Submitted URL: https://analytics24.live/
Effective URL: https://analytics24.live/sites
Submission Tags: phishingrod
Submission: On October 29 via api from DE — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3037::6815:41f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is analytics24.live.
TLS certificate: Issued by E1 on October 10th 2023. Valid for: 3 months.
This is the only time analytics24.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 2606:4700:303... 13335 (CLOUDFLAR...)
7 40.114.178.124 8075 (MICROSOFT...)
16 2
Apex Domain
Subdomains
Transfer
10 analytics24.live
analytics24.live
64 KB
7 duckduckgo.com
icons.duckduckgo.com — Cisco Umbrella Rank: 111482
21 KB
16 2
Domain Requested by
10 analytics24.live 1 redirects analytics24.live
7 icons.duckduckgo.com analytics24.live
16 2

This site contains links to these domains. Also see Links.

Domain
github.com
docs.plausible.io
twitter.com
plausible.io
fosstodon.org
Subject Issuer Validity Valid
analytics24.live
E1
2023-10-10 -
2024-01-08
3 months crt.sh
*.duckduckgo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-06 -
2024-11-05
a year crt.sh

This page contains 1 frames:

Primary Page: https://analytics24.live/sites
Frame ID: 8F5F1118F792B59B07F0A5E80352D3BF
Requests: 16 HTTP requests in this frame

Screenshot

Page Title

Plausible ยท Simple, privacy-friendly alternative to Google AnalyticsGitHub icon

Page URL History Show full URLs

  1. https://analytics24.live/ HTTP 302
    https://analytics24.live/sites Page URL

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

84 kB
Transfer

159 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://analytics24.live/ HTTP 302
    https://analytics24.live/sites Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request sites
analytics24.live/
Redirect Chain
  • https://analytics24.live/
  • https://analytics24.live/sites
21 KB
4 KB
Document
General
Full URL
https://analytics24.live/sites
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:41f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d99be5f722864bfb95990189c6ac6445f7f2ff5df64a7f68efc3cdbd4ef619df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81dafd38290b6945-FRA
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-window-policy
deny
date
Sun, 29 Oct 2023 11:13:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piWZYftZxJhugS5vn0Qg5ZRR8NZotFUg3RhXVFdLrh8asrleYuLz01ZjSpOa%2BFTzPbQqxWhO7QIITzLX%2FQSqR6A8Sv3RXLt96lZ%2FrAuTJfu3JOh7l%2FizkxMtnurSBi9via8UU0oqsIWEJTRJbjrQ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
F5KPsmLy44Q2tYoEywFi
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81dafd35ee5b6945-FRA
content-type
text/html; charset=utf-8
cross-origin-window-policy
deny
date
Sun, 29 Oct 2023 11:13:25 GMT
location
/sites
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTWFO4WZSYlbhmtdJ2qpld5JCL5zu1A1QfrDL%2FdkRM10pX%2FL1N41uaidMW92I7aPKIvgMbemBxMW7BkeX66b%2FvLk6mgxawShbQ3rY%2BrH8N%2F3zq1WUyn6nqb2tgKofXl9jhdutGZ%2BoBW05tB1unFV"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
F5KPsk2NQSkRW8wFZpdx
x-xss-protection
1; mode=block
app-2f95614d5ddd7c743fddcc49d25ff252.css
analytics24.live/css/
58 KB
12 KB
Stylesheet
General
Full URL
https://analytics24.live/css/app-2f95614d5ddd7c743fddcc49d25ff252.css?vsn=d
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:41f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
358761524ddb841946b40e2a9df4f27c898f4b4d8d6bf64a0f3d3844f83e53ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analytics24.live/sites
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 11:13:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 29 Oct 2023 11:13:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPj0E9K40XDtFmgju825XlE6%2FMwK3%2B9g%2BRLpQZaosWhGIUNTrpt6gu4GWJpjWApdh%2FxkDUkEYsK%2BAy7MvtmhDzLn%2FB%2FhJSCmpBQ8SzQUlxJICfUvXs%2F%2FzwrM5o9KdXniv5kJTlmljKV34RDqoS6w"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
81dafd38b8e95c9e-FRA
alt-svc
h3=":443"; ma=86400
plausible.js
analytics24.live/js/
1 KB
1 KB
Script
General
Full URL
https://analytics24.live/js/plausible.js
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:41f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73a7193ba93df9cc843041800fd81ddfd92539a9172742ea824fec611065b29a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analytics24.live/sites
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 11:13:25 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-request-id
F5KPsmh2p6iA9cQEywFy
last-modified
Sun, 29 Oct 2023 11:13:25 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fP7kGe1kNgG5gm%2FVhFeOygkr2GOZIJEiyUwWskQPNiuQH2o6Br4RY9FI5rAzKeA4JmiPf2sXxbb4riu2zqBZmboVhl6rkX%2F5qczCnvffyapSOTu4N7cU5Rx7e7tEVWoHM0eOWa2lXFqina2jLZUx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
81dafd38b8ea5c9e-FRA
applyTheme-4258f90e1dad263b05620ffcdcb10429.js
analytics24.live/js/
645 B
720 B
Script
General
Full URL
https://analytics24.live/js/applyTheme-4258f90e1dad263b05620ffcdcb10429.js?vsn=d
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:41f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca537ffd74c2ce3288298f1d3bbb312b9228af5bfe15958c4005e8636bd12685

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analytics24.live/sites
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 11:13:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 29 Oct 2023 11:13:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8ZGFjq6T5bvoyqiNfYE49eoX51nqAPHkSOE6qD4hD9bGvKdN0KgnE8UO%2BaD3wvp8gloiXsmX%2Fuknqv3VClJdpY4O8lZn6XQjq7U3ioe1PQ1velMgPQodMy2WVulxWE0OVlEmAYnDD0%2Ffq7Zc699"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81dafd38b8ec5c9e-FRA
alt-svc
h3=":443"; ma=86400
plausible_logo_dark-9fff186187e2a9c972ae81c88e63e830.png
analytics24.live/images/icon/
13 KB
14 KB
Image
General
Full URL
https://analytics24.live/images/icon/plausible_logo_dark-9fff186187e2a9c972ae81c88e63e830.png?vsn=d
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:41f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3962c5b0e8f2e33fe0c739b327ddce92f3d3a4e5cba35c0a35184f2228f2fa8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analytics24.live/sites
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 11:13:25 GMT
cf-cache-status
MISS
last-modified
Sun, 29 Oct 2023 11:13:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sL%2BOOFl3%2FExAdn0hkJIxDB6VfWcRQIYKIyAbOyn6nR9Ae6aPVw08b814Ky0CXzPm%2BH0tnLhPNSpxchNbcAHzTKm6ZQlg%2BPIJx3uEvgn%2FVHOzDNBrracRIgX7WINnSDfNEiSz9b6Qrhpp6vnkBT%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
81dafd38b8ed5c9e-FRA
alt-svc
h3=":443"; ma=86400
content-length
13385
plausible_logo-973ea42fac38d21a0a8cda9cfb9231c9.png
analytics24.live/images/icon/
14 KB
14 KB
Image
General
Full URL
https://analytics24.live/images/icon/plausible_logo-973ea42fac38d21a0a8cda9cfb9231c9.png?vsn=d
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:41f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27877c46b89fdcbdb2dae41be657c7408470ebf8445f1211091ec6738d49318

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analytics24.live/sites
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 11:13:25 GMT
cf-cache-status
MISS
last-modified
Sun, 29 Oct 2023 11:13:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYw2GwtfW%2F1G30tBsBxtNeqB1IrBv9O0jkCSkR8tWT7vuHrlzQ0uFcHE4ARL3HCiRnNb263ZAnT3Wk4qChaUUjFmIRi8WsRnRNCansnMTKmYlJ9NpK%2BUbqrrB0KWp3K8cciB7ecCUc53TvRbRL86"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
81dafd38b8ee5c9e-FRA
alt-svc
h3=":443"; ma=86400
content-length
14118
burkw.com.ico
icons.duckduckgo.com/ip3/
1 KB
3 KB
Image
General
Full URL
https://icons.duckduckgo.com/ip3/burkw.com.ico
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e5db88ea2322863ca17817b99d60006c625a31cff0dad49cf05d3c6d16a75c17
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 11:13:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
server
nginx
referrer-policy
origin
etag
"606ba6ba-5c6"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
interest-cohort=()
content-length
1478
x-xss-protection
1;mode=block
hayaa.ico
icons.duckduckgo.com/ip3/
1 KB
3 KB
Image
General
Full URL
https://icons.duckduckgo.com/ip3/hayaa.ico
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e5db88ea2322863ca17817b99d60006c625a31cff0dad49cf05d3c6d16a75c17
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 11:13:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
server
nginx
referrer-policy
origin
etag
"606ba6ba-5c6"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
interest-cohort=()
content-length
1478
x-xss-protection
1;mode=block
lp-ksa.com.ico
icons.duckduckgo.com/ip3/
1 KB
3 KB
Image
General
Full URL
https://icons.duckduckgo.com/ip3/lp-ksa.com.ico
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e5db88ea2322863ca17817b99d60006c625a31cff0dad49cf05d3c6d16a75c17
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 11:13:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
server
nginx
referrer-policy
origin
etag
"606ba6ba-5c6"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
interest-cohort=()
content-length
1478
x-xss-protection
1;mode=block
mashreq.ico
icons.duckduckgo.com/ip3/
1 KB
3 KB
Image
General
Full URL
https://icons.duckduckgo.com/ip3/mashreq.ico
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e5db88ea2322863ca17817b99d60006c625a31cff0dad49cf05d3c6d16a75c17
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 11:13:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
server
nginx
referrer-policy
origin
etag
"606ba6ba-5c6"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
interest-cohort=()
content-length
1478
x-xss-protection
1;mode=block
mashriq_i.ico
icons.duckduckgo.com/ip3/
1 KB
3 KB
Image
General
Full URL
https://icons.duckduckgo.com/ip3/mashriq_i.ico
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e5db88ea2322863ca17817b99d60006c625a31cff0dad49cf05d3c6d16a75c17
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 11:13:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
server
nginx
referrer-policy
origin
etag
"606ba6ba-5c6"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
interest-cohort=()
content-length
1478
x-xss-protection
1;mode=block
mubasher-o.ico
icons.duckduckgo.com/ip3/
1 KB
3 KB
Image
General
Full URL
https://icons.duckduckgo.com/ip3/mubasher-o.ico
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e5db88ea2322863ca17817b99d60006c625a31cff0dad49cf05d3c6d16a75c17
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 11:13:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
server
nginx
referrer-policy
origin
etag
"606ba6ba-5c6"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
interest-cohort=()
content-length
1478
x-xss-protection
1;mode=block
mubasher-sms.ico
icons.duckduckgo.com/ip3/
1 KB
3 KB
Image
General
Full URL
https://icons.duckduckgo.com/ip3/mubasher-sms.ico
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e5db88ea2322863ca17817b99d60006c625a31cff0dad49cf05d3c6d16a75c17
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 11:13:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
server
nginx
referrer-policy
origin
etag
"606ba6ba-5c6"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
interest-cohort=()
content-length
1478
x-xss-protection
1;mode=block
plausible_logo_sm.png
analytics24.live/images/icon/
4 KB
5 KB
Image
General
Full URL
https://analytics24.live/images/icon/plausible_logo_sm.png
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:41f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5360784aa2507988a85cdbad0983fb721f35ca9287b33e0d2c104ddd3128f014

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analytics24.live/sites
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 11:13:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"24CAA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dR811w5NOCtUAWivCcJpRq8Eu2G9Ut%2FOJJO5IgmlRhyAGfGVigY8SKfoB5AJ4iedaumvLJqJV95EJSmtm%2B59OPaVhdSyOrMWGp5Pa4ipftsP7Qz%2BRoduazUJl1BbSLamAYtdKOE4r7WavEZZ5zEU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
81dafd3959c75c9e-FRA
alt-svc
h3=":443"; ma=86400
content-length
4332
app-081c80830ef119470ef56fde36c09a6e.js
analytics24.live/js/
37 KB
12 KB
Script
General
Full URL
https://analytics24.live/js/app-081c80830ef119470ef56fde36c09a6e.js?vsn=d
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:41f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab28154af32bb8d1fabe2c543c937340133deaf8571fcd0e3536f2736d041145

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analytics24.live/sites
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 11:13:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 29 Oct 2023 11:13:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvkXQZmnUfb6BTb5DDZ7AT5rwrgRbHcYgJBgW983NhpNwgeudEy1WIycaVdC3w88VY4EZhiB5ltSumyEjbjqPxBrtgOps4Rzaguw1wOkxLatMGvgNsoHkROEyPDe2zUHD%2BOz6mWshLrnOmy2L2Z%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81dafd3959c65c9e-FRA
alt-svc
h3=":443"; ma=86400
event
analytics24.live/api/
0
465 B
XHR
General
Full URL
https://analytics24.live/api/event
Requested by
Host: analytics24.live
URL: https://analytics24.live/js/plausible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:41f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analytics24.live/sites
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Oct 2023 11:13:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEKWZODA5oE7TEOEY6JPy%2FgtKFMpiw%2B1TQMMx9rdD3czT29xOInNV6nwDNjEkO%2F%2FmWMCxAw0BHNR1etAic5CVEqEk88J6OyzZghNs%2BiUFytXY%2FrWHCyKy12UZY7u97rWlK%2F04kwcFZbDLqpkpmw4"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
81dafd3919425c9e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
F5KPsmttH2RhZLQEywGC

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| plausible string| pref function| reapplyTheme object| Alpine

2 Cookies

Domain/Path Name / Value
analytics24.live/ Name: logged_in
Value: true
analytics24.live/ Name: _plausible_key
Value: SFMyNTY.g3QAAAAFbQAAAAtfY3NyZl90b2tlbm0AAAAYSGhVcWVkSlN2THd1cGN4TmJvVWNUSEc5bQAAAA9jdXJyZW50X3VzZXJfaWRhAW0AAAAJbGFzdF9zZWVuYmU-PlVtAAAACmxvZ2luX2Rlc3RkAANuaWxtAAAAEnNlc3Npb25fdGltZW91dF9hdGJlULNV.30jmak_bftRbpcaRwk-4CTABqki2oJuYtLD7VpbwgqE

7 Console Messages

Source Level URL
Text
network error URL: https://icons.duckduckgo.com/ip3/mashriq_i.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://icons.duckduckgo.com/ip3/lp-ksa.com.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://icons.duckduckgo.com/ip3/hayaa.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://icons.duckduckgo.com/ip3/mubasher-sms.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://icons.duckduckgo.com/ip3/mashreq.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://icons.duckduckgo.com/ip3/mubasher-o.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://icons.duckduckgo.com/ip3/burkw.com.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block