bccovid.dav.sh Open in urlscan Pro
2606:4700:3036::ac43:c8db  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bccovid.dav.sh/	3 KB 2 KB	83ms 35ms	Document text/html	2606:4700:3036::ac43:c8db CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bccovid.dav.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c8db , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash b6ffd3f083cff80e15b74a446047fbae0dd5e3b9bf9c94a1fdae54ada4b7d59c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://*.bcheights.com Request headers :method GET :authority bccovid.dav.sh :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 26 Feb 2021 05:46:39 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=de0428658aee4a0721a97d062997dfbed1614318399; expires=Sun, 28-Mar-21 05:46:39 GMT; path=/; domain=.dav.sh; HttpOnly; SameSite=Lax x-powered-by Express cache-control public, max-age=0 last-modified Fri, 05 Feb 2021 00:03:32 GMT content-security-policy frame-ancestors 'self' https://*.bcheights.com cf-cache-status DYNAMIC cf-request-id 087e7907d300004e6d47866000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eCVWJqG5B8tzB88Ru3EyJNSUwHmL85UyvBuDXHF6L3vxhYKqMOrtt5YUEXexdXX4fWxSRg2gLoE9Htl%2B99HNwm6t2M9pf1z8%2BAQEH8qW9PaT2LfKwSOCutOtHA%3D%3D"}]} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 62775dec8d274e6d-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	css2 fonts.googleapis.com/	4 KB 815 B	16ms 14ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&family=Roboto&display=swap Requested by Host: bccovid.dav.sh URL: https://bccovid.dav.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1a1c40d0ee4cfc54555f77a91ebeb22a6102a852863ad9830d7e6f36e4700eca Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://bccovid.dav.sh/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 26 Feb 2021 05:46:39 GMT server ESF date Fri, 26 Feb 2021 05:46:39 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 26 Feb 2021 05:46:39 GMT
GET H2	200	css fonts.googleapis.com/	768 B 441 B	52ms 50ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Arbutus+Slab%3A400%2C400i&display=swap&ver=2.3.9 Requested by Host: bccovid.dav.sh URL: https://bccovid.dav.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4cce0d7df7f135c2c417c2732a0160fb1a5da501021bbf334547b5b1683011cb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://bccovid.dav.sh/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 26 Feb 2021 05:46:39 GMT server ESF date Fri, 26 Feb 2021 05:46:39 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 26 Feb 2021 05:46:39 GMT
GET H2	200	css fonts.googleapis.com/	735 B 390 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Adamina%3A400%2C700%2C400italic%2C700italic%7CAlike%3A400%2C700%2C300%2C100&subset=latin%2Clatin-ext%2Cvietnamese%2Ccyrillic-ext%2Ccyrillic%2Cgreek%2Cgreek-ext Requested by Host: bccovid.dav.sh URL: https://bccovid.dav.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9f398a6a5f6374b905df3d0748d09f1d02bc9309aefda2e15b687c3b39e10d05 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://bccovid.dav.sh/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 26 Feb 2021 05:46:39 GMT server ESF date Fri, 26 Feb 2021 05:46:39 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 26 Feb 2021 05:46:39 GMT
GET H2	200	ai_external.js Show response www.bcheights.com/wp-content/plugins/advanced-iframe/js/	8 KB 3 KB	171ms 144ms	Script application/javascript	2606:4700:3035::ac43:cf21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bcheights.com/wp-content/plugins/advanced-iframe/js/ai_external.js Requested by Host: bccovid.dav.sh URL: https://bccovid.dav.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:cf21 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73a3f2453df94e4f43f3c9314743fa3a39d7af7e3625647b7fea51063c2fb8a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer https://bccovid.dav.sh/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-fw-static YES date Fri, 26 Feb 2021 05:46:39 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS x-cacheable YES x-fw-server Flywheel/5.1.0 x-cache MISS x-cache-hits 0 vary Accept-Encoding, Authorization fastly-restarts 1 x-xss-protection 1 x-served-by cache-fra19143-FRA x-fw-type VISIT referrer-policy no-referrer-when-downgrade last-modified Fri, 29 Jan 2021 20:35:36 GMT server cloudflare x-timer S1614318400.534838,VS0,VE111 x-fw-hash kvpserz9bp etag W/"60147198-2141" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"max_age":604800,"report_to":"cf-nel"} report-to {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wG8YjgVCpSRu7bYJKPaiN8OhJWU0KpuBTNoDL32OeRsMhPlIYMQnpGxO1vLE2vHCEtA2qqAXFZp%2B9wnUpUFWCOj%2BeegBgQkxaApijYHTgrpH3eQlDA82MsZqFHAHlg%3D%3D"}]} content-type application/javascript x-fw-serve TRUE alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control public, max-age=31536000 cf-request-id 087e790816000097d822bb2000000001 cf-ray 62775deced8697d8-FRA x-fw-version 5.0.0
