txb.gs.com Open in urlscan Pro
13.249.9.104 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM
Submission: On May 18 via manual (May 18th 2023, 9:19:16 pm UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 13.249.9.104, located in United States and belongs to AMAZON-02, US. The main domain is txb.gs.com. The Cisco Umbrella rank of the primary domain is 823472.
TLS certificate: Issued by DigiCert EV RSA CA G2 on June 13th 2022. Valid for: a year.

This is the only time txb.gs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	13.249.9.104 13.249.9.104	16509 (AMAZON-02) (AMAZON-02)
5	34.248.176.243 34.248.176.243	16509 (AMAZON-02) (AMAZON-02)
16	3

8 13.249.9.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-104.cdg53.r.cloudfront.net

txb.gs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.248.176.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com

dmwdyr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gs.com txb.gs.com — Cisco Umbrella Rank: 823472	15 MB
5	dmwdyr.com dmwdyr.com	52 KB
16	2

	Domain	Requested by
8	txb.gs.com	txb.gs.com
5	dmwdyr.com	txb.gs.com dmwdyr.com
16	2

This site contains links to these domains. Also see Links.

Domain
www.goldmansachs.com

Subject Issuer	Validity	Valid
txb.gs.com DigiCert EV RSA CA G2	`2022-06-13` - `2023-06-13`	a year	crt.sh
dmwdyr.com R3	`2023-04-26` - `2023-07-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM
Frame ID: A6D6B63779D25F7858B78FE831960B06
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Goldman Sachs Transaction Banking

Page Statistics

16
Requests

81 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

15393 kB
Transfer

15594 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.goldmansachs.com/security/index.html
Title: Security

Search URL Search Domain Scan URL

URL: https://www.goldmansachs.com/privacy-and-cookies/docs/TxB-Privacy-Policy.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request nrlhucskZ5V_t5rvjiDM Show response
txb.gs.com/cx/user/activate/ 488 B
1 KB 463ms
377ms Document
text/html 13.249.9.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-104.cdg53.r.cloudfront.net

Software

CloudFront /

Resource Hash

2a4b95511fe981d3cafa2c14910a1a727949bc36a913232359266ff478f5d6b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://.gs.com data: https://.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en-US
content-length: 488
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://*.gs.com data: https://*.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://*.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://*.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
content-type: text/html;charset=UTF-8
date: Thu, 18 May 2023 21:19:08 GMT
expires: 0
last-modified: Fri, 12 May 2023 16:25:19 GMT
pragma: no-cache
server: CloudFront
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 ee57e278d5f96045a012c4c3d8da58f8.cloudfront.net (CloudFront)
x-amz-cf-id: SJG7xeN1dUeDy9tQbQQL7lmYriFje9t-P9CvIxlscz0Rz6NXRfMwKw==
x-amz-cf-pop: CDG53-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 62554c29-b398-4a18-afc7-5a848cacc774#126563
x-xss-protection: 1; mode=block

GET
H2 200 config.40599v11lhkpqz3g.js Show response
txb.gs.com/cx/ 3 KB
2 KB 279ms
278ms Script
application/javascript 13.249.9.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://txb.gs.com/cx/config.40599v11lhkpqz3g.js

Requested by

Host: txb.gs.com
URL: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-104.cdg53.r.cloudfront.net

Software

CloudFront /

Resource Hash

15c1f4d6c814f89f5fd33899253e815c0c6e7cc6b999861b319a9ac094c35496

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://.gs.com data: https://.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:19:08 GMT
content-encoding: gzip
via: 1.1 ee57e278d5f96045a012c4c3d8da58f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://*.gs.com data: https://*.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://*.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://*.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
x-amz-cf-pop: CDG53-C1
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 62b6c252-104d-4a25-bd93-f6d0ac707e35#143533
last-modified: Fri, 12 May 2023 16:25:19 GMT
server: CloudFront
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: Q-iKjaIXqWNIwfly41BuSzRV2yC_riGDZazFRwN4BzbIJ29zl-lOAg==

