Report - tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor

Report Overview

Submitted URL
tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 07:15:08
Access
public
Website Title
financialnewsh24.com
Final URL
tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
44

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
tradetrend.pm	unknown	2024-03-11	2024-04-08	2024-04-17	28 kB	414 kB	188.114.96.1
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-25	903 B	14 kB	151.101.193.229
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-26	422 B	87 kB	142.250.74.72
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-24	912 B	30 kB	104.17.24.14
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	912 B	19 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-26	3.2 kB	160 kB	216.58.207.227
sweeplp.com	unknown	2016-10-26	2016-10-27	2023-08-06	1.8 kB	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	sweeplp.com	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	sweeplp.com	Sinkholed
2024-04-26	medium	tradetrend.pm	Sinkholed
2024-04-26	medium	sweeplp.com	Sinkholed
2024-04-26	medium	sweeplp.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104	174 B	2024-04-26	2024-05-01
Pretty URL tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 09:15:08 Last Seen2024-05-01 23:16:29 Times Seen3 Hash 53154354244b9cbbe816aafcdfce06d9 cb2babbaafc166e670fccf8bee4297194b63d933 1b64ec2be6868107bf6f0487babecdca537c6dd40b64cd66afe63b575db61f9d Loading...

	tradetrend.pm/dynamic/utils/advertorial/index.js	1.3 kB	2024-04-26	2024-04-26
Pretty URL tradetrend.pm/dynamic/utils/advertorial/index.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 09:15:08 Last Seen2024-04-26 09:15:08 Times Seen1 Hash 3d8f886d538ca655b6019f29c7578fda 3f8a8d16f71ee85e44fffcf5776ae9d7da8a6316 4473daf6a7e8d6319bda68f4c8f290eab9c8117684e95aa613d23ecc30d5985c Loading...

	tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104	5.4 kB	2024-04-26	2024-05-01
Pretty URL tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 09:15:08 Last Seen2024-05-01 23:16:29 Times Seen3 Hash cb3b005337ffcc8f07518e5c73f3aaeb 0274bd1d100449b80b0855f954d0178eb6191b89 0b5b466313fda6eba74aed475b67c0c282f26efe086a73352737398983c75fa3 Loading...

	www.googletagmanager.com/gtag/js?id=AW-10816631606	248 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=AW-10816631606 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 09:15:08 Last Seen2024-04-26 09:15:09 Times Seen2 Hash 4058a692520a9b2bbc5ca63625f80f90 06d1771a321faffa755a07bfda7ac68eaec32b76 b438161cb65fd16f916d81814ac6cbbcc19dee62e9a7b0dd5d017e5f80a5f3ed Loading...

	unknown	247 B	2024-04-26	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 09:15:08 Last Seen2024-04-26 09:15:08 Times Seen1 Hash 2ceece39f5cf7723823036702156574b 76ee85543733baf43083661d16d8a6bc23e88d2d 36d4d728f0b782ab1ffc0e64356ff4a60be9e57a48a76a4949536bb05a402971 Loading...

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.3/js/intlTelInput.min.js	29 kB	2023-04-18	2024-05-01
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.3/js/intlTelInput.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-18 21:38:20 Last Seen2024-05-01 23:16:28 Times Seen74 Hash 9505e1114eb26ed1e06370e11c638c09 db46a3f94f054516f9eb5ae1a7ae6bed14b0a7d9 c6fcf8190367fe982f05a883e58b260b5a7b5095fc89109aa4912be0395aba62 Loading...

	tradetrend.pm/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.8 kB	2024-04-26	2024-04-26
Pretty URL tradetrend.pm/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 09:15:08 Last Seen2024-04-26 09:15:09 Times Seen2 Hash 8c2179fb7802a6321207210174c9d90c 2336b21592061113e70588ec3e099b61b12d1127 3aa4d660c5893e69480e40748f3d064a2badad8b11e8c660f09e950f8dad5478 Loading...

	cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.8.1/dist/cookieconsent.js	19 kB	2023-04-01	2024-05-01
Pretty URL cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.8.1/dist/cookieconsent.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:01:12 Last Seen2024-05-01 23:16:29 Times Seen10 Hash bafe205995d72b1c764ca30c350dcefa f6cdcd71290df7c4c595502bb57d235819a23e25 55afefdd762998e9e3754bbb54e00e24b6ab4bdbeca3fea1aee4298884b03c54 Loading...

	tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104	12 kB	2024-04-26	2024-05-01
Pretty URL tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 09:15:09 Last Seen2024-05-01 23:16:29 Times Seen3 Hash 03f9974c602d10823359266ba47f1b6f 896f13be0519b898ed76d231bbf0c0bdf713cf56 44f87c63ce7b38fc720feea5f52fd2a730041464f80b39b9f5f51e47d4c0872d Loading...

	tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104	1.1 kB	2024-04-26	2024-04-26
Pretty URL tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 09:15:09 Last Seen2024-04-26 09:15:09 Times Seen1 Hash 5165a5f6ef488f7d6475083366297179 5390932f792cafbe82336e9f712acc0e46143c63 c8b98d4ff001037a1bfdc7b27de6cb2c41dbb452ff2c05acd40e9247e52050fa Loading...

HTTP Transactions (35)

URL IP Response Size

tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/header-mobile.png

188.114.96.1

200 OK

36 kB

URL GET HTTP/3
tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/header-mobile.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type
PNG image data, 311 x 278, 8-bit/color RGBA, non-interlaced
Size
36 kB (35487 bytes)
Hash
ae94c2318ef188665224931222f13a3b
41ef5418965f0fd40594fc3c6b658df86fe55942
11ecb162861639dbc8d2b75b5f4a6bbf24b7ca4cb60102dd5f2e7560c1076977

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/header-mobile.png HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: image/png
content-length: 35487
last-modified: Sun, 27 Nov 2022 14:58:40 GMT
etag: "8a9f-5ee74fd7e6678"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UUSo8U1qezjTgryz8bc860ciQ2297hPr3dlbULgKLuPGeF1dgBdaLVxs41ir%2FkVxSaR8s6awDbw1CKrd%2FMs8HLg%2FCWyEkVsZCrSjJnCmVLYwg1ZzM2TvlSma6VAUr%2F4G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a4c7057e9a568d-OSL
alt-svc: h3=":443"; ma=86400

tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/profile-img-2.png

188.114.96.1

200 OK

7.1 kB

URL GET HTTP/3
tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/profile-img-2.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Size
7.1 kB (7108 bytes)
Hash
e7249673c0d7a1998e5e496b6cafadd1
53ef18734094c80c4e365fd1dfa0c242fc05db7a
da622c04f418873ecc4a7a7c35bd9bb10e8f511510daee0bd7aa5b5bfc72e90f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/profile-img-2.png HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: image/png
content-length: 7108
last-modified: Sun, 27 Nov 2022 14:58:40 GMT
etag: "1bc4-5ee74fd8c260d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HlBpQa6Rt4IyEWwxlc7%2BjYk3x1vfhOgrbUMpRsGZ05htS7dytqjc%2F7OdfXztpmNjaSmBLOR9Ay26TvTy8QCGo3%2BT%2BsUc1EZz0sRUBAwOGpD9xhqoimsIYPMuuzNyH7BV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a4c7058ea8568d-OSL
alt-svc: h3=":443"; ma=86400

tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/img-2.png

188.114.96.1

200 OK

8.9 kB

URL GET HTTP/3
tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/img-2.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type
PNG image data, 240 x 167, 8-bit/color RGBA, non-interlaced
Size
8.9 kB (8935 bytes)
Hash
3681707f86bb85ed42452b880c816d57
744cf2628a39198a0267fe10869f393385f69d6d
56a17a2a9624a9536f7daa0a736c14a295746732c26468042a866d7b369bfad0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/img-2.png HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: image/png
content-length: 8935
last-modified: Sun, 27 Nov 2022 14:58:40 GMT
etag: "22e7-5ee74fd830de4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eubhhNHqFKS91G2ofk99kVZJ19M3JRLxxgU9XfKhHM05eEBVB72CLMOOEYHZgXOH2GPyObmYd2%2FZG2g7nbQ%2FMk4rq0qtbaSOFP3mIuVhlVCJbmMeQhIk5A42HzMQh74s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a4c7057ea1568d-OSL
alt-svc: h3=":443"; ma=86400

tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/img-3.png

188.114.96.1

200 OK

13 kB

URL GET HTTP/3
tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/img-3.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type
PNG image data, 279 x 181, 8-bit/color RGBA, non-interlaced
Size
13 kB (13049 bytes)
Hash
5bff007075701448ec98418274491771
97f7c8eeec689cb9ad319c4a80e95b30bc13d291
c29a27b354c7a45763a67d6de40a5fb970b2031e796d37a9a3d176c58048c860