GET H2	200	main.caeb82b1.chunk.css bccovid.dav.sh/static/css/	3 KB 1 KB	35ms 34ms	Stylesheet text/css	2606:4700:3036::ac43:c8db CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bccovid.dav.sh/static/css/main.caeb82b1.chunk.css Requested by Host: bccovid.dav.sh URL: https://bccovid.dav.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c8db , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash c25c5357336b0f8d59b157523c7852980f0b5219a8c31b76d022b38060e306de Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://*.bcheights.com Request headers Referer https://bccovid.dav.sh/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 26 Feb 2021 05:46:39 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 087e7907fc00004e6d3b93c000000001 last-modified Fri, 05 Feb 2021 00:03:32 GMT server cloudflare etag W/"cc3-1776f80423e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6HgUczf02esQPMA5EeKArfgLPyT%2FrmewwYeA3lxmifnO1bKfoPCierLsiWsBnntLqekd3%2BiOJHtXCUAYGkIpSTSu2vKehvm31Z6W0bPFYDbT%2F41s%2FV2VhPggEQ%3D%3D"}]} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 content-security-policy frame-ancestors 'self' https://*.bcheights.com cf-ray 62775deccd614e6d-FRA
GET H2	200	2.0ac886b4.chunk.js Show response bccovid.dav.sh/static/js/	664 KB 169 KB	61ms 60ms	Script application/javascript	2606:4700:3036::ac43:c8db CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bccovid.dav.sh/static/js/2.0ac886b4.chunk.js Requested by Host: bccovid.dav.sh URL: https://bccovid.dav.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c8db , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash c2e529385b9983d8b3f1cfebdd589967f58484d3a65850831f787e89b0f7a50a Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://*.bcheights.com Request headers Referer https://bccovid.dav.sh/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 26 Feb 2021 05:46:39 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 087e7907fc00004e6d9b9f5000000001 last-modified Fri, 05 Feb 2021 00:03:32 GMT server cloudflare etag W/"a5feb-1776f80423a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dtORuwv4fxKhYDX27zNYKOJ2LyGOqnYby0Jbx9FTI6G98n8GhABz3%2FyRPkc7q7RMms07el8mEcGJDa%2FnR5tjFjObPTwPpeWcHYfK7E01pm%2F0Pwnbg791Yod9GA%3D%3D"}]} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 content-security-policy frame-ancestors 'self' https://*.bcheights.com cf-ray 62775deccd624e6d-FRA
GET H2	200	main.6528441e.chunk.js Show response bccovid.dav.sh/static/js/	31 KB 7 KB	42ms 41ms	Script application/javascript	2606:4700:3036::ac43:c8db CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bccovid.dav.sh/static/js/main.6528441e.chunk.js Requested by Host: bccovid.dav.sh URL: https://bccovid.dav.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:c8db , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 8994567d12f44acb78dc7662216d93de046db6df77c6e7dc6eff6cff2e8d5707 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://*.bcheights.com Request headers Referer https://bccovid.dav.sh/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 26 Feb 2021 05:46:39 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 087e7907fc00004e6d922ea000000001 last-modified Fri, 05 Feb 2021 00:03:32 GMT server cloudflare etag W/"7d4a-1776f80423e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gyShISUmOKSk%2FYGXFKmu5M198K6vAZvzm6NWR%2FUkRCc0KYreTU9cBAU7pkN4eRwpK8%2FFnAVMrp8w9gVWMGDDHdTxGwcoS4aMNKRXPXPGvfgJSN0yTESq3%2B17Pg%3D%3D"}]} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 content-security-policy frame-ancestors 'self' https://*.bcheights.com cf-ray 62775deccd634e6d-FRA
GET H2	200	jquery.js Show response www.bcheights.com/wp-includes/js/jquery/	281 KB 78 KB	178ms 178ms	Script application/javascript	2606:4700:3035::ac43:cf21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bcheights.com/wp-includes/js/jquery/jquery.js Requested by Host: www.bcheights.com URL: https://www.bcheights.com/wp-content/plugins/advanced-iframe/js/ai_external.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:cf21 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer https://bccovid.dav.sh/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers x-fw-static YES date Fri, 26 Feb 2021 05:46:39 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS x-cacheable YES x-fw-server Flywheel/5.1.0 x-cache MISS x-cache-hits 0 vary Accept-Encoding, Authorization fastly-restarts 1 x-xss-protection 1 x-served-by cache-fra19141-FRA x-fw-type VISIT referrer-policy no-referrer-when-downgrade last-modified Mon, 22 Feb 2021 16:07:35 GMT server cloudflare x-timer S1614318400.672435,VS0,VE138 x-fw-hash kvpserz9bp etag W/"6033d6c7-463a2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"max_age":604800,"report_to":"cf-nel"} report-to {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EzuKiALpEcffZ5wJJllgZkqKUhpqVnJ%2Fc2MJmLv%2BiX%2B0H96tuKNIGUO647Bii6UXPJ9bhiOqroksiL%2BgR3leTP3pJbMzV9Sr%2FFfg8q11mgkPyu551ugYdr2KHw62jQ%3D%3D"}]} content-type application/javascript x-fw-serve TRUE alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control public, max-age=31536000 cf-request-id 087e7908ab000097d83a929000000001 cf-ray 62775dedddac97d8-FRA x-fw-version 5.0.0
GET H2	200	ahmeuqb.php Show response a.pantherman594.com/	60 KB 61 KB	106ms 32ms	Script application/javascript	88.99.187.238 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.pantherman594.com/ahmeuqb.php Requested by Host: bccovid.dav.sh URL: https://bccovid.dav.sh/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 88.99.187.238 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.238.187.99.88.clients.your-server.de Software nginx/1.19.6 / PHP/8.0.2 Resource Hash 4647cff7e6e28790505943f31d75c2c2281de87e134b0018ef52df897d4bd34e Request headers Referer https://bccovid.dav.sh/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 26 Feb 2021 05:46:39 GMT server nginx/1.19.6 x-powered-by PHP/8.0.2 content-type application/javascript
GET H2	200	KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&family=Roboto&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://bccovid.dav.sh Referer https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&family=Roboto&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 26 Feb 2021 04:25:39 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:50 GMT server sffe age 4860 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11016 x-xss-protection 0 expires Sat, 26 Feb 2022 04:25:39 GMT
POST H2	204	xrphufv.php a.pantherman594.com/	0 130 B	241ms 241ms	Other text/plain	88.99.187.238 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.pantherman594.com/xrphufv.php?gvb=BC%20Covid19%20Stats&oxi=1&hnq=1&zzy=929836&h=6&m=46&s=39&lyr=https%3A%2F%2Fbccovid.dav.sh%2F&kvx=5aa3eaf2564389fc&epz=1&avl=0&jiz=0&cookie=1&res=1600x1200&ltn=pbis2F&pf_net=47.80999943614006&pf_srv=35.225000232458115&pf_tfr=0.5649998784065247 Requested by Host: a.pantherman594.com URL: https://a.pantherman594.com/ahmeuqb.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 88.99.187.238 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.238.187.99.88.clients.your-server.de Software nginx/1.19.6 / PHP/8.0.2 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://bccovid.dav.sh/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://bccovid.dav.sh date Fri, 26 Feb 2021 05:46:40 GMT access-control-allow-credentials true server nginx/1.19.6 x-powered-by PHP/8.0.2

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| domain_advanced_iframe string| iframe_id_advanced_iframe string| updateIframeHeight string| keepOverflowHidden string| hide_page_until_loaded_external function| aiExecuteWorkaround_advanced_iframe function| removeOverflowHidden function| getTextLength function| createAiWrapperDiv function| aiCreate function| getIframeWidth function| aiAddCss function| addOnloadEvent undefined| $ function| jQuery object| _paq object| webpackJsonpfrontend object| regeneratorRuntime object| __core-js_shared__ object| core object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bccovid.dav.sh/	1970-01-20 01:51:13	Name: _pk_id.1.941d Value: 5aa3eaf2564389fc.1614318400.
			bccovid.dav.sh/	1970-01-19 16:25:20	Name: _pk_ses.1.941d Value: 1
			.dav.sh/	1970-01-19 17:08:30	Name: __cfduid Value: de0428658aee4a0721a97d062997dfbed1614318399

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://bccovid.dav.sh/static/js/2.0ac886b4.chunk.js(Line 2) Message: TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://*.bcheights.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pantherman594.com
bccovid.dav.sh
fonts.googleapis.com
fonts.gstatic.com
www.bcheights.com
2606:4700:3035::ac43:cf21
2606:4700:3036::ac43:c8db
2a00:1450:4001:810::2003
2a00:1450:4001:82a::200a
88.99.187.238
1a1c40d0ee4cfc54555f77a91ebeb22a6102a852863ad9830d7e6f36e4700eca
4647cff7e6e28790505943f31d75c2c2281de87e134b0018ef52df897d4bd34e
4cce0d7df7f135c2c417c2732a0160fb1a5da501021bbf334547b5b1683011cb
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
73a3f2453df94e4f43f3c9314743fa3a39d7af7e3625647b7fea51063c2fb8a5
86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982
8994567d12f44acb78dc7662216d93de046db6df77c6e7dc6eff6cff2e8d5707
9f398a6a5f6374b905df3d0748d09f1d02bc9309aefda2e15b687c3b39e10d05
b6ffd3f083cff80e15b74a446047fbae0dd5e3b9bf9c94a1fdae54ada4b7d59c
c25c5357336b0f8d59b157523c7852980f0b5219a8c31b76d022b38060e306de
c2e529385b9983d8b3f1cfebdd589967f58484d3a65850831f787e89b0f7a50a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855