Report - gigglecurb.net/?target=https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd

Report Overview

Visited public
2025-06-02 06:07:52
Tags
URL
gigglecurb.net/?target=https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Finishing URL
insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
IP / ASN
104.21.80.1
#13335 CLOUDFLARENET
Title
Insights Social Media Explorer

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.airfind.com	89315	2003-07-01	2017-02-23	2025-05-31	508 B	20 kB	185.76.9.27
www.google.com	7	1997-09-15	2015-05-10	2025-05-28	441 B	141 kB	142.250.178.100
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-05-28	2.3 kB	155 kB	142.250.178.99
fundingchoicesmessages.google.com	2397	1997-09-15	2019-01-16	2025-05-30	2.7 kB	638 kB	142.250.74.174
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-05-28	1.9 kB	146 kB	142.250.178.74
gigglecurb.net	unknown	2025-04-09	2025-05-24	2025-05-24	1.4 kB	66 kB	104.21.32.1
insights.socialmediaexplorer.com	unknown	2007-09-17	2025-02-16	2025-05-28	3.6 kB	313 kB	172.67.129.204

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-02	medium	gigglecurb.net	Sinkholed
2025-06-02	medium	gigglecurb.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (17)

	URL	From	Size	First Seen	Last Seen
	insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd	ScriptElement	1.6 kB	2025-06-02	2025-06-02
Pretty URL insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd IP 172.67.129.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-02 06:07 Last Seen2025-06-02 06:07 Times Seen1 Hash a5a1f86f0668a755efd30d83a8a835b0 05a083ca6fbbefcdfdfe119b85635c72d66d618e b08e86de219772dc9a5e127af2322fb98b6d273c08f4c6eb8781cda3b4a63aac Loading...

	insights.socialmediaexplorer.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZYXNCDgLnE8.es5.O/d=1/rs=AJlcJMwVShtRL9vLgCAHlu4pm73Yx0KpXA/m=kernel_loader,loader_js_executable	ScriptElement	208 kB	2025-06-02	2025-06-02
Pretty URL insights.socialmediaexplorer.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZYXNCDgLnE8.es5.O/d=1/rs=AJlcJMwVShtRL9vLgCAHlu4pm73Yx0KpXA/m=kernel_loader,loader_js_executable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 06:07 Last Seen2025-06-02 06:07 Times Seen1 Hash 374fa5b6eb6817b577579557aabc3afa c5c8a388cb556454d1dc719e09b3d09008cb7600 4d27ebc19d3a3b4016479ed51f67be8552bb29ae0c5720b191cc344a204cdc2d Loading...

	gigglecurb.net/_astro/client.BF5YdGWT.js	ScriptElement	2.1 kB	2025-02-11	2025-06-09
Pretty URL gigglecurb.net/_astro/client.BF5YdGWT.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-11 20:09 Last Seen2025-06-09 00:48 Times Seen1114 Hash 0483ce89f3842d2b7a32e21e70170970 fe9a0e241794dfdd59feb7d0197ab2894c70f87b 2f374147566314e1fe1211f2a04af60c638cd5f972842ab7069dc04026c04d6b Loading...

	gigglecurb.net/_astro/FeaturesProvider.B0FgMFmZ.js	ScriptElement	966 B	2025-05-19	2025-06-09
Pretty URL gigglecurb.net/_astro/FeaturesProvider.B0FgMFmZ.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-19 11:05 Last Seen2025-06-09 00:48 Times Seen743 Hash 98671c80ba3406a9d92efb26df42c94b 99f4307ea4934da2cfbdaf70d3d2ccb83e701227 4f16e5089faf012a4de418f4c7c1b304de169dd27d9d0525f6aba8ff6aea0291 Loading...

	gigglecurb.net/_astro/hooks.module.C9WLiBQm.js	ImportedModule	2.6 kB	2025-02-11	2025-06-09
Pretty URL gigglecurb.net/_astro/hooks.module.C9WLiBQm.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2025-02-11 20:09 Last Seen2025-06-09 00:48 Times Seen1112 Hash 26c2a13c0f56377d024c49f4499db3a1 f08491a18d64f9fac94421abda014285e09c37ab 8a5101bc927602711d5677ad1d1406ee4824c468f3e6ff085978e45cfb8619cb Loading...

	insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd	EventHandler	38 B	2023-04-10	2025-06-09
Pretty URL insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd IP 172.67.129.204 ASN #13335 CLOUDFLARENET Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:02 Last Seen2025-06-09 03:08 Times Seen25201 Hash 43e28c5553d54ed2964bd5147521769b 0a2b8c3db330a47aa7b9195e6dfdf944adb9240d d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23 Loading...

	gigglecurb.net/?target=https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd	ScriptElement	3.6 kB	2024-10-28	2025-06-09
Pretty URL gigglecurb.net/?target=https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-28 11:36 Last Seen2025-06-09 00:48 Times Seen1454 Hash 44646c74c0f3cc6057b374b25f9174c4 23030f0c8e03e8415d14ae3cf5140fe73afc3b82 58dd21a9e9358c46ae8658565555de40f6b9043ddfd2bb0c766c1266dc350b2b Loading...

	insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd	EventHandler	38 B	2023-04-10	2025-06-09
Pretty URL insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd IP 172.67.129.204 ASN #13335 CLOUDFLARENET Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:02 Last Seen2025-06-09 03:08 Times Seen25201 Hash 43e28c5553d54ed2964bd5147521769b 0a2b8c3db330a47aa7b9195e6dfdf944adb9240d d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23 Loading...

	insights.socialmediaexplorer.com/build/insights_socialmediaexplorer_com.76f41549.js	ScriptElement	1.0 kB	2025-03-06	2025-06-05
Pretty URL insights.socialmediaexplorer.com/build/insights_socialmediaexplorer_com.76f41549.js IP 172.67.129.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-06 10:44 Last Seen2025-06-05 18:06 Times Seen12 Hash 0c6018f099f56205ef68b2a79e2e903a f32a450eb2b4744ebd136e8e9a8645ac27ba4e0b 997a56062db3c1318541f3ea536ac11d58181549f09e1ec64d10938d16ea8848 Loading...

	gigglecurb.net/_astro/Redirect.B9fVa80F.js	ScriptElement	407 B	2025-04-05	2025-06-09
Pretty URL gigglecurb.net/_astro/Redirect.B9fVa80F.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-05 09:03 Last Seen2025-06-09 00:48 Times Seen1056 Hash 1cbc8a60aea61d84167917e7dac50a2a 84addc35c6051a9459ce0839e77ee3323c506f22 56a6a809faed5c1229b1d582c7e4ae5c741419b8f492993389518dce3cc57d8e Loading...

	gigglecurb.net/_astro/preact.module.NIwkvMQy.js	ImportedModule	10 kB	2025-02-11	2025-06-09
Pretty URL gigglecurb.net/_astro/preact.module.NIwkvMQy.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2025-02-11 20:09 Last Seen2025-06-09 00:48 Times Seen1125 Hash 1bff1ff4eaa6a0ec7980b854644752ef f095330ae2791590bdf40df8c0dde616bb92f32e 6bf0886b208c9b4c92e8fc05b8ce440b344696bece86d3d70941e8b43c68ff5f Loading...

	www.google.com/adsense/search/ads.js	ScriptElement	140 kB	2025-05-28	2025-06-03
Pretty URL www.google.com/adsense/search/ads.js IP 142.250.178.100 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-28 18:33 Last Seen2025-06-03 00:04 Times Seen31 Hash 4cad15dba1a267500688bcaeca7dab82 30d5a220b70e236dc2736f2878ed0977e1419be2 841aa416c3d005b34f14c1e250d6b660fec5ac2c262f12ed275cb790a340b2ad Loading...

	insights.socialmediaexplorer.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZYXNCDgLnE8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwVShtRL9vLgCAHlu4pm73Yx0KpXA/m=web_iab_tcf_v2_wall_executable	ScriptElement	423 kB	2025-06-02	2025-06-02
Pretty URL insights.socialmediaexplorer.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ZYXNCDgLnE8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwVShtRL9vLgCAHlu4pm73Yx0KpXA/m=web_iab_tcf_v2_wall_executable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-02 06:07 Last Seen2025-06-02 06:07 Times Seen1 Hash 2bbbe00d0e0d8e945872e57d0ec1db6d 366d583edf3a82f7acef19e6881264e277685c48 c5332b772ca9210180fe3755e5408ef30fcfafa3d5fc8de2437dce3972ecf6bd Loading...

	gigglecurb.net/_astro/Favicon.CenzvOau.js	ScriptElement	284 B	2025-02-11	2025-06-09
Pretty URL gigglecurb.net/_astro/Favicon.CenzvOau.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-11 20:09 Last Seen2025-06-09 00:48 Times Seen1112 Hash 6cbb70987ce78d7066caf302a370d244 e3c0c44118ab9e8758d19566367bf636053b7d29 71b25793226e26446e9316b1de141596a33b5c9809cbe7a3ab5f8558420f1ed1 Loading...

	insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd	ScriptElement	429 B	2023-03-07	2025-06-09
Pretty URL insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd IP 172.67.129.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:02 Last Seen2025-06-09 01:32 Times Seen3212 Hash eafaa0be830db11da3770638100b686f db325dc427493ed0c2988ef229573b7093425466 96adbda6f380d09bfd780e4143e165a48037b43421d3964980a4343aedc644ab Loading...

	insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd	ScriptElement	505 B	2025-06-02	2025-06-02
Pretty URL insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd IP 172.67.129.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-02 06:07 Last Seen2025-06-02 06:07 Times Seen1 Hash c8e532b06b3493c8bfbb9d888503fba9 1eb5cf9cac04b488e8fe09751af501734fef4985 43859507d7141ff83d7a09fbdb21c93aaa06f602ecbaf97036ab02113ec5d9ab Loading...

	insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd	ScriptElement	1.4 kB	2024-11-01	2025-06-08
Pretty URL insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd IP 172.67.129.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-01 14:16 Last Seen2025-06-08 10:43 Times Seen39 Hash 2b718a02731f912ece500d822d961904 02a55ea00bfc0a83ec7b85356342f15d65b67337 38cbc44966e59bf74a39d42fb717beb56ba73802d84b7a187a348171641c41bb Loading...

HTTP Transactions (20)

URL IP Response Size

fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.178.99

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://insights.socialmediaexplorer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 May 2025 18:15:43 GMT
expires: Fri, 29 May 2026 18:15:43 GMT
cache-control: public, max-age=31536000
age: 301909
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fundingchoicesmessages.google.com/f/AGSKWxV_G0xjl_jtne-8a39249_6QteM17d_kt-r7Kiwkatrka394NBqDEFuDefFuVUG2VLfQof5oVxm6MwlNBncPfTN7QqEiZFZNWLSjUG51sUpT8oSuVdt2GugJuCgiOTvPZrCqFihhQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ4ODQ0NDUzLDE2MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2luc2lnaHRzLnNvY2lhbG1lZGlhZXhwbG9yZXIuY29tL2dhcnRpY2xlIixudWxsLFtbOCwiWllYTkNEZ0xuRTgiXSxbOSwiZW4tVVMiXSxbMTksIjEiXSxbMTcsIlswXSJdLFsyNCwiZ2lnZ2xlY3VyYi5uZXQiXSxbMjksImZhbHNlIl1dXQ

142.250.74.174

200 OK

423 kB

URL GET
fundingchoicesmessages.google.com/f/AGSKWxV_G0xjl_jtne-8a39249_6QteM17d_kt-r7Kiwkatrka394NBqDEFuDefFuVUG2VLfQof5oVxm6MwlNBncPfTN7QqEiZFZNWLSjUG51sUpT8oSuVdt2GugJuCgiOTvPZrCqFihhQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ4ODQ0NDUzLDE2MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2luc2lnaHRzLnNvY2lhbG1lZGlhZXhwbG9yZXIuY29tL2dhcnRpY2xlIixudWxsLFtbOCwiWllYTkNEZ0xuRTgiXSxbOSwiZW4tVVMiXSxbMTksIjEiXSxbMTcsIlswXSJdLFsyNCwiZ2lnZ2xlY3VyYi5uZXQiXSxbMjksImZhbHNlIl1dXQ
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint7B:D2:02:FC:58:D9:E6:6C:DB:4E:0A:85:10:91:65:A5:9A:9C:5D:12
ValidityMon, 12 May 2025 08:42:58 GMT - Mon, 04 Aug 2025 08:42:57 GMT

File type
JavaScript source, ASCII text, with very long lines (6789)
Size
423 kB (422755 bytes)
Hash
2bbbe00d0e0d8e945872e57d0ec1db6d
366d583edf3a82f7acef19e6881264e277685c48
c5332b772ca9210180fe3755e5408ef30fcfafa3d5fc8de2437dce3972ecf6bd

HTTP Headers

GET /f/AGSKWxV_G0xjl_jtne-8a39249_6QteM17d_kt-r7Kiwkatrka394NBqDEFuDefFuVUG2VLfQof5oVxm6MwlNBncPfTN7QqEiZFZNWLSjUG51sUpT8oSuVdt2GugJuCgiOTvPZrCqFihhQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQ4ODQ0NDUzLDE2MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2luc2lnaHRzLnNvY2lhbG1lZGlhZXhwbG9yZXIuY29tL2dhcnRpY2xlIixudWxsLFtbOCwiWllYTkNEZ0xuRTgiXSxbOSwiZW4tVVMiXSxbMTksIjEiXSxbMTcsIlswXSJdLFsyNCwiZ2lnZ2xlY3VyYi5uZXQiXSxbMjksImZhbHNlIl1dXQ HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://insights.socialmediaexplorer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
timing-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 02 Jun 2025 06:07:33 GMT
cross-origin-opener-policy: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-EG4lQYtYqg-eCyPRdrkMHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw15BiaL15jnU6EBsqXGJ1BuL76y6xPgfiD_WXWX8AcZHEFdYWIP5UdYNVpPoGaxL7TdYSIA51vMkaC8JpN1lTgXjNxlusW4G4Sfs2axcQm_ndZrUDYiFujqX_vxxkE3jw77KJkkZSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRvJGBkamBqZGlnoFhfIEBALPQQDA"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.178.99

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://insights.socialmediaexplorer.com
DNT: 1
Connection: keep-alive
Referer: https://insights.socialmediaexplorer.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 May 2025 13:00:47 GMT
expires: Tue, 26 May 2026 13:00:47 GMT
cache-control: public, max-age=31536000
age: 580006
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css?family=Roboto:400,500,700

142.250.178.74

200 OK

16 kB

URL GET
fonts.googleapis.com/css?family=Roboto:400,500,700
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
ASCII text, with very long lines (1572)
Size
16 kB (16161 bytes)
Hash
92207862eb91f2c0098159a7773dd41f
39829aae2ce82d1a06fd1e9ad0bd3acc7daa482b
b84fca54c8fa9632c35a752096756c1c17b8b9d36ef2b25b2207ca4aadf44599

HTTP Headers

GET /css?family=Roboto:400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://insights.socialmediaexplorer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 02 Jun 2025 06:07:32 GMT
date: Mon, 02 Jun 2025 06:07:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gigglecurb.net/_astro/_slug_.B3oXPvqW.css

104.21.32.1

200 OK

42 kB

URL GET
gigglecurb.net/_astro/_slug_.B3oXPvqW.css
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gigglecurb.net/?target=https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerCLOUDFLARE, INC.
Subjectgigglecurb.net
Fingerprint70:A0:74:E9:D5:2D:89:22:BA:07:B3:AB:0F:E1:CD:8A:5E:FD:84:87
ValidityWed, 09 Apr 2025 16:32:38 GMT - Tue, 08 Jul 2025 16:40:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (41951)
Size
42 kB (41960 bytes)
Hash
04ac283676856c76cd16e60b396cf98c
7c7795367efb43a59fa5933e0a1b60ff874fa39e
a405089436c58f657178afc38633a3a3ac58967ddc9c31e52bc436bcc903a3c5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/_slug_.B3oXPvqW.css HTTP/1.1
Host: gigglecurb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gigglecurb.net/?target=https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 06:07:30 GMT
content-type: text/css
server: cloudflare
last-modified: Mon, 19 May 2025 10:09:27 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
etag: "682b0357-a3e8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=nn8kUxQzdPLLBVAwNT44tWsvo2fhRpDEwojPjiF%2BY%2FSABUVBwvtKdEpHgEYcnWIALNEn%2B2zKSK7OcJw69uwp82SmKE1OZUKbgN5p0A%3D%3D"}]}
cf-ray: 9494c558be6456bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

insights.socialmediaexplorer.com/build/insights_socialmediaexplorer_com.b2087bff.css

172.67.129.204

200 OK

110 kB

URL GET
insights.socialmediaexplorer.com/build/insights_socialmediaexplorer_com.b2087bff.css
IP
172.67.129.204:443
ASN
#13335 CLOUDFLARENET

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subjectsocialmediaexplorer.com
Fingerprint0C:4E:81:D5:73:B3:1C:48:C7:92:42:8C:03:B5:95:8E:27:11:DF:0A
ValiditySun, 01 Jun 2025 21:03:30 GMT - Sat, 30 Aug 2025 22:01:55 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
110 kB (110197 bytes)
Hash
c1a44d21eae6d83ecee0d5809a71b7c0
d6606403856f320376889f2036a8dcf55d84dc46
24b2e8eb6aec32b0d3519ff9e908f55d01532f3a5c0de416ecf4d4e27d676a23

HTTP Headers

GET /build/insights_socialmediaexplorer_com.b2087bff.css HTTP/1.1
Host: insights.socialmediaexplorer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7stdinn0nbed88mcass6akh590
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 06:07:32 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Fri, 30 May 2025 11:42:39 GMT
vary: Accept-Encoding
etag: W/"683999af-1ae75"
expires: Mon, 02 Jun 2025 20:11:25 GMT
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
cf-cache-status: HIT
age: 30981
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=aTKSL1kqyhyf%2FDdh6lOVJJreXLjAGRpDJ34TpjP%2B0apB%2FRIlz1ekESmwt5uhnKV5yFg6Ibq4Vr7TSUkW4sKkyhzpkwg8cZGJKzaEo0m%2BB71idug4gYV5hFTg5P0DQw%3D%3D"}]}
cf-ray: 9494c5619c5a5695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.178.99

200 OK

15 kB

URL GET
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://insights.socialmediaexplorer.com
DNT: 1
Connection: keep-alive
Referer: https://insights.socialmediaexplorer.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 May 2025 12:58:05 GMT
expires: Tue, 26 May 2026 12:58:05 GMT
cache-control: public, max-age=31536000
age: 580168
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fundingchoicesmessages.google.com/el/AGSKWxUZD4Rw53vjtGc7YeP0z8VeNiDeHiDNq6floMOpNkJLf6TgR1ZAPoIjT7004_jUVOaRQpyPyQd6aKi-3w8HxHCdGWZba1-M5zZe-jLqdPFcuwAN9OOtZVVWBUrtC9cjgCYEEyMadw==

142.250.74.174

204 No Content

0 B

URL POST
fundingchoicesmessages.google.com/el/AGSKWxUZD4Rw53vjtGc7YeP0z8VeNiDeHiDNq6floMOpNkJLf6TgR1ZAPoIjT7004_jUVOaRQpyPyQd6aKi-3w8HxHCdGWZba1-M5zZe-jLqdPFcuwAN9OOtZVVWBUrtC9cjgCYEEyMadw==
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint7B:D2:02:FC:58:D9:E6:6C:DB:4E:0A:85:10:91:65:A5:9A:9C:5D:12
ValidityMon, 12 May 2025 08:42:58 GMT - Mon, 04 Aug 2025 08:42:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /el/AGSKWxUZD4Rw53vjtGc7YeP0z8VeNiDeHiDNq6floMOpNkJLf6TgR1ZAPoIjT7004_jUVOaRQpyPyQd6aKi-3w8HxHCdGWZba1-M5zZe-jLqdPFcuwAN9OOtZVVWBUrtC9cjgCYEEyMadw== HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 200
Origin: https://insights.socialmediaexplorer.com
DNT: 1
Connection: keep-alive
Referer: https://insights.socialmediaexplorer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
content-type: text/html; charset=utf-8
access-control-allow-methods: POST, GET, OPTIONS
access-control-max-age: 86400
access-control-allow-origin: https://insights.socialmediaexplorer.com
access-control-allow-credentials: true
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 02 Jun 2025 06:07:33 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-6NpJySlEAPa0nxFhjAZEBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1ZBi-FB_mfUHEJv53Wa1A2IhHo6l_78cZBM48W3jSSYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGpgamSpZ2AaX2AAANszKFk"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.airfind.com/ext/51372/1726084071510-navComponentV2Footer-DailyHarbour_blue.png

185.76.9.27

200 OK

19 kB

URL GET
cdn.airfind.com/ext/51372/1726084071510-navComponentV2Footer-DailyHarbour_blue.png
IP
185.76.9.27:443
ASN
#60068 Datacamp Limited

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerSectigo Limited
Subjectcdn.airfind.com
Fingerprint31:D5:97:47:4D:F8:F3:ED:EE:2B:F4:5E:A0:89:1B:58:7D:43:81:E3
ValidityFri, 06 Dec 2024 00:00:00 GMT - Mon, 05 Jan 2026 23:59:59 GMT

File type
PNG image data, 881 x 158, 8-bit/color RGBA, non-interlaced
Size
19 kB (19206 bytes)
Hash
9e8a1aecc479509dd3813b1ebaa21d2c
e118d37e3bfc8d44122f81ed68961b13645a9d2e
269acda0e96ba294631672ab6222307be716d244408fc0ab77e10bbfad907c3f

HTTP Headers

GET /ext/51372/1726084071510-navComponentV2Footer-DailyHarbour_blue.png HTTP/1.1
Host: cdn.airfind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://insights.socialmediaexplorer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 06:07:32 GMT
content-type: image/png
content-length: 19206
last-modified: Wed, 11 Sep 2024 19:47:51 GMT
etag: "4b06-621dd43ef71d6"
cache-control: max-age=2592000
expires: Wed, 23 Oct 2024 09:20:12 GMT
x-77-nzt: FAwBuUwJGwH3r4MPAAwBuUwKDAH30cwEAAwBisclxAG3kj8AAAwBnJI73wG3uf0DAA
x-77-nzt-ray: fdb5412363327d53a43f3d688640310b
x-77-cache: HIT
x-77-age: 1016751
server: CDN77-Turbo
x-77-pop: stockholmSE
accept-ranges: bytes
X-Firefox-Spdy: h2

gigglecurb.net/?target=https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd

104.21.32.1

200 OK

22 kB

URL User Request GET
gigglecurb.net/?target=https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCLOUDFLARE, INC.
Subjectgigglecurb.net
Fingerprint70:A0:74:E9:D5:2D:89:22:BA:07:B3:AB:0F:E1:CD:8A:5E:FD:84:87
ValidityWed, 09 Apr 2025 16:32:38 GMT - Tue, 08 Jul 2025 16:40:12 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (22511), with no line terminators
Size
22 kB (22528 bytes)
Hash
1d7e8df7ceda880d80af945077c5d5af
60225c63a44ddc8b5309a7ba5e3392427208ccd5
2b9762365f9c7328746f8ef000a247eac67f3232d1a1bc6328aec94709d53d0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?target=https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd HTTP/1.1
Host: gigglecurb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 06:07:30 GMT
content-type: text/html
server: cloudflare
last-modified: Mon, 19 May 2025 10:09:39 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1Y%2BUL%2BXi8gPxhoWt7szgek2Wcegxwv2%2B%2F1GwCsqhqwwJo7jjtbnpyVH%2BNnNu37NffysFeEzNlaFnZVc7IN%2Fn%2Bn2WRy%2BYC%2Ft2YDOcXg%3D%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9494c5560b2456bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

insights.socialmediaexplorer.com/build/images/logo.7374dd07.svg

172.67.129.204

200 OK

12 kB

URL GET
insights.socialmediaexplorer.com/build/images/logo.7374dd07.svg
IP
172.67.129.204:443
ASN
#13335 CLOUDFLARENET