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/img-3.png HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: image/png
content-length: 13049
last-modified: Sun, 27 Nov 2022 14:58:40 GMT
etag: "32f9-5ee74fd873c38"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbj4Cgb4hw%2BjA6YPbSkU0XSnEr0TwSnSl5%2BeGpLFAb4gofNe56Q6qn%2FrLEZd4N%2Bje9Hz2WlmaBv28QmZnN2g6dXRLukzQdngyXAY%2FzSH28WysjCOlVlLw%2FI23t8HZZ55"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a4c7058ea4568d-OSL
alt-svc: h3=":443"; ma=86400

tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/profile-img-1.png

188.114.96.1

200 OK

5.6 kB

URL GET HTTP/3
tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/profile-img-1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Size
5.6 kB (5630 bytes)
Hash
3c7b838d5ad6a7bee95814892c421592
c06e4f51d6a208d288d472779131fd341f75f039
ea8dbc27119250a8708184df7315129e16310e7fc8202bfc4e21eb26c3056aae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/profile-img-1.png HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: image/png
content-length: 5630
last-modified: Sun, 27 Nov 2022 14:58:40 GMT
etag: "15fe-5ee74fd87b551"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dk6sxYsbIvKiB2uQWAzV7LRTFurgeDZEL8Oo%2FL33O%2BzdEDvSjp9rzArLii6P8Zre4XmAkvzLq0iP05iMrzRsBIcGPc%2B5Q40DP1CGF%2Bv3hekNeP9xwKZth3VBHZfhuM2W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a4c7058ea6568d-OSL
alt-svc: h3=":443"; ma=86400

tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/img-1.png

188.114.96.1

200 OK

8.2 kB

URL GET HTTP/3
tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/img-1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type
PNG image data, 267 x 166, 8-bit/color RGBA, non-interlaced
Size
8.2 kB (8156 bytes)
Hash
3ffb8c35aeaa59fed245224f18565e01
95f9dbafcd3a3589c87305dca58b88d1603b5f4c
73dd11b2db0c075a480195cdfa380e07445e2e890cc6e93d22edf01e98ef59bd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/img-1.png HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: image/png
content-length: 8156
last-modified: Sun, 27 Nov 2022 14:58:40 GMT
etag: "1fdc-5ee74fd8271a4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UgWhgEaqWtMR%2FW0VTcJjbMd83Su6UWd6%2BNS6Xn%2F7stfSUr8pCkONa7NHDn%2Fs2zd8MpxIx0QALaJVkzwtSP3KKIPnrUAxLB19MHETaJGY9bAVF6XsAfFA2TwF%2FHKKZei1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a4c7057e9e568d-OSL
alt-svc: h3=":443"; ma=86400

cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.8.1/dist/cookieconsent.css

151.101.193.229

200 OK

4.9 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.8.1/dist/cookieconsent.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (18759), with no line terminators
Size
4.9 kB (4890 bytes)
Hash
2263c890fe863c66fb4c7b80b594dc9d
ba376abe0fe1563ff41de617a552e531b51e0ec2
91ba5d9d7529dd290c9315bfb3c0c876734a4975352f5fa5c1e10211833955a5

HTTP Headers

GET /gh/orestbida/cookieconsent@v2.8.1/dist/cookieconsent.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 2.8.1
x-jsd-version-type: version
etag: W/"4947-ujdqvg/hVj/0HeYXpVLlMbUeDsI"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 07:14:42 GMT
age: 1645916
x-served-by: cache-fra-eddf8230133-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4890
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.8.1/dist/cookieconsent.js

151.101.193.229

200 OK

7.2 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/orestbida/cookieconsent@v2.8.1/dist/cookieconsent.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (536)
Size
7.2 kB (7246 bytes)
Hash
bafe205995d72b1c764ca30c350dcefa
f6cdcd71290df7c4c595502bb57d235819a23e25
55afefdd762998e9e3754bbb54e00e24b6ab4bdbeca3fea1aee4298884b03c54

HTTP Headers

GET /gh/orestbida/cookieconsent@v2.8.1/dist/cookieconsent.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.8.1
x-jsd-version-type: version
etag: W/"48d2-9s3NcSkN98TFlVArtX0jWBmiPiU"
content-encoding: br
accept-ranges: bytes
age: 861384
date: Fri, 26 Apr 2024 07:14:42 GMT
x-served-by: cache-fra-eddf8230050-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7246
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-10816631606

142.250.74.72

200 OK

86 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=AW-10816631606
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
86 kB (86485 bytes)
Hash
4058a692520a9b2bbc5ca63625f80f90
06d1771a321faffa755a07bfda7ac68eaec32b76
b438161cb65fd16f916d81814ac6cbbcc19dee62e9a7b0dd5d017e5f80a5f3ed

HTTP Headers

GET /gtag/js?id=AW-10816631606 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 07:14:42 GMT
expires: Fri, 26 Apr 2024 07:14:42 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86485
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/bg-desktop.png

188.114.96.1

200 OK

4.6 kB

URL GET HTTP/3
tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/bg-desktop.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type
PNG image data, 1028 x 215, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4584 bytes)
Hash
b548f24962ca4845bcf767bfcd1673a7
137aa16479abdacfbabe3f4ad5315c3017d92267
57cfa2d8c962ae88f8248c5a26f1cbf3e52c9f79cfa90ec1c10c9cc464c85c44

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/bg-desktop.png HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: image/png
content-length: 4584
last-modified: Sun, 27 Nov 2022 14:58:39 GMT
etag: "11e8-5ee74fd76d8d9"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hvqpQsIyBt1LHIuv9E5leGlbQxrq1%2BD%2BWCJbhA%2BfmOPqq3XAL%2FzRQjhwHtUFVWLdtI0Ys%2F8Df3gHvi55Qz8HQWd7VLZLROv%2BMyUqylIkeMWKTPgq13H5MfitoZp6F1Oj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a4c7075839568d-OSL
alt-svc: h3=":443"; ma=86400

tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/header-desktop.png

188.114.96.1

200 OK

75 kB

URL GET HTTP/3
tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/header-desktop.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type
PNG image data, 613 x 491, 8-bit/color RGBA, non-interlaced
Size
75 kB (74904 bytes)
Hash
9acbf58d173e04d856fb0d386be9d086
fa74410523b74c96d9e9586c974ddfb71ff8240f
cc667c6c2f557d42376092ad085e1a60734e68b9c7b5db7c72f4e2d48c057995

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/header-desktop.png HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: image/png
content-length: 74904
last-modified: Sun, 27 Nov 2022 14:58:40 GMT
etag: "12498-5ee74fd7d9f3f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzWxIWh%2Ft3XOnlS3swW%2FwAuFGBTZEAY1yWjVvBUhtm%2BF03LuLW4o2lx81nlten32oj7POUdrT508dLbMMTHDJN52QmGSoI4hFLkNA23eT58oI5853Q9o%2F3Yp232NlrwR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a4c707583b568d-OSL
alt-svc: h3=":443"; ma=86400

tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/financial_news24.svg

188.114.96.1

200 OK

6.4 kB

URL GET HTTP/3
tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/financial_news24.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type
SVG Scalable Vector Graphics image
Size
6.4 kB (6366 bytes)
Hash
0a291f0a1e0e20e864e56407eb97a76d
a3f83be6904715546c950b885f0973bc072f8f8d
79d911e4242eee854dff2ddccac1a04c3dac08fbe56be5703dcba80467b3f7be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/images/financial_news24.svg HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Sun, 27 Nov 2022 14:58:39 GMT
etag: W/"3e89-5ee74fd77bb6a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6882
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TTrFGWO7qXjZ0IyNJNb52TVM0lTZHar%2FqUtEN9ldX793%2FJhyKz57Ebn%2FjAeitVFpNwRQsbm3Wd7erOa2w%2FG7GZENerSMe6sXs4k2X7r%2F0Csj5lOFli2FMcR7KJtboxM9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a4c7058eab568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.3/js/intlTelInput.min.js

104.17.24.14

200 OK

8.9 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.3/js/intlTelInput.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (26937)
Size
8.9 kB (8862 bytes)
Hash
c3a919b6964f18454fbca5e877562bd6
eeed9c209824d2461f8082cfac44792b00a87f98
4104543b842d10a83326830c76d90179c6c0424b2c1823460679e2c284a14424

HTTP Headers

GET /ajax/libs/intl-tel-input/17.0.3/js/intlTelInput.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 8862
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed26414-7281"
last-modified: Sat, 30 May 2020 13:48:04 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 123166
expires: Wed, 16 Apr 2025 07:14:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c0WcKdZ6bMETZ0dPiRx2u4aNqPdYSXz%2BdlV%2BIOH8XHlxPKBPa5EMccMKmPqNaXhEgJCE0ftmTwfejib2Tz32noD0PCNtyy0jSeAlwQPIBwUFBOjGgQ0WCezrMmtR1S63iel6hGmk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a4c7076b6db52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:300,400,500,700%7CRoboto:400,700

142.250.74.106

200 OK

17 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Montserrat:300,400,500,700%7CRoboto:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
gzip compressed data, max compression
Size
17 kB (16565 bytes)
Hash
b4a4783e30015d2fe6fb0e00eeb0b1fc
a785b8977e51186d89aa33535b5c13bf5d1b949f
72cf3aff337fdb1ccf359baca1639a766be7e7f9e7bc1814c4072b8793689666

HTTP Headers

GET /css?family=Montserrat:300,400,500,700%7CRoboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 07:14:42 GMT
date: Fri, 26 Apr 2024 07:14:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tradetrend.pm
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 15:44:03 GMT
expires: Fri, 25 Apr 2025 15:44:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 55839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tradetrend.pm
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:55:49 GMT
expires: Sat, 26 Apr 2025 05:55:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 4733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tradetrend.pm
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:38:02 GMT
expires: Fri, 25 Apr 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 103000
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tradetrend.pm
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:38:02 GMT
expires: Fri, 25 Apr 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 103000
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/css/style.css

188.114.96.1

200 OK

35 kB

URL GET HTTP/3
tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/css/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type
ASCII text, with very long lines (8676), with no line terminators
Size
35 kB (35117 bytes)
Hash
e6e14cdbc5a9c86cf7c5c35ec9333c18
44d98f29821f7b89ea1b8c8bde96ec214effcdd1
87be52a6c2680dd99dd264b2571598fed72af910966298d73a5fe0fe609cfb47

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/css/style.css HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=11115
etag: W/"2b6b-5ee74fd667d4a"
last-modified: Sun, 27 Nov 2022 14:58:38 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6882
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IefsPC7FNTwM5nV8Jk8CpRyKnSMVKJfZZsaJCyAtC0fxXxHa%2BuhwToHAM8IVksgDex9XiFGksb30uNj%2BGbVK6VdRkKu0ebfQychH6k3MBTBMdo0XpMUAMSBGItckCYjP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a4c7057e91568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tradetrend.pm
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:38:02 GMT
expires: Fri, 25 Apr 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 103000
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tradetrend.pm/cdn-cgi/challenge-platform/scripts/jsd/main.js

188.114.96.1

302 Found

0 B

URL GET HTTP/3
tradetrend.pm/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _gcl_au=1.1.560738405.1714115683
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 26 Apr 2024 07:14:42 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o6sCy6Ehxs2ezfiPSeB00fEybsAc6X%2F0%2BBoUe2zbVS1gA4yJ%2BfQrajkkoK665sEyBRXjdyBa01KBSPqym3aEX7LmZQXni%2BsJDgNPWj21l3POccIoNjdGA3McZLfnZI4b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a4c7090995568d-OSL
alt-svc: h3=":443"; ma=86400

tradetrend.pm/cdn-cgi/challenge-platform/h/b/jsd/r/87a4c7032fc0712d

188.114.96.1

200 OK

0 B

URL POST HTTP/3
tradetrend.pm/cdn-cgi/challenge-platform/h/b/jsd/r/87a4c7032fc0712d
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/87a4c7032fc0712d HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 14124
Origin: https://tradetrend.pm
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Cookie: _gcl_au=1.1.560738405.1714115683
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=TyB7I86VprwcXeV14V..GLGwcCwgO5HmC7r8y2CrWaQ-1714115682-1.0.1.1-KkiC1vrrhd4Zz7f_J.YlkpUHohwkIZHwGwx5.Hsds.bZ8fVpJKCKU0CbV_dWed0gVNt.Roym1zDo0phBGQe.cw; path=/; expires=Sat, 26-Apr-25 07:14:42 GMT; domain=.tradetrend.pm; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2Bcf%2B3xRxoe8gKEWmaaQYummqvXV3L8lce5u2k5fXr2LlvKJUTbya8VJiIM23hSGjpYmls0mCVDTJORKe1fGCkuaIktS6apKMCR5a5f%2Bpu2Pg%2FVxNJ%2FHoYKE0wktxkRO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a4c70a5ad7568d-OSL
alt-svc: h3=":443"; ma=86400

sweeplp.com/landings/_landings/au_musk/files/step1.png

0.0.0.0

0 B

URL GET
sweeplp.com/landings/_landings/au_musk/files/step1.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landings/_landings/au_musk/files/step1.png HTTP/1.1
Host: sweeplp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/css/default.css

188.114.96.1

200 OK

149 kB

URL GET HTTP/3
tradetrend.pm/dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/css/default.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type
ASCII text, with very long lines (65406)
Size
149 kB (148872 bytes)
Hash
34758cf8d070ce447c9f7968a8ac2930
93e842b9476aca33c13601f8bfa742aadd29bc70
3ed0c7676de9908a92f6490ea8655b320ba7552936830387deec5f338d49ba31

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dynamic/leads/financialnews24_se/projects/projet_contenue/land_dspearhead_gen/Contenu/ALL/WEBCR-631/css/default.css HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=181324
etag: W/"2c44c-5ee74fd6a3285"
last-modified: Sun, 27 Nov 2022 14:58:38 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6882
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PO05k6wN0Fh37fv2KJEkLVwJJH725sapMu4jQ52zTMwEyLo6ElyQuV11faiR5l%2BgkWLYs9NBGAWe2veotaDK1p0Tps2zNfPHNX3k5cgvkMOfPQgA8g5aKtoAsBLRDvke"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a4c7057e90568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tradetrend.pm/favicon.ico

188.114.96.1

404 Not Found

209 B

URL GET HTTP/3
tradetrend.pm/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type
HTML document, ASCII text, with no line terminators
Size
209 B (209 bytes)
Hash
8ace35f18ab1832bacfde13597767517
22e4ee51bbdba11b19a2d6879bc60126dc89eecd
f87134d32dc903f27ed9c905bfd824f31192dac9e05887b2dedbb1ca416d1280

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Cookie: _gcl_au=1.1.560738405.1714115683
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7uBWUY8YaqZB3y0RWUh6wACK7wqc6gRhr18lBZu31vZw2NFJ7peUQh4M8s7qGc%2BvjCKNAnbGAdVWf2VsTq0aKDtac6RZqL7hF2UB68ECfMVyYm7KGpe%2Bp%2FcwSfhV72%2Bg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a4c70929b0568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tradetrend.pm/dynamic/utils/advertorial/index.js

188.114.96.1

200 OK

1.3 kB

URL GET HTTP/3
tradetrend.pm/dynamic/utils/advertorial/index.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type
JavaScript source, ASCII text, with very long lines (1288), with no line terminators
Size
1.3 kB (1267 bytes)
Hash
04ad36f4c2b2e97d0fb6be9d580dba0a
d32e473bacb889d88703a415284abf9d84b6b4bd
4b38f169ca02d06b25ecd92865a17fc0f1533db8ed7e8c8c4339224fef7ff71b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dynamic/utils/advertorial/index.js HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1478
etag: W/"5c6-6163185fb41be"
last-modified: Tue, 16 Apr 2024 07:16:57 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4507
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYbS7pzct9Go4YkNdS8YBcVFkB3LiFQW9Fa%2B7T8FXioy%2Ft2IRnLYYtFx%2BpW8Wb5nNuaLzGElyDTfkwSdJX0tKF02zhP7PFIPdomzxA5sTAVAvoVRTIsmADMeEs9kTywI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a4c7058eb0568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tradetrend.pm
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:02:10 GMT
expires: Sat, 26 Apr 2025 06:02:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 4352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tradetrend.pm/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

188.114.96.1

200 OK

7.8 kB

URL GET HTTP/3
tradetrend.pm/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type
JavaScript source, ASCII text, with very long lines (7803), with no line terminators
Size
7.8 kB (7803 bytes)
Hash
8c2179fb7802a6321207210174c9d90c
2336b21592061113e70588ec3e099b61b12d1127
3aa4d660c5893e69480e40748f3d064a2badad8b11e8c660f09e950f8dad5478

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _gcl_au=1.1.560738405.1714115683
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OspvapxBqeLWbbxkgNNRtENqSH0xWJRfnj3FmRa2oxUMkJSgegekHVEPTuzziBySbaENh0f2Vnt37gfvYdj4DozN7h3eHeGW33IsPWVWxD3Lh3q%2Fg8tAppUdJizBEbn3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a4c70929b7568d-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.3/css/intlTelInput.min.css

104.17.24.14

200 OK

19 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.3/css/intlTelInput.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (19157), with no line terminators
Size
19 kB (19157 bytes)
Hash
6b7fb2ee130535419a67afb198f41c2b
ffb8a25633c4ddeab81d1b1742ac2fd0b442a4c6
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845

HTTP Headers

GET /ajax/libs/intl-tel-input/17.0.3/css/intlTelInput.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: text/css; charset=utf-8
content-length: 1820
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed26416-4ad5"
last-modified: Sat, 30 May 2020 13:48:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 918446
expires: Wed, 16 Apr 2025 07:14:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z5HKOmUUe8aouNKS4%2FSJChOwxb%2BUEfnhzqyDcf1Cn7ePr5pVQNmBWxjYIxGWQwtFAKj0vT1T1S%2BUAsUFt%2BpLDzJXYNbPh9AoDn2Blft5%2BeEFUmwATDR36x5IWPzd0i1qetFwguNl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a4c7076b69b52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104

188.114.96.1

200 OK

44 kB

URL User Request GET HTTP/2
tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type

Size
44 kB (44184 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104 HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 07:14:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 18 Apr 2024 13:45:29 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2stEmiREgZJLZvqCUJdID0lxb%2BMydSHAqRa2h7jIOZHeQ2pwjjtxOl2OeOvZvARa6sh9fet8kiFBd1pzhmi4tI4ySOOqoZVjmBU2RSwGiqqVJbYocNzXUxdoZJ5y6J%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a4c7032fc0712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sweeplp.com/landings/_landings/au_musk/files/main2.png

0.0.0.0

0 B

URL GET
sweeplp.com/landings/_landings/au_musk/files/main2.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landings/_landings/au_musk/files/main2.png HTTP/1.1
Host: sweeplp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

tradetrend.pm/dynamic/utils/advertorial/style.css

188.114.96.1

200 OK

219 B

URL GET HTTP/3
tradetrend.pm/dynamic/utils/advertorial/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjecttradetrend.pm
Fingerprint4F:F9:87:EC:77:DF:82:A9:0B:A5:46:F4:BC:C1:98:48:23:7B:53:4F
ValidityTue, 02 Apr 2024 07:05:41 GMT - Mon, 01 Jul 2024 07:05:40 GMT

File type
ASCII text, with no line terminators
Size
219 B (219 bytes)
Hash
742d157225951194c80e312acdb5683c
af00f587fd3861fd1c4ecc95a1e0092526bd3e01
d250fdc34986c9041932dc467bbfd91426b0044858e59d0270f731047b8864cb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dynamic/utils/advertorial/style.css HTTP/1.1
Host: tradetrend.pm
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Cookie: _gcl_au=1.1.560738405.1714115683
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 07:14:42 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=274
etag: W/"112-6165acba31384"
last-modified: Thu, 18 Apr 2024 08:31:19 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4507
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EgStKSDxB%2FUsNCa2zr5u9P6yt5GncMgBLqFLROcX9mGxAPDhd9yeDAJbyLwNb2UvB5cQ12Kzw2SbXAZU9xRknTuow6CbbM0GexdX%2FULwh%2FujWTGHDzMVTIVojOecg739"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a4c7090993568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Lato:wght@300;400&display=swap

142.250.74.106

200 OK

1.5 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Lato:wght@300;400&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (1566), with no line terminators
Size
1.5 kB (1530 bytes)
Hash
e31483e875d0e96cb04fe0270d4ed283
9b3a188dd4db4e62988a2fb7cb0a9f19f672dfbd
1118dea8795f358fdd8c02144011c3ed01d7558ef08bd8a20e70cc3828b97695

HTTP Headers

GET /css2?family=Lato:wght@300;400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 07:14:42 GMT
date: Fri, 26 Apr 2024 07:14:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sweeplp.com/landings/_landings/au_musk/files/step1.png

0.0.0.0

0 B

URL GET
sweeplp.com/landings/_landings/au_musk/files/step1.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landings/_landings/au_musk/files/step1.png HTTP/1.1
Host: sweeplp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

sweeplp.com/landings/_landings/au_musk/files/main2.png

0.0.0.0

0 B

URL GET
sweeplp.com/landings/_landings/au_musk/files/main2.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://tradetrend.pm/dynamic/leads/financialnews24_se/?cid=wklhiaa5ha2dovr03kkj6s6q&cpid=d51fd789-b024-42c9-9e58-8012dc847643&campaign=All%20-%20SE%20-%2035%20-%20BY%20-%20FinancialNews_FL1351&ts=PropellerAds&page=Ikea&cep=PoyoJ1cSoc2XNYczQXcealLGA-9e1joMEshYs5EUDleKag3V3Lc3QNt0pT3DuULRKeC-BLdtfHr-XaRo0jnnJuN0CIzeXQ-O72ACSMO-jBo1e04_5UYbQiJD6ZWqnQyvByPRTg9LOsAq4s_uW4VeCCwafGuj8wH0NDlHdjwv75j-iVup-In3ndM6JYo9P0PNfBwqmlU8n2GcMXhlMtU61EB4Shf2yVnJ4Li7msn32gI98Cs4yukXJPnVGVZnEqryAjkiJBBCRqmOO0Nc6e4ZXIEbzRcXSGOsNqUPz6nPR5IxPkZUtPGwz5QXy2e_lmw3VrEKtl5qWTGuIET1ef8HvGHdJbmaZDxpCCsuqkrrX4WEkJUWJd-AoeKcMK38PY3cDt4hKTfFk_xOE4UaDONWYXVvPFixGAEgiEKPBzA7BnjU17eAMMA2v8NWH56L-hViw7SSFuK6jJu8glebdbTlHVsBixSzcdnmAWMoihs1-EJzQl22g2rkkVM0-EX_xQxlgl-A9JnKgkmPSTaqV1qjMNBiGHbfCZcDxfABeiIrLV77v88JB1o1iIpusO4RIEfRf4OjffwDCeeE6p47YQs-qyu-qp1ztWRIVz8gnJ5ngAI4NNXDA1MUKO9WtUQ2EXqNH56JEQn3Es95UA6WyXOfUnz-rwln98AkHt_ht6GJMaxZAGgT3Kohsul3V2E1YOB-bxSVU2j2RwZ4cwHBVqNSRH_v0ks9DG-BV8YpbaNFrvj5EgCknOipPvWkekOojyNo&lptoken=17c714cb111474276006&zoneid=2841199&bannerid=20851749&browser=safari&os=mac&device=desktop&region=82&isp=resilansab&useragent=Mozilla/5.0(Macintosh;IntelMacOSX14_4_1)AppleWebKit/605.1.15(KHTML,likeGecko)Version/17.4.1Safari/605.1.15&language=sv&connectiontype=satellite&cost=0.007500&visitor_id=807618711925039104

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landings/_landings/au_musk/files/main2.png HTTP/1.1
Host: sweeplp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tradetrend.pm/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL