www.pixelme.me Open in urlscan Pro
54.194.170.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lnkd.in/gZHiwe-P?=l3JlPxZVAhsQUj
Effective URL:
https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Submission Tags: phishing
Submission: On September 15 via api (September 15th 2022, 11:21:19 am UTC) from US — Scanned from DE

Summary HTTP 85 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 31 domains to perform 85 HTTP transactions. The main IP is 54.194.170.100, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.pixelme.me.
TLS certificate: Issued by R3 on August 31st 2022. Valid for: 3 months.

This is the only time www.pixelme.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2600:9000:223... 2600:9000:223c:2200:9:ec94:b800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.194.0.91 54.194.0.91	16509 (AMAZON-02) (AMAZON-02)
1 1	51.15.139.10 51.15.139.10	12876 (Online SAS) (Online SAS)
1 1	99.83.190.102 99.83.190.102	16509 (AMAZON-02) (AMAZON-02)
1	54.194.170.100 54.194.170.100	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:223... 2600:9000:223f:4a00:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
9	2600:9000:206... 2600:9000:206e:5a00:1:28b3:b280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.222.232.39 52.222.232.39	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400e:80e::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.1.193 108.138.1.193	16509 (AMAZON-02) (AMAZON-02)
6	52.222.214.116 52.222.214.116	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4868	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
1	108.138.17.88 108.138.17.88	16509 (AMAZON-02) (AMAZON-02)
1	35.241.37.126 35.241.37.126	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.180.12.68 185.180.12.68	60068 (CDN77 ^_^) (CDN77 ^_^)
2	216.24.57.3 216.24.57.3	397273 (RENDER) (RENDER)
1	18.66.147.7 18.66.147.7	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bd4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.15.37 18.66.15.37	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1806	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	34.246.90.31 34.246.90.31	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1f85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
85	38

2 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lnkd.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:2200:9:ec94:b800:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

trk.klclick3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.0.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-0-91.eu-west-1.compute.amazonaws.com

lnk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.139.10 (France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 10-139-15-51.instances.scw.cloud

pxlme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.190.102 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com

pixelme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.170.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-170-100.eu-west-1.compute.amazonaws.com

www.pixelme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:223f:4a00:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:206e:5a00:1:28b3:b280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.weglot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-39.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.1.193 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-193.fra56.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.222.214.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-116.fra56.r.cloudfront.net

cdn-api.weglot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4868 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-88.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.37.126 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 126.37.241.35.bc.googleusercontent.com

cdn.pixelme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:246 (United States)

ASN13335 (CLOUDFLARENET, US)

snippet.growsumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.180.12.68 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.24.57.3 (United States)

ASN397273 (RENDER, US)

grow.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-7.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bd4 (United States)

ASN13335 (CLOUDFLARENET, US)

grsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-37.vie50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1806 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.90.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-90-31.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f85 (United States)

ASN13335 (CLOUDFLARENET, US)

partnerlinks.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	gstatic.com fonts.gstatic.com	571 KB
15	weglot.com cdn.weglot.com — Cisco Umbrella Rank: 13324 cdn-api.weglot.com — Cisco Umbrella Rank: 47930	61 KB
7	website-files.com assets.website-files.com — Cisco Umbrella Rank: 11435	207 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 557 c.clarity.ms — Cisco Umbrella Rank: 998 e.clarity.ms — Cisco Umbrella Rank: 5417	26 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 591 script.hotjar.com — Cisco Umbrella Rank: 779 vars.hotjar.com — Cisco Umbrella Rank: 852 in.hotjar.com — Cisco Umbrella Rank: 1671	69 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 375 c.bing.com — Cisco Umbrella Rank: 220	13 KB
3	pixelme.me 1 redirects pixelme.me www.pixelme.me cdn.pixelme.me t.pixelme.me Failed	20 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6352	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	655 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	2 KB
2	clearbitjs.com grow.clearbitjs.com — Cisco Umbrella Rank: 23563	1 KB
2	plausible.io plausible.io — Cisco Umbrella Rank: 15005	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	119 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 40	7 KB
1	partnerlinks.io partnerlinks.io — Cisco Umbrella Rank: 15866	202 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 538	355 B
1	t.co t.co — Cisco Umbrella Rank: 489	337 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 394	532 B
1	grsm.io grsm.io — Cisco Umbrella Rank: 14488	233 B
1	growsumo.com snippet.growsumo.com — Cisco Umbrella Rank: 32106	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	45 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 613	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 769	3 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1075	41 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2338	14 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
1	pxlme.me 1 redirects pxlme.me — Cisco Umbrella Rank: 561924	251 B
1	lnk.to lnk.to — Cisco Umbrella Rank: 68365	81 KB
1	klclick3.com 1 redirects trk.klclick3.com — Cisco Umbrella Rank: 42774	278 B
1	lnkd.in 1 redirects lnkd.in — Cisco Umbrella Rank: 51753	568 B
85	31

	Domain	Requested by
20	fonts.gstatic.com	fonts.googleapis.com
9	cdn.weglot.com	www.pixelme.me cdn.weglot.com
7	assets.website-files.com	www.pixelme.me assets.website-files.com
6	cdn-api.weglot.com	cdn.weglot.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.pixelme.me
2	c.clarity.ms	1 redirects
2	www.google.de	www.pixelme.me
2	www.google.com	www.pixelme.me
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	grow.clearbitjs.com	lnk.to www.pixelme.me
2	plausible.io	www.googletagmanager.com plausible.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.pixelme.me
1	e.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
1	partnerlinks.io	snippet.growsumo.com
1	in.hotjar.com	script.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	analytics.twitter.com	www.pixelme.me
1	t.co	www.pixelme.me
1	px.ads.linkedin.com	www.pixelme.me
1	vars.hotjar.com	static.hotjar.com
1	grsm.io	snippet.growsumo.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	snippet.growsumo.com	lnk.to
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.pixelme.me	lnk.to
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	www.datadoghq-browser-agent.com	cdn.weglot.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	www.pixelme.me
1	ajax.googleapis.com	www.pixelme.me
1	www.pixelme.me	lnk.to
1	pixelme.me	1 redirects
1	pxlme.me	1 redirects
1	lnk.to
1	trk.klclick3.com	1 redirects
1	lnkd.in	1 redirects
0	t.pixelme.me Failed	cdn.pixelme.me
85	43

This site contains links to these domains. Also see Links.

Domain
fr.pixelme.me
de.pixelme.me
it.pixelme.me
ru.pixelme.me
es.pixelme.me

Subject Issuer	Validity	Valid
lnk.to Amazon	`2022-08-09` - `2023-09-07`	a year	crt.sh
www.pixelme.me R3	`2022-08-31` - `2022-11-29`	3 months	crt.sh
*.website-files.com Amazon	`2021-11-12` - `2022-12-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.weglot.com Amazon	`2022-03-09` - `2023-04-07`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-02-18`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
cdn.pixelme.me GTS CA 1D4	`2022-08-05` - `2022-11-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
plausible.io R3	`2022-09-11` - `2022-12-10`	3 months	crt.sh
grow.clearbitjs.com Cloudflare Inc ECC CA-3	`2022-06-28` - `2023-06-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2022-08-03` - `2023-02-03`	6 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Frame ID: 1A074239A8E0ABDB98A35BF581FDABA0
Requests: 85 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 9B1FF0A93FE058629713A9A34E4280A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Phishing

Page URL History Show full URLs

https://lnkd.in/gZHiwe-P?=l3JlPxZVAhsQUj HTTP 301
https://trk.klclick3.com/ls/click?upn=xODV4iNLi6uHbsZp06rsq5IsdFizbkjSVG5pPfzBZ0vCgXz9wuqqJVUoVbiiT53... HTTP 302
https://lnk.to/6T0FaEZV?_kx= Page URL
https://pxlme.me/Ug16IHdz HTTP 302
https://pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora HTTP 301
https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Plausible (Analytics) Expand

Overall confidence: 100%
Detected patterns

plausible\.io/js/plausible\.js

Weglot (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

cdn\.weglot\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

85
Requests

98 %
HTTPS

48 %
IPv6

31
Domains

43
Subdomains

38
IPs

6
Countries

1352 kB
Transfer

2908 kB
Size

29
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://fr.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Title: FR

