overrideclip.site Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12
Effective URL:
https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Submission: On July 01 via api (July 1st 2024, 5:16:46 am UTC) from US — Scanned from DE

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 31 HTTP transactions. The main IP is 188.114.97.3, located in and belongs to . The main domain is overrideclip.site.
TLS certificate: Issued by WE1 on June 28th 2024. Valid for: 3 months.

This is the only time overrideclip.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
2	89.117.96.222 89.117.96.222	46475 (LIMESTONE...) (LIMESTONENETWORKS)
1	31.24.251.71 31.24.251.71	57271 (BITWEB-AS) (BITWEB-AS)
1 1	172.67.131.15 172.67.131.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	188.114.97.3 188.114.97.3	() ()
3	104.17.24.14 104.17.24.14	() ()
2	104.18.10.207 104.18.10.207	() ()
1	2a00:1450:400... 2a00:1450:4001:803::200a	() ()
1	188.114.96.3 188.114.96.3	() ()
31	7

2 89.117.96.222 (North Bergen, United States)

ASN46475 (LIMESTONENETWORKS, US)

doflamingo.best	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.24.251.71 (Russian Federation)

ASN57271 (BITWEB-AS, RU)
PTR: 235019.bitweb.ru

prudentkap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.131.15 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rostergord.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 188.114.97.3 (None, )

ASN- ()

overrideclip.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.trk-elevostra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.24.14 (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN- ()

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (None, )

ASN- ()

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (None, )

ASN- ()

trk-elevostra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	overrideclip.site overrideclip.site	214 KB
4	trk-elevostra.com trk-elevostra.com event.trk-elevostra.com	3 KB
3	cloudflare.com cdnjs.cloudflare.com	180 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	45 KB
2	doflamingo.best doflamingo.best	1 KB
1	googleapis.com ajax.googleapis.com	31 KB
1	rostergord.click 1 redirects rostergord.click	627 B
1	prudentkap.com prudentkap.com	516 B
31	8

	Domain	Requested by
18	overrideclip.site	prudentkap.com overrideclip.site
3	event.trk-elevostra.com	trk-elevostra.com
3	cdnjs.cloudflare.com	overrideclip.site cdnjs.cloudflare.com
2	maxcdn.bootstrapcdn.com	overrideclip.site
2	doflamingo.best	doflamingo.best
1	trk-elevostra.com	overrideclip.site
1	ajax.googleapis.com	overrideclip.site
1	rostergord.click	1 redirects
1	prudentkap.com	doflamingo.best
31	9

This site contains no links.

Subject Issuer	Validity	Valid
prudentkap.com R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh
overrideclip.site WE1	`2024-06-28` - `2024-09-26`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
trk-elevostra.com WE1	`2024-06-13` - `2024-09-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Frame ID: 7EA414A7FCA7B782C87CEC774E4B8D94
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12 HTTP 307
https://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12 HTTP 307
http://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12 Page URL
http://doflamingo.best/t/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12 Page URL
https://prudentkap.com/0/0/0/89b2f5801cbc92f709a2838fe5b64132/12/290-6289/1730-2497-9512 Page URL
https://rostergord.click/index2.php?id=273&s1=351765&s2=1200860063&s3=6495&p=us5cstcoswep8a HTTP 302
https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

94 %
HTTPS

13 %
IPv6

8
Domains

9
Subdomains

7
IPs

2
Countries

474 kB
Transfer

955 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12 HTTP 307
https://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12 HTTP 307
http://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12 Page URL
http://doflamingo.best/t/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12 Page URL
https://prudentkap.com/0/0/0/89b2f5801cbc92f709a2838fe5b64132/12/290-6289/1730-2497-9512 Page URL
https://rostergord.click/index2.php?id=273&s1=351765&s2=1200860063&s3=6495&p=us5cstcoswep8a HTTP 302
https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12 HTTP 307
https://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12 HTTP 307
http://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

