflight
application/json 23.50.93.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.50.93.75 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-93-75.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://infraniumproperties.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Sun, 23 Jun 2024 01:50:37 GMT
Expires: Sun, 23 Jun 2024 01:50:37 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: ZzDZLENLPHcEYZQ=
x-amzn-requestid: eef6384f-2a63-4f9e-acdd-f56f44ba238d
x-amzn-trace-id: Root=1-66777f6d-0adb8b507d26d272632182ce
x-envoy-upstream-service-time: 5

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mail.topes.com
URL: http://mail.topes.com/gw/js/Scripts/jqueryui/jquery-ui.css?ver=20201021

Domain: mail.topes.com
URL: http://mail.topes.com/gw/js/pudd/js/pudd-1.1.22.min.js

Domain: mail.topes.com
URL: https://mail.topes.com/gw/Images/ico/ico_2_de.png

Domain: mail.topes.com
URL: https://mail.topes.com/gw/Images/ico/ico_2_mo.png

Domain: mail.topes.com
URL: https://mail.topes.com/gw/Images/ico/ico_2_login.png

Domain: mail.topes.com
URL: http://mail.topes.com/gw/js/Scripts/jquery-1.9.1.min.js

Domain: mail.topes.com
URL: http://mail.topes.com/gw/js/Scripts/common.js?ver=20201021

Domain: mail.topes.com
URL: http://mail.topes.com/gw/js/Scripts/aes.js?ver=20201021

Domain: mail.topes.com
URL: http://mail.topes.com/gw/js/secondCert.js?ver=20200923

Domain: mail.topes.com
URL: http://mail.topes.com/gw/js/securityEncUtil.js

Domain: izu-css.web.app
URL: https://izu-css.web.app/Images/bg/checkbox01.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.infraniumproperties.com/	1970-01-21 06:17:23	Name: _tccl_visitor Value: 841e87a7-7eed-4812-b6b3-6a584bfa4b43
.infraniumproperties.com/	1970-01-20 21:31:49	Name: _tccl_visit Value: 841e87a7-7eed-4812-b6b3-6a584bfa4b43
.infraniumproperties.com/	1970-01-20 21:31:48	Name: _scc_session Value: pc=1&C_TOUCH=2024-06-23T01:50:33.092Z

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://infraniumproperties.com/arp/index.html(Line 11) Message: Mixed Content: The page at 'https://infraniumproperties.com/arp/index.html' was loaded over HTTPS, but requested an insecure stylesheet 'http://mail.topes.com/gw/js/Scripts/jqueryui/jquery-ui.css?ver=20201021'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://infraniumproperties.com/arp/index.html Message: Mixed Content: The page at 'https://infraniumproperties.com/arp/index.html' was loaded over HTTPS, but requested an insecure script 'http://mail.topes.com/gw/js/pudd/js/pudd-1.1.22.min.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://infraniumproperties.com/arp/index.html Message: Mixed Content: The page at 'https://infraniumproperties.com/arp/index.html' was loaded over HTTPS, but requested an insecure element 'http://mail.topes.com/gw/Images/ico/ico_2_de.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://infraniumproperties.com/arp/index.html Message: Mixed Content: The page at 'https://infraniumproperties.com/arp/index.html' was loaded over HTTPS, but requested an insecure element 'http://mail.topes.com/gw/Images/ico/ico_2_mo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://infraniumproperties.com/arp/index.html Message: Mixed Content: The page at 'https://infraniumproperties.com/arp/index.html' was loaded over HTTPS, but requested an insecure element 'http://mail.topes.com/gw/Images/ico/ico_2_login.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://infraniumproperties.com/arp/index.html Message: Mixed Content: The page at 'https://infraniumproperties.com/arp/index.html' was loaded over HTTPS, but requested an insecure script 'http://mail.topes.com/gw/js/Scripts/jquery-1.9.1.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://infraniumproperties.com/arp/index.html Message: Mixed Content: The page at 'https://infraniumproperties.com/arp/index.html' was loaded over HTTPS, but requested an insecure script 'http://mail.topes.com/gw/js/Scripts/common.js?ver=20201021'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://infraniumproperties.com/arp/index.html Message: Mixed Content: The page at 'https://infraniumproperties.com/arp/index.html' was loaded over HTTPS, but requested an insecure script 'http://mail.topes.com/gw/js/Scripts/aes.js?ver=20201021'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://infraniumproperties.com/arp/index.html Message: Mixed Content: The page at 'https://infraniumproperties.com/arp/index.html' was loaded over HTTPS, but requested an insecure script 'http://mail.topes.com/gw/js/secondCert.js?ver=20200923'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://infraniumproperties.com/arp/index.html Message: Mixed Content: The page at 'https://infraniumproperties.com/arp/index.html' was loaded over HTTPS, but requested an insecure script 'http://mail.topes.com/gw/js/securityEncUtil.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://infraniumproperties.com/arp/index.html(Line 617) Message: Mixed Content: The page at 'https://infraniumproperties.com/arp/index.html' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://mail.topes.com/gw/cmm/systemx/secondCertDescPop.do'. This endpoint should be made available over a secure connection.
security	warning	URL: https://infraniumproperties.com/arp/index.html(Line 627) Message: Mixed Content: The page at 'https://infraniumproperties.com/arp/index.html' was loaded over HTTPS, but requested an insecure element 'http://mail.topes.com/gw/Images/ico/ico_2_de.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://infraniumproperties.com/arp/index.html(Line 627) Message: Mixed Content: The page at 'https://infraniumproperties.com/arp/index.html' was loaded over HTTPS, but requested an insecure element 'http://mail.topes.com/gw/Images/ico/ico_2_mo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://infraniumproperties.com/arp/index.html(Line 627) Message: Mixed Content: The page at 'https://infraniumproperties.com/arp/index.html' was loaded over HTTPS, but requested an insecure element 'http://mail.topes.com/gw/Images/ico/ico_2_login.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
recommendation	verbose	URL: https://infraniumproperties.com/arp/index.html Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://infraniumproperties.com/arp/index.html Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://infraniumproperties.com/arp/index.html Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://infraniumproperties.com/arp/index.html Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://infraniumproperties.com/arp/index.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://mail.topes.com/gw/Images/ico/ico_2_de.png Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://mail.topes.com/gw/Images/ico/ico_2_mo.png Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://mail.topes.com/gw/Images/ico/ico_2_login.png Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
csp.secureserver.net
events.api.secureserver.net
img1.wsimg.com
infraniumproperties.com
izu-css.web.app
mail.topes.com
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
izu-css.web.app
mail.topes.com
104.17.25.14
104.18.11.207
148.66.138.117
151.101.130.137
199.36.158.100
23.50.93.75
23.52.171.58
23.52.40.171
74.125.200.95
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0cbadb6d6c35558cba2bb075752a5faaba5376ab4888a98e72f0bdbc7951438e
32758d24a5b7d0712439f1cc71a8f2ff5d8c29d5ce87ee132cdfda67fadc9e4f
3f07a47b9856ab13597664a466b23618f72e1b6e7787bee24c5a690991054671
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
6bceadce2b938bc0b167d5c9032b1a20b15f84f90e6bd63dfd8365aace9ff1bc
8f7092c94ef904c57584706cdb5f1fd9fe1efce52ce3105e99b9a7def487f09f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
93e83e55ec668409c225d599060b697a8d6ddfce3a9a4837660bf9bee9bb9dab
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bcdec5718f5764887793fe729423ea665247e73501cc17807474a0433579e5f4
c81b2da5311c44f50b232f07235076ef9fca61488036228ef438a7f71746c61c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

infraniumproperties.com Open in urlscan Pro 148.66.138.117 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

30 Requests

53 %HTTPS

0 %IPv6

9 Domains

11 Subdomains

10 IPs

3 Countries

262 kBTransfer

1068 kBSize

3 Cookies

0 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

3 Cookies

22 Console Messages

Indicators

infraniumproperties.com Open in urlscan Pro
148.66.138.117 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

53 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

262 kB
Transfer

1068 kB
Size

3
Cookies

30 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!