Search URL Search Domain Scan URL

URL: https://de.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Title: DE

Search URL Search Domain Scan URL

URL: https://it.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Title: IT

Search URL Search Domain Scan URL

URL: https://ru.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Title: RU

Search URL Search Domain Scan URL

URL: https://es.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Title: ES

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lnkd.in/gZHiwe-P?=l3JlPxZVAhsQUj HTTP 301
https://trk.klclick3.com/ls/click?upn=xODV4iNLi6uHbsZp06rsq5IsdFizbkjSVG5pPfzBZ0vCgXz9wuqqJVUoVbiiT53WqYIp_Q02-2BPoYsm7T38eaSnz6g5YUEJwLkyw7dRTKG5OaSxkeoQk-2BdTcqB0iw-2Flnr6cE1x61UkeosSUViuHp8QwQtq8B27ckCDeYwq7JtHyEdal09tX2VRMKpPdAcNDvbAEMWSmU23L5aBcQxRipFqLfgTaoZyvY2aa2-2FP773QWEir27c9tbrxMPHz7ePypMs-2FjzuaoxK9D69Z5KBqXJkhBtDz-2FFynPOc4fGiYgfJLEpOuIRbuPEohueutzZyQa-2FRh5SPkDnDrITDYFpYY5cOvmCcmDQ-3D-3D HTTP 302
https://lnk.to/6T0FaEZV?_kx= Page URL
https://pxlme.me/Ug16IHdz HTTP 302
https://pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora HTTP 301
https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://lnkd.in/gZHiwe-P?=l3JlPxZVAhsQUj HTTP 301
https://trk.klclick3.com/ls/click?upn=xODV4iNLi6uHbsZp06rsq5IsdFizbkjSVG5pPfzBZ0vCgXz9wuqqJVUoVbiiT53WqYIp_Q02-2BPoYsm7T38eaSnz6g5YUEJwLkyw7dRTKG5OaSxkeoQk-2BdTcqB0iw-2Flnr6cE1x61UkeosSUViuHp8QwQtq8B27ckCDeYwq7JtHyEdal09tX2VRMKpPdAcNDvbAEMWSmU23L5aBcQxRipFqLfgTaoZyvY2aa2-2FP773QWEir27c9tbrxMPHz7ePypMs-2FjzuaoxK9D69Z5KBqXJkhBtDz-2FFynPOc4fGiYgfJLEpOuIRbuPEohueutzZyQa-2FRh5SPkDnDrITDYFpYY5cOvmCcmDQ-3D-3D HTTP 302
https://lnk.to/6T0FaEZV?_kx=

Request Chain 83

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=0092CA96D8F44ACDAFE81C95D5B7B7DA&RedC=c.clarity.ms&MXFR=0466E4C5F8F764E71F28F6E5FCF76A1D HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=0092CA96D8F44ACDAFE81C95D5B7B7DA&MUID=32CC3E58DDA2672E3CD22C78DC2966BD

85 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

6T0FaEZV
lnk.to/
Redirect Chain

https://lnkd.in/gZHiwe-P?=l3JlPxZVAhsQUj
https://trk.klclick3.com/ls/click?upn=xODV4iNLi6uHbsZp06rsq5IsdFizbkjSVG5pPfzBZ0vCgXz9wuqqJVUoVbiiT53WqYIp_Q02-2BPoYsm7T38eaSnz6g5YUEJwLkyw7dRTKG5OaSxkeoQk-2BdTcqB0iw-2Flnr6cE1x61UkeosSUViuHp8QwQtq...
https://lnk.to/6T0FaEZV?_kx=

80 KB
81 KB

260ms
136ms

Document
text/html

54.194.0.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lnk.to/6T0FaEZV?_kx=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.0.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-0-91.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 15 Sep 2022 11:21:11 GMT
server: nginx
x-redirector-version: redirector-v3

Redirect headers

content-length: 51
content-type: text/html; charset=utf-8
date: Thu, 15 Sep 2022 11:21:11 GMT
location: https://lnk.to/6T0FaEZV?_kx=
server: nginx
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-id: 7t8sy5XLNbYEZboemsnylux9GlCL02cax3olfEe6Ko8s7Bn6T0HCWw==
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
x-robots-tag: noindex, nofollow

GET
H2

200

Primary Request phishing Show response
www.pixelme.me/
Redirect Chain

https://pxlme.me/Ug16IHdz
https://pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora

7 KB
3 KB

316ms
61ms

Document
text/html

54.194.170.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora

Requested by

Host: lnk.to
URL: https://lnk.to/6T0FaEZV?_kx=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.194.170.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-170-100.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

96d824f5b278889364c6dc2c946fd41ab44b9f00850921585cfdb7bbbaf25a03

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://lnk.to/6T0FaEZV?_kx=
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2382
content-encoding: gzip
content-length: 2761
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Thu, 15 Sep 2022 11:21:13 GMT
server: openresty
vary: x-wf-forwarded-proto, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-cluster-name: eu-west-1-prod-edge-blue
x-frame-options: SAMEORIGIN
x-served-by: cache-iad-kjyo7100078-IAD, cache-dub4339-DUB
x-timer: S1663240873.076279,VS0,VE1

Redirect headers

content-length: 166
content-type: text/html
date: Thu, 15 Sep 2022 11:21:12 GMT
location: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
server: openresty

GET
H2 200 pixelme.46bd86b0e.css
assets.website-files.com/606485806deaf1f6b4ffdbee/css/ 191 KB
26 KB 449ms
84ms Stylesheet
text/css 2600:9000:223f:4a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/606485806deaf1f6b4ffdbee/css/pixelme.46bd86b0e.css
Requested by: Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8be196f9486ccf4315c97bde9ccc83199827bc630f2c0c34b98298834a75ee11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: U2N0xnYpwlfgwzI7ghB8nnu6NY078ao_
content-encoding: gzip
etag: "a7b3fe9cb976ee1c716785d11803c909"
age: 36284
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26609
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified: Thu, 18 Aug 2022 18:18:02 GMT
server: AmazonS3
date: Thu, 15 Sep 2022 01:16:30 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: XRb5trUJaWkqvXnDYriyosw2b629mRr9mejBf3lOWPhHdoR6G2xDKw==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 402ms
37ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 10:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 10:22:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 137ms
54ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-91053522-1

Requested by

Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6cfae1a1cee4916656b8ae363896aa9c57472d54ec0b074e7999c5d1ef41ef82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 11:21:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42354
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Sep 2022 11:21:13 GMT

GET
H2 200 weglot.min.js Show response
cdn.weglot.com/ 78 KB
27 KB 419ms
54ms Script
application/javascript 2600:9000:206e:5a00:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.weglot.com/weglot.min.js
Requested by: Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5a00:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddbbed56447e2eb705accccf23c42ff8d76ec42f84086749ec2dedacfaa48df8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 08:21:34 GMT
server: AmazonS3
age: 1624
etag: W/"8871fb50a0fad5e965c95d0daaaef1af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
cache-control: max-age=1800
date: Thu, 15 Sep 2022 10:54:10 GMT
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 4_DywlxIEXckh0nMFKCXMxG_D3zdf4zREBt3f-mGpo1CWGW18BVhtA==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 409ms
44ms Script
application/javascript 52.222.232.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=606485806deaf1f6b4ffdbee
Requested by: Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.pixelme.me/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 14 Sep 2022 21:21:07 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 50408
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: ZtA3272L7L-pWRn60Ek2-Ah55WkEMbjaJA-GedYSTpQzdZqFEohzYw==

GET
H2 200 pixelme.486add2cd.js Show response
assets.website-files.com/606485806deaf1f6b4ffdbee/js/ 262 KB
68 KB 411ms
46ms Script
text/javascript 2600:9000:223f:4a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/606485806deaf1f6b4ffdbee/js/pixelme.486add2cd.js
Requested by: Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 721cce7eee154a2da90c43ee41262b452a5d7757e1c363d4371ec095191749e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-amz-version-id: FZOysW1Xhu3DN8Nqk.mYb5fdTKPdVu8y
content-encoding: gzip
etag: "32c3327bb24125113162dd60bebc910c"
age: 35938
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 69257
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified: Thu, 18 Aug 2022 18:18:02 GMT
server: AmazonS3
date: Thu, 15 Sep 2022 01:22:15 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: bK5tMVoPVYyYZX-cw4ZJQ8RuijFDM4bbbFoKNI_xqOscz5iQPFS-xQ==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
928 B 136ms
47ms Stylesheet
text/css 2a00:1450:400e:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77243dc5c5a954e122ff11671ddcacfc6669f9c15c5a14b4eb99493754f8cdb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 11:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 15 Sep 2022 11:21:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
77 KB 175ms
101ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5XSKBTC

Requested by

Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f14755d240ab0010110fec0175a935816fdbbd455737046cf33b4c2aa423a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 11:21:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78422
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Sep 2022 11:21:13 GMT

GET
H2 200 4099fc3d7e82ef37a59176ea4e8450100.json Show response
cdn.weglot.com/projects-settings/ 4 KB
1 KB 189ms
84ms Fetch
application/json 2600:9000:206e:5a00:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.weglot.com/projects-settings/4099fc3d7e82ef37a59176ea4e8450100.json
Requested by: Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5a00:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 517d5b7c337e943ee869317786ba65af45554e7d406c7d14b2f1248b952c9a89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 14 Sep 2022 08:26:22 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 15:19:06 GMT
server: AmazonS3
age: 96892
etag: W/"e1c2c5cb0632688dfbb927d413a8d7c0"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: null
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: VIE50-C1
content-type: application/json
x-amz-cf-id: 9MPDlYXljRUCB7PfS0Y49saidfx2ckIBguvE-2rieDaGSCc-VYSnfw==
via: 1.1 f78fee2989d34e40cb45ddfbcb9ba346.cloudfront.net (CloudFront)

GET
H2 200 606b0ca209bea4c24617f525_nunitosans-bold.woff2
assets.website-files.com/606485806deaf1f6b4ffdbee/ 37 KB
38 KB 121ms
46ms Font
application/octet-stream 2600:9000:223f:4a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/606485806deaf1f6b4ffdbee/606b0ca209bea4c24617f525_nunitosans-bold.woff2
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/606485806deaf1f6b4ffdbee/css/pixelme.46bd86b0e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15ba2fc78ee95f275931fe00f9685e83d323ed7a345ff5e72aa84e69dd2451b6

Request headers

Referer: https://assets.website-files.com/606485806deaf1f6b4ffdbee/css/pixelme.46bd86b0e.css
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 18 Aug 2022 10:34:14 GMT
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age: 2422020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 37972
last-modified: Mon, 05 Apr 2021 13:12:03 GMT
server: AmazonS3
etag: "7c527fa711f61b560ee2f2d19c5f089d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: v7YIMD0vYPIKe4ESuB1wWxiy_jmyJkT8
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: 9FM1CvIMZ5CefsdvOWJ-jFAFUsb7i76tsy53aVzY0QIoG19ZK0RDpw==

GET
H2 200 606b0cb0e5289d9aefd0d5a8_nunitosans-black.woff2
assets.website-files.com/606485806deaf1f6b4ffdbee/ 37 KB
38 KB 155ms
84ms Font
application/octet-stream 2600:9000:223f:4a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/606485806deaf1f6b4ffdbee/606b0cb0e5289d9aefd0d5a8_nunitosans-black.woff2
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/606485806deaf1f6b4ffdbee/css/pixelme.46bd86b0e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62a55c5999b47d6724ddc16f9094fc5a2e94cbb4f098425ee67cc1e76803ab5a

Request headers

Referer: https://assets.website-files.com/606485806deaf1f6b4ffdbee/css/pixelme.46bd86b0e.css
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sun, 21 Aug 2022 02:09:36 GMT
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
age: 2193099
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 38260
last-modified: Mon, 05 Apr 2021 13:12:17 GMT
server: AmazonS3
etag: "7ada8fe6859dc129c3bd00cc0574a26d"
x-amz-version-id: 8EFpQYg.ttB..jDq0VQUlNlW.K9uYDVx
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: qpM8bZyXkXcl73XAwJB85meGl2hZ07peo2GOIMMAES6pbvju6OvcLQ==

GET
H2 200 62bed1e9e454d750c42f601d_Object%20Sans%20Bold.ttf
assets.website-files.com/606485806deaf1f6b4ffdbee/ 66 KB
27 KB 176ms
110ms Font
application/x-font-ttf 2600:9000:223f:4a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/606485806deaf1f6b4ffdbee/62bed1e9e454d750c42f601d_Object%20Sans%20Bold.ttf
Requested by: Host: assets.website-files.com
URL: https://assets.website-files.com/606485806deaf1f6b4ffdbee/css/pixelme.46bd86b0e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c42c24d33a5fe88df750c698283a2ce437889208d108402699efb86a733abab9

Request headers

Referer: https://assets.website-files.com/606485806deaf1f6b4ffdbee/css/pixelme.46bd86b0e.css
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 18 Aug 2022 10:34:02 GMT
content-encoding: br
age: 2422031
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 10:53:46 GMT
server: AmazonS3
etag: W/"2c92bbf252044dd4594cb48e25430c22"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
x-amz-version-id: XCU0OzSzzA43uGjcmcixEWfYSiQTwqve
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
content-type: application/x-font-ttf
x-amz-cf-id: ehF4YePsoaTTpZCKSdpTFOs4lIbheNoVjBitZgjnY7PKd9r725rSQQ==

GET
H2 200 6225ad9554b120630769eda4_Group%2019871.svg
assets.website-files.com/606485806deaf1f6b4ffdbee/ 17 KB
8 KB 40ms
39ms Image
image/svg+xml 2600:9000:223f:4a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/606485806deaf1f6b4ffdbee/6225ad9554b120630769eda4_Group%2019871.svg
Requested by: Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a7143662fecfe0553369bc1a6af24daf6355aa98a867d85b854dc893aba112f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 18 Aug 2022 10:34:14 GMT
content-encoding: gzip
age: 2422020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified: Mon, 07 Mar 2022 07:00:41 GMT
server: AmazonS3
etag: W/"c897dfef0b3c3ad93727171b28ad3017"
vary: Accept-Encoding
x-amz-version-id: ayth8.tqzZ8CITNrWrD5zAO2AENZBu75
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
content-type: image/svg+xml
x-amz-cf-id: -1H0wCKdOD9Mf9zncYBDQkJX27HwG6J7AtifITBroXaYMuUsZNGzlw==

GET
H2 200 60cbc040028f9e2c1721688b_undraw_alert_mc7b%20(1).svg
assets.website-files.com/606485806deaf1f6b4ffdbee/ 5 KB
2 KB 40ms
40ms Image
image/svg+xml 2600:9000:223f:4a00:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.website-files.com/606485806deaf1f6b4ffdbee/60cbc040028f9e2c1721688b_undraw_alert_mc7b%20(1).svg
Requested by: Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4a00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e6d207b9135811ed20b4a2d7bda0809fcaa9a76632f9156d22f51a0ec76db71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 18 Aug 2022 10:34:14 GMT
content-encoding: gzip
age: 2422020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified: Thu, 17 Jun 2021 21:36:01 GMT
server: AmazonS3
etag: W/"83e5fff4eec3d21d07b0da1ae7216d34"
vary: Accept-Encoding
x-amz-version-id: BaLoIeEKYeJ75LZZDVIPz2KpPwlCQGZT
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA56-P5
content-type: image/svg+xml
x-amz-cf-id: oiUkTc7ecwqSkzcYX0jzwaB2mJ2hzHEHNq2EC5TFA_hL4rZuikzhag==

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 31 KB
31 KB 127ms
39ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVc.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fdbf9efc2a3dee59ac086edff2cca2c66184470cb4d88cf8eacc574a45cef51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 12 Sep 2022 00:03:23 GMT
x-content-type-options: nosniff
age: 299870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31436
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 00:03:23 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk5hkWVAexQ.ttf
fonts.gstatic.com/s/opensans/v34/ 33 KB
22 KB 245ms
157ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk5hkWVAexQ.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

434967e3a46663558c534688d0054e4bad8f3301c863b4a17f66080065da0c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 08 Sep 2022 19:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 575816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22300
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 19:24:17 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 31 KB
31 KB 237ms
149ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

294ed1734fd63bdeca41e4ac6d668c513ea6932b0030ee10c605d09efba1900e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 14 Sep 2022 22:53:30 GMT
x-content-type-options: nosniff
age: 44863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31380
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 22:53:30 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAexQ.ttf
fonts.gstatic.com/s/opensans/v34/ 33 KB
22 KB 230ms
142ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAexQ.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

188d810cc883fcbf994c6afbd9b5f7e8f0cfd8185ce38ad9365887c21ed0a720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 01:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22207
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:13:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 01:27:35 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 31 KB
21 KB 221ms
133ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVc.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c632bd9c762bc146066f2ccf9ec7e37b71fa26df06345845e2e189b5f7e2990a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Tue, 13 Sep 2022 17:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20969
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:16:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:54:47 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkxhjWVAexQ.ttf
fonts.gstatic.com/s/opensans/v34/ 33 KB
33 KB 165ms
78ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkxhjWVAexQ.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33abdf1da701ffb0039838332d89cfa7a4987ba736e5a5be9d398d418bf4ba61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 09 Sep 2022 02:09:06 GMT
x-content-type-options: nosniff
age: 551527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33456
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:15:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Sep 2023 02:09:06 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 31 KB
31 KB 191ms
103ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

131d7ee76b779886898c901bfa19c90b68917c8e4b4b4cc9d929e53a9ecc92a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 04:28:02 GMT
x-content-type-options: nosniff
age: 24791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31420
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 04:28:02 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAexQ.ttf
fonts.gstatic.com/s/opensans/v34/ 33 KB
21 KB 295ms
208ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAexQ.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24bbc961b8e37845c94a03ec71d9a0aaa1ef3faaf2277c2f0f6f8781c19efb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Tue, 13 Sep 2022 11:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21638
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:13:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 11:49:27 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 31 KB
21 KB 265ms
178ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVc.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b79b191a7e97d8fb165ad70128825eb4fedd69d2677e55de7aff76793da3883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sun, 11 Sep 2022 07:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20920
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:16:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 07:30:25 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk0ZjWVAexQ.ttf
fonts.gstatic.com/s/opensans/v34/ 33 KB
21 KB 255ms
168ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk0ZjWVAexQ.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220014e671b6f67906f9e5f81444b16f524c7c117ad571d0759965d45e65271a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 08 Sep 2022 17:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21852
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:13:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 17:46:43 GMT

GET
H2 200 S6u8w4BMUTPHh30AXC-v.ttf
fonts.gstatic.com/s/lato/v23/ 55 KB
29 KB 207ms
121ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHh30AXC-v.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3157e02bd670e911d8bc9f9445783fca0991b9638bf5b053e2576553b373e879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sun, 11 Sep 2022 05:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 368462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29476
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 05:00:11 GMT

GET
H2 200 S6u-w4BMUTPHjxsIPx-oPCc.ttf
fonts.gstatic.com/s/lato/v23/ 38 KB
23 KB 291ms
204ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u-w4BMUTPHjxsIPx-oPCc.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdf2f37b4320f09f97f51629d9db4ef952cfb0267356dc4bb1a703fd18909f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Tue, 13 Sep 2022 17:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23374
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 17:42:36 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPHA.ttf
fonts.gstatic.com/s/lato/v23/ 62 KB
33 KB 287ms
201ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPHA.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b229d664a58a75e0a438fad204b292b5777e79fafd4b840cce21bac7ad2a7a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 14 Sep 2022 01:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33539
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 01:16:57 GMT

GET
H2 200 S6u_w4BMUTPHjxsI9w2_Gwfo.ttf
fonts.gstatic.com/s/lato/v23/ 38 KB
24 KB 267ms
181ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwfo.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

287f2b0a046343d811ae43312783880cba0e09850886d6dcdd57a73f65147f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 12 Sep 2022 22:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 219214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24185
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:10:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 22:27:39 GMT

GET
H2 200 S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v23/ 59 KB
30 KB 257ms
171ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wWw.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 02:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30418
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 02:36:58 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-v.ttf
fonts.gstatic.com/s/lato/v23/ 60 KB
31 KB 283ms
197ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-v.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

218f6f647f83ceec4b0995a5186404d9fc4a5fb5c535d0cdd016bf52afbb5e7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 09 Sep 2022 21:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31656
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Sep 2023 21:55:53 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v23/ 58 KB
29 KB 273ms
187ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPHA.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e15d8482756e9d79c5b14dde8cd92256fd2afe0307703d825d4e8178d416c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sun, 11 Sep 2022 19:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29896
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 19:10:55 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwfo.ttf
fonts.gstatic.com/s/lato/v23/ 61 KB
61 KB 274ms
189ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwfo.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

726beec7cd96f06f5b05b5af54d47321b6270f94e21f4a3bdc80cefc3b79ba69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 12 Sep 2022 07:59:10 GMT
x-content-type-options: nosniff
age: 271323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62348
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 07:59:10 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPHA.ttf
fonts.gstatic.com/s/lato/v23/ 54 KB
28 KB 247ms
162ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPHA.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e0d4f9739b0f40bb8d32af6891299fd8050fe0ca24b8d7450bddbd99e118c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 14 Sep 2022 22:46:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28948
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 22:46:57 GMT

GET
H2 200 S6u_w4BMUTPHjxsI3wi_Gwfo.ttf
fonts.gstatic.com/s/lato/v23/ 56 KB
30 KB 278ms
193ms Font
font/ttf 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI3wi_Gwfo.ttf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f80bba29c93fa36446bcc516b08b0ccc3184e0044feaf7f8321126741fbdf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.pixelme.me
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 12 Sep 2022 01:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30372
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 01:47:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 119ms
36ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91053522-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1153
date: Thu, 15 Sep 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 15 Sep 2022 13:02:00 GMT

GET
H2 200 weglot.min.css
cdn.weglot.com/ 28 KB
5 KB 46ms
46ms Stylesheet
text/css 2600:9000:206e:5a00:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.weglot.com/weglot.min.css?v=4
Requested by: Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5a00:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eb91a0802b9e79aef3e47554a25b80de2f8ef73d3053b28c81820734179f4e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 14 Sep 2022 08:24:10 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 08:23:44 GMT
server: AmazonS3
age: 97024
etag: W/"b72cdd8118949f04803d561712cf0c5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C1
content-type: text/css; charset=utf-8
x-amz-cf-id: Ksnxmk7wDPgB7lq4e68_hUvZcuiAZSKYeAGQMhQKECXgaUf6nMdGRA==

GET
H2 200 datadog-logs-v4.js Show response
www.datadoghq-browser-agent.com/ 40 KB
14 KB 147ms
40ms Script
application/javascript 108.138.1.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Requested by: Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-193.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f8c2b87a4f2cfb7f10d05585721bb79e44d3dce50285c02611bba5c7012f77db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 11:20:40 GMT
content-encoding: br
last-modified: Tue, 13 Sep 2022 11:18:19 GMT
server: AmazonS3
age: 34
etag: W/"55e37f8fe5bdb5b308b347fe27b8d977"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: FRA56-P6
timing-allow-origin: *
x-amz-cf-id: 4OQgnZMlMz1BCtMlLudsaaCVjrzIUobfCpzZrWWba4iJnRiMXTWevw==

GET
H2 200 slugs Show response
cdn-api.weglot.com/translations/ 2 B
1 KB 147ms
38ms Fetch
application/json 52.222.214.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=fr&v=1653069479

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-116.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-1686f94dfc1158344ce95a70f03987c5' dashboard.weglot.com .weglot.com .stripe.com .announcekit.app .nolt.io .jsdelivr.net .firstpromoter.com beacon-v2.helpscout.net .google.com .google-analytics.com .googletagmanager.com .googleadservices.com .gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com .snap.licdn.com .redditstatic.com connect.facebook.net .hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 21 May 2022 00:27:31 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 10148022
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-store, private
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
content-security-policy: script-src 'nonce-1686f94dfc1158344ce95a70f03987c5' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
x-amz-cf-pop: FRA56-P3
access-control-allow-headers: Content-Type
x-amz-cf-id: xNGqGRrR-tYKjUOcygeLTtSmGOcNqGJwXqnzNQqZRLeW6SS2olIwuA==
expires: Sat, 21 May 2022 00:27:31 GMT

GET
H2 200 slugs Show response
cdn-api.weglot.com/translations/ 2 B
1 KB 150ms
40ms Fetch
application/json 52.222.214.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=de&v=1653069479

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-116.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-de119b97849aded799eee8049e51b088' dashboard.weglot.com .weglot.com .stripe.com .announcekit.app .nolt.io .jsdelivr.net .firstpromoter.com beacon-v2.helpscout.net .google.com .google-analytics.com .googletagmanager.com .googleadservices.com .gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com .snap.licdn.com .redditstatic.com connect.facebook.net .hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 21 May 2022 00:27:31 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 10148022
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-store, private
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
content-security-policy: script-src 'nonce-de119b97849aded799eee8049e51b088' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
x-amz-cf-pop: FRA56-P3
access-control-allow-headers: Content-Type
x-amz-cf-id: 2-oK-zjNrIVbe4eC0MG6DO7RzPtsKI83uose7xzu_-dMO_fqJ-O3ug==
expires: Sat, 21 May 2022 00:27:31 GMT

GET
H2 200 slugs Show response
cdn-api.weglot.com/translations/ 2 B
1 KB 148ms
38ms Fetch
application/json 52.222.214.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=it&v=1653069479

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-116.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-59a320d6ac236e815c9d535327a32f03' dashboard.weglot.com .weglot.com .stripe.com .announcekit.app .nolt.io .jsdelivr.net .firstpromoter.com beacon-v2.helpscout.net .google.com .google-analytics.com .googletagmanager.com .googleadservices.com .gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com .snap.licdn.com .redditstatic.com connect.facebook.net .hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 21 May 2022 00:27:31 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 10148022
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-store, private
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
content-security-policy: script-src 'nonce-59a320d6ac236e815c9d535327a32f03' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
x-amz-cf-pop: FRA56-P3
access-control-allow-headers: Content-Type
x-amz-cf-id: 66lVSWZBJA_VCEqh5gjvYChW77iyE261PT4sL1fB6aD-rNFilTgClw==
expires: Sat, 21 May 2022 00:27:31 GMT

GET
H2 200 slugs Show response
cdn-api.weglot.com/translations/ 2 B
1 KB 148ms
39ms Fetch
application/json 52.222.214.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=ru&v=1653069479

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-116.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-29f61b86c4b8fcc996367e6dca309c89' dashboard.weglot.com .weglot.com .stripe.com .announcekit.app .nolt.io .jsdelivr.net .firstpromoter.com beacon-v2.helpscout.net .google.com .google-analytics.com .googletagmanager.com .googleadservices.com .gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com .snap.licdn.com .redditstatic.com connect.facebook.net .hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 21 May 2022 00:27:31 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 10148022
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-store, private
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
content-security-policy: script-src 'nonce-29f61b86c4b8fcc996367e6dca309c89' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
x-amz-cf-pop: FRA56-P3
access-control-allow-headers: Content-Type
x-amz-cf-id: Z78V8L_za6mQfMUYSgVwq0T7uZztO6VDZicYsDRq3CsL8mALCIIFgQ==
expires: Sat, 21 May 2022 00:27:31 GMT

GET
H2 200 slugs Show response
cdn-api.weglot.com/translations/ 2 B
1 KB 150ms
41ms Fetch
application/json 52.222.214.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=es&v=1653069479

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-116.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-b8bf0757cabe7d0b7216ddeb96efd023' dashboard.weglot.com .weglot.com .stripe.com .announcekit.app .nolt.io .jsdelivr.net .firstpromoter.com beacon-v2.helpscout.net .google.com .google-analytics.com .googletagmanager.com .googleadservices.com .gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com .snap.licdn.com .redditstatic.com connect.facebook.net .hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 21 May 2022 00:27:31 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 10148022
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-store, private
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
content-security-policy: script-src 'nonce-b8bf0757cabe7d0b7216ddeb96efd023' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
x-amz-cf-pop: FRA56-P3
access-control-allow-headers: Content-Type
x-amz-cf-id: UDU7Iezci45TleaYik5MdgDLtOyvQfk_1mpREenXZ5_JHFMTD4nGPA==
expires: Sat, 21 May 2022 00:27:31 GMT

GET
H2 200 slugs Show response
cdn-api.weglot.com/translations/ 2 B
1 KB 148ms
39ms Fetch
application/json 52.222.214.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=zh&v=1653069479

Requested by

Host: cdn.weglot.com
URL: https://cdn.weglot.com/weglot.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-116.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-7716bb5f9bb0beb29fb2df22a33fc7ba' dashboard.weglot.com .weglot.com .stripe.com .announcekit.app .nolt.io .jsdelivr.net .firstpromoter.com beacon-v2.helpscout.net .google.com .google-analytics.com .googletagmanager.com .googleadservices.com .gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com .snap.licdn.com .redditstatic.com connect.facebook.net .hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 21 May 2022 00:27:48 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 10148005
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET,POST,PUT,PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-store, private
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
content-security-policy: script-src 'nonce-7716bb5f9bb0beb29fb2df22a33fc7ba' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
x-amz-cf-pop: FRA56-P3
access-control-allow-headers: Content-Type
x-amz-cf-id: fQ8Xtw-z8dZNJhnSgUMv4gYT1yBV3Flz5pFyoiy3F3XHKh6lugbPDQ==
expires: Sat, 21 May 2022 00:27:48 GMT

GET
H2 200 gb.svg
cdn.weglot.com/flags/rectangle_mat/ 607 B
962 B 48ms
47ms Image
image/svg+xml 2600:9000:206e:5a00:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.weglot.com/flags/rectangle_mat/gb.svg
Requested by: Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5a00:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 720d4a3364adb0f6dab95c8339fc8538a4388e302b8a8173d401e8471998ebf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 14 Sep 2022 08:24:11 GMT
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 10:26:29 GMT
server: AmazonS3
age: 97023
etag: "006007133f2f5769b083935b65c12e4e"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C1
content-type: image/svg+xml; charset=utf-8
content-length: 607
x-amz-cf-id: bqiw8pju6Lt2yo5wJ5PnTAviRkWOgwldDxoQz9PM4HidqeoyyG1wXw==

GET
H2 200 fr.svg
cdn.weglot.com/flags/rectangle_mat/ 361 B
717 B 46ms
45ms Image
image/svg+xml 2600:9000:206e:5a00:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.weglot.com/flags/rectangle_mat/fr.svg
Requested by: Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5a00:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d64cc6ca0696fecc817f893a5ef9f6652ff3d613ab65192ef458ce3b542f192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 14 Sep 2022 08:24:11 GMT
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 10:26:30 GMT
server: AmazonS3
age: 97023
etag: "bd4e571babcb06df9fc0c931f8d65683"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C1
content-type: image/svg+xml; charset=utf-8
content-length: 361
x-amz-cf-id: X2ocHBu3OoRAzu-ZGZg2vwqXMSv5mGs0WpsVQupSLJ-7sCDX825x5Q==

GET
H2 200 de.svg
cdn.weglot.com/flags/rectangle_mat/ 282 B
636 B 47ms
46ms Image
image/svg+xml 2600:9000:206e:5a00:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.weglot.com/flags/rectangle_mat/de.svg
Requested by: Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5a00:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24af178a9f462202ed967edb00c6e975aabb0a71f8bfbb8fb0062717e4931d06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 14 Sep 2022 18:38:01 GMT
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 10:26:28 GMT
server: AmazonS3
age: 60193
etag: "230a0b62d812d0af63f6850de2dfd386"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C1
content-type: image/svg+xml; charset=utf-8
content-length: 282
x-amz-cf-id: 5oHhJUCYA0I7RjinSixDf-Z8qbFecYOtMobSS5eHs_nu_yaOXxDniA==

GET
H2 200 it.svg
cdn.weglot.com/flags/rectangle_mat/ 361 B
717 B 57ms
57ms Image
image/svg+xml 2600:9000:206e:5a00:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.weglot.com/flags/rectangle_mat/it.svg
Requested by: Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5a00:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 251214b83e86ba6b8ba5d810089b699d7cd43c9e4bbce2158655469a1af29852

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 14 Sep 2022 08:24:11 GMT
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 10:26:29 GMT
server: AmazonS3
age: 97023
etag: "70b02da9cb6cfbccdbd3497cfd2b36af"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C1
content-type: image/svg+xml; charset=utf-8
content-length: 361
x-amz-cf-id: M45cGoLi77eZPQy11dU23kjDmFNtSyyftAkVmS6zRlEJKQC1QPPiDg==

GET
H2 200 ru.svg
cdn.weglot.com/flags/rectangle_mat/ 355 B
711 B 48ms
47ms Image
image/svg+xml 2600:9000:206e:5a00:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.weglot.com/flags/rectangle_mat/ru.svg
Requested by: Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5a00:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af9c0b316df61878613a6142ae625a4c20dd30685d6c0d480deef933f1c90640

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 14 Sep 2022 08:24:11 GMT
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 10:26:31 GMT
server: AmazonS3
age: 97023
etag: "be178f7317c9dddbd8a49226f6fc128c"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C1
content-type: image/svg+xml; charset=utf-8
content-length: 355
x-amz-cf-id: R-_7TZ__1AhQcrgjwEYbyLRanCjnxDKqWjKsBg0M6YttU4ViLgBmvg==

GET
H2 200 es.svg
cdn.weglot.com/flags/rectangle_mat/ 89 KB
16 KB 56ms
55ms Image
image/svg+xml 2600:9000:206e:5a00:1:28b3:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.weglot.com/flags/rectangle_mat/es.svg
Requested by: Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:5a00:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddc451027c83a11707ac910f223f84f7bc51f3881197223978e2a717efa64c57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 14 Sep 2022 08:24:11 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 10:26:28 GMT
server: AmazonS3
age: 97023
etag: W/"96b4be850a4d40bcea53825f0a5464ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: VIE50-C1
content-type: image/svg+xml; charset=utf-8
x-amz-cf-id: qFK0QqDNClZxdqM_bmEIMTjdDqCJP2HfU8vf4LHNoPdCGxjUWpOK1w==

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 105 KB
41 KB 146ms
47ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-T2TLM22

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XSKBTC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee1fcbc3786fea33b28c4f7e70527574ca8fbe2e9acfb05eab383f7e0d61e24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 11:21:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Sep 2022 11:21:13 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 172ms
48ms Script
application/x-javascript 2a02:26f0:11a::6867:4868
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XSKBTC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4868 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 11:21:13 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=80907
accept-ranges: bytes
content-length: 3063

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 170ms
74ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XSKBTC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D6AF414D02234D3D829D9493C59DB7C1 Ref B: FRA31EDGE0508 Ref C: 2022-09-15T11:21:13Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 15 Sep 2022 11:21:13 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 227ms
45ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XSKBTC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 11:21:14 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15317
x-served-by: cache-iad-kiad7000140-IAD, cache-vie6323-VIE

GET
H2 200 hotjar-2279645.js Show response
static.hotjar.com/c/ 4 KB
3 KB 117ms
40ms Script
application/javascript 108.138.17.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2279645.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XSKBTC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-88.fra56.r.cloudfront.net

Software

Resource Hash

2a6c31128dbfba43a6b60c56a775fae9a844854e2142d22bfb39cf02beb23486

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 11:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
access-control-allow-origin: *
x-cache-hit: 1
etag: W/9c64330ccc354611a67c7534fec93887
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: EBSRgMQfXmwDt0ixjmUpf5gpR1eUTwIlATNLvUtEpTKKQ8CvGiueEg==

GET
H2 200 pix.min.js Show response
cdn.pixelme.me/ 49 KB
16 KB 142ms
40ms Script
application/x-javascript 35.241.37.126
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixelme.me/pix.min.js
Requested by: Host: lnk.to
URL: https://lnk.to/6T0FaEZV?_kx=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.37.126 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 126.37.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27403fc25257c3bc34e0dda649e0fdc3c1304d15623a86255a3f7287575fdb8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 11:05:17 GMT
content-encoding: gzip
age: 956
x-guploader-uploadid: ADPycdslIOmnZ30tHdH396lVTiUP9WR_y5aYGF4gHbc7gWu7CHUKviwH44c0HqHJDHufkRgF0LPMsSTYeQM7cWzJzMlyQ418CdJX
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16282
last-modified: Mon, 25 Nov 2019 09:51:07 GMT
server: UploadServer
etag: "e70eff749e09521f05ccda0a3d84f359"
vary: Accept-Encoding
x-goog-hash: crc32c=MKgscA==, md5=5w7/dJ4JUh8FzNoKPYTzWQ==
x-goog-generation: 1574675467274473
cache-control: public, max-age=3600
x-goog-stored-content-length: 16282
accept-ranges: bytes
content-type: application/x-javascript; charset=utf-8
expires: Thu, 15 Sep 2022 12:05:17 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
45 KB 204ms
109ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XSKBTC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

54f3a516d9c95e0d4155c18c7555b6ab5d8b521c4a363fec0f31c900535a4bf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

timing-allow-origin: *
date: Thu, 15 Sep 2022 11:21:13 GMT
x-content-type-options: nosniff
server: cafe
etag: 16286937264090633215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45968
x-xss-protection: 0
expires: Thu, 15 Sep 2022 11:21:13 GMT

GET
H2 200 growsumo.min.js Show response
snippet.growsumo.com/ 6 KB
3 KB 146ms
52ms Script
application/javascript 2606:4700::6812:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snippet.growsumo.com/growsumo.min.js
Requested by: Host: lnk.to
URL: https://lnk.to/6T0FaEZV?_kx=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0be9c85966eeed0b1af9a530e56d8b0ba5cfe2c46d293f4c77b66ddbe9be3d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

cf-ray: 74b0fa4609399143-FRA
date: Thu, 15 Sep 2022 11:21:13 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 14 Sep 2022 17:43:45 GMT
server: cloudflare
age: 57
etag: W/"632212d1-18b1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-encoding: br
expires: Thu, 15 Sep 2022 15:21:13 GMT

GET
H2 200 plausible.js Show response
plausible.io/js/ 1 KB
1 KB 152ms
44ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.io/js/plausible.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XSKBTC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-731.bunnyinfra.net

Software

BunnyCDN-AT-731 /

Resource Hash

ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 11:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 731
access-control-allow-origin: *
cdn-cachedat: 09/15/2022 10:52:43
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.0.8
server: BunnyCDN-AT-731
cdn-proxyver: 1.02
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, max-age=3600
permissions-policy: interest-cohort=()
cdn-requestid: 14fd2c0f5dcaf707c199391543275436
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pixel.js Show response
grow.clearbitjs.com/api/ 2 KB
979 B 757ms
223ms Script
text/javascript 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://grow.clearbitjs.com/api/pixel.js?v=1663240873814

Requested by

Host: lnk.to
URL: https://lnk.to/6T0FaEZV?_kx=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.3 , United States, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
date: Thu, 15 Sep 2022 11:21:14 GMT
vary: Accept-Encoding
content-type: text/javascript
cf-ray: 74b0fa496be49170-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/svg+xml

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 45ms
44ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1247234869&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fservicecssam3256897123.duckdns.org%2F%3Fpandora&dr=https%3A%2F%2Flnk.to%2F&ul=en-us&de=UTF-8&dt=Phishing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABQAAAAC~&jid=1359859414&gjid=1880510422&cid=632921953.1663240874&tid=UA-91053522-1&_gid=1964906501.1663240874&_r=1&gtm=2ou9e0&z=1660752136

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pixelme.me/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:21:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pixelme.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.d00377d3a043900eb4ef.js Show response
script.hotjar.com/ 252 KB
65 KB 559ms
49ms Script
application/javascript 18.66.147.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d00377d3a043900eb4ef.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2279645.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-7.fra60.r.cloudfront.net

Software

Resource Hash

f520d200f5d04a2bc40f94c843eb0c2611ffcf103109f6758d81740c8f3b516a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 14 Sep 2022 13:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79927
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
content-length: 65532
access-control-allow-origin: *
last-modified: Wed, 14 Sep 2022 13:08:33 GMT
etag: "74e062f975f5935c93ae5aff80efbd87"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Yib28Ao3hxNXtWKXr-HfPSTLJLZiUnRDunfX3szg1v9g-Q-ZlB5ktw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 550ms
51ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-91053522-1&cid=632921953.1663240874&jid=1359859414&gjid=1880510422&_gid=1964906501.1663240874&_u=YEBAAUAAQAAAAC~&z=14571332

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pixelme.me/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 15 Sep 2022 11:21:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.pixelme.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi Show response
grsm.io/pr/gpk/ 0
233 B 633ms
157ms XHR
text/plain 2606:4700::6812:bd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://grsm.io/pr/gpk/pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi
Requested by: Host: snippet.growsumo.com
URL: https://snippet.growsumo.com/growsumo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 11:21:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin: https://www.pixelme.me
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 74b0fa496d56bbb5-FRA
content-type: text/plain; charset=utf-8
content-length: 0

POST t
t.pixelme.me/ 0
0

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 9B1F 2 KB
1 KB 512ms
57ms Document
text/html 18.66.15.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2279645.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-37.vie50.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.pixelme.me/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 698647
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 780489eb078b12b535ed56179d4e97fe.cloudfront.net (CloudFront)
x-amz-cf-id: Fdk65uQqZgu0UpWfHsSOm_mnQcXtxLYd4BuxGozOhhQSOnCZK5n14Q==
x-amz-cf-pop: VIE50-P1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 collect
px.ads.linkedin.com/ 0
532 B 182ms
140ms Image
application/javascript 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=603540&time=1663240873988&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fservicecssam3256897123.duckdns.org%2F%3Fpandora
Requested by: Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 11:21:13 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B2D29EF1E86A45CBB577D4761E155989 Ref B: FRAEDGE1313 Ref C: 2022-09-15T11:21:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXotXF569SkcSPVc4sOFg==
x-li-fabric: prod-lva1

GET
H2 200 26035908.js Show response
bat.bing.com/p/action/ 1 KB
862 B 437ms
435ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26035908.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

52afe9b7348ea667fcaf9ccc7b959eb9c3d72b7e5f90a2d19b916764e0801878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE5217E8A041452EBB76D817CB9D5E62 Ref B: FRA31EDGE0508 Ref C: 2022-09-15T11:21:14Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Thu, 15 Sep 2022 11:21:13 GMT
content-length: 667

GET
H2 204 0
bat.bing.com/action/ 0
176 B 60ms
59ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26035908&tm=gtm002&Ver=2&mid=173e5907-99dc-486c-8219-2204e0926183&sid=82356e4034e811ed948ae50cfba9d29c&vid=8235865034e811ed80afb5c31b5c1f29&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Phishing&p=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fservicecssam3256897123.duckdns.org%2F%3Fpandora&r=https%3A%2F%2Flnk.to%2F&lt=1472&evt=pageLoad&sv=1&rn=430437

Requested by

Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9596645D52E7405DACD0C77F1D0F6604 Ref B: FRA31EDGE0508 Ref C: 2022-09-15T11:21:14Z
date: Thu, 15 Sep 2022 11:21:13 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
337 B 542ms
148ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=c9a90c18-3b8b-4583-8272-5f307d749535&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0bb386c9-1138-4bb3-9326-7898cae5c8fc&tw_document_href=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fservicecssam3256897123.duckdns.org%2F%3Fpandora&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxviw&type=javascript&version=2.3.27

Requested by

Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-response-time: 106
date: Thu, 15 Sep 2022 11:21:13 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5ccb8fb3ab50389a22a356e94205b5f6d67d41315c74a182a80af75cf93fe56f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 539ms
145ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=c9a90c18-3b8b-4583-8272-5f307d749535&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0bb386c9-1138-4bb3-9326-7898cae5c8fc&tw_document_href=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fservicecssam3256897123.duckdns.org%2F%3Fpandora&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxviw&type=javascript&version=2.3.27

Requested by

Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

x-response-time: 104
date: Thu, 15 Sep 2022 11:21:14 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: c9d573cbab979feacde6b486785cf713f30c314f1403f571d62863a8c74b7e36
content-length: 43

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/837753914/ 2 KB
2 KB 456ms
81ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/837753914/?random=1663240874066&cv=9&fst=1663240874066&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fservicecssam3256897123.duckdns.org%2F%3Fpandora&ref=https%3A%2F%2Flnk.to%2F&tiba=Phishing&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0b75d6384a34559673424008439e59604bf8369e67661debc025a32db68a291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 event Show response
plausible.io/api/ 2 B
487 B 153ms
63ms XHR
text/plain 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/api/event
Requested by: Host: plausible.io
URL: https://plausible.io/js/plausible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT-731 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.pixelme.me/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain

Response headers

date: Thu, 15 Sep 2022 11:21:14 GMT
cdn-edgestorageid: 731
server: BunnyCDN-AT-731
cdn-cachedat: 09/15/2022 11:21:14
cdn-pullzone: 682664
application: 10.0.0.6
content-length: 2
x-request-id: FxUEw0owTXpdw68AdTWJ
cdn-proxyver: 1.02
cdn-requestpullcode: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: f1774638cbb3316144b74ac1590f79c8
cdn-requestcountrycode: DE
cdn-status: 202
cdn-requestpullsuccess: True

GET
H2 200 26035908 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 694ms
318ms Script
application/x-javascript 2620:1ec:27::cafe:1806
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/26035908
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/26035908.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1806 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: bd1ed6c7f08ae49b255cdc5dbede299149b5beb35dcf483e32504931e1dbc115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 11:21:14 GMT
x-powered-by: ASP.NET
x-azure-ref: 0qgojYwAAAADBUPgsbczxQIqaAa5PfFD1TE9TMzBFREdFMDIxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 147ms
63ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-91053522-1&cid=632921953.1663240874&jid=1359859414&_u=YEBAAUAAQAAAAC~&z=1971828490

Requested by

Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:21:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 146ms
60ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-91053522-1&cid=632921953.1663240874&jid=1359859414&_u=YEBAAUAAQAAAAC~&z=1971828490

Requested by

Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:21:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/837753914/ 42 B
548 B 102ms
49ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/837753914/?random=1663240874066&cv=9&fst=1663239600000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fservicecssam3256897123.duckdns.org%2F%3Fpandora&ref=https%3A%2F%2Flnk.to%2F&tiba=Phishing&fmt=3&is_vtc=1&random=2807710171&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:21:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/837753914/ 42 B
548 B 103ms
49ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/837753914/?random=1663240874066&cv=9&fst=1663239600000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fservicecssam3256897123.duckdns.org%2F%3Fpandora&ref=https%3A%2F%2Flnk.to%2F&tiba=Phishing&fmt=3&is_vtc=1&random=2807710171&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:21:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2279645/ 107 B
282 B 303ms
60ms XHR
application/json 34.246.90.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2279645/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d00377d3a043900eb4ef.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.90.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-90-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6211e8cebd993e4a07cc847c4a162239eb3c51b30b6e553b267a3e933395521d

Request headers

Referer: https://www.pixelme.me/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 15 Sep 2022 11:21:14 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi Show response
partnerlinks.io/pr/gpk/ 0
202 B 256ms
51ms XHR
text/plain 2606:4700::6812:1f85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partnerlinks.io/pr/gpk/pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi
Requested by: Host: snippet.growsumo.com
URL: https://snippet.growsumo.com/growsumo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 11:21:14 GMT
content-type: text/plain; charset=utf-8
server: cloudflare
vary: Accept-Encoding
p3p: CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin: https://www.pixelme.me
access-control-allow-credentials: true
cf-ray: 74b0fa4ba98dbb43-FRA
content-length: 0

GET
H3 200 c.gif
grow.clearbitjs.com/api/ 35 B
239 B 347ms
209ms Image
image/gif 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grow.clearbitjs.com/api/c.gif?r=https%3A%2F%2Fwww.pixelme.me%2Fphishing&c=

Requested by

Host: www.pixelme.me
URL: https://www.pixelme.me/phishing?url=https://servicecssam3256897123.duckdns.org/?pandora

Protocol

Security

QUIC, , AES_128_GCM

Server

216.24.57.3 , United States, ASN397273 (RENDER, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
date: Thu, 15 Sep 2022 11:21:14 GMT
vary: Accept-Encoding
content-type: image/gif
cf-ray: 74b0fa4bae4c69a3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-b/s/0.6.40/ 54 KB
23 KB 316ms
316ms Script
application/javascript 2620:1ec:27::cafe:1806
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-b/s/0.6.40/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/26035908
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1806 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Thu, 15 Sep 2022 11:21:14 GMT
content-encoding: br
etag: "1d8bd4806fdad30"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0qwojYwAAAADp/a1Dw4i4RLtIg7TsK8DCTE9TMzBFREdFMDIxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=0092CA96D8F44ACDAFE81C95D5B7B7DA&RedC=c.clarity.ms&MXFR=0466E4C5F8F764E71F28F6E5FCF76A1D
https://c.clarity.ms/c.gif?CtsSyncId=0092CA96D8F44ACDAFE81C95D5B7B7DA&MUID=32CC3E58DDA2672E3CD22C78DC2966BD

42 B
369 B

55ms
54ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=0092CA96D8F44ACDAFE81C95D5B7B7DA&MUID=32CC3E58DDA2672E3CD22C78DC2966BD
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pixelme.me/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:21:15 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8d3298b0aac7d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 11:21:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F47000D6D18A4A7ABA8D2633E07F402E Ref B: FRA31EDGE0508 Ref C: 2022-09-15T11:21:15Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=0092CA96D8F44ACDAFE81C95D5B7B7DA&MUID=32CC3E58DDA2672E3CD22C78DC2966BD
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 collect Show response
e.clarity.ms/ 0
175 B 426ms
127ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.40/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.pixelme.me/
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

access-control-allow-origin: https://www.pixelme.me
date: Thu, 15 Sep 2022 11:21:15 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.pixelme.me
URL: https://t.pixelme.me/t

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lnk.to/	1970-01-20 06:00:41	Name: LF_session_549a8a6c58af89ccdfed66673ac4c365 Value: 1
.pixelme.me/	1969-12-31 23:59:59	Name: pxlme Value: eyJyZWZlcnJlciI6Imh0dHBzOi8vbG5rLnRvLyJ9
.pixelme.me/	1970-01-20 15:36:40	Name: _ga Value: GA1.2.632921953.1663240874
.pixelme.me/	1970-01-20 06:02:07	Name: _gid Value: GA1.2.1964906501.1663240874
.pixelme.me/	1970-01-20 06:00:40	Name: _gat_gtag_UA_91053522_1 Value: 1
.pixelme.me/	1970-01-20 14:46:16	Name: pxjs_anonymous_id Value: %226b031ab2-be08-4f87-b6b5-3bf46b730d90%22
.bing.com/	1970-01-20 15:22:16	Name: MUID Value: 32CC3E58DDA2672E3CD22C78DC2966BD
.pixelme.me/	1970-01-20 06:02:07	Name: _uetsid Value: 82356e4034e811ed948ae50cfba9d29c
.pixelme.me/	1970-01-20 15:22:16	Name: _uetvid Value: 8235865034e811ed80afb5c31b5c1f29
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:46:16	Name: bcookie Value: "v=2&2dcf04bd-b83a-476e-850d-e3f52058f46c"
.linkedin.com/	1970-01-20 06:02:07	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2688:u=1:x=1:i=1663240874:t=1663327274:v=2:sig=AQEAjAMeW_1w9_qje3ZtmZX2eQT5T_B1"
.doubleclick.net/	1970-01-20 06:00:41	Name: test_cookie Value: CheckForPermission
.pixelme.me/	1970-01-20 14:46:16	Name: _hjSessionUser_2279645 Value: eyJpZCI6ImFkNDY2MDRhLWZkMzItNTQyMS1hMGZiLTNlNmQ1YmM2MjQ5NyIsImNyZWF0ZWQiOjE2NjMyNDA4NzQ1NTQsImV4aXN0aW5nIjpmYWxzZX0=
.pixelme.me/	1970-01-20 06:00:42	Name: _hjFirstSeen Value: 1
www.pixelme.me/	1970-01-20 06:00:40	Name: _hjIncludedInSessionSample Value: 0
.pixelme.me/	1970-01-20 06:00:42	Name: _hjSession_2279645 Value: eyJpZCI6IjY5YjcyMTkwLWY1NmYtNGNhYy1iYTIxLWZjN2RlMjU1M2MzMiIsImNyZWF0ZWQiOjE2NjMyNDA4NzQ1NjMsImluU2FtcGxlIjpmYWxzZX0=
www.pixelme.me/	1970-01-20 06:00:40	Name: _hjIncludedInPageviewSample Value: 1
.pixelme.me/	1970-01-20 06:00:42	Name: _hjAbsoluteSessionInProgress Value: 0
.twitter.com/	1970-01-20 15:36:40	Name: personalization_id Value: "v1_xIxVXq9V8Fj6ZY6Kgp5/MA=="
.t.co/	1970-01-20 15:36:40	Name: muc_ads Value: 217e307d-a284-4906-a2c6-9584f1492ae3
www.clarity.ms/	1970-01-20 14:46:16	Name: CLID Value: 7786ae9fbcb04c10940806f58160e3a1.20220915.20230915
.pixelme.me/	1970-01-20 14:46:16	Name: _clck Value: 1hewbzi\|1\|f4w\|0
.c.bing.com/	1970-01-20 15:22:16	Name: SRM_B Value: 32CC3E58DDA2672E3CD22C78DC2966BD
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:22:16	Name: MUID Value: 32CC3E58DDA2672E3CD22C78DC2966BD
.c.clarity.ms/	1970-01-20 06:00:41	Name: ANONCHK Value: 0
.pixelme.me/	1970-01-20 06:02:07	Name: _clsk Value: 15xryrq\|1663240875982\|1\|1\|e.clarity.ms/collect
www.pixelme.me/	1970-01-20 06:00:41	Name: _dd_s Value: logs=1&id=87a1c874-8240-43cf-9597-8a0fb44de51c&created=1663240873920&expire=1663241773921

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.pixelme.me/t Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://www.googleadservices.com/pagead/conversion.js(Line 26) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
assets.website-files.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn-api.weglot.com
cdn.pixelme.me
cdn.weglot.com
d3e54v103j8qbb.cloudfront.net
e.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grow.clearbitjs.com
grsm.io
in.hotjar.com
lnk.to
lnkd.in
partnerlinks.io
pixelme.me
plausible.io
px.ads.linkedin.com
pxlme.me
script.hotjar.com
snap.licdn.com
snippet.growsumo.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
t.pixelme.me
trk.klclick3.com
vars.hotjar.com
www.clarity.ms
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.pixelme.me
t.pixelme.me
104.244.42.195
104.244.42.69
108.138.1.193
108.138.17.88
13.107.42.14
172.217.18.2
18.66.147.7
18.66.15.37
185.180.12.68
199.232.16.157
20.234.93.27
20.62.48.180
216.24.57.3
2600:9000:206e:5a00:1:28b3:b280:93a1
2600:9000:223c:2200:9:ec94:b800:93a1
2600:9000:223f:4a00:11:3b84:d200:93a1
2606:4700::6812:1f85
2606:4700::6812:246
2606:4700::6812:bd4
2620:1ec:27::cafe:1806
2620:1ec:c11::200
2a00:1450:4001:809::2003
2a00:1450:4001:810::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c08::9b
2a00:1450:400e:80e::200a
2a02:26f0:11a::6867:4868
34.246.90.31
35.241.37.126
51.15.139.10
52.222.214.116
52.222.232.39
54.194.0.91
54.194.170.100
99.83.190.102
0b79b191a7e97d8fb165ad70128825eb4fedd69d2677e55de7aff76793da3883
0be9c85966eeed0b1af9a530e56d8b0ba5cfe2c46d293f4c77b66ddbe9be3d5e
131d7ee76b779886898c901bfa19c90b68917c8e4b4b4cc9d929e53a9ecc92a2
15ba2fc78ee95f275931fe00f9685e83d323ed7a345ff5e72aa84e69dd2451b6
188d810cc883fcbf994c6afbd9b5f7e8f0cfd8185ce38ad9365887c21ed0a720
1e6d207b9135811ed20b4a2d7bda0809fcaa9a76632f9156d22f51a0ec76db71
218f6f647f83ceec4b0995a5186404d9fc4a5fb5c535d0cdd016bf52afbb5e7e
220014e671b6f67906f9e5f81444b16f524c7c117ad571d0759965d45e65271a
24af178a9f462202ed967edb00c6e975aabb0a71f8bfbb8fb0062717e4931d06
251214b83e86ba6b8ba5d810089b699d7cd43c9e4bbce2158655469a1af29852
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27403fc25257c3bc34e0dda649e0fdc3c1304d15623a86255a3f7287575fdb8c
287f2b0a046343d811ae43312783880cba0e09850886d6dcdd57a73f65147f01
294ed1734fd63bdeca41e4ac6d668c513ea6932b0030ee10c605d09efba1900e
2a6c31128dbfba43a6b60c56a775fae9a844854e2142d22bfb39cf02beb23486
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3157e02bd670e911d8bc9f9445783fca0991b9638bf5b053e2576553b373e879
33abdf1da701ffb0039838332d89cfa7a4987ba736e5a5be9d398d418bf4ba61
3e0d4f9739b0f40bb8d32af6891299fd8050fe0ca24b8d7450bddbd99e118c6d
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
434967e3a46663558c534688d0054e4bad8f3301c863b4a17f66080065da0c57
4d64cc6ca0696fecc817f893a5ef9f6652ff3d613ab65192ef458ce3b542f192
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
517d5b7c337e943ee869317786ba65af45554e7d406c7d14b2f1248b952c9a89
52afe9b7348ea667fcaf9ccc7b959eb9c3d72b7e5f90a2d19b916764e0801878
54f3a516d9c95e0d4155c18c7555b6ab5d8b521c4a363fec0f31c900535a4bf1
6211e8cebd993e4a07cc847c4a162239eb3c51b30b6e553b267a3e933395521d
62a55c5999b47d6724ddc16f9094fc5a2e94cbb4f098425ee67cc1e76803ab5a
6a7143662fecfe0553369bc1a6af24daf6355aa98a867d85b854dc893aba112f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cfae1a1cee4916656b8ae363896aa9c57472d54ec0b074e7999c5d1ef41ef82
720d4a3364adb0f6dab95c8339fc8538a4388e302b8a8173d401e8471998ebf1
721cce7eee154a2da90c43ee41262b452a5d7757e1c363d4371ec095191749e0
726beec7cd96f06f5b05b5af54d47321b6270f94e21f4a3bdc80cefc3b79ba69
77243dc5c5a954e122ff11671ddcacfc6669f9c15c5a14b4eb99493754f8cdb0
77f80bba29c93fa36446bcc516b08b0ccc3184e0044feaf7f8321126741fbdf1
7e15d8482756e9d79c5b14dde8cd92256fd2afe0307703d825d4e8178d416c41
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
8be196f9486ccf4315c97bde9ccc83199827bc630f2c0c34b98298834a75ee11
8eb91a0802b9e79aef3e47554a25b80de2f8ef73d3053b28c81820734179f4e9
8f14755d240ab0010110fec0175a935816fdbbd455737046cf33b4c2aa423a72
8fdbf9efc2a3dee59ac086edff2cca2c66184470cb4d88cf8eacc574a45cef51
96d824f5b278889364c6dc2c946fd41ab44b9f00850921585cfdb7bbbaf25a03
9948ae846979246ddfe993e604739594ce0e7cdfa77657412b9b0090009dcf23
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
af9c0b316df61878613a6142ae625a4c20dd30685d6c0d480deef933f1c90640
b229d664a58a75e0a438fad204b292b5777e79fafd4b840cce21bac7ad2a7a28
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4
bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260
bd1ed6c7f08ae49b255cdc5dbede299149b5beb35dcf483e32504931e1dbc115
bdf2f37b4320f09f97f51629d9db4ef952cfb0267356dc4bb1a703fd18909f60
c24bbc961b8e37845c94a03ec71d9a0aaa1ef3faaf2277c2f0f6f8781c19efb5
c3b832350962ac3ba8a6f89d76e744fdbcdf37d5f810b8ff1fc8cb3dc8f964c6
c42c24d33a5fe88df750c698283a2ce437889208d108402699efb86a733abab9
c632bd9c762bc146066f2ccf9ec7e37b71fa26df06345845e2e189b5f7e2990a
ddbbed56447e2eb705accccf23c42ff8d76ec42f84086749ec2dedacfaa48df8
ddc451027c83a11707ac910f223f84f7bc51f3881197223978e2a717efa64c57
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0b75d6384a34559673424008439e59604bf8369e67661debc025a32db68a291
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee1fcbc3786fea33b28c4f7e70527574ca8fbe2e9acfb05eab383f7e0d61e24d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f520d200f5d04a2bc40f94c843eb0c2611ffcf103109f6758d81740c8f3b516a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8c2b87a4f2cfb7f10d05585721bb79e44d3dce50285c02611bba5c7012f77db

www.pixelme.me Open in urlscan Pro 54.194.170.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

85 Requests

98 %HTTPS

48 %IPv6

31 Domains

43 Subdomains

38 IPs

6 Countries

1352 kBTransfer

2908 kBSize

29 Cookies

5 Outgoing links

Page URL History

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pixelme.me Open in urlscan Pro
54.194.170.100 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

98 %
HTTPS

48 %
IPv6

31
Domains

43
Subdomains

38
IPs

6
Countries

1352 kB
Transfer

2908 kB
Size

29
Cookies

85 HTTP transactions
1 data transactions