serv-page14.duckdns.org Open in urlscan Pro
139.59.178.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://translate.google.com/translate?sl=auto&tl=en&hl=en-US&u=https://trk.klclick3.com/ls/click?upn%3DO3f0HMRZRYn0Bh5zmQ8X8...
Effective URL:
https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/bbda84ddbcd18eb526d759d5d99a8a15.aspx
Submission: On November 01 via manual (November 1st 2022, 5:56:40 am UTC) from ES — Scanned from ES

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 15 domains to perform 44 HTTP transactions. The main IP is 139.59.178.3, located in London, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is serv-page14.duckdns.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 31st 2022. Valid for: 3 months.

This is the only time serv-page14.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2014	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2013	15169 (GOOGLE) (GOOGLE)
1 2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1 1	35.244.149.249 35.244.149.249	15169 (GOOGLE) (GOOGLE)
1 4	139.59.178.3 139.59.178.3	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
11	2a04:4e42:400... 2a04:4e42:400::272	54113 (FASTLY) (FASTLY)
1	51.210.32.132 51.210.32.132	16276 (OVH) (OVH)
2	2a04:4e42:600... 2a04:4e42:600::272	54113 (FASTLY) (FASTLY)
1	2600:9000:249... 2600:9000:2490:5a00:3:12d0:8d40:21	16509 (AMAZON-02) (AMAZON-02)
44	14

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

trk-klclick3-com.translate.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

me2-do.translate.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

start-seitenatelier-ch.translate.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imos006-dot-im--os.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.imcreator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3b (Netherlands) 1 redirects

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
releases.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.149.249 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 249.149.244.35.bc.googleusercontent.com

lihi2.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.59.178.3 (London, United Kingdom) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

serv-page14.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a04:4e42:400::272 (United States)

ASN54113 (FASTLY, US)

images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.32.132 (France)

ASN16276 (OVH, FR)
PTR: ns3172604.ip-51-210-32.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::272 (United States)

ASN54113 (FASTLY, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:5a00:3:12d0:8d40:21 (United States)

ASN16509 (AMAZON-02, US)

d35uxhjf90umnp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	ssl-images-amazon.com images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 833	294 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	10 KB
7	imcreator.com www.imcreator.com — Cisco Umbrella Rank: 738881	57 KB
4	duckdns.org 1 redirects serv-page14.duckdns.org	43 KB
4	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 64	2 KB
3	translate.goog 2 redirects trk-klclick3-com.translate.goog me2-do.translate.goog start-seitenatelier-ch.translate.goog	21 KB
2	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 543	33 KB
2	gstatic.com www.gstatic.com	34 KB
2	jquery.com 1 redirects code.jquery.com — Cisco Umbrella Rank: 665 releases.jquery.com — Cisco Umbrella Rank: 39952	30 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 93	53 KB
2	google.com 1 redirects translate.google.com — Cisco Umbrella Rank: 1215	27 KB
1	cloudfront.net d35uxhjf90umnp.cloudfront.net	12 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 13365	260 KB
1	lihi2.cc 1 redirects lihi2.cc	717 B
1	appspot.com imos006-dot-im--os.appspot.com — Cisco Umbrella Rank: 418560	2 KB
44	15

	Domain	Requested by
11	images-na.ssl-images-amazon.com	serv-page14.duckdns.org
7	fonts.googleapis.com	www.imcreator.com
7	www.imcreator.com	start-seitenatelier-ch.translate.goog
4	serv-page14.duckdns.org	1 redirects start-seitenatelier-ch.translate.goog serv-page14.duckdns.org
4	lh3.googleusercontent.com	start-seitenatelier-ch.translate.goog
2	m.media-amazon.com	serv-page14.duckdns.org
2	www.gstatic.com	start-seitenatelier-ch.translate.goog
2	www.youtube.com	start-seitenatelier-ch.translate.goog www.youtube.com
2	translate.google.com	1 redirects start-seitenatelier-ch.translate.goog
1	d35uxhjf90umnp.cloudfront.net	images-na.ssl-images-amazon.com
1	i.ibb.co	serv-page14.duckdns.org
1	lihi2.cc	1 redirects
1	releases.jquery.com	start-seitenatelier-ch.translate.goog
1	code.jquery.com	1 redirects
1	imos006-dot-im--os.appspot.com	start-seitenatelier-ch.translate.goog
1	start-seitenatelier-ch.translate.goog
1	me2-do.translate.goog	1 redirects
1	trk-klclick3-com.translate.goog	1 redirects
44	18

This site contains no links.

Subject Issuer	Validity	Valid
*.googleusercontent.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.imcreator.com GTS CA 1D4	`2022-09-21` - `2022-12-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
serv-page14.duckdns.org cPanel, Inc. Certification Authority	`2022-10-31` - `2023-01-29`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2022-10-19` - `2023-10-18`	a year	crt.sh
ibb.co R3	`2022-10-09` - `2023-01-07`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/bbda84ddbcd18eb526d759d5d99a8a15.aspx
Frame ID: 719C9A31AC16706F205FEF3393833F90
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inicio de sesión de Amazon

Page URL History Show full URLs

https://translate.google.com/translate?sl=auto&tl=en&hl=en-US&u=https://trk.klclick3.com/ls/click?upn%3DO... HTTP 302
https://trk-klclick3-com.translate.goog/ls/click?upn=O3f0HMRZRYn0Bh5zmQ8X86-2BWinD2CM-2BKfEwrYrT0-2FR89O0rwkFFMvQ4Mb... HTTP 302
https://me2-do.translate.goog/GFeGPwKG?_kx=bka7c-Pxw72wsl4AtuhwruPyrvUYM5r91jzLkiA_V0JXAIQOPzJoun5BGe9F4gg... HTTP 302
https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp Page URL
https://lihi2.cc/6nZCZ HTTP 302
https://serv-page14.duckdns.org/?enco HTTP 302
https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/bbda84ddbcd18eb526d759d5d99a8a15.aspx Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

98 %
HTTPS

82 %
IPv6

15
Domains

18
Subdomains

14
IPs

5
Countries

875 kB
Transfer

2427 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://translate.google.com/translate?sl=auto&tl=en&hl=en-US&u=https://trk.klclick3.com/ls/click?upn%3DO3f0HMRZRYn0Bh5zmQ8X86-2BWinD2CM-2BKfEwrYrT0-2FR89O0rwkFFMvQ4MbFArivWYIQq1DnMmIHfntMzW6ane-2F3kJFpv9YahFc0jxc50AEhU0XtEoaE5zlvJhP0RWT1i-2BeLomT8ldX-2Fo0ExMHaThvFQ-3D-3DJpvn_VzwMCdTLEi-2BinLxAA6gSyk7m52S9HiwYwoU9cd75rGWLQE4kFTYsEhSfhdZWtzm71PsH2Cze5OgSJC8dB-2BsyDmXbIhsQj5KF3nhANaIwnPVZ7Uf66VQB8EGoVzMDlNcLowsjmdB2ostVTbSq-2BIg1Td0Qc0Ig5RvMqm-2FxoPXt45zG0GbGMqPtgZl-2Fbjbx46w2SVtQ09N9O9O9xvA-2BimGYqUQhm9lGPQOhyeRjIrUkrucShEjbYizc1FBDdQE420boCwSw4uOrxGmI5rRCrhlFBEUeQf9pIh3-2FFXOeciyDUN3lU-2Ff3MnmugvykM4MAKWmjg7bcLS-2BXPbU1y2-2FDGiT2hvmhwG-2FbxDsW0NtLDMFyKxDuCYM2H1EevsfsVhYoDOApXEdvaSAWCULl-2BP6lMY8iYFKMIklGwJiByWwu7NNIdIxkpDfND9I2HIOTegJuEdcf&client=webapp HTTP 302
https://trk-klclick3-com.translate.goog/ls/click?upn=O3f0HMRZRYn0Bh5zmQ8X86-2BWinD2CM-2BKfEwrYrT0-2FR89O0rwkFFMvQ4MbFArivWYIQq1DnMmIHfntMzW6ane-2F3kJFpv9YahFc0jxc50AEhU0XtEoaE5zlvJhP0RWT1i-2BeLomT8ldX-2Fo0ExMHaThvFQ-3D-3DJpvn_VzwMCdTLEi-2BinLxAA6gSyk7m52S9HiwYwoU9cd75rGWLQE4kFTYsEhSfhdZWtzm71PsH2Cze5OgSJC8dB-2BsyDmXbIhsQj5KF3nhANaIwnPVZ7Uf66VQB8EGoVzMDlNcLowsjmdB2ostVTbSq-2BIg1Td0Qc0Ig5RvMqm-2FxoPXt45zG0GbGMqPtgZl-2Fbjbx46w2SVtQ09N9O9O9xvA-2BimGYqUQhm9lGPQOhyeRjIrUkrucShEjbYizc1FBDdQE420boCwSw4uOrxGmI5rRCrhlFBEUeQf9pIh3-2FFXOeciyDUN3lU-2Ff3MnmugvykM4MAKWmjg7bcLS-2BXPbU1y2-2FDGiT2hvmhwG-2FbxDsW0NtLDMFyKxDuCYM2H1EevsfsVhYoDOApXEdvaSAWCULl-2BP6lMY8iYFKMIklGwJiByWwu7NNIdIxkpDfND9I2HIOTegJuEdcf&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp HTTP 302
https://me2-do.translate.goog/GFeGPwKG?_kx=bka7c-Pxw72wsl4AtuhwruPyrvUYM5r91jzLkiA_V0JXAIQOPzJoun5BGe9F4ggj.YADFhv&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp HTTP 302
https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp Page URL
https://lihi2.cc/6nZCZ HTTP 302
https://serv-page14.duckdns.org/?enco HTTP 302
https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/bbda84ddbcd18eb526d759d5d99a8a15.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://translate.google.com/translate?sl=auto&tl=en&hl=en-US&u=https://trk.klclick3.com/ls/click?upn%3DO3f0HMRZRYn0Bh5zmQ8X86-2BWinD2CM-2BKfEwrYrT0-2FR89O0rwkFFMvQ4MbFArivWYIQq1DnMmIHfntMzW6ane-2F3kJFpv9YahFc0jxc50AEhU0XtEoaE5zlvJhP0RWT1i-2BeLomT8ldX-2Fo0ExMHaThvFQ-3D-3DJpvn_VzwMCdTLEi-2BinLxAA6gSyk7m52S9HiwYwoU9cd75rGWLQE4kFTYsEhSfhdZWtzm71PsH2Cze5OgSJC8dB-2BsyDmXbIhsQj5KF3nhANaIwnPVZ7Uf66VQB8EGoVzMDlNcLowsjmdB2ostVTbSq-2BIg1Td0Qc0Ig5RvMqm-2FxoPXt45zG0GbGMqPtgZl-2Fbjbx46w2SVtQ09N9O9O9xvA-2BimGYqUQhm9lGPQOhyeRjIrUkrucShEjbYizc1FBDdQE420boCwSw4uOrxGmI5rRCrhlFBEUeQf9pIh3-2FFXOeciyDUN3lU-2Ff3MnmugvykM4MAKWmjg7bcLS-2BXPbU1y2-2FDGiT2hvmhwG-2FbxDsW0NtLDMFyKxDuCYM2H1EevsfsVhYoDOApXEdvaSAWCULl-2BP6lMY8iYFKMIklGwJiByWwu7NNIdIxkpDfND9I2HIOTegJuEdcf&client=webapp HTTP 302
https://trk-klclick3-com.translate.goog/ls/click?upn=O3f0HMRZRYn0Bh5zmQ8X86-2BWinD2CM-2BKfEwrYrT0-2FR89O0rwkFFMvQ4MbFArivWYIQq1DnMmIHfntMzW6ane-2F3kJFpv9YahFc0jxc50AEhU0XtEoaE5zlvJhP0RWT1i-2BeLomT8ldX-2Fo0ExMHaThvFQ-3D-3DJpvn_VzwMCdTLEi-2BinLxAA6gSyk7m52S9HiwYwoU9cd75rGWLQE4kFTYsEhSfhdZWtzm71PsH2Cze5OgSJC8dB-2BsyDmXbIhsQj5KF3nhANaIwnPVZ7Uf66VQB8EGoVzMDlNcLowsjmdB2ostVTbSq-2BIg1Td0Qc0Ig5RvMqm-2FxoPXt45zG0GbGMqPtgZl-2Fbjbx46w2SVtQ09N9O9O9xvA-2BimGYqUQhm9lGPQOhyeRjIrUkrucShEjbYizc1FBDdQE420boCwSw4uOrxGmI5rRCrhlFBEUeQf9pIh3-2FFXOeciyDUN3lU-2Ff3MnmugvykM4MAKWmjg7bcLS-2BXPbU1y2-2FDGiT2hvmhwG-2FbxDsW0NtLDMFyKxDuCYM2H1EevsfsVhYoDOApXEdvaSAWCULl-2BP6lMY8iYFKMIklGwJiByWwu7NNIdIxkpDfND9I2HIOTegJuEdcf&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp HTTP 302
https://me2-do.translate.goog/GFeGPwKG?_kx=bka7c-Pxw72wsl4AtuhwruPyrvUYM5r91jzLkiA_V0JXAIQOPzJoun5BGe9F4ggj.YADFhv&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp HTTP 302
https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp

Request Chain 5

https://code.jquery.com/jquery-2.x-git.min.js HTTP 302
https://releases.jquery.com/git/jquery-2.x-git.min.js

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

serv Show response
start-seitenatelier-ch.translate.goog/free/sdwe/
Redirect Chain

https://translate.google.com/translate?sl=auto&tl=en&hl=en-US&u=https://trk.klclick3.com/ls/click?upn%3DO3f0HMRZRYn0Bh5zmQ8X86-2BWinD2CM-2BKfEwrYrT0-2FR89O0rwkFFMvQ4MbFArivWYIQq1DnMmIHfntMzW6ane-2F...
https://trk-klclick3-com.translate.goog/ls/click?upn=O3f0HMRZRYn0Bh5zmQ8X86-2BWinD2CM-2BKfEwrYrT0-2FR89O0rwkFFMvQ4MbFArivWYIQq1DnMmIHfntMzW6ane-2F3kJFpv9YahFc0jxc50AEhU0XtEoaE5zlvJhP0RWT1i-2BeLomT8...
https://me2-do.translate.goog/GFeGPwKG?_kx=bka7c-Pxw72wsl4AtuhwruPyrvUYM5r91jzLkiA_V0JXAIQOPzJoun5BGe9F4ggj.YADFhv&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp

122 KB
20 KB

573ms
403ms

Document
text/html

2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8de6505ad9c76d2c0785c2cc72e7c2a1290a376fdb2705a634451cb71a0176d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.translate.goog
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-security-policy: frame-ancestors *.translate.goog
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 05:56:32 GMT
expires: Tue, 01 Nov 2022 05:56:32 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: ESF
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: application/binary
cross-origin-resource-policy: cross-origin
date: Tue, 01 Nov 2022 05:56:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
1 KB 230ms
82ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d726e9e5b87d746117c6e863358d26c6f86ad6858bcd4411fb872a4d65224f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=es for more info."
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 01 Nov 2022 05:56:32 GMT

GET
H2 200 imos.js Show response
imos006-dot-im--os.appspot.com/js/ 6 KB
2 KB 219ms
62ms Script
application/javascript 2a00:1450:4001:829::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://imos006-dot-im--os.appspot.com/js/imos.js?v=1.5.8d
Requested by: Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 884663c1137f80922a8e50d96df7b23ba59ea46caf3bf6cd89b38e231decf4e5

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:48:43 GMT
content-encoding: gzip
server: Google Frontend
age: 469
etag: "NjoVCA"
content-type: application/javascript
x-cloud-trace-context: b6ce79e992ac72cda2c7a4ddd6f44fbf
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2035
expires: Tue, 01 Nov 2022 05:58:43 GMT

GET
H2 200 fonts.css
www.imcreator.com/css/ 5 KB
2 KB 240ms
71ms Stylesheet
text/css 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imcreator.com/css/fonts.css?v=1.5.8d
Requested by: Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 9a125df1d257d6cc1f82f703c40b513df8a6cfa1b710c5f7955e97aaebb496aa

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 04:11:09 GMT
content-encoding: gzip
server: Google Frontend
age: 6323
etag: "t11Cvg"
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 85226fccca1df4e6b730537b02e49205
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-length: 1657
expires: Wed, 01 Nov 2023 04:11:09 GMT

GET
H2 200 static_style
www.imcreator.com/ 18 KB
2 KB 373ms
206ms Stylesheet
text/css 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imcreator.com/static_style?v=1.5.8d&vbid=vbid-6d01174f-hs1azapa&caller=static
Requested by: Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 165f2815ad301a80ec9ed5626ee693b87fc0b9c5d0db2bd5d6923af277a61179

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:33 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: text/css; charset=utf-8
x-cloud-trace-context: 6db322ee105d6b2a02c32f8382f98a40
cache-control: no-cache
content-length: 2010

GET
H2

200

jquery-2.x-git.min.js Show response
releases.jquery.com/git/
Redirect Chain

https://code.jquery.com/jquery-2.x-git.min.js
https://releases.jquery.com/git/jquery-2.x-git.min.js

84 KB
29 KB

784ms
749ms

Script
application/javascript

2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://releases.jquery.com/git/jquery-2.x-git.min.js
Requested by: Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: H2
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 22af5bc82c5abf9d2d53d5252b2ae15c04c39b2e67d39d9150ace8b3b9fe6809

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:33 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2016 11:41:26 GMT
server: nginx
etag: "576a7966-14e1f"
x-hw: 1667282193.dop003.ma1.t,1667282193.cds217.ma1.hn,1667282193.cds218.ma1.pr
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300, public
accept-ranges: bytes
content-length: 29834

Redirect headers

date: Tue, 01 Nov 2022 05:56:32 GMT
content-encoding: gzip
server: nginx
x-hw: 1667282192.dop003.ma1.t,1667282192.cds217.ma1.hn,1667282192.cds033.ma1.c
content-type: text/html
location: https://releases.jquery.com/git/jquery-2.x-git.min.js
cache-control: max-age=7758988
accept-ranges: bytes
content-length: 119

GET
H2 200 xprs_helper.js Show response
www.imcreator.com/js/ 35 KB
11 KB 240ms
73ms Script
application/javascript 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imcreator.com/js/xprs_helper.js?v=1.5.8d
Requested by: Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 16236a16a95009024cebc75718409ad144ef5dd78a3227a44b4f642ae2cfff07

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 04:44:35 GMT
content-encoding: gzip
server: Google Frontend
age: 4317
etag: "t11Cvg"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 3214128a6239a81ad830698b551f6833
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-length: 10845
expires: Wed, 01 Nov 2023 04:44:35 GMT

GET
H2 200 all_js.js Show response
www.imcreator.com/ 92 KB
14 KB 408ms
242ms Script
text/javascript 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imcreator.com/all_js.js?v=1.5.8d
Requested by: Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f4a09886e48d5ecf18fd5bcb5ccfe14ca7ea3be913075465ea301d1ac1ece6db

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:33 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 93767141e3e9e7237f1116206643a429
cache-control: no-cache
content-length: 14526

GET
H2 200 jquery.mobile.custom.min.js Show response
www.imcreator.com/js/lib/touchswipe/ 8 KB
3 KB 294ms
128ms Script
application/javascript 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imcreator.com/js/lib/touchswipe/jquery.mobile.custom.min.js
Requested by: Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 7cb4efd75d841420c32a07f5880f53c1b59a78a2ca21e4c805a6a10c0f1ad429

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:40:15 GMT
content-encoding: gzip
server: Google Frontend
age: 977
etag: "t11Cvg"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 28a470d8c7645496a00d9cfe1b81e044
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-length: 3099
expires: Wed, 01 Nov 2023 05:40:15 GMT

GET
H2 200 m=ajaxproxy Show response
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.es.LRsNrYmMNj4.O/d=1/rs=AN8SPfrBmSWhMsVD6gMEZUfsjqleIqvMYA/ 69 KB
24 KB 201ms
62ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.es.LRsNrYmMNj4.O/d=1/rs=AN8SPfrBmSWhMsVD6gMEZUfsjqleIqvMYA/m=ajaxproxy

Requested by

Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43e6b995ed4fbb716c2d08e748b34bed7fb238d794f697eaee07edf5e0c5105b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 28 Oct 2022 01:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24096
x-xss-protection: 0
last-modified: Sun, 23 Oct 2022 01:11:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 01:03:38 GMT

GET
H2 200 m=navigationui Show response
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.es.LRsNrYmMNj4.O/d=1/exm=ajaxproxy,el_conf/ed=1/rs=AN8SPfrBmSWhMsVD6gMEZUfsjqleIqvMYA/ 25 KB
10 KB 260ms
122ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.es.LRsNrYmMNj4.O/d=1/exm=ajaxproxy,el_conf/ed=1/rs=AN8SPfrBmSWhMsVD6gMEZUfsjqleIqvMYA/m=navigationui

Requested by

Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

793eeb270a86b7d55e2fc36d29b25fbd1f746a036a33f857a045ba045e0b8590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 31 Oct 2022 19:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10414
x-xss-protection: 0
last-modified: Sun, 23 Oct 2022 01:11:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 19:41:20 GMT

GET
H2 200 EWqW7DEI4kOTRMLjK2-ObFHp-EYBt5apFYZ1LVFAhLtTLjigCRfx5hCCTKbIjIm68VQ00p9twloHJ9w8=s50
lh3.googleusercontent.com/ 688 B
1 KB 215ms
66ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/EWqW7DEI4kOTRMLjK2-ObFHp-EYBt5apFYZ1LVFAhLtTLjigCRfx5hCCTKbIjIm68VQ00p9twloHJ9w8=s50

Requested by

Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3e0d1b01c02cca5545bbe9a85d904b97723600a61a4e157b1f7116ae2aee4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 03:34:18 GMT
x-content-type-options: nosniff
age: 8535
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 688
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 03 Sep 2022 16:17:29 GMT

GET
H3 200 TgRyMQvJ3_h9RmOnu7AlhIE7NLOOBsRoBounARrs8fQv8HCRPaFtpBneSqJOSZpI6l7He_bAZKN179JBig=s50
lh3.googleusercontent.com/ 206 B
231 B 204ms
67ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/TgRyMQvJ3_h9RmOnu7AlhIE7NLOOBsRoBounARrs8fQv8HCRPaFtpBneSqJOSZpI6l7He_bAZKN179JBig=s50

Requested by

Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 03:40:37 GMT
x-content-type-options: nosniff
age: 8156
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 03 Sep 2022 16:17:29 GMT

GET
H3 200 43-pXHjwrpmVO8Oean-6BD0uzARvcqUQrpdi7Yw2bxaXwEoP21UdN5kW6Ks9pdOxf7ropMUrh0djgYPwYPU=s50
lh3.googleusercontent.com/ 265 B
290 B 176ms
66ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/43-pXHjwrpmVO8Oean-6BD0uzARvcqUQrpdi7Yw2bxaXwEoP21UdN5kW6Ks9pdOxf7ropMUrh0djgYPwYPU=s50

Requested by

Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 04:46:08 GMT
x-content-type-options: nosniff
age: 4225
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 265
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 21 Jul 2022 22:27:05 GMT

GET
H3 200 9rwgVnDglPdPFugSu98fhDmxzjXC9KovZ_7BuHkXPIv6jvg9S96flGnhL_e4y8mIpPpZQstfqEV-WitY=s50
lh3.googleusercontent.com/ 262 B
287 B 66ms
66ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/9rwgVnDglPdPFugSu98fhDmxzjXC9KovZ_7BuHkXPIv6jvg9S96flGnhL_e4y8mIpPpZQstfqEV-WitY=s50

Requested by

Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 03:40:37 GMT
x-content-type-options: nosniff
age: 8157
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 262
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 03 Sep 2022 16:17:29 GMT

GET
H2 200 lightbox.js Show response
www.imcreator.com/js/ 16 KB
4 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imcreator.com/js/lightbox.js?v=1.5.8d
Requested by: Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4d0043cf27b66c2a38040edf85abca8596be2d9368c73bef172a668160e50665

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:33:49 GMT
content-encoding: gzip
server: Google Frontend
age: 1364
etag: "t11Cvg"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 8c9e194ef0a42522d8c7dad9101a3d99
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-length: 3889
expires: Wed, 01 Nov 2023 05:33:49 GMT

GET
H2 200 spimeengine.js Show response
www.imcreator.com/js/ 75 KB
21 KB 71ms
71ms Script
application/javascript 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.imcreator.com/js/spimeengine.js?v=1.5.8d
Requested by: Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0e052a42588678115282200dfcf7a9e187ac63bcc6828521886de793221b2c24

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:39:00 GMT
content-encoding: gzip
server: Google Frontend
age: 1053
etag: "t11Cvg"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: ddec861130015920c3c300c66bd041ae
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-length: 21630
expires: Wed, 01 Nov 2023 05:39:00 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 75 KB
26 KB 86ms
84ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=gtElInit&hl=en-US&client=wt

Requested by

Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37248273012d15847018687320fc392b17e54ffef5e9e13d8c8d7863c1b3c44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 05:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js
www.youtube.com/s/player/19fc75cf/www-widgetapi.vflset/ 157 KB
52 KB 184ms
61ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/19fc75cf/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://start-seitenatelier-ch.translate.goog/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52804
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 00:15:50 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 01 Nov 2023 05:37:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 72 KB
5 KB 229ms
83ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.imcreator.com
URL: https://www.imcreator.com/css/fonts.css?v=1.5.8d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dcde3503f3ffa2d0343cf4c9a99f3dfc4254ce9fc81acb09183fb6cc844fdbbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.imcreator.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 05:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 01 Nov 2022 05:56:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
590 B 220ms
75ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: www.imcreator.com
URL: https://www.imcreator.com/css/fonts.css?v=1.5.8d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5981f5204d52417567521ee1c2e32c97e9d1434d9db29966662dfe3003f7018

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.imcreator.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 05:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 01 Nov 2022 05:56:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 765 B
770 B 216ms
70ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Baskerville:400italic

Requested by

Host: www.imcreator.com
URL: https://www.imcreator.com/css/fonts.css?v=1.5.8d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2407c9302859fed1b1bf8dfa21ecb75033bb7cb48610f301018060ed612c553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.imcreator.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 05:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 01 Nov 2022 05:56:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 404 B
374 B 217ms
73ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Slab

Requested by

Host: www.imcreator.com
URL: https://www.imcreator.com/css/fonts.css?v=1.5.8d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c53298ec35a0ef7e8b76c9c2ebcd515b22c2df49490bc9c917adcd10a08e316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.imcreator.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 05:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 01 Nov 2022 05:56:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
818 B 221ms
77ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inconsolata|Ubuntu+Mono|Fira+Mono

Requested by

Host: www.imcreator.com
URL: https://www.imcreator.com/css/fonts.css?v=1.5.8d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb8005978127d0fccc2b916ed5dcc054f5f2a2a9ab5da51699991bfffac6a073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.imcreator.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 05:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 01 Nov 2022 05:56:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
2 KB 225ms
80ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.imcreator.com
URL: https://www.imcreator.com/css/fonts.css?v=1.5.8d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

681dd35baae2680cd1216895fec6792b9ce4eaef0d269c005e7aca7f37f4d28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.imcreator.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 05:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 01 Nov 2022 05:56:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
750 B 220ms
76ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo|Changa|Lalezar|Reem+Kufi

Requested by

Host: www.imcreator.com
URL: https://www.imcreator.com/css/fonts.css?v=1.5.8d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

313d9aba1f18d0e79de4e2d716c20dfd81f1f77dd2f3c7419bbae47267bb17f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.imcreator.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Tue, 01 Nov 2022 05:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 01 Nov 2022 05:56:33 GMT

GET
H/1.1

200
OK

Primary Request bbda84ddbcd18eb526d759d5d99a8a15.aspx Show response
serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/
Redirect Chain

https://lihi2.cc/6nZCZ
https://serv-page14.duckdns.org/?enco
https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/bbda84ddbcd18eb526d759d5d99a8a15.aspx

10 KB
11 KB

65ms
65ms

Document
text/html

139.59.178.3
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/bbda84ddbcd18eb526d759d5d99a8a15.aspx
Requested by: Host: start-seitenatelier-ch.translate.goog
URL: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.59.178.3 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 3c97234abf716e3e0c42a10d7cf9bab323f93fd706b26de48ee5ac1ccf87e886

Request headers

Referer: https://start-seitenatelier-ch.translate.goog/free/sdwe/serv?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: es-ES,es;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
Date: Tue, 01 Nov 2022 05:56:35 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 01 Nov 2022 05:56:34 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Location: ./cdfa90a62b8deaba57ac3e0aa16e2345/bbda84ddbcd18eb526d759d5d99a8a15.aspx
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK asset@css_mobile1.css
serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/ 15 KB
15 KB 62ms
62ms Stylesheet
text/css 139.59.178.3
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@css_mobile1.css
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/bbda84ddbcd18eb526d759d5d99a8a15.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.59.178.3 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 1ee0a2160fb9909d79076e289aa548db744c8e220aa5ee5037db280dbb95c9fc

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/bbda84ddbcd18eb526d759d5d99a8a15.aspx
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 05:56:35 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK asset@js_mobile1.js Show response
serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/ 17 KB
17 KB 125ms
62ms Script
text/javascript 139.59.178.3
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@js_mobile1.js
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/bbda84ddbcd18eb526d759d5d99a8a15.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.59.178.3 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 1c792c6e979c0f9a0435380631055ab1db1c2a7314c2821bbf22e9581b793e9a

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/bbda84ddbcd18eb526d759d5d99a8a15.aspx
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Tue, 01 Nov 2022 05:56:35 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 61-6nKPKyWL._RC%7C11Y+5x+kkTL.js,51KMV3Cz2XL.js,31x4ENTlVIL.js,31f4+QIEeqL.js,319DotbLfhL.js,518BI433aLL.js,01qkmZhGmAL.js,31h3-xvy9qL.js,61zp0xmgcZL.js,31yPmSSpnoL.js_.js Show response
images-na.ssl-images-amazon.com/images/I/ 334 KB
90 KB 239ms
64ms Script
application/x-javascript 2a04:4e42:400::272
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/61-6nKPKyWL._RC%7C11Y+5x+kkTL.js,51KMV3Cz2XL.js,31x4ENTlVIL.js,31f4+QIEeqL.js,319DotbLfhL.js,518BI433aLL.js,01qkmZhGmAL.js,31h3-xvy9qL.js,61zp0xmgcZL.js,31yPmSSpnoL.js_.js?AUIClients/AmazonUI
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@js_mobile1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 43dae698c247f2106729e0c5ebf26847a86a293dc31c31d6a4cdba6bb7011f5a

Request headers

Referer: https://serv-page14.duckdns.org/
Origin: https://serv-page14.duckdns.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:35 GMT
content-encoding: br
age: 3070268
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: MISS
server-timing: provider;desc="fy"
content-length: 92269
x-served-by: cache-iad-kiad7000026-IAD, cache-mad22044-MAD
last-modified: Thu, 12 Sep 2019 21:14:10 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 0642da88-4982-47a0-86bc-781784927fbe
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
expires: Wed, 14 May 2042 12:52:00 GMT

GET
H2 200 21G215oqvfL._RC%7C21OJDARBhQL.js,218GJg15I8L.js,31lucpmF4CL.js,2119M3Ks9rL.js,51tyNycLkFL.js_.js Show response
images-na.ssl-images-amazon.com/images/I/ 88 KB
23 KB 251ms
77ms Script
application/x-javascript 2a04:4e42:400::272
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/21G215oqvfL._RC%7C21OJDARBhQL.js,218GJg15I8L.js,31lucpmF4CL.js,2119M3Ks9rL.js,51tyNycLkFL.js_.js?AUIClients/AuthenticationPortalAssets&QmmAyoMU
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@js_mobile1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 68981504fd2d01c55d4e9ef9178b19a4228f73e6f632ee981af74cff5a8bd846

Request headers

Referer: https://serv-page14.duckdns.org/
Origin: https://serv-page14.duckdns.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:35 GMT
content-encoding: br
age: 3012259
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: HIT
server-timing: provider;desc="fy"
content-length: 22969
x-served-by: cache-iad-kjyo7100170-IAD, cache-mad22044-MAD
last-modified: Tue, 24 Oct 2017 23:02:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 568583e6-4582-4bd2-a726-9a25882de052
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
expires: Fri, 16 May 2042 18:33:46 GMT

GET
H2 200 01wGDSlxwdL.js Show response
images-na.ssl-images-amazon.com/images/I/ 521 B
688 B 227ms
62ms Script
application/x-javascript 2a04:4e42:400::272
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/01wGDSlxwdL.js?AUIClients/AuthenticationPortalInlineAssets
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@js_mobile1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 432dff2bd6f663c6151a5947fa318a46463085d4f6e40761450e8b38fd0fe938

Request headers

Referer: https://serv-page14.duckdns.org/
Origin: https://serv-page14.duckdns.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:35 GMT
content-encoding: br
age: 6947467
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: HIT
server-timing: provider;desc="fy"
content-length: 293
x-served-by: cache-iad-kiad7000164-IAD, cache-mad22044-MAD
last-modified: Tue, 22 Dec 2020 19:40:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 43009408-d2ee-43b3-8246-ae92d2cb8388
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
expires: Mon, 24 Mar 2042 01:08:15 GMT

GET
H2 200 31A4yLc5SSL.js Show response
images-na.ssl-images-amazon.com/images/I/ 14 KB
5 KB 227ms
63ms Script
application/x-javascript 2a04:4e42:400::272
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/31A4yLc5SSL.js?AUIClients/CVFAssets
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@js_mobile1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa5f59140e26e51e3d43f2e12514582505d5a24c54cfdd030aaad92e3bf6189c

Request headers

Referer: https://serv-page14.duckdns.org/
Origin: https://serv-page14.duckdns.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:35 GMT
content-encoding: br
age: 3530759
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: MISS
server-timing: provider;desc="fy"
content-length: 4485
x-served-by: cache-iad-kjyo7100031-IAD, cache-mad22044-MAD
last-modified: Mon, 16 Aug 2021 20:05:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 31234883-de2e-4f86-b968-8e4ea737103c
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
expires: Tue, 16 Sep 2042 09:10:37 GMT

GET
H2 200 81oDzXaLrLL.js Show response
images-na.ssl-images-amazon.com/images/I/ 323 KB
79 KB 241ms
77ms Script
application/x-javascript 2a04:4e42:400::272
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/81oDzXaLrLL.js?AUIClients/SiegeClientSideEncryptionAUI
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@js_mobile1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0de3356db62de62dc12d4024d65ec20c5f7577553b92384f0aecee28a05c8230

Request headers

Referer: https://serv-page14.duckdns.org/
Origin: https://serv-page14.duckdns.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:35 GMT
content-encoding: br
age: 3676049
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: MISS
server-timing: provider;desc="fy"
content-length: 80710
x-served-by: cache-iad-kjyo7100055-IAD, cache-mad22044-MAD
last-modified: Wed, 28 Apr 2021 15:07:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 9d7f5ad1-d262-48a3-b7a4-9c4287d845a5
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
expires: Fri, 25 Apr 2042 07:02:28 GMT

GET
H2 200 71QA2qlWPdL.js Show response
images-na.ssl-images-amazon.com/images/I/ 255 KB
55 KB 240ms
77ms Script
application/x-javascript 2a04:4e42:400::272
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/71QA2qlWPdL.js?AUIClients/FWCIMAssets
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@js_mobile1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f77b52306a879207e8e96931f1cc7db37b06508b243da56c89152c894340ec8b

Request headers

Referer: https://serv-page14.duckdns.org/
Origin: https://serv-page14.duckdns.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:35 GMT
content-encoding: br
age: 2989339
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: MISS
server-timing: provider;desc="fy"
content-length: 56275
x-served-by: cache-iad-kiad7000086-IAD, cache-mad22044-MAD
last-modified: Mon, 16 Aug 2021 19:13:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 7978ab0d-2acd-4270-ae0c-950938545ee6
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
expires: Thu, 01 May 2042 15:32:48 GMT

GET
H2 200 41cyy9szMwL._RC%7C41moB86X53L.js_.js Show response
images-na.ssl-images-amazon.com/images/I/ 53 KB
15 KB 70ms
70ms Script
application/x-javascript 2a04:4e42:400::272
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/41cyy9szMwL._RC%7C41moB86X53L.js_.js?AUIClients/NavMobileAssets-all
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@js_mobile1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ed77b1616689c6a4c02ae8f6fe98e70af8684472c3c3ffb46491bcf54cb8c2d7

Request headers

Referer: https://serv-page14.duckdns.org/
Origin: https://serv-page14.duckdns.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:35 GMT
content-encoding: br
age: 1781714
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: HIT
server-timing: provider;desc="fy"
content-length: 14765
x-served-by: cache-iad-kjyo7100169-IAD, cache-mad22044-MAD
last-modified: Wed, 12 May 2021 23:53:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 67abba95-6f8f-4462-80f5-d0ccb31765e7
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
expires: Sat, 04 Oct 2042 19:18:10 GMT

GET
H2 200 01CMyuQ8OQL.js Show response
images-na.ssl-images-amazon.com/images/I/ 715 B
468 B 70ms
69ms Script
application/x-javascript 2a04:4e42:400::272
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/01CMyuQ8OQL.js?AUIClients/InternationalCustomerPreferencesNavMobileAssets
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@js_mobile1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 294617ac3b8ff4f159bae73248b79de4df99cf747c029595c11be56ffa3cf21d

Request headers

Referer: https://serv-page14.duckdns.org/
Origin: https://serv-page14.duckdns.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:35 GMT
content-encoding: br
age: 6696174
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: HIT
server-timing: provider;desc="fy"
content-length: 311
x-served-by: cache-iad-kiad7000084-IAD, cache-mad22044-MAD
last-modified: Mon, 15 Oct 2018 19:39:09 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: b8b54432-fbda-40fc-a63e-2418dad37a77
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
expires: Sun, 25 May 2042 10:15:17 GMT

GET
H2 200 31Tyru520KL.js Show response
images-na.ssl-images-amazon.com/images/I/ 14 KB
4 KB 72ms
71ms Script
application/x-javascript 2a04:4e42:400::272
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/31Tyru520KL.js?AUIClients/GlowToasterAssets
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@js_mobile1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7ebda9480ed7e13c190e24bca5f058560d22166576c0e34033cb1e703f462582

Request headers

Referer: https://serv-page14.duckdns.org/
Origin: https://serv-page14.duckdns.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:35 GMT
content-encoding: br
age: 3008619
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: MISS
server-timing: provider;desc="fy"
content-length: 3659
x-served-by: cache-iad-kjyo7100062-IAD, cache-mad22044-MAD
last-modified: Tue, 29 Jun 2021 19:39:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 3b6983f4-2de6-4abc-b39b-d1bebcd0920b
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
expires: Mon, 14 Apr 2042 16:32:13 GMT

GET
H2 200 016tgkOMMNL._RC%7C61yav2pbI3L.js_.js Show response
images-na.ssl-images-amazon.com/images/I/ 65 KB
18 KB 74ms
73ms Script
application/x-javascript 2a04:4e42:400::272
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/016tgkOMMNL._RC%7C61yav2pbI3L.js_.js?AUIClients/RetailSearchAutocompleteAssets&p27p/3HG
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@js_mobile1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 05a3685a39e2ef3d7558194e8e390d703f0c7fd63983f62fbcb3a9a337268222

Request headers

Referer: https://serv-page14.duckdns.org/
Origin: https://serv-page14.duckdns.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:35 GMT
content-encoding: br
age: 4618039
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: HIT
server-timing: provider;desc="fy"
content-length: 18167
x-served-by: cache-iad-kjyo7100112-IAD, cache-mad22044-MAD
last-modified: Fri, 09 Jul 2021 22:42:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 89d6d0a6-cbce-4c01-b653-5e43dad1229e
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
expires: Tue, 02 Sep 2042 05:22:53 GMT

GET
H2 200 41N6Zfgd3UL.js Show response
images-na.ssl-images-amazon.com/images/I/ 18 KB
5 KB 72ms
72ms Script
application/x-javascript 2a04:4e42:400::272
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images-na.ssl-images-amazon.com/images/I/41N6Zfgd3UL.js?AUIClients/AmazonWebAppAssets
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@js_mobile1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 480423d22f925c7400338ed2f81a395b47f0910a0620528788f8ce5781baef8e

Request headers

Referer: https://serv-page14.duckdns.org/
Origin: https://serv-page14.duckdns.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:35 GMT
content-encoding: br
age: 2211496
x-cache: HIT from fastly, HIT from fastly
x-nginx-cache-status: MISS
server-timing: provider;desc="fy"
content-length: 4787
x-served-by: cache-iad-kiad7000168-IAD, cache-mad22044-MAD
last-modified: Wed, 17 Feb 2021 11:37:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 7e5842c7-cf5a-4d7a-8b25-4200ce459c4e
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
expires: Wed, 01 Oct 2042 15:38:19 GMT

GET
H2 200 Bgn-Vcheb-DR5-Ds4h.png
i.ibb.co/cTHnq49/ 259 KB
260 KB 208ms
67ms Image
image/png 51.210.32.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/cTHnq49/Bgn-Vcheb-DR5-Ds4h.png
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@css_mobile1.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.32.132 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3172604.ip-51-210-32.eu
Software: nginx /
Resource Hash: 8cd259ed040281a419452769d540f30d8f3814f00ddc59081fd606595a8ea1df

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://serv-page14.duckdns.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 01 Nov 2022 05:56:35 GMT
last-modified: Mon, 06 Sep 2021 17:39:09 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 265634
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pDxWAF1pBB0dzGB.woff2
m.media-amazon.com/images/S/sash/ 16 KB
17 KB 197ms
61ms Font
application/font-woff2 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://m.media-amazon.com/images/S/sash/pDxWAF1pBB0dzGB.woff2
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@css_mobile1.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 013d1dc68fadda651c773b6deb153e3e8b4dd612fb2af70db48c87af7808d1e7

Request headers

Referer: https://serv-page14.duckdns.org/
Origin: https://serv-page14.duckdns.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires: Thu, 23 May 2041 09:24:39 GMT
date: Tue, 01 Nov 2022 05:56:35 GMT
last-modified: Fri, 30 Oct 2020 21:19:16 GMT
age: 6613716
x-cache: HIT from fastly, HIT from fastly
content-type: application/font-woff2; charset=utf-8
access-control-allow-origin: *
x-nginx-cache-status: HIT
cache-control: max-age=630720000,public
x-amz-ir-id: c8c3029d-0183-4b9a-bf1a-1c4ccdeee9a1
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 16616
x-served-by: cache-dca17731-DCA, cache-mad22065-MAD

GET
H2 200 KFPk-9IF4FqAqY-.woff2
m.media-amazon.com/images/S/sash/ 16 KB
16 KB 196ms
62ms Font
application/font-woff2 2a04:4e42:600::272
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://m.media-amazon.com/images/S/sash/KFPk-9IF4FqAqY-.woff2
Requested by: Host: serv-page14.duckdns.org
URL: https://serv-page14.duckdns.org/cdfa90a62b8deaba57ac3e0aa16e2345/asset@css_mobile1.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0eef431cee18b1dc43636dd2a7703b7c0ce9f6bdbad9f280b7313d0ded232327

Request headers

Referer: https://serv-page14.duckdns.org/
Origin: https://serv-page14.duckdns.org
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires: Fri, 28 Jun 2041 07:47:21 GMT
date: Tue, 01 Nov 2022 05:56:35 GMT
last-modified: Fri, 30 Oct 2020 21:19:26 GMT
age: 24189510
x-cache: HIT from fastly, HIT from fastly
content-type: application/font-woff2; charset=utf-8
access-control-allow-origin: *
x-nginx-cache-status: HIT
cache-control: max-age=630720000,public
x-amz-ir-id: 9939d813-5911-4d94-8d80-94d1f0752834
server-timing: provider;desc="fy"
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
content-length: 16460
x-served-by: cache-dca17728-DCA, cache-mad22065-MAD

GET
H2 200 index.js Show response
d35uxhjf90umnp.cloudfront.net/ 37 KB
12 KB 208ms
68ms Script
application/javascript 2600:9000:2490:5a00:3:12d0:8d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35uxhjf90umnp.cloudfront.net/index.js
Requested by: Host: images-na.ssl-images-amazon.com
URL: https://images-na.ssl-images-amazon.com/images/I/71QA2qlWPdL.js?AUIClients/FWCIMAssets
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:5a00:3:12d0:8d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6267b22c78747f8db9476b502c900e874aebf89e1c658b5b3282f4c01f7a54c2

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://serv-page14.duckdns.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: .WCB9yvxzufrsvypRZW5w_pUwNZ4.SCn
content-encoding: gzip
via: 1.1 bf5c0a6262f04cc4b9a69ef8d737ea96.cloudfront.net (CloudFront)
date: Tue, 01 Nov 2022 01:24:04 GMT
last-modified: Tue, 27 Apr 2021 20:18:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 16353
x-amz-server-side-encryption: AES256
etag: W/"a216acbf4c266a507cb6c7de4d63d883"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: pT-1bmofGO6lKKU6hhJmO42VzuANLDrHANKvGmw9FknI3pok0BEgkA==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 16:37:48	Name: __Secure-ENID Value: 7.SE=LEVRyurMtYCdKvSOKA5oayK83tBKEMXTZvw8EbCnytlP0V8G5ecW28a_dct5IZxYEhLT6WlwNWZQ3w5Lyxwl5ecTAj64D-5QsoQsoDkb4kT7dV-RIkroqF13eSdrTBpl2QGPdX8AdnT-QaM4MSgRZerqMCL7B6JI10-wCDKd6iI
.google.com/	1970-01-20 16:44:02	Name: CONSENT Value: PENDING+245
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: VOqlRK1Pqe4
.youtube.com/	1970-01-20 11:27:14	Name: VISITOR_INFO1_LIVE Value: QPl-Y73qfU4
lihi2.cc/	1970-01-20 16:44:02	Name: redirect_id Value: eyJpdiI6IlRySWl6MGpsMFRTTzlsWVhTN0I0U3c9PSIsInZhbHVlIjoidzROSGhHQjg3V0NzUWlDU0hkeWtRZVY3OFp0UmhUVll2eUtpdzRJdzFcL1RPdVhDSWNib05aZW95SHJVQkoyV1kiLCJtYWMiOiJmN2NiOGUwZjI0MGIxMDUyY2FjMTUxMTMxZjNkMjBmMjBkYWU5MjVmMTdjMmMxNmNhOTg4NDEwNzY3NzBkOTY4In0%3D
lihi2.cc/	1970-01-20 07:08:02	Name: lihi_session Value: eyJpdiI6InhDKzk5NEU5M3pMQTl6d2hsWUEweUE9PSIsInZhbHVlIjoialJLUHNUc0ZxR3BKNFBJcHJySGRrZzhreWhzOVRmRzZwRkZjOWtBa0RyN0tyZm9nV0hGbUl1MGZ2WVBXVjlsUCIsIm1hYyI6ImRmNjFhM2MwNzUzZTgyNGY0ZjBiOWUyNzAyMDJhMzI0MzgzNWIxYjE0OWNlYzgwNDM5YzNmNmM4Y2IxMjdmZjcifQ%3D%3D
serv-page14.duckdns.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: cb030bdd4511561ba2379578db1e88d8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors *.translate.goog
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
d35uxhjf90umnp.cloudfront.net
fonts.googleapis.com
i.ibb.co
images-na.ssl-images-amazon.com
imos006-dot-im--os.appspot.com
lh3.googleusercontent.com
lihi2.cc
m.media-amazon.com
me2-do.translate.goog
releases.jquery.com
serv-page14.duckdns.org
start-seitenatelier-ch.translate.goog
translate.google.com
trk-klclick3-com.translate.goog
www.gstatic.com
www.imcreator.com
www.youtube.com
139.59.178.3
2001:4de0:ac18::1:a:3b
2600:9000:2490:5a00:3:12d0:8d40:21
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:829::2014
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2013
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a04:4e42:400::272
2a04:4e42:600::272
35.244.149.249
51.210.32.132
013d1dc68fadda651c773b6deb153e3e8b4dd612fb2af70db48c87af7808d1e7
05a3685a39e2ef3d7558194e8e390d703f0c7fd63983f62fbcb3a9a337268222
0de3356db62de62dc12d4024d65ec20c5f7577553b92384f0aecee28a05c8230
0e052a42588678115282200dfcf7a9e187ac63bcc6828521886de793221b2c24
0eef431cee18b1dc43636dd2a7703b7c0ce9f6bdbad9f280b7313d0ded232327
16236a16a95009024cebc75718409ad144ef5dd78a3227a44b4f642ae2cfff07
165f2815ad301a80ec9ed5626ee693b87fc0b9c5d0db2bd5d6923af277a61179
1c792c6e979c0f9a0435380631055ab1db1c2a7314c2821bbf22e9581b793e9a
1ee0a2160fb9909d79076e289aa548db744c8e220aa5ee5037db280dbb95c9fc
22af5bc82c5abf9d2d53d5252b2ae15c04c39b2e67d39d9150ace8b3b9fe6809
294617ac3b8ff4f159bae73248b79de4df99cf747c029595c11be56ffa3cf21d
313d9aba1f18d0e79de4e2d716c20dfd81f1f77dd2f3c7419bbae47267bb17f5
37248273012d15847018687320fc392b17e54ffef5e9e13d8c8d7863c1b3c44b
3c97234abf716e3e0c42a10d7cf9bab323f93fd706b26de48ee5ac1ccf87e886
432dff2bd6f663c6151a5947fa318a46463085d4f6e40761450e8b38fd0fe938
43dae698c247f2106729e0c5ebf26847a86a293dc31c31d6a4cdba6bb7011f5a
43e6b995ed4fbb716c2d08e748b34bed7fb238d794f697eaee07edf5e0c5105b
480423d22f925c7400338ed2f81a395b47f0910a0620528788f8ce5781baef8e
4d0043cf27b66c2a38040edf85abca8596be2d9368c73bef172a668160e50665
6267b22c78747f8db9476b502c900e874aebf89e1c658b5b3282f4c01f7a54c2
681dd35baae2680cd1216895fec6792b9ce4eaef0d269c005e7aca7f37f4d28b
68981504fd2d01c55d4e9ef9178b19a4228f73e6f632ee981af74cff5a8bd846
793eeb270a86b7d55e2fc36d29b25fbd1f746a036a33f857a045ba045e0b8590
7c53298ec35a0ef7e8b76c9c2ebcd515b22c2df49490bc9c917adcd10a08e316
7cb4efd75d841420c32a07f5880f53c1b59a78a2ca21e4c805a6a10c0f1ad429
7ebda9480ed7e13c190e24bca5f058560d22166576c0e34033cb1e703f462582
884663c1137f80922a8e50d96df7b23ba59ea46caf3bf6cd89b38e231decf4e5
8cd259ed040281a419452769d540f30d8f3814f00ddc59081fd606595a8ea1df
8de6505ad9c76d2c0785c2cc72e7c2a1290a376fdb2705a634451cb71a0176d7
9a125df1d257d6cc1f82f703c40b513df8a6cfa1b710c5f7955e97aaebb496aa
aa5f59140e26e51e3d43f2e12514582505d5a24c54cfdd030aaad92e3bf6189c
c2407c9302859fed1b1bf8dfa21ecb75033bb7cb48610f301018060ed612c553
c3e0d1b01c02cca5545bbe9a85d904b97723600a61a4e157b1f7116ae2aee4d8
d726e9e5b87d746117c6e863358d26c6f86ad6858bcd4411fb872a4d65224f65
dcde3503f3ffa2d0343cf4c9a99f3dfc4254ce9fc81acb09183fb6cc844fdbbe
ed77b1616689c6a4c02ae8f6fe98e70af8684472c3c3ffb46491bcf54cb8c2d7
f4a09886e48d5ecf18fd5bcb5ccfe14ca7ea3be913075465ea301d1ac1ece6db
f5981f5204d52417567521ee1c2e32c97e9d1434d9db29966662dfe3003f7018
f77b52306a879207e8e96931f1cc7db37b06508b243da56c89152c894340ec8b
fb8005978127d0fccc2b916ed5dcc054f5f2a2a9ab5da51699991bfffac6a073

serv-page14.duckdns.org Open in urlscan Pro 139.59.178.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

82 %IPv6

15 Domains

18 Subdomains

14 IPs

5 Countries

875 kBTransfer

2427 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

serv-page14.duckdns.org Open in urlscan Pro
139.59.178.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

82 %
IPv6

15
Domains

18
Subdomains

14
IPs

5
Countries

875 kB
Transfer

2427 kB
Size

7
Cookies

44 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!