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subjectsocialmediaexplorer.com
Fingerprint0C:4E:81:D5:73:B3:1C:48:C7:92:42:8C:03:B5:95:8E:27:11:DF:0A
ValiditySun, 01 Jun 2025 21:03:30 GMT - Sat, 30 Aug 2025 22:01:55 GMT

File type
SVG Scalable Vector Graphics image
Size
12 kB (11598 bytes)
Hash
a3d18d315567b66c9b530599f6d1b6cc
22c1204057db8332b870880cb0a1f3c616d7a44e
4da805afa7dd5fd83d6a308c6acd47e4d7e79e7cca36de7f4f11f9371b965aa1

HTTP Headers

GET /build/images/logo.7374dd07.svg HTTP/1.1
Host: insights.socialmediaexplorer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://insights.socialmediaexplorer.com/build/insights_socialmediaexplorer_com.b2087bff.css
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7stdinn0nbed88mcass6akh590
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Jun 2025 06:07:32 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q8%2BwcRJQ5FvggqdZk6ABoQUNEaKISi%2BOa3g1%2Bo9y2JLm11gpk%2F%2Bfciuf6ZlG03llwmP6s9hSkDvqhvzz49kjprG5wbhNDd2ZPQqBVe9Er2NCT45JcVl8erhTK%2BPiU9Qtw45NDU2oS2PL2XPWGGVawiM%2BiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 30 May 2025 11:42:39 GMT
vary: Accept-Encoding
etag: W/"683999af-2d4e"
expires: Fri, 06 Jun 2025 18:44:49 GMT
cache-control: max-age=604800
access-control-allow-origin: *
content-encoding: gzip
age: 210441
cf-cache-status: HIT
cf-ray: 9494c5637e4cb505-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4143&min_rtt=800&rtt_var=2670&sent=102&recv=117&lost=0&retrans=0&sent_bytes=8679&recv_bytes=6962&delivery_rate=483545&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=0007c456f7223251&ts=502&x=80"

fundingchoicesmessages.google.com/i/pub-7671733567783864?ers=1

142.250.74.174

200 OK

208 kB

URL GET
fundingchoicesmessages.google.com/i/pub-7671733567783864?ers=1
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint7B:D2:02:FC:58:D9:E6:6C:DB:4E:0A:85:10:91:65:A5:9A:9C:5D:12
ValidityMon, 12 May 2025 08:42:58 GMT - Mon, 04 Aug 2025 08:42:57 GMT

File type
JavaScript source, ASCII text, with very long lines (2016)
Size
208 kB (208359 bytes)
Hash
374fa5b6eb6817b577579557aabc3afa
c5c8a388cb556454d1dc719e09b3d09008cb7600
4d27ebc19d3a3b4016479ed51f67be8552bb29ae0c5720b191cc344a204cdc2d

HTTP Headers

GET /i/pub-7671733567783864?ers=1 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://insights.socialmediaexplorer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
timing-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 02 Jun 2025 06:07:32 GMT
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-qS7iOwUHitpeDMnfINe0GQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1ZBiaL15jnU6EBsqXGJ1BuL76y6xPgfiD_WXWX8AcZHEFdYWIP5UdYNVpPoGaxL7TdYSIA51vMkaC8JpN1lTgXjNxlusW4G4Sfs2axcQm_ndZrUDYiEejiX_vxxkE5iw_v5-JiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyNTA1MjSz0Dw_gCAwDh50Ao"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

142.250.178.74

200 OK

127 kB

URL GET
fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
ASCII text, with very long lines (1572)
Size
127 kB (126895 bytes)
Hash
39858ed4e4657dffa858b01a81f46fc0
8b883d1ef65c8469060b0b08287e6f1b3b059394
615ea2ab4554783de12fea7803ea95e8aaae1f6272bb3ac310f12d5b5bda7e10

HTTP Headers

GET /css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://insights.socialmediaexplorer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 02 Jun 2025 06:07:33 GMT
date: Mon, 02 Jun 2025 06:07:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.178.99

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://insights.socialmediaexplorer.com
DNT: 1
Connection: keep-alive
Referer: https://insights.socialmediaexplorer.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 May 2025 13:00:47 GMT
expires: Tue, 26 May 2026 13:00:47 GMT
cache-control: public, max-age=31536000
age: 580006
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/icon?family=Material+Icons

142.250.178.74

200 OK

565 B

URL GET
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.178.74:443
ASN
#15169 GOOGLE

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint1C:09:46:89:AD:F3:B6:3E:B4:89:F7:49:AC:15:E7:4E:A6:D2:AA:73
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
ASCII text
Size
565 B (565 bytes)
Hash
736c83e15fc300de505f6ce9762a9396
31c0f11ada78e92970ff42d990116d77c169c6d7
c31266310101d0b1607937a7baf07f1601b7637bd2373176696488a07d7b4302

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://insights.socialmediaexplorer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 02 Jun 2025 06:07:32 GMT
date: Mon, 02 Jun 2025 06:07:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

insights.socialmediaexplorer.com/build/insights_socialmediaexplorer_com.76f41549.js

172.67.129.204

200 OK

1.0 kB

URL GET
insights.socialmediaexplorer.com/build/insights_socialmediaexplorer_com.76f41549.js
IP
172.67.129.204:443
ASN
#13335 CLOUDFLARENET

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subjectsocialmediaexplorer.com
Fingerprint0C:4E:81:D5:73:B3:1C:48:C7:92:42:8C:03:B5:95:8E:27:11:DF:0A
ValiditySun, 01 Jun 2025 21:03:30 GMT - Sat, 30 Aug 2025 22:01:55 GMT

File type
JavaScript source, ASCII text, with very long lines (1001), with no line terminators
Size
1.0 kB (1001 bytes)
Hash
0c6018f099f56205ef68b2a79e2e903a
f32a450eb2b4744ebd136e8e9a8645ac27ba4e0b
997a56062db3c1318541f3ea536ac11d58181549f09e1ec64d10938d16ea8848

HTTP Headers

GET /build/insights_socialmediaexplorer_com.76f41549.js HTTP/1.1
Host: insights.socialmediaexplorer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7stdinn0nbed88mcass6akh590
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 06:07:32 GMT
content-type: application/javascript; charset=utf-8
server: cloudflare
last-modified: Fri, 30 May 2025 11:42:39 GMT
vary: Accept-Encoding
etag: "683999af-3e9"
expires: Mon, 02 Jun 2025 12:55:46 GMT
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 30980
cf-cache-status: HIT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fGKJQXpVi8PiiycwxjsY23x%2FHRAl10NBSYiuEZf7Q0mQaKYohNrjgCNmJAN6lIs1HCxCIhACrgh%2B%2BbOEP7ktheyMahAyQ41v0kkEtNxg0dSveMHdT4R5UxNYN7AC8Q%3D%3D"}]}
cf-ray: 9494c5619c5d5695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

insights.socialmediaexplorer.com/build/insights_socialmediaexplorer_com/images/favicon/favicon.ico

172.67.129.204

200 OK

166 kB

URL GET
insights.socialmediaexplorer.com/build/insights_socialmediaexplorer_com/images/favicon/favicon.ico
IP
172.67.129.204:443
ASN
#13335 CLOUDFLARENET

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subjectsocialmediaexplorer.com
Fingerprint0C:4E:81:D5:73:B3:1C:48:C7:92:42:8C:03:B5:95:8E:27:11:DF:0A
ValiditySun, 01 Jun 2025 21:03:30 GMT - Sat, 30 Aug 2025 22:01:55 GMT

File type
MS Windows icon resource - 1 icon, -56x-56, 32 bits/pixel
Size
166 kB (165662 bytes)
Hash
6d1c2922a24cac4a4ba2a21bb1eaab5d
435d55a0c7a9d1171992b921e787f24ac8219348
093829ac5e53f9c430f1bc401236bd513216d8b5e54a0e99e2717b5ff9ee022b

HTTP Headers

GET /build/insights_socialmediaexplorer_com/images/favicon/favicon.ico HTTP/1.1
Host: insights.socialmediaexplorer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7stdinn0nbed88mcass6akh590
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 02 Jun 2025 06:07:32 GMT
content-type: image/x-icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3u0aLJUmonAVwTZiRIcm3487UtIxyRaj7vT9h%2BqCnH38TZI4uiE0k9a12TqI9SwOiHe8VfVv4XkIw9PzbifetdCjtWQyA7WHlw5yQnjEH4UWDwYYJ8W5W5sNBvXHnJxMkOnYHCYa%2B4snWOJ2jpJQJC%2FtiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 30 May 2025 11:42:39 GMT
etag: W/"683999af-2871e"
expires: Mon, 02 Jun 2025 16:30:35 GMT
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
age: 4334
cf-cache-status: HIT
content-encoding: br
cf-ray: 9494c5648e51b505-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4025&min_rtt=800&rtt_var=2240&sent=108&recv=119&lost=0&retrans=0&sent_bytes=13802&recv_bytes=7522&delivery_rate=1079420&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=0007c456f7223251&ts=667&x=80"

www.google.com/adsense/search/ads.js

142.250.178.100

200 OK

140 kB

URL GET
www.google.com/adsense/search/ads.js
IP
142.250.178.100:443
ASN
#15169 GOOGLE

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint84:BD:0D:9A:51:CC:86:3E:E9:2F:6E:7C:2D:58:AC:4C:FB:B5:3D:8C
ValidityMon, 12 May 2025 08:44:44 GMT - Mon, 04 Aug 2025 08:44:43 GMT

File type
JavaScript source, ASCII text, with very long lines (1839)
Size
140 kB (140413 bytes)
Hash
4cad15dba1a267500688bcaeca7dab82
30d5a220b70e236dc2736f2878ed0977e1419be2
841aa416c3d005b34f14c1e250d6b660fec5ac2c262f12ed275cb790a340b2ad

HTTP Headers

GET /adsense/search/ads.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://insights.socialmediaexplorer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Mon, 02 Jun 2025 06:07:32 GMT
expires: Mon, 02 Jun 2025 06:07:32 GMT
cache-control: private, max-age=3600
etag: "3740536190446782866"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fundingchoicesmessages.google.com/el/AGSKWxUZD4Rw53vjtGc7YeP0z8VeNiDeHiDNq6floMOpNkJLf6TgR1ZAPoIjT7004_jUVOaRQpyPyQd6aKi-3w8HxHCdGWZba1-M5zZe-jLqdPFcuwAN9OOtZVVWBUrtC9cjgCYEEyMadw==

142.250.74.174

204 No Content

0 B

URL POST
fundingchoicesmessages.google.com/el/AGSKWxUZD4Rw53vjtGc7YeP0z8VeNiDeHiDNq6floMOpNkJLf6TgR1ZAPoIjT7004_jUVOaRQpyPyQd6aKi-3w8HxHCdGWZba1-M5zZe-jLqdPFcuwAN9OOtZVVWBUrtC9cjgCYEEyMadw==
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint7B:D2:02:FC:58:D9:E6:6C:DB:4E:0A:85:10:91:65:A5:9A:9C:5D:12
ValidityMon, 12 May 2025 08:42:58 GMT - Mon, 04 Aug 2025 08:42:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /el/AGSKWxUZD4Rw53vjtGc7YeP0z8VeNiDeHiDNq6floMOpNkJLf6TgR1ZAPoIjT7004_jUVOaRQpyPyQd6aKi-3w8HxHCdGWZba1-M5zZe-jLqdPFcuwAN9OOtZVVWBUrtC9cjgCYEEyMadw== HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 168
Origin: https://insights.socialmediaexplorer.com
DNT: 1
Connection: keep-alive
Referer: https://insights.socialmediaexplorer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
content-type: text/html; charset=utf-8
access-control-allow-methods: POST, GET, OPTIONS
access-control-max-age: 86400
access-control-allow-origin: https://insights.socialmediaexplorer.com
access-control-allow-credentials: true
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 02 Jun 2025 06:07:33 GMT
content-security-policy: script-src 'nonce-v0tfSSKTnfr9n8XxOgZ51Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBi-FB_mfUHEJv53Wa1A2IhHo6l_78cZBOYsPjECSYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGpgamSpZ2AaX2AAALfcJ-E"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd

172.67.129.204

200 OK

20 kB

URL User Request GET
insights.socialmediaexplorer.com/garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd
IP
172.67.129.204:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectsocialmediaexplorer.com
Fingerprint0C:4E:81:D5:73:B3:1C:48:C7:92:42:8C:03:B5:95:8E:27:11:DF:0A
ValiditySun, 01 Jun 2025 21:03:30 GMT - Sat, 30 Aug 2025 22:01:55 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (546)
Size
20 kB (19802 bytes)
Hash
063ff96a0df261ffa31f0fc41faf49fd
93b1f67ec4651a53cb25abea986f5d203b30bd1a
f0ef101d3f03af210a0482d1e33dc46e8f5ee5763cda71df3f50c894224c00ad

HTTP Headers

GET /garticle?q=noclosingcostrefinance&visitor_id=953284366711132161&target_id=6786568&campaign_id=9488714&source_id=2283260&link_key=d9e5a6171ed511d49aa89d2f1bae27b1&_cfrid=01972f3f-58ba-7f10-b430-4e554a06b3cd HTTP/1.1
Host: insights.socialmediaexplorer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gigglecurb.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 06:07:31 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
vary: Accept-Encoding
cache-control: max-age=0, must-revalidate, private
expires: Mon, 02 Jun 2025 06:07:31 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=036wYK6F1X7BVxNM%2Fp19Tx2OKlpzsfP4h%2FG1KXaNFOP0Qi0iN8PV1owDKWtTX8Vnd98yyfI%2BwjaNovWNJAn2WbJpITMCabVeOTXMp%2F2FvLqTTAf4Jr9eJMbpxJk1xw%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: PHPSESSID=7stdinn0nbed88mcass6akh590; HttpOnly; SameSite=Lax; Secure; Path=/
cf-ray: 9494c55ef9d45695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML