urlscan.io logo urlscan.io
SecurityTrails logo

www.secureserver.net Open in urlscan Pro
104.108.38.89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://x.co/irbounce
Effective URL: https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
Submission: On September 18 via manual from PE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 20 HTTP transactions. The main IP is 104.108.38.89, located in Amsterdam, Netherlands and belongs to . The main domain is www.secureserver.net.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on November 1st 2016. Valid for: 3 years.
This is the only time www.secureserver.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    184.168.131.241 (Scottsdale, United States)

ASN- ()
PTR: ip-184-168-131-241.ip.secureserver.net
x.co
2    104.108.38.89 (Amsterdam, Netherlands)

ASN- ()
PTR: a104-108-38-89.deploy.static.akamaitechnologies.com
www.secureserver.net
gui.secureserver.net
10    23.193.40.114 (Amsterdam, Netherlands)

ASN- ()
PTR: a23-193-40-114.deploy.static.akamaitechnologies.com
img1.wsimg.com
1    151.101.114.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    2a00:1450:4001:816::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.googletagmanager.com
1    68.232.35.180 (United States)

ASN- ()
tags.tiqcdn.com
1    162.247.242.18 (United States)

ASN- ()
PTR: bam-6.nr-data.net
bam.nr-data.net
4    45.40.130.22 (Scottsdale, United States)

ASN- ()
PTR: ip-45-40-130-22.ip.secureserver.net
img.secureserver.net
Domain Requested by
10 img1.wsimg.com www.secureserver.net
www.googletagmanager.com
4 img.secureserver.net
1 bam.nr-data.net js-agent.newrelic.com
1 tags.tiqcdn.com www.secureserver.net
1 gui.secureserver.net img1.wsimg.com
1 www.googletagmanager.com img1.wsimg.com
1 js-agent.newrelic.com www.secureserver.net
1 www.secureserver.net
1 x.co 1 redirects
20 9
Subject Issuer Validity Valid
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2016-11-01 -
2019-11-01		 3 years crt.sh
*.wsimg.com
Starfield Secure Certificate Authority - G2		 2015-11-13 -
2018-11-13		 3 years crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2017-09-18 -
2018-05-04		 7 months crt.sh
*.google-analytics.com
Google Internet Authority G2		 2017-09-13 -
2017-12-06		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 High Assurance Server CA		 2016-08-10 -
2019-10-16		 3 years crt.sh
*.nr-data.net
GeoTrust SSL CA - G3		 2017-07-18 -
2018-03-17		 8 months crt.sh
img.secureserver.net
Starfield Secure Certificate Authority - G2		 2016-05-23 -
2018-05-23		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
Frame ID: 23129.1
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://x.co/irbounce HTTP 302
    https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains Page URL

Page Statistics

20
Requests

100 %
HTTPS

13 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

334 kB
Transfer

1222 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://x.co/irbounce HTTP 302
    https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 3568
www.secureserver.net/help/article/
Redirect Chain
  • http://x.co/irbounce
  • https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
63 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.38.89 Amsterdam, Netherlands, ASN (),
Reverse DNS
a104-108-38-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f51b59ef4e840a5142a6fd8445d87686950a305f7a99a3c7f71003e8012c91ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2017 22:32:23 GMT
content-encoding
gzip
x-backend
ss
etag
W/"fa5b-zULkomQ/8GYBk0T3Itltjg"
vary
Accept-Encoding
p3p
CP="policyref=/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR OUR IND"
status
200
cache-control
max-age=0, no-cache, no-store
x-arc
5
content-type
text/html; charset=utf-8
content-length
16756
x-request-id
ff9647fd0ded4a329818aa0e6c544105
expires
Mon, 18 Sep 2017 22:32:23 GMT

Redirect headers

Location
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains#irb
Date
Mon, 18 Sep 2017 22:32:22 GMT
Server
Apache/2.2.15 (CentOS)
Connection
close
Content-Length
0
X-Frame-Options
DENY
Content-Type
text/html; charset=utf-8
uxcore2.min.css
img1.wsimg.com/wrhs/1bc3e1b01d5c43f69b599213e81df591/ 		140 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/wrhs/1bc3e1b01d5c43f69b599213e81df591/uxcore2.min.css
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.40.114 Amsterdam, Netherlands, ASN (),
Reverse DNS
a23-193-40-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1d27ece3ffb38cc23af0cfb37f99bbbfc6f25a87c93a234de0610540987ba967

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Mon, 18 Sep 2017 22:32:23 GMT
content-encoding
gzip
last-modified
Thu, 31 Aug 2017 19:38:03 GMT
x-amz-request-id
tx0000000000000007f5bc9-0059b605a3-1a617e61-default
etag
"e88505c0e9a7eafcc31c9d86d21d5f30"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
27817
expires
Tue, 18 Sep 2018 22:32:23 GMT
appheader.min.css
img1.wsimg.com/wrhs/17a61317737bb46ceec37843cc96a8d1/ 		26 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/wrhs/17a61317737bb46ceec37843cc96a8d1/appheader.min.css
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.40.114 Amsterdam, Netherlands, ASN (),
Reverse DNS
a23-193-40-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f1a3a5a4dd5389feec71d2eac2f0fe0459a1b23952aa0705a560719a0da12a3d

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Mon, 18 Sep 2017 22:32:23 GMT
content-encoding
gzip
last-modified
Wed, 30 Aug 2017 23:35:33 GMT
x-amz-request-id
tx0000000000000008a3e0e-0059b6481d-1a6180ad-default
etag
"fbb63d9744575105fd76302761f1dcc6"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7664
expires
Tue, 18 Sep 2018 22:32:23 GMT
flamingo.min.css
img1.wsimg.com/fos/help-v2/2.220.0-1150/css/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/fos/help-v2/2.220.0-1150/css/flamingo.min.css
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.40.114 Amsterdam, Netherlands, ASN (),
Reverse DNS
a23-193-40-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3558263e2787932d6880f85fb5d8dc84eabc4b39adce948c313a246c85252bea

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Mon, 18 Sep 2017 22:32:23 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 16:14:32 GMT
status
200
etag
"9a69b137e22bd31:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
8403
expires
Tue, 18 Sep 2018 22:32:23 GMT
uxfont.woff2
img1.wsimg.com/ux/fonts/uxfont/1.2/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/ux/fonts/uxfont/1.2/uxfont.woff2
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.40.114 Amsterdam, Netherlands, ASN (),
Reverse DNS
a23-193-40-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4de609e837cc6033e15defaa48a2987a8fe7508de1c9f49c0248162805f7db28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36
Referer
https://img1.wsimg.com/wrhs/1bc3e1b01d5c43f69b599213e81df591/uxcore2.min.css
Origin
https://www.secureserver.net

Response headers

date
Mon, 18 Sep 2017 22:32:23 GMT
last-modified
Thu, 17 Aug 2017 21:17:13 GMT
etag
"7e74cb319e17d31:0"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
13508
expires
Tue, 18 Sep 2018 22:32:23 GMT
nr-1044.min.js
js-agent.newrelic.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1044.min.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
574558bc99cbcc4c8a0e57519cb6a317a0a4e0b70094fbec41946138d576486b

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Mon, 18 Sep 2017 22:32:23 GMT
content-encoding
gzip
x-amz-request-id
DEFF4C4504138100
x-cache
HIT
status
200
content-length
8859
x-amz-id-2
ZMcc7b6VjTFSTqE1T8zlmKnx5DBSdINXQppRWgbi3l+nBxVRZP8qLIMntmKYT3U/Lwwq6Ml251g=
x-served-by
cache-hhn1526-HHN
last-modified
Fri, 30 Jun 2017 21:57:05 GMT
server
AmazonS3
x-timer
S1505773944.902997,VS0,VE0
etag
"6442aaa45ec28f8b2c541026f3c24871"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
42186
polyfill.min.js
img1.wsimg.com/poly/v2/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/poly/v2/polyfill.min.js?features=Intl.~locale.en-US&rum=0&unknown=polyfill
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.40.114 Amsterdam, Netherlands, ASN (),
Reverse DNS
a23-193-40-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dde02e635ce3ffd64adcf5463d3314dbb0c0d2836f06444956d209b6a051993a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
18297
x-xss-protection
1; mode=block
x-served-by
cache-hhn1526-HHN
x-timer
S1505751082.456413,VS0,VE293
x-frame-options
sameorigin
date
Mon, 18 Sep 2017 22:32:23 GMT
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
expires
Wed, 20 Sep 2017 22:32:23 GMT
cache-control
public, max-age=172800, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
palette.min.js
img1.wsimg.com/wrhs/dd7ea4bffa1738168a668bb8be0fb6f4/ 		3 KB
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/wrhs/dd7ea4bffa1738168a668bb8be0fb6f4/palette.min.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.40.114 Amsterdam, Netherlands, ASN (),
Reverse DNS
a23-193-40-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9a2fb790f4c4bffb05ff0ab35805ea619ac8c9ab84239e7c9374cc03ea48988a

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Mon, 18 Sep 2017 22:32:23 GMT
content-encoding
gzip
last-modified
Thu, 31 Aug 2017 19:38:03 GMT
x-amz-request-id
tx0000000000000007cc9f3-0059b605a4-1a650796-default
etag
"dd7ea4bffa1738168a668bb8be0fb6f4"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
932
expires
Tue, 18 Sep 2018 22:32:23 GMT
uxcore2.min.js
img1.wsimg.com/wrhs/80e27588bee7cecdef313d822db8935c/ 		443 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/wrhs/80e27588bee7cecdef313d822db8935c/uxcore2.min.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.40.114 Amsterdam, Netherlands, ASN (),
Reverse DNS
a23-193-40-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7f63d9cb56792d70595ef610db66d99a248444a7ac8a1599134ef893faf09675

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Mon, 18 Sep 2017 22:32:23 GMT
content-encoding
gzip
last-modified
Thu, 14 Sep 2017 20:48:56 GMT
x-amz-request-id
tx00000000000000096a8b4-0059baeca7-1abf30c6-default
etag
"80e27588bee7cecdef313d822db8935c"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
116739
expires
Tue, 18 Sep 2018 22:32:23 GMT
appheader.min.js
img1.wsimg.com/wrhs/6788e6e2ca41d88d9dc58583d0ce0dc2/ 		134 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/wrhs/6788e6e2ca41d88d9dc58583d0ce0dc2/appheader.min.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.40.114 Amsterdam, Netherlands, ASN (),
Reverse DNS
a23-193-40-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cb4c18e130e870c94f773bb9c0852cf7134cd8f0b13740b3ca101bad56f19526

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Mon, 18 Sep 2017 22:32:23 GMT
content-encoding
gzip
last-modified
Fri, 15 Sep 2017 06:56:02 GMT
x-amz-request-id
tx000000000000000aa15fd-0059bb7b47-1abf30b4-default
etag
"6788e6e2ca41d88d9dc58583d0ce0dc2"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
33011
expires
Tue, 18 Sep 2018 22:32:23 GMT
gtm.js
www.googletagmanager.com/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-SXRF&l=_gaDataLayer
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/wrhs/80e27588bee7cecdef313d822db8935c/uxcore2.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
11c2da2d670faeaddeb24c5d105fd69bd9a60997ff7150cd8caab2fb66a2a27a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Mon, 18 Sep 2017 22:32:24 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
18558
x-xss-protection
1; mode=block
expires
Mon, 18 Sep 2017 22:32:24 GMT
flamingo.min.js
img1.wsimg.com/fos/help-v2/2.220.0-1150/js/ 		174 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/fos/help-v2/2.220.0-1150/js/flamingo.min.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.40.114 Amsterdam, Netherlands, ASN (),
Reverse DNS
a23-193-40-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9dc2ea38f0bbe22faf82077454d193a95a3c0bb580cb83cec1c6751d22fc46ec

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Mon, 18 Sep 2017 22:32:24 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2017 16:14:30 GMT
status
200
etag
"5b76b736e22bd31:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
55140
expires
Tue, 18 Sep 2018 22:32:24 GMT
applicationheader
gui.secureserver.net/pcjson/ 		175 B
193 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gui.secureserver.net/pcjson/applicationheader?plId=1387&shopperId=undefined&sid=undefined&callback=__uxpjp0
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/wrhs/80e27588bee7cecdef313d822db8935c/uxcore2.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.38.89 Amsterdam, Netherlands, ASN (),
Reverse DNS
a104-108-38-89.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ARR/2.5, ASP.NET
Resource Hash
182e27814ca2df55c90cc1ca1ce37b91ed4347681d2efd121ff67518b44a7892

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2017 22:32:24 GMT
content-type
text/javascript; charset=utf-8
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-powered-by
ARR/2.5, ASP.NET
p3p
policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR OUR IND", policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
status
200
cache-control
no-cache
timing-allow-origin
*
content-length
175
expires
-1
utag.js
tags.tiqcdn.com/utag/gpl/main/prod/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/gpl/main/prod/utag.js
Requested by
Host: www.secureserver.net
URL: https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.232.35.180 , United States, ASN (),
Reverse DNS
Software
ECS (oxr/83A2) /
Resource Hash
e8f223a37e9cdbf1b5187215c13779d369012eda318a981e82d7ce55c2be8531

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Mon, 18 Sep 2017 22:32:24 GMT
content-encoding
gzip
last-modified
Fri, 04 Aug 2017 16:57:30 GMT
server
ECS (oxr/83A2)
etag
"1495318735+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
7679
expires
Mon, 18 Sep 2017 22:37:24 GMT
466b15f14b
bam.nr-data.net/1/ 		57 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/466b15f14b?a=16823248&v=1044.a6554e7&to=MwZTMkNWXUcDBUFaCwpMchNCQ1xZTQdHRw0HD1RGQ1JAUQ4KUEE%3D&rst=1458&ref=https://www.secureserver.net/help/article/3568&ap=544.92891&be=1206&fe=1279&dc=1275&tt=10076317862a930&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1505773942603,%22n%22:0,%22f%22:323,%22dn%22:323,%22dne%22:329,%22c%22:329,%22s%22:334,%22ce%22:344,%22rq%22:344,%22rp%22:1200,%22rpe%22:1200,%22dl%22:1201,%22di%22:1275,%22ds%22:1275,%22de%22:1275,%22dc%22:1278,%22l%22:1278,%22le%22:1280%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1044.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.242.18 , United States, ASN (),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
tcc.combined.2.1.29.17.min.js
img1.wsimg.com/tcc/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/tcc/tcc.combined.2.1.29.17.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SXRF&l=_gaDataLayer
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.193.40.114 Amsterdam, Netherlands, ASN (),
Reverse DNS
a23-193-40-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
50bbbc72ab78d02c9ceb63d45441c897a2c927908a8f978e87d5cb21c7bb7819

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date
Mon, 18 Sep 2017 22:32:24 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2017 23:41:36 GMT
status
200
etag
"fe3e43ed30e6d21:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
7085
expires
Tue, 18 Sep 2018 22:32:24 GMT
image.aspx
img.secureserver.net/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.secureserver.net/image.aspx?timestamp=1505773944145&privateLabelId=1387&event=gtm.load&cvg=1e257f78-4147-4f0a-bdea-067d7791593d&corrid=819797182&event_type=page.request&page=%2Fhelp%2Farticle%2F3568&hw=2&browx=1600&browy=1200&resx=1600&resy=1200&cdepth=24&cv=2.1.29&querystring=prog_id%3Dwildwestdomains&sitename=www.secureserver.net&rand=161097430&vs=visible
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
45.40.130.22 Scottsdale, United States, ASN (),
Reverse DNS
ip-45-40-130-22.ip.secureserver.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Mon, 18 Sep 2017 22:32:24 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
P3P
CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Access-Control-Allow-Origin
https://www.secureserver.net, *
Cache-Control
private
Content-Type
image/gif
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
43
b.aspx
img.secureserver.net/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.secureserver.net/b.aspx?timestamp=1505773945053&corrid=819797182&cvg=1e257f78-4147-4f0a-bdea-067d7791593d&event_type=page.log&eventdate=2017-09-18T22%3A32%3A25.053Z&eventtype=pageperf&tccin=auto-1&connectEnd=1505773942947&connectStart=1505773942932&domComplete=1505773943881&domContentLoadedEventEnd=1505773943878&domContentLoadedEventStart=1505773943878&domInteractive=1505773943878&domLoading=1505773943804&domainLookupEnd=1505773942932&domainLookupStart=1505773942926&fetchStart=1505773942926&navigationStart=1505773942603&requestStart=1505773942947&responseEnd=1505773943803&responseStart=1505773943803&loadEventStart=1505773943881&loadEventEnd=1505773943883&privateLabelId=1387&event=gtm.load&sitename=www.secureserver.net&page=%2Fhelp%2Farticle%2F3568&rand=338958855&vs=visible
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
45.40.130.22 Scottsdale, United States, ASN (),
Reverse DNS
ip-45-40-130-22.ip.secureserver.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Mon, 18 Sep 2017 22:32:24 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
P3P
CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Access-Control-Allow-Origin
https://www.secureserver.net, *
Cache-Control
private
Content-Type
image/gif
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
43
pageEvents.aspx
img.secureserver.net/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.secureserver.net/pageEvents.aspx?timestamp=1505773945054&corrid=819797182&cvg=1e257f78-4147-4f0a-bdea-067d7791593d&event_type=page.event&eventdate=2017-09-18T22%3A32%3A25.054Z&eventtype=impression&e_id=uxp.hyd.int.ApplicationHeader.help.impression.uxpHeaderServed&usrin=market%2Cen-US%5Esplit%2C%5Ecurrency%2CUSD%5Ehostname%2Cwww.secureserver.net%5Epath%2Cundefined%5Equery%2C%5Bobject%20Object%5D%5Ecountry%2CUnited%20States%5Elang%2CEnglish&sitename=www.secureserver.net&page=%2Fhelp%2Farticle%2F3568&rand=904499141&vs=visible
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
45.40.130.22 Scottsdale, United States, ASN (),
Reverse DNS
ip-45-40-130-22.ip.secureserver.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Mon, 18 Sep 2017 22:32:24 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
P3P
CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Access-Control-Allow-Origin
https://www.secureserver.net, *
Cache-Control
private
Content-Type
image/gif
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
43
pageEvents.aspx
img.secureserver.net/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.secureserver.net/pageEvents.aspx?timestamp=1505773945055&corrid=819797182&cvg=1e257f78-4147-4f0a-bdea-067d7791593d&event_type=page.event&eventdate=2017-09-18T22%3A32%3A25.055Z&eventtype=notify&e_id=mcx.help.article.impression&usrin=referrer%2C%5Emarket%2Cen-US%5Esplit%2Cb%5Einapp%2Cfalse%5Einternal%2Cfalse%5Eqs%2Cprog_id%3Dwildwestdomains%5EisTranslated%2Cfalse%5EplId%2C1387&sitename=www.secureserver.net&page=%2Fhelp%2Farticle%2F3568&rand=1371068252&vs=visible
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
45.40.130.22 Scottsdale, United States, ASN (),
Reverse DNS
ip-45-40-130-22.ip.secureserver.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.secureserver.net/help/article/3568?prog_id=wildwestdomains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date
Mon, 18 Sep 2017 22:32:25 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
P3P
CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Access-Control-Allow-Origin
https://www.secureserver.net, *
Cache-Control
private
Content-Type
image/gif
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
43

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
www.secureserver.net/ Name: sid.sig
Value: aJJnMGooM3y_5wx9fndCdSKJE2w
www.secureserver.net/ Name: sid
Value: eyJjc3JmU2VjcmV0IjoiVEt1SzFaUFp2Q3RZN08tN1dncnVYcmIwIiwiaWQiOiJhMzZmMzJjYzQ0ZmU2MGUwMzVmMDI2OTNjZmM0MGFjMCJ9
www.secureserver.net/ Name: gdhelpSplit
Value: %7B%22split%22%3A%22b%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
gui.secureserver.net
img.secureserver.net
img1.wsimg.com
js-agent.newrelic.com
tags.tiqcdn.com
www.googletagmanager.com
www.secureserver.net
x.co
104.108.38.89
151.101.114.110
162.247.242.18
184.168.131.241
23.193.40.114
2a00:1450:4001:816::2008
45.40.130.22
68.232.35.180
11c2da2d670faeaddeb24c5d105fd69bd9a60997ff7150cd8caab2fb66a2a27a
182e27814ca2df55c90cc1ca1ce37b91ed4347681d2efd121ff67518b44a7892
1d27ece3ffb38cc23af0cfb37f99bbbfc6f25a87c93a234de0610540987ba967
3558263e2787932d6880f85fb5d8dc84eabc4b39adce948c313a246c85252bea
4de609e837cc6033e15defaa48a2987a8fe7508de1c9f49c0248162805f7db28
50bbbc72ab78d02c9ceb63d45441c897a2c927908a8f978e87d5cb21c7bb7819
574558bc99cbcc4c8a0e57519cb6a317a0a4e0b70094fbec41946138d576486b
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
7f63d9cb56792d70595ef610db66d99a248444a7ac8a1599134ef893faf09675
9a2fb790f4c4bffb05ff0ab35805ea619ac8c9ab84239e7c9374cc03ea48988a
9dc2ea38f0bbe22faf82077454d193a95a3c0bb580cb83cec1c6751d22fc46ec
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
cb4c18e130e870c94f773bb9c0852cf7134cd8f0b13740b3ca101bad56f19526
dde02e635ce3ffd64adcf5463d3314dbb0c0d2836f06444956d209b6a051993a
e8f223a37e9cdbf1b5187215c13779d369012eda318a981e82d7ce55c2be8531
f1a3a5a4dd5389feec71d2eac2f0fe0459a1b23952aa0705a560719a0da12a3d
f51b59ef4e840a5142a6fd8445d87686950a305f7a99a3c7f71003e8012c91ff