9512f12 Show response
doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/
Redirect Chain

http://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12
https://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12
http://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12

458 B
711 B

94ms
94ms

Document
text/html

89.117.96.222
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: http://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12
Protocol: HTTP/1.1
Server: 89.117.96.222 North Bergen, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
Software: /
Resource Hash: 0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 458
Content-Type: text/html; charset=utf-8
Date: Mon, 01 Jul 2024 05:16:32 GMT
X-Address: gin_throttle_mw_7200000000_146.70.117.86
X-Ratelimit-Limit: 500
X-Ratelimit-Remaining: 499
X-Ratelimit-Reset: 1719814592

Redirect headers

Location: http://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK 9512f12 Show response
doflamingo.best/t/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/ 302 B
555 B 321ms
321ms Document
text/html 89.117.96.222
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: http://doflamingo.best/t/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12
Requested by: Host: doflamingo.best
URL: http://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12
Protocol: HTTP/1.1
Server: 89.117.96.222 North Bergen, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
Software: /
Resource Hash: 43af19f1403ab9dbd1a0841eb17ccaa77b7bfb60973c0bf5c99a48efcaa464b6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://doflamingo.best/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 302
Content-Type: text/html; charset=utf-8
Date: Mon, 01 Jul 2024 05:16:33 GMT
X-Address: gin_throttle_mw_7200000000_146.70.117.86
X-Ratelimit-Limit: 500
X-Ratelimit-Remaining: 498
X-Ratelimit-Reset: 1719814592

GET
H/1.1 200
OK 1730-2497-9512
prudentkap.com/0/0/0/89b2f5801cbc92f709a2838fe5b64132/12/290-6289/ 154 B
516 B 686ms
541ms Document
text/html 31.24.251.71
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prudentkap.com/0/0/0/89b2f5801cbc92f709a2838fe5b64132/12/290-6289/1730-2497-9512
Requested by: Host: doflamingo.best
URL: http://doflamingo.best/t/4xompj6289vorl290wmarhhtfew1730ohpywiobyhyyrrg2497/9512f12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 31.24.251.71 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: 235019.bitweb.ru
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://doflamingo.best/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 01 Jul 2024 05:16:35 GMT
server: nginx/1.12.2
transfer-encoding: chunked
vary: Accept-Encoding

GET
H3

200

Primary Request / Show response
overrideclip.site/
Redirect Chain

https://rostergord.click/index2.php?id=273&s1=351765&s2=1200860063&s3=6495&p=us5cstcoswep8a
https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

53 KB
8 KB

433ms
364ms

Document
text/html

188.114.97.3

General

Check archive.org

Show headers Download Go to

Full URL

https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Requested by

Host: prudentkap.com
URL: https://prudentkap.com/0/0/0/89b2f5801cbc92f709a2838fe5b64132/12/290-6289/1730-2497-9512

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

50c05765cdf6025d49d0e54322e107b3c5be551096c3ec89e465894fa05daffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://prudentkap.com/0/0/0/89b2f5801cbc92f709a2838fe5b64132/12/290-6289/1730-2497-9512
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 89c3ecc89c561e4f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 01 Jul 2024 05:16:36 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U0nI2ttw8VKYKKbpvttog65t3dMwQvaA%2BXHeK2ioLIgwkV0cD6HRTsp1YTMq6ys6z8PvYNV4eLILR4F785OFqAz8DnlpWAP0TwpVck0NLYAq9Ra8VJhWMkWobABJfXXMvfaMBw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 89c3ecc51cda18bf-FRA
content-type: text/html; charset=UTF-8
date: Mon, 01 Jul 2024 05:16:36 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XlrlvKKUN3x%2B0XJwlGRtkWvvgMIsvk67cIoCgK8%2BVZMvCWSdLdRMzRYF6%2FKQ2WE30FkN7BS1WuRDLnuFLQgjciT14DCDPPeYWhvk%2BZvBLCoPF4Vw5sJViVxVD5a5gLCGrRXd"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/ 101 KB
19 KB 75ms
31ms Stylesheet
text/css 104.17.24.14

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

5ceaaba22d75b58e04150311f596306562a3e595e27ed4b1dfa451b82dda9e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 904801
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18938
last-modified: Wed, 03 Apr 2024 02:35:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "660cc074-49fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mv9U4O8Nwru5C%2Bd2%2Bf%2Bo5hNycDDiy8bXtUUzUqDIFbAG5F%2Fm4YLuyrSYkM1odChXsnSt%2BWs7nMwmm5nRQpwwI5cROOWYPOwRmRahiWg1yhr7%2FI2Q48IiQ1G4jFFnFJgQPXO6AjtT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89c3eccb5dcd3738-FRA
expires: Sat, 21 Jun 2025 05:16:37 GMT

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.0/css/ 157 KB
28 KB 73ms
32ms Stylesheet
text/css 104.18.10.207

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1688838
cdn-cachedat: 03/18/2024 12:28:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"3afe15e976734d9daac26310110c4594"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 47b6cc31128f8b2fe6db717e27a36362
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 89c3eccb5cb25d82-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 84ms
7ms Script
text/javascript 2a00:1450:4001:803::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 05:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 05:21:35 GMT

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 21 KB
7 KB 70ms
31ms Script
application/javascript 104.17.24.14

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1646552
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6696
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-5309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cyxre5lBFTmHfz%2FJ5n82jUPb8DS8IceHBDyL8j0yJsReMdpbvEQBC0Q%2FYboPGfV6EafNy11aglqZiz9crzWxM2n4mqDiG4TPS0eSnt7ABSEnewCmaXddRtV99PQ9xp6OgZrsWRq0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89c3eccb5dcb3738-FRA
expires: Sat, 21 Jun 2025 05:16:37 GMT

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.5.0/js/ 59 KB
17 KB 75ms
37ms Script
application/javascript 104.18.10.207

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 860
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1702502
cdn-cachedat: 03/18/2024 13:06:56
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"6bea60c34c5db6797150610dacdc6bce"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e9926d367f9fdcd87322c05244a61845
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 89c3eccb5cb45d82-FRA
cdn-requestpullsuccess: True

GET
H3 200 modal.css
overrideclip.site/master/terms/css/ 1 KB
943 B 369ms
363ms Stylesheet
text/css 188.114.97.3

General

Check archive.org

Show headers Download Go to

Full URL

https://overrideclip.site/master/terms/css/modal.css

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

91631d643f30ca600bf74ebd79fe89a5ec5339ba571a8d31b1fc467194f11934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Jun 2020 17:52:18 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qqMxwbZdUsH9AZYTi5i8Xe%2B5WA%2B2uQYGUBGQMSkg7eVPIKOsnZXRKFQIf6RUhgzh5X%2FEr0X1hfPa6VpylDUcWFMit7tR29AXpTSIhMpHhpNM4Sp%2FqfJbp2W7WuriWa%2BpBvMCjw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 89c3eccb2ed61e4f-FRA
expires: Mon, 08 Jul 2024 05:16:37 GMT

GET
H3 200 common.css
overrideclip.site/master/us193/ 60 KB
14 KB 496ms
490ms Stylesheet
text/css 188.114.97.3

General

Check archive.org

Show headers Download Go to

Full URL

https://overrideclip.site/master/us193/common.css?v=4

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

5718a84fdf3d8a320627d95e5e48624da26e2ca8a831eb58a2dade83445d44bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Jun 2024 20:47:21 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fZSOKi2Yx9rEbMYzc3p1nvQ1tEsGroQqfByXsEYKXIePiQAubbeoYP%2FcKQF2shPGXYsY13sUD8RvA8WFx2Th9D2oJgh1nzHzAi9tztXyigxggcFSkFUkO38WzInMLP5y3d9N%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 89c3eccb2ed71e4f-FRA
expires: Mon, 08 Jul 2024 05:16:37 GMT

GET
H3 200 changes.css
overrideclip.site/master/us193/ 505 B
733 B 371ms
365ms Stylesheet
text/css 188.114.97.3

General

Check archive.org

Show headers Download Go to

Full URL

https://overrideclip.site/master/us193/changes.css

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

294cdcf9c5cdc31c63aaf944c5288bc6c6ff7f80a2f89e65d47ebc23ca084ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Jun 2024 17:27:22 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ix9b%2FE0YTEvrySCZkzhuOCerPNTElmTFECYnhTEyuqxOFxLV5ncAyMUjZIQukKn8OjDyW%2BbQKKULHA9qf5GL26MFKEkU33xgkqQokYLPRxtVtEFznLTbkAM4DEDRkviGMi1JSw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 89c3eccb2ed81e4f-FRA
expires: Mon, 08 Jul 2024 05:16:37 GMT

GET
H3 200 animate.min.css
overrideclip.site/master/us193/ 70 KB
6 KB 373ms
366ms Stylesheet
text/css 188.114.97.3

General

Check archive.org

Show headers Download Go to

Full URL

https://overrideclip.site/master/us193/animate.min.css

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Jun 2024 17:27:23 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lgcEK2HKvMEWLl%2BKlTZM9myX5ezzV2gWZpdvChy0k1yNa1vQluoEWeb2EwVgGcD6JI8LASqelqrUOrG3lbC2BbwtCzRUULfThXg0kSdXOySZSvP4qulLeo2THgp21ctyEsFA9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 89c3eccb2eda1e4f-FRA
expires: Mon, 08 Jul 2024 05:16:37 GMT

GET
H3 200 msg.js Show response
overrideclip.site/inc/ 943 B
909 B 384ms
368ms Script
application/javascript 188.114.97.3

General

Check archive.org

Show headers Download Go to

Full URL

https://overrideclip.site/inc/msg.js?a4ed4cadfb322a02c2f3d5445f9a8e96

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

19f7dd15af70121da291e6df75452886b47a5d0e074f2ed422be30e8ec5d9671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Jun 2024 16:01:34 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=74vn8i5m3XrzKnysaz3SYfyzZqs92iY2n0WY34JqDlMAFiyyI2oUn0wpxZ%2B%2BR2UMB3Q2K4kTYTmtYHbdfSZy7zq2%2B7JqE8mZv3r1m3TpIep5N9brwuUdoM4NrLu1nOh5%2BhT0KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 89c3eccb3ee11e4f-FRA
expires: Mon, 08 Jul 2024 05:16:37 GMT

GET
H3 200 x.png
overrideclip.site/master/terms/img/ 5 KB
6 KB 398ms
382ms Image
image/png 188.114.97.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://overrideclip.site/master/terms/img/x.png

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:37 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5389
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Jun 2020 18:46:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EQWu0ZKqt8ttlihUmCfFphZtkVIw6VFVv%2F8ly4Yfj5KmnJuC4tRSrgPaOluz5qlhPYy3dnyBfuoQ5kdt7Y4BU6VkSbJGJkDK9OPSNPvsA%2BH2C0CtA6RtROq4NHWzXNitzbFZwg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89c3eccb3ee41e4f-FRA
expires: Mon, 08 Jul 2024 05:16:37 GMT

GET
H3 200 modal.js Show response
overrideclip.site/master/terms/js/ 690 B
728 B 398ms
383ms Script
application/javascript 188.114.97.3

General

Check archive.org

Show headers Download Go to

Full URL

https://overrideclip.site/master/terms/js/modal.js

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

79f391da2467b302bd8e9a80c25d66e208f9dcd2c20d05da0f2022a795093fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Jun 2024 21:00:15 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZFb29oQjYWKRfVHJr0ahtlbXP5QqUtN8z6ddIGtYvORgIKLyK%2BfWSmzGct5NY6hIb4Ne1OfQNbhZ1VbFyC5cO7rwEN%2FPlZ7U0aQxmSb%2BYxXqK41NnAU%2BMlu5DXbEzueSSHY0xA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 89c3eccb3ee51e4f-FRA
expires: Mon, 08 Jul 2024 05:16:37 GMT

GET
H3 200 common.js Show response
overrideclip.site/master/us193/ 8 KB
3 KB 385ms
384ms Script
application/javascript 188.114.97.3

General

Check archive.org

Show headers Download Go to

Full URL

https://overrideclip.site/master/us193/common.js?v=3

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

90825f99f49156a5faea1788f82fc4437b8a30baaebf0a949b467f6a830f587a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Jun 2024 14:11:44 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jSOeOabcx2xqUVly0%2BuFbdlOYUEL8CD%2Fw2efuqXRn3HnGmfEKZgyuJdKmSeyTJ858RrnIDPxxf3DUUioMb0ASqEFMoo4HbcKNMK5R7h401nou596ZrPsJsIuQ8kPJLh5CTBWEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 89c3eccda9191e4f-FRA
expires: Mon, 08 Jul 2024 05:16:37 GMT

GET
H3 200 v9e118mez8 Show response
trk-elevostra.com/scripts/push/ 8 KB
3 KB 65ms
25ms Script
application/javascript 188.114.96.3

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-elevostra.com/scripts/push/v9e118mez8

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/inc/msg.js?a4ed4cadfb322a02c2f3d5445f9a8e96

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

0023a8f8391b10006ee27598323de8d0e3d019755e8f7a16e88464b1aef00b39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6116
alt-svc: h3=":443"; ma=86400
content-length: 2519
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 03:34:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1y6vmBSNhZ3HBCkU1apZcK7QCh%2F1hb8kROts79NkkQuerfYN5efFFKvJ%2BUWs639ptoT9VK9x9hPwSA8RBQGdSQ%2FgyYnn6yQoF4o41moBn%2FyyHi3vgYTwuGYVY%2B%2B4j%2FNdKMGPjg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges: bytes
cf-ray: 89c3ecce8da93a7c-FRA
expires: 0

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/webfonts/ 153 KB
153 KB 34ms
21ms Font
application/octet-stream 104.17.24.14

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css
Origin: https://overrideclip.site
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:37 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 156400
last-modified: Wed, 03 Apr 2024 02:35:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "660cc074-262f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kVbvT1Qpf3p3qmVci9L1Nv0hc%2Faj2Nzf6OSMFV%2BwbKJ0vjlBNR8%2B9QO2cwfJ0PLDy4JaPP1QHh1Z9qc36h%2BQnSZEivVCWK3qeVNHPb9jIoBluwOCxw3g26QjRimf7KBzRRcu%2FVSb"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89c3ecceac90a028-FRA
expires: Sat, 21 Jun 2025 05:16:37 GMT

GET
H3 200 cstclogo.png
overrideclip.site/master/us193/ 33 KB
34 KB 483ms
480ms Image
image/png 188.114.97.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://overrideclip.site/master/us193/cstclogo.png

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3d6b91c8ad24a679fd5cf49cfb8cbaa135ebd1df1f40493abdf2bdc3b9c19070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 34057
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Jun 2024 17:27:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCF%2Fxe09oO4yjY6EET%2FdKLqO42pG1fBNsOViFwM7sweI4RdD2y1X1lyxgdB9CbR7B6XWK3nXc4lZVSgUzdPMHghFoTqhmP%2FYvCbdcfPZlPdi19%2FR6i4T9VKbEUip5HKwrycYjw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89c3ecceca1c1e4f-FRA
expires: Mon, 08 Jul 2024 05:16:37 GMT

GET
H3 200 t123.jpg
overrideclip.site/master/us193/ 61 KB
62 KB 595ms
590ms Image
image/jpeg 188.114.97.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://overrideclip.site/master/us193/t123.jpg

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

fb112d14e99e4da2c0a1a843704703595603a4a61635e657ba2841feba4c71f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 62543
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Jun 2024 17:27:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zN5wfgTtvkEJ865XnYPSFOUx97ev7NT%2FmlENzJP7I2b53vTXGOAVqL0wcgkuJNj72js4PyDsQHKZxxLGyUh6lk%2FASNPCoymGxEjyff4ysXv7OvrqF8IgBrA2BMOBdSZLdO7toQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89c3ecceda241e4f-FRA
expires: Mon, 08 Jul 2024 05:16:37 GMT

GET
H3 200 usflag.png
overrideclip.site/master/us193/ 5 KB
5 KB 395ms
393ms Image
image/png 188.114.97.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://overrideclip.site/master/us193/usflag.png

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

cfc83ef335eed04ea1e5fef957f8f960e2e785d5def56abeeffdf2e16555e9f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4642
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Jun 2024 17:27:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iPjhxk9OyB48cDxPdhnV8VabPWyTMAWiP00zbgtXFGuo8cOe2BsxxBZ8RfOtQjQ1bsMmEDqT1X7cASSX5jJ0HL7dDzRNFnYN9VQnNd1DwclePBzKhU6DmX2bsXyUg153v55U7A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89c3ecd07bdf1e4f-FRA
expires: Mon, 08 Jul 2024 05:16:38 GMT

GET
H3 200 p3.jpg
overrideclip.site/master/us193/ 2 KB
2 KB 377ms
376ms Image
image/jpeg 188.114.97.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://overrideclip.site/master/us193/p3.jpg

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

49051e1f555b3087ace75fdb64d417b349bd53210347c93e5fce1e2a57f2d213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1857
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Jun 2024 17:27:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wHVdIRh2oEwW4FiDwqDu91IPJAGwuxAwAvVmH62tBv%2FVBAN3S%2FpPO2e7YEjrXXjuk7pFZ1zqNd%2FpyS4t7FqJQbZ47wjbGmWNKmSSQfOzLBlLsbBPeC03vnXtA2F3ytKoOEtA5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89c3ecd07be61e4f-FRA
expires: Mon, 08 Jul 2024 05:16:38 GMT

GET
H3 200 s-l1600.jpg
overrideclip.site/master/us193/ 49 KB
49 KB 603ms
601ms Image
image/jpeg 188.114.97.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://overrideclip.site/master/us193/s-l1600.jpg

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e550afe29b83638092ad190f96c5ba4f97dd4ade5abd77a6ef3ce28840e35056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 50034
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Jun 2024 17:27:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WjTpv0QR8%2BrVPbCKGKvKAkzXc1amhlu%2BBp1Xxc2Gyz7WN0WJ441jPI85y9Lxq1emjdumhZQ5PJiNAjtaOQJX3C52kNuBFQ9kbtE%2B0b03iy2rtI8GW4AeZVG8SjDgHg4qI%2BBCuw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89c3ecd07be81e4f-FRA
expires: Mon, 08 Jul 2024 05:16:38 GMT

GET
H3 200 p7.jpg
overrideclip.site/master/us193/ 4 KB
5 KB 388ms
386ms Image
image/jpeg 188.114.97.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://overrideclip.site/master/us193/p7.jpg

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

792ceca39281556ce1c354a3c1de0cde4b358dcc72840d563f85c35c7726c36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4368
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Jun 2024 17:27:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ax0veFM%2Bj5eLoHwI7lCHtDTXSj8DxTFb%2BYo2XEYzqEa5IOg89p1oeowcye9DF0JXeP309DG6qT5d3O9PKzEwAc%2FdG6%2Ftn0AHxem8AVF90xU%2BsYE%2BGAO%2BceA99rMRVGa1u7kiRw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89c3ecd07beb1e4f-FRA
expires: Mon, 08 Jul 2024 05:16:38 GMT

GET
H3 200 c1.jpg
overrideclip.site/master/us193/ 14 KB
14 KB 485ms
484ms Image
image/jpeg 188.114.97.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://overrideclip.site/master/us193/c1.jpg

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3a80a17ae2e84b332751b4dc0bf7838e67ee7e8d41072e46998687383d19171c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 14281
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Jun 2024 17:27:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jBR285fyGT%2BqEGSftE606W6OxLmH6%2ByKf3BG1RlzwYfc1fSIBokMJtMJ4U%2FNop8M8Zk%2FncqWqpTUtrn7tCdaZQD5275JBrOVoFHr1U8M9mBVu4uf%2BVRPyCxGOFEnVEw6kKg7bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89c3ecd07bed1e4f-FRA
expires: Mon, 08 Jul 2024 05:16:38 GMT

GET
H3 200 p8.jpg
overrideclip.site/master/us193/ 2 KB
3 KB 377ms
376ms Image
image/jpeg 188.114.97.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://overrideclip.site/master/us193/p8.jpg

Requested by

Host: overrideclip.site
URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

017340e629175dbd707d31be94c707731fe6f51be004f85e3d50b960f34ea081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2071
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Jun 2024 17:27:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xthLF0rM9ZTMxSNKofqn4GSaRhtSF1wujiespRbPoImNemDau2H3VfXgOJxwMwCy%2FolHIuEYTmbbT4k84dAg0xnAuZdhG9MS9FjcSzJPmnKHYFkDl%2BXEcF9yiP8s7PrZRpnFJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89c3ecd07bef1e4f-FRA
expires: Mon, 08 Jul 2024 05:16:38 GMT

POST
H3 200 v9e118mez8
event.trk-elevostra.com/register/event_log/ 0
0 104ms
104ms Fetch 188.114.97.3

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-elevostra.com/register/event_log/v9e118mez8

Requested by

Host: trk-elevostra.com
URL: https://trk-elevostra.com/scripts/push/v9e118mez8

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://overrideclip.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Mon, 01 Jul 2024 05:16:38 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8M6ny3PLtIlqSmv175R%2FjoX75JxL8UFhYJvly70IgVmSj%2BspzbWQarixq8yz9lVGllyy6WhVdgBU%2F%2FbGuPOlc6H153fHfRWoe77CEwmtI0ffd66%2B0ZchAX56ehyDuFdlyN0PFAZK4Irogw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 89c3ecd4bda28fe3-FRA
x-pushplatformapp-params

OPTIONS
H3 200 v9e118mez8
event.trk-elevostra.com/register/event_log/ 0
0 411ms
374ms Preflight 188.114.97.3

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-elevostra.com/register/event_log/v9e118mez8

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://overrideclip.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 89c3ecd25c5f8fe3-FRA
content-length: 0
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date: Mon, 01 Jul 2024 05:16:38 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ajlwwqmy0jpEUwZzF3LQHp%2FyNMsceBePY1FcDqoy32tPb810dIWVbjFiPo3V272MUR3GlT0lPPU2Z6uGi1q05BFhXD4%2BweIBwR7zaQW2nurV7tT2MPVZOwfTJ2hJPgkp4OfYJMQh4%2Fflg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 favicon.ico
overrideclip.site/ 0
501 B 377ms
375ms Other
image/x-icon 188.114.97.3

General

Check archive.org

Show headers Download Go to

Full URL

https://overrideclip.site/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 05:16:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
last-modified: Tue, 11 Jun 2024 20:46:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/x-icon
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XLpgOQ0uaS%2BBrF3Ia90aTQn9wQrgvqsrhnXQJeLuqehOCycivU24zeJHT%2FL9r7vpd3oO%2FS1sX2ahjkk43FnINJ2pK02rE%2FdF6%2BU4HpJ7VT54KDuYXzX41kB41xK%2F0Dpos3CT2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 89c3ecd44ff91e4f-FRA
expires: Mon, 08 Jul 2024 05:16:38 GMT

POST
H3 200 v9e118mez8
event.trk-elevostra.com/register/event_log/ 0
0 103ms
103ms Fetch 188.114.97.3

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-elevostra.com/register/event_log/v9e118mez8

Requested by

Host: trk-elevostra.com
URL: https://trk-elevostra.com/scripts/push/v9e118mez8

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://overrideclip.site/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Mon, 01 Jul 2024 05:16:39 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=53cyfPSPGgFpMeWwnhfVp4Ys%2BlANP%2B2awEeulQVOJ%2B0lU%2BFzsunYAVNbGMQaI%2BXuG6ZNln3JAMidP4gGNx6um7NF8JRrIvhlrP8Kc7rhL9aGOXyzxRFViXXVPpKX9aJEHXWlBeR%2Bz%2FHfKw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 89c3ecdbcab08fe3-FRA
x-pushplatformapp-params

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			prudentkap.com/	1970-01-20 22:26:42	Name: uid6495 Value: 1200860063-20240701011635-e6cfe4491b254a26023ed0bd5b899ef5-4123
			rostergord.click/	1969-12-31 23:59:59	Name: PHPSESSID Value: e59f31a4fe97c7269b04aae159605457

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://overrideclip.site/?662b4309dd85dc292fd52ebff820fce9 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
doflamingo.best
event.trk-elevostra.com
maxcdn.bootstrapcdn.com
overrideclip.site
prudentkap.com
rostergord.click
trk-elevostra.com
104.17.24.14
104.18.10.207
172.67.131.15
188.114.96.3
188.114.97.3
2a00:1450:4001:803::200a
31.24.251.71
89.117.96.222
0023a8f8391b10006ee27598323de8d0e3d019755e8f7a16e88464b1aef00b39
017340e629175dbd707d31be94c707731fe6f51be004f85e3d50b960f34ea081
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a
19f7dd15af70121da291e6df75452886b47a5d0e074f2ed422be30e8ec5d9671
294cdcf9c5cdc31c63aaf944c5288bc6c6ff7f80a2f89e65d47ebc23ca084ee7
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
3a80a17ae2e84b332751b4dc0bf7838e67ee7e8d41072e46998687383d19171c
3d6b91c8ad24a679fd5cf49cfb8cbaa135ebd1df1f40493abdf2bdc3b9c19070
43af19f1403ab9dbd1a0841eb17ccaa77b7bfb60973c0bf5c99a48efcaa464b6
49051e1f555b3087ace75fdb64d417b349bd53210347c93e5fce1e2a57f2d213
50c05765cdf6025d49d0e54322e107b3c5be551096c3ec89e465894fa05daffa
5718a84fdf3d8a320627d95e5e48624da26e2ca8a831eb58a2dade83445d44bc
5ceaaba22d75b58e04150311f596306562a3e595e27ed4b1dfa451b82dda9e50
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
792ceca39281556ce1c354a3c1de0cde4b358dcc72840d563f85c35c7726c36b
79f391da2467b302bd8e9a80c25d66e208f9dcd2c20d05da0f2022a795093fac
90825f99f49156a5faea1788f82fc4437b8a30baaebf0a949b467f6a830f587a
91631d643f30ca600bf74ebd79fe89a5ec5339ba571a8d31b1fc467194f11934
ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cfc83ef335eed04ea1e5fef957f8f960e2e785d5def56abeeffdf2e16555e9f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e550afe29b83638092ad190f96c5ba4f97dd4ade5abd77a6ef3ce28840e35056
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb112d14e99e4da2c0a1a843704703595603a4a61635e657ba2841feba4c71f7

overrideclip.site Open in urlscan Pro 188.114.97.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

94 %HTTPS

13 %IPv6

8 Domains

9 Subdomains

7 IPs

2 Countries

474 kBTransfer

955 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

overrideclip.site Open in urlscan Pro
188.114.97.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

94 %
HTTPS

13 %
IPv6

8
Domains

9
Subdomains

7
IPs

2
Countries

474 kB
Transfer

955 kB
Size

2
Cookies

31 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!