GET
H2 200 compatibility.40599v11lhkpqz3g.js Show response
txb.gs.com/cx/ 7 KB
4 KB 294ms
294ms Script
application/javascript 13.249.9.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://txb.gs.com/cx/compatibility.40599v11lhkpqz3g.js

Requested by

Host: txb.gs.com
URL: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-104.cdg53.r.cloudfront.net

Software

CloudFront /

Resource Hash

126f9f2f8b66463dc41adb8bf1a3b8f1ebd9335e27e1cd2404ce29683c72289f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://.gs.com data: https://.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:19:08 GMT
content-encoding: gzip
via: 1.1 ee57e278d5f96045a012c4c3d8da58f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://*.gs.com data: https://*.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://*.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://*.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
x-amz-cf-pop: CDG53-C1
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 806fa853-abef-460f-88ad-52b331d2fea6#129530
last-modified: Fri, 12 May 2023 16:25:19 GMT
server: CloudFront
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: ql2W3EXNSsJ_vrUh2eX_wAEZSlj0kj8dqnlSnbNuYOsd1WAqwsfNIQ==

GET
H2 200 tp.40599v11lhkpqz3g.js Show response
txb.gs.com/cx/ 2 KB
2 KB 314ms
313ms Script
application/javascript 13.249.9.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://txb.gs.com/cx/tp.40599v11lhkpqz3g.js

Requested by

Host: txb.gs.com
URL: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-104.cdg53.r.cloudfront.net

Software

CloudFront /

Resource Hash

1d1b243af314d98a934eb91e77fbc53f5190c440b400e24d19419ebfe5e81296

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://.gs.com data: https://.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:19:08 GMT
content-encoding: gzip
via: 1.1 ee57e278d5f96045a012c4c3d8da58f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://*.gs.com data: https://*.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://*.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://*.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
x-amz-cf-pop: CDG53-C1
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 62b6c252-104d-4a25-bd93-f6d0ac707e35#143534
last-modified: Fri, 12 May 2023 16:25:19 GMT
server: CloudFront
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: SdEz02zO-QHEFmrQGOQY1qLsDo6g4onnGCT0ojpFQtN9coLx2G953g==

GET
H2 200 0d5a41e8e6f45a2433a3.js Show response
txb.gs.com/cx/ 15 MB
15 MB 282ms
281ms Script
application/javascript 13.249.9.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://txb.gs.com/cx/0d5a41e8e6f45a2433a3.js

Requested by

Host: txb.gs.com
URL: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-104.cdg53.r.cloudfront.net

Software

CloudFront /

Resource Hash

401c383911aae2411f3768d9141686f5cee08ab276112499bf1ad65118e67952

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://.gs.com data: https://.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:19:08 GMT
via: 1.1 ee57e278d5f96045a012c4c3d8da58f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://*.gs.com data: https://*.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://*.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://*.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-cf-pop: CDG53-C1
x-cache: Miss from cloudfront
content-length: 15542655
x-xss-protection: 1; mode=block
x-request-id: 62b6c252-104d-4a25-bd93-f6d0ac707e35#143535
last-modified: Fri, 12 May 2023 16:25:19 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-amz-cf-id: 1sXtdzZDh0A8UW6fZXhW0JR5WcfJloiv0BxlHWyMFk1c4EH2iLi9kQ==

GET
H/1.1 200
OK pagespeed.js Show response
dmwdyr.com/static/tb/5.0.0/ 8 KB
4 KB 199ms
34ms Script
text/javascript 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dmwdyr.com/static/tb/5.0.0/pagespeed.js?psv=5.0.0&pd=acc&mo=2&spa=1&ci=791647

Requested by

Host: txb.gs.com
URL: https://txb.gs.com/cx/config.40599v11lhkpqz3g.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-176-243.eu-west-1.compute.amazonaws.com

Software

Resource Hash

123f4baec27971865ddd3eebcf18059cb97ecc1eac06fc66a72de878fde8b2a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://txb.gs.com/
Origin: https://txb.gs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Thu, 18 May 2023 21:19:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 14:51:28 GMT
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Accept-Encoding, Origin
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 3481
Expires: Sun, 24 Jan 2055 22:01:21 GMT

GET
H/1.1 200
OK config.json Show response
dmwdyr.com/sri/ 6 KB
5 KB 33ms
33ms XHR
application/json 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dmwdyr.com/sri/config.json?psv=5.0.0&pd=acc&mo=2&spa=1&ci=791647

Requested by

Host: dmwdyr.com
URL: https://dmwdyr.com/static/tb/5.0.0/pagespeed.js?psv=5.0.0&pd=acc&mo=2&spa=1&ci=791647

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-176-243.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b9af5e7a28555c9ebcfcfe8ec977ea4d7f0cc2aa5b1151b8b3fe4a5a67ceb505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://txb.gs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 May 2023 21:19:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 4579
Expires: 0

POST
H/1.1 200
OK postback Show response
dmwdyr.com/2/5.0.0/791647/AgHlifULEeQ-RASY/ 0
145 B 32ms
32ms XHR
text/plain 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmwdyr.com/2/5.0.0/791647/AgHlifULEeQ-RASY/postback?oz_pl=1&mo=2&spa=1&ci=791647&psv=5.0.0&pd=acc
Requested by: Host: dmwdyr.com
URL: https://dmwdyr.com/static/tb/5.0.0/pagespeed.js?psv=5.0.0&pd=acc&mo=2&spa=1&ci=791647
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://txb.gs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 18 May 2023 21:19:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
dmwdyr.com/static/tb/5.0.0/ 121 KB
43 KB 68ms
37ms Script
text/javascript 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dmwdyr.com/static/tb/5.0.0/main.js?psv=5.0.0

Requested by

Host: dmwdyr.com
URL: https://dmwdyr.com/static/tb/5.0.0/pagespeed.js?psv=5.0.0&pd=acc&mo=2&spa=1&ci=791647

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-176-243.eu-west-1.compute.amazonaws.com

Software

Resource Hash

df527f76ff680f82299ca6cd328e3c265196984c6f6b77a3317b71c055709c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://txb.gs.com/
Origin: https://txb.gs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Thu, 18 May 2023 21:19:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 14:51:28 GMT
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Accept-Encoding, Origin
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 43490
Expires: Sun, 24 Jan 2055 22:01:21 GMT

POST
H/1.1 200
OK postback Show response
dmwdyr.com/2/5.0.0/791647/AgHlifULEeQ-RASY/ 0
145 B 32ms
32ms XHR
text/plain 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmwdyr.com/2/5.0.0/791647/AgHlifULEeQ-RASY/postback?oz_pl=1&mo=2&spa=1&ci=791647&psv=5.0.0&pd=acc
Requested by: Host: dmwdyr.com
URL: https://dmwdyr.com/static/tb/5.0.0/pagespeed.js?psv=5.0.0&pd=acc&mo=2&spa=1&ci=791647
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://txb.gs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 18 May 2023 21:19:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 eb155ca3c62f12fad509.svg
txb.gs.com/cx/ 113 KB
50 KB 142ms
142ms Image
image/svg+xml 13.249.9.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://txb.gs.com/cx/eb155ca3c62f12fad509.svg

Requested by

Host: txb.gs.com
URL: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-104.cdg53.r.cloudfront.net

Software

CloudFront /

Resource Hash

abde0443013115d4f946f7f74469f961fa94b6d73b71d7b87fce0311a7ec24c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://.gs.com data: https://.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:19:10 GMT
content-encoding: gzip
via: 1.1 ee57e278d5f96045a012c4c3d8da58f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://*.gs.com data: https://*.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://*.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://*.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
x-amz-cf-pop: CDG53-C1
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 855e6137-0c7c-4531-91aa-71b1b87ccf7a#72476
last-modified: Fri, 12 May 2023 16:25:19 GMT
server: CloudFront
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-amz-cf-id: tW36sq4mMT-NGLhv6PcWMX9Yilu7dBhAKgT4M1EN6OSSYYaZ3IvvNQ==

GET
H2 200 0b5e56d106013c9e2972.ttf
txb.gs.com/cx/ 75 KB
42 KB 284ms
283ms Font
application/x-font-ttf 13.249.9.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://txb.gs.com/cx/0b5e56d106013c9e2972.ttf

Requested by

Host: txb.gs.com
URL: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-104.cdg53.r.cloudfront.net

Software

CloudFront /

Resource Hash

1b2335ce7ee5e73fbdf34834f3355d47eb481529657847920d83dceabefb81ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://.gs.com data: https://.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM
Origin: https://txb.gs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:19:10 GMT
content-encoding: gzip
via: 1.1 ee57e278d5f96045a012c4c3d8da58f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://*.gs.com data: https://*.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://*.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://*.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
x-amz-cf-pop: CDG53-C1
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: e527b80a-75d2-42d0-b2fb-5021b3e5d6f9#73349
last-modified: Fri, 12 May 2023 16:25:19 GMT
server: CloudFront
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-font-ttf
access-control-allow-origin: *
x-amz-cf-id: 3HmHfQFaWfgZMO4DHn987K9ol3armfSG0-DBCZtVRoq1-vBs12iIdA==

GET
H2 200 7362100e6ea536e2498c.ttf
txb.gs.com/cx/ 79 KB
42 KB 144ms
144ms Font
application/x-font-ttf 13.249.9.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://txb.gs.com/cx/7362100e6ea536e2498c.ttf

Requested by

Host: txb.gs.com
URL: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.249.9.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-249-9-104.cdg53.r.cloudfront.net

Software

CloudFront /

Resource Hash

76795e13b2119557f89792c284ca636934b5b1ae9b331767e1c3e12a8ad8a9d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://.gs.com data: https://.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM
Origin: https://txb.gs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:19:10 GMT
content-encoding: gzip
via: 1.1 ee57e278d5f96045a012c4c3d8da58f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://*.gs.com data: https://*.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://*.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://*.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
x-amz-cf-pop: CDG53-C1
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 806fa853-abef-460f-88ad-52b331d2fea6#129531
last-modified: Fri, 12 May 2023 16:25:19 GMT
server: CloudFront
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-font-ttf
access-control-allow-origin: *
x-amz-cf-id: 6b4mR_8TUCgXbZ7M79Le5nRm6vie4Fb4dE5baLONkdLPzHICbvxbUw==

GET
BLOB 200
OK cfbe63bb-1706-4f39-ab58-dab69e79fc69
https://txb.gs.com/ 750 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://txb.gs.com/cfbe63bb-1706-4f39-ab58-dab69e79fc69
Requested by: Host: txb.gs.com
URL: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfb8de4be8232aa3394701facfbf34f0445e364c98e1f76af90c0551b1e1f210

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 750
Content-Type

GET
BLOB 200
OK 8d8fd5b3-e581-40fb-b2d6-7206dd2c49be
https://txb.gs.com/ 206 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be
Requested by: Host: txb.gs.com
URL: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a72b968f11ccf1b644c0087205c1012c750b932013ba75b027641a7eb9ca803

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 206
Content-Type

GET
BLOB 200
OK 60a76711-832c-42fd-8706-74b303af91c3
https://txb.gs.com/ 476 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://txb.gs.com/60a76711-832c-42fd-8706-74b303af91c3
Requested by: Host: txb.gs.com
URL: https://txb.gs.com/cx/user/activate/nrlhucskZ5V_t5rvjiDM
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e811b97dc60cf37a74f0bffee4222c2697e409c2cc78548e47b3384926c4338

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 476
Content-Type

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			txb.gs.com/	1970-01-20 11:54:05	Name: _dd_s Value: rum=1&id=a54dd088-d71d-48bd-95b5-03575b003053&created=1684444750199&expire=1684445650199

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	error	URL: blob:https://txb.gs.com/60a76711-832c-42fd-8706-74b303af91c3 Message: Refused to connect to 'https://t.dmwdyr.com/ip?oz_tc=AgHlifULEeQ-RASY' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://ianldemdppnbbojbafdkpdofceajhica/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://elfchnpigjboibngodkiamfemllklmge/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://npfnhmfcalmmkbpgkhjpdaiajfdhpndm/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://pfobdhfgohkddopcdbifhccbbpjlakaa/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://gfpioeglfjecbkeeomdidlndcagpbmj/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://mnbkfnehljejnebgbgfhdkmjicgmangi/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://adcggpckpldlkcobapimobdijchkigmb/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://poifgggpiofkbhafbjljpbbajafcjafi/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://plkjhgplpjlokmchnngcaeneiigkipeb/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://hhhpajpnecmhngfgkclokcghcpfgbape/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://cnncicmafnkgbonafdjnikijbhjkeink/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://aoeceebmempjbabimmnfkeeioccbjkea/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://pbclflhfplnkbgfokopkmjpejkokcaec/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://pogfikdkppcfejpknaclddnpcjjbalbn/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://mdjpmjaonahjbjncdlkjgeggjfdnnmme/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://cefomhonapiagddecgpooacpnoomabne/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://iokdapkmdldpeomcloobkajedcdleoib/img/info.svg' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://cndipecijohebobplligphncocjamhei/content/images/icons/16.png' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://lmpknllkkhpbfahgbkgjgopandmdbopi/blocked-notification-bar.html' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://blddopfbnibgpgfeheedhjaheikanamn/img/128x128g.png' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://nfjcghppefdfgmnblhgelkjhmljpndhh/img/icon16.png' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://jffbochibkahlbbmanpmndnhmeliecah/config.json' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://dehdhmbfpjfihgpekceokjdeeheinkfo/intercept.js' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".
worker	error	URL: blob:https://txb.gs.com/8d8fd5b3-e581-40fb-b2d6-7206dd2c49be(Line 2) Message: Refused to connect to 'chrome-extension://mooikfkahbdckldjjndioackbalphokd/icons/icon128.png' because it violates the following Content Security Policy directive: "connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://h.online-metrix.net https://s.gihwyz.com https://dmwdyr.com; img-src 'self' https://.gs.com data: https://.online-metrix.net https://s.gihwyz.com https://s.dmwdyr.com; connect-src 'self' https://.gs.com https://rum-http-intake.logs.datadoghq.com https://h.online-metrix.net https://.gihwyz.com https://dmwdyr.com; style-src 'self' 'unsafe-inline'; media-src 'self'; frame-src https://*.gs.com/ https://h.online-metrix.net
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dmwdyr.com
txb.gs.com
13.249.9.104
34.248.176.243
123f4baec27971865ddd3eebcf18059cb97ecc1eac06fc66a72de878fde8b2a6
126f9f2f8b66463dc41adb8bf1a3b8f1ebd9335e27e1cd2404ce29683c72289f
15c1f4d6c814f89f5fd33899253e815c0c6e7cc6b999861b319a9ac094c35496
1b2335ce7ee5e73fbdf34834f3355d47eb481529657847920d83dceabefb81ce
1d1b243af314d98a934eb91e77fbc53f5190c440b400e24d19419ebfe5e81296
2a4b95511fe981d3cafa2c14910a1a727949bc36a913232359266ff478f5d6b0
2a72b968f11ccf1b644c0087205c1012c750b932013ba75b027641a7eb9ca803
3e811b97dc60cf37a74f0bffee4222c2697e409c2cc78548e47b3384926c4338
401c383911aae2411f3768d9141686f5cee08ab276112499bf1ad65118e67952
76795e13b2119557f89792c284ca636934b5b1ae9b331767e1c3e12a8ad8a9d1
abde0443013115d4f946f7f74469f961fa94b6d73b71d7b87fce0311a7ec24c6
b9af5e7a28555c9ebcfcfe8ec977ea4d7f0cc2aa5b1151b8b3fe4a5a67ceb505
cfb8de4be8232aa3394701facfbf34f0445e364c98e1f76af90c0551b1e1f210
df527f76ff680f82299ca6cd328e3c265196984c6f6b77a3317b71c055709c92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

txb.gs.com Open in urlscan Pro 13.249.9.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

16 Requests

81 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

15393 kBTransfer

15594 kBSize

1 Cookies

2 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

1 Cookies

27 Console Messages

Security Headers

Indicators

txb.gs.com Open in urlscan Pro
13.249.9.104 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

81 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

15393 kB
Transfer

15594 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions