l.x4tds.com Open in urlscan Pro
2606:4700:3031::6815:3543 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01
Submission Tags: falconsandbox
Submission: On February 23 via api (February 23rd 2021, 11:17:33 am UTC) from US

Summary HTTP 26 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3031::6815:3543, located in United States and belongs to CLOUDFLARENET, US. The main domain is l.x4tds.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2020. Valid for: a year.

This is the only time l.x4tds.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3031::6815:3543	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2606:4700:303... 2606:4700:3032::6815:40d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2

1 2606:4700:3031::6815:3543 (United States)

ASN13335 (CLOUDFLARENET, US)

l.x4tds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:3032::6815:40d6 (United States)

ASN13335 (CLOUDFLARENET, US)

harangesn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	harangesn.com harangesn.com	3 MB
1	x4tds.com l.x4tds.com	14 KB
26	2

	Domain	Requested by
25	harangesn.com	l.x4tds.com
1	l.x4tds.com
26	2

This site contains links to these domains. Also see Links.

Domain
bitcoin-up.cash

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01
Frame ID: D3A18A8E5DD9C5381975044AA1FBCD49
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

26
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

2704 kB
Transfer

2827 kB
Size

2
Cookies

53 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

URL: https://bitcoin-up.cash/?t=l&c=OnDPZQf4QYkm&o=6&f=322&u=9&uuid=3d3d9787-0c95-4ce8-b62f-67b6fecc771b&l_id=4&ca=324&pid=52&test_id=&exp_id=&e_v_id=&subid1=poland01&subid2=&subid3=&subid4=&subid5=&subid_click=6
Title: Korzystając z tej „luki fortuny”, polscy obywatele zgarniają już miliony złotych bez wychodzenia z domu – ale czy to jest legalne?

Search URL Search Domain Scan URL

URL: https://bitcoin-up.cash/?t=l&c=OnDPZQf4QYkm&o=6&f=322&u=9&uuid=3d3d9787-0c95-4ce8-b62f-67b6fecc771b&l_id=4&ca=324&pid=52&test_id=&exp_id=&e_v_id=&subid1=poland01&subid2=&subid3=&subid4=&subid5=&subid_click=12
Title: automatyczny system tradingowy w zakresie kryptowalut o nazwie Bitcoin UP System

Search URL Search Domain Scan URL

URL: https://bitcoin-up.cash/?t=l&c=OnDPZQf4QYkm&o=6&f=322&u=9&uuid=3d3d9787-0c95-4ce8-b62f-67b6fecc771b&l_id=4&ca=324&pid=52&test_id=&exp_id=&e_v_id=&subid1=poland01&subid2=&subid3=&subid4=&subid5=&subid_click=24
Title: wprowadzający materiał wideo o platformie

Search URL Search Domain Scan URL

URL: https://bitcoin-up.cash/?t=l&c=OnDPZQf4QYkm&o=6&f=322&u=9&uuid=3d3d9787-0c95-4ce8-b62f-67b6fecc771b&l_id=4&ca=324&pid=52&test_id=&exp_id=&e_v_id=&subid1=poland01&subid2=&subid3=&subid4=&subid5=&subid_click=30
Title: prostu zatwierdź swoje nazwisko oraz adres e-mail

Search URL Search Domain Scan URL

URL: https://bitcoin-up.cash/?t=l&c=OnDPZQf4QYkm&o=6&f=322&u=9&uuid=3d3d9787-0c95-4ce8-b62f-67b6fecc771b&l_id=4&ca=324&pid=52&test_id=&exp_id=&e_v_id=&subid1=poland01&subid2=&subid3=&subid4=&subid5=&subid_click=35
Title: zarejestruj się teraz, by zarezerwować swoje miejsce.

Search URL Search Domain Scan URL

URL: https://bitcoin-up.cash/?t=l&c=OnDPZQf4QYkm&o=6&f=322&u=9&uuid=3d3d9787-0c95-4ce8-b62f-67b6fecc771b&l_id=4&ca=324&pid=52&test_id=&exp_id=&e_v_id=&subid1=poland01&subid2=&subid3=&subid4=&subid5=&subid_click=50
Title: Wpłać minimalną kwotę 250 € (956 zł)

Search URL Search Domain Scan URL

URL: https://bitcoin-up.cash/?t=l&c=OnDPZQf4QYkm&o=6&f=322&u=9&uuid=3d3d9787-0c95-4ce8-b62f-67b6fecc771b&l_id=4&ca=324&pid=52&test_id=&exp_id=&e_v_id=&subid1=poland01&subid2=&subid3=&subid4=&subid5=&subid_click=52
Title: wypłać zyski na swoje konto bankowe!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response l.x4tds.com/	59 KB 14 KB	107ms 78ms	Document text/html	2606:4700:3031::6815:3543 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:3031::6815:3543 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `996496754e5dfb67cd35f08a64ed169ac8fd9b7d2eef0d9ec2995176c8d23d3d` Request headers :method GET :authority l.x4tds.com :scheme https :path /?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=dfde3134992da90b7033962e6605d7b331614079034; expires=Thu, 25-Mar-21 11:17:14 GMT; path=/; domain=.x4tds.com; HttpOnly; SameSite=Lax visit_data=a%3A9%3A%7Bs%3A4%3A%22uuid%22%3Bs%3A36%3A%223d3d9787-0c95-4ce8-b62f-67b6fecc771b%22%3Bs%3A9%3A%22timestamp%22%3Bi%3A1614079034%3Bs%3A5%3A%22lp_id%22%3Bi%3A52%3Bs%3A7%3A%22lp_type%22%3Bi%3A2%3Bs%3A8%3A%22offer_id%22%3Bi%3A6%3Bs%3A4%3A%22code%22%3Bs%3A12%3A%22RrOgVLkCn2uI%22%3Bs%3A7%3A%22ns_code%22%3Bs%3A12%3A%22OnDPZQf4QYkm%22%3Bs%3A7%3A%22flow_id%22%3Bi%3A322%3Bs%3A6%3A%22domain%22%3Bs%3A23%3A%22https%3A%2F%2Fbitcoin-up.cash%22%3B%7D; expires=Tue, 02-Mar-2021 11:17:14 GMT; Max-Age=604800; path=/ cf-cache-status DYNAMIC cf-request-id 0870349d7900004e8c1097f000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M4jJzOFb47XqqRYLTNUls6YjA1OmhOPWVAJWf%2Fh5ywYOGgGS5kO1rAi6nXHIM2r8gUlkkSs5JsWjiNBeZ6Sq1Nyv2PtKv5vOhCpE1gAdCVX%2FRH8PyxWydw%3D%3D"}]} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 62608a0f2a264e8c-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	bootstrap.min.css harangesn.com/Robert_Lewandowski/css/	100 KB 15 KB	98ms 61ms	Stylesheet text/css	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://harangesn.com/Robert_Lewandowski/css/bootstrap.min.css Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ddc97e8d5580ffd186b392d624ade219676ab344ed5ee12816a707beb65775be` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT content-encoding br cf-cache-status MISS last-modified Mon, 12 Oct 2020 13:24:17 GMT server cloudflare etag W/"5f845901-191f0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ou0iu0BeiR2Bx6P%2B97r7lZtRaLQSISsg7MpOjl9ncwKdBq4wLU9EqDWk7l7%2BWooIlp8heqxhsHRtIJb59oZZWz6Ki6wPwVt%2BbTvStMwGLjToNFeMZQEUU9qG"}],"group":"cf-nel"} content-type text/css cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 62608a0feef82c19-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0870349df200002c196c2c3000000001
GET H2	200	style.css harangesn.com/Robert_Lewandowski/css/	8 KB 2 KB	71ms 34ms	Stylesheet text/css	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://harangesn.com/Robert_Lewandowski/css/style.css Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `56c808d8ea2a821e61d4d16604653e2e35c85833ec366091d9bb0a90d29f68eb` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT content-encoding br cf-cache-status MISS last-modified Mon, 12 Oct 2020 13:24:17 GMT server cloudflare etag W/"5f845901-2004" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AzXIiQsMPOYGIHtQuhxUzlkeD8zGnAHVLBd4uIQQH0P6vVEGjxMSoBSkytjFsu1FuNY2BZOXs8d8KkOSjaumOjdTywFQ1kPNUOIgLiO%2BJQehVZYJeQWYpPsv"}],"group":"cf-nel"} content-type text/css cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 62608a0feefb2c19-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0870349df200002c197709f000000001
GET H2	200	puls-biznesu-logo.png harangesn.com/Robert_Lewandowski/images/	2 KB 3 KB	70ms 33ms	Image image/png	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/puls-biznesu-logo.png Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b7048b0c8d2c81097e783937c9f2988ed63d14e77cde08743680c5153491d5f1` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2254 cf-request-id 0870349df200002c1932b3b000000001 last-modified Mon, 12 Oct 2020 13:24:21 GMT server cloudflare etag "5f845905-8ce" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EJYzkr5dmYghImesigTPpymDfIVwRteuPFSwPboQjkLv28LtIOMqkeEkKTTKEfrZx3FMtS1QgOYU0barseNJGO8BOjLOTCP0FDMMM9hrLH3TWnI915wB965G"}],"group":"cf-nel"} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 62608a0feefc2c19-FRA
GET H2	200	as-seen-on-image-PO.png harangesn.com/Robert_Lewandowski/images/	17 KB 17 KB	82ms 46ms	Image image/png	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/as-seen-on-image-PO.png Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9870438b6cd4d97356e56608983e0f0e47831856796c27502857044c7cecdb12` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 17423 cf-request-id 0870349df300002c199426d000000001 last-modified Mon, 12 Oct 2020 13:24:20 GMT server cloudflare etag "5f845904-440f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L0B8AJCpNTHciSCQ5Xwr0v2RcdSscGLvNdY60ce%2FONzUSmohxbvboEMXIAwWriRR3A4%2B9wn3Ot45mzUs%2BRatYZP8xZr4qehZktGYQW6so34iIGVdGGY2ZEop"}],"group":"cf-nel"} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 62608a0feefd2c19-FRA
GET H2	200	robertl1.jpg harangesn.com/Robert_Lewandowski/images/	541 KB 542 KB	87ms 52ms	Image image/jpeg	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/robertl1.jpg Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1a51c8f67900332a2c3971e92bb7ebb37f8b86c6e0d5e7dd80bd6f89b88d8cc4` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 554352 cf-request-id 0870349df300002c1949845000000001 last-modified Mon, 12 Oct 2020 13:24:22 GMT server cloudflare etag "5f845906-87570" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hacVAgr1HZfWDdrDiQtZl%2FgUlMF9nIFgDO9uKTgoVxMO%2FkELJaqp8BuDDMnp7Xtscga6ekuK1xhDfoqecTiwiw%2BtCQg7AHYgw160F9DxYQF6jahA6Xe8ItaF"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 62608a0feefe2c19-FRA
GET H2	200	robertl2.jpg harangesn.com/Robert_Lewandowski/images/	448 KB 449 KB	85ms 49ms	Image image/jpeg	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/robertl2.jpg Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4d4695fbb381355f4de7b76c7110d34eac8652ae1e1e70f660c4eca4dbf1fb9c` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 458551 cf-request-id 0870349df300002c19723e0000000001 last-modified Wed, 11 Nov 2020 13:52:07 GMT server cloudflare etag "5fabec87-6ff37" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FHC%2FYe7K9iVV%2BmHUOqFKvgCneGRpHNQYme42cC%2BmosiSCUuqabjZ9g4byV%2BgZJ3F4eRMJJV47Np%2BS6FhRGSGqHBX79CihzTfUdgvc1vk4kpYPbkFyRT4Hyxx"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 62608a0fef002c19-FRA
GET H2	200	robertl3.jpg harangesn.com/Robert_Lewandowski/images/	96 KB 96 KB	56ms 54ms	Image image/jpeg	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/robertl3.jpg Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6c3e3619c3804fac66dcc7574c463c0f6e2537429e8a9ce2d233112e76a655ca` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 97860 cf-request-id 0870349e1600002c198d1ce000000001 last-modified Wed, 11 Nov 2020 13:45:56 GMT server cloudflare etag "5fabeb14-17e44" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n5HChKE%2BXNKIYL%2FM4krrqf8GubGvHWo2zC%2Bw1hNhWSVI6ec%2F7hJ2YV0Axw42rwQ8Recx4sFaV4an9xOd%2BZwjurVDNUoTttCgFpeVKUkjNnjt3gaA5%2FFQ58do"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f542c19-FRA
GET H2	200	muskbranson.jpg harangesn.com/Robert_Lewandowski/images/	121 KB 122 KB	51ms 49ms	Image image/jpeg	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/muskbranson.jpg Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a829bee3c95bb10abf53674fe285193a519569e0dade0fbc9e84532cf443d28a` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 124110 cf-request-id 0870349e1600002c19770a2000000001 last-modified Mon, 12 Oct 2020 13:24:21 GMT server cloudflare etag "5f845905-1e4ce" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BCqQXdDD3YaGOrmOw1csJFd%2FaA0OvDa%2Fch7N%2B2fjLmo3brH7STTgYUQvqz61oF8y89RABUV%2B1e3fMOOWxZ1gPy5%2BufNmT7I%2Bo66YmYF0OpCJ0lkJzkatO3a7"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f552c19-FRA
GET H2	200	dreamcar.jpg harangesn.com/Robert_Lewandowski/images/	146 KB 146 KB	57ms 55ms	Image image/jpeg	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/dreamcar.jpg Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `13e33f5779be2556718d37c7b8e1640b573e15dd2412f4319b4d049f6b664993` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 149211 cf-request-id 0870349e1600002c192dbbb000000001 last-modified Mon, 12 Oct 2020 13:24:20 GMT server cloudflare etag "5f845904-246db" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WgRzwWInX758QiuDhZHgg9rYdYPHmC%2FcbiBswXWY2k7D%2F%2BPgLCvu0up5tero71WMgMVFj595dqrBbBril97FNlYFffIesJL6BQ8I%2BJgvd48JUpSy8kE3%2FkQ1"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f562c19-FRA
GET H2	200	tisdale.jpg harangesn.com/Robert_Lewandowski/images/	136 KB 136 KB	52ms 50ms	Image image/jpeg	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/tisdale.jpg Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ef5f4990f078fcb2101cd609337f77bdfe19cfdbdafca8d4e2ce171daee7b8b9` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 139217 cf-request-id 0870349e1600002c1932b3d000000001 last-modified Mon, 12 Oct 2020 13:24:23 GMT server cloudflare etag "5f845907-21fd1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nNH%2BK9i2hpVrBUGb%2FkBO70JYsAZSEXF7R%2B8lUhv4sMqEmz1WoqtWVyHw1MtSn8GUgErByEMqC5O44EWZZA6Y8ESLhELTD2hQD6mzYE8sdc6jKvzBk%2B6ma7Y8"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f572c19-FRA
GET H2	200	everydayprofit_euro.gif harangesn.com/Robert_Lewandowski/images/	383 KB 384 KB	55ms 53ms	Image image/gif	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/everydayprofit_euro.gif Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e20577e76d6b202c53df0086292ad3726b29607d0e720a2b89b93fb540b393ff` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 392629 cf-request-id 0870349e1700002c199426f000000001 last-modified Mon, 12 Oct 2020 13:24:21 GMT server cloudflare etag "5f845905-5fdb5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=viLYJkNH0yb8VckqIBWWDGLM2V8Vl6V77oSBQaDyHXMA1OZ64VHYHBjZxZOVZ4GThjSIo7QfZjgEFrhZ25ZHw2DuPud4KOnNTGuhLeYSGxxsTciJ%2BbbfNycQ"}],"group":"cf-nel"} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f592c19-FRA
GET H2	200	check_bartek.jpg harangesn.com/Robert_Lewandowski/images/	92 KB 92 KB	62ms 60ms	Image image/jpeg	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/check_bartek.jpg Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6e9166a5e175211cd355fd8657d4a96370e366bfa4f0851338a94b7af60edec0` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 94206 cf-request-id 0870349e1700002c1949847000000001 last-modified Mon, 12 Oct 2020 13:24:20 GMT server cloudflare etag "5f845904-16ffe" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=atmFmEP6qfxb6E1C6sRxudHnmeAYkXyQPTKDXCRnAUAaFaDV3mGWvqSRYiR3WaIp9ShNADx%2Fmx%2BcypfpyLX2vEDuEhjFyO97aeMQt0Ln1RfPX4OhpD4BNxgf"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f5a2c19-FRA
GET H2	200	step1-PO.jpg harangesn.com/Robert_Lewandowski/images/	134 KB 135 KB	70ms 68ms	Image image/jpeg	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/step1-PO.jpg Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `26d6e4ac6e191768a514e744c481232de0ecb30a24b7c997ddcbb26a04e72ce9` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 136930 cf-request-id 0870349e1700002c19742da000000001 last-modified Mon, 12 Oct 2020 13:54:41 GMT server cloudflare etag "5f846021-216e2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kanOYLl78IYfPqyar8vT7B%2FWCD9y%2F4gR%2BuF8mHbDfgmL1swk3U8USYlyNyiN%2B5wE3NsY0m%2Bn524OfMFkCv%2F4YQia8DluoQYXlEWkT7dOjwV4QvUpqZu3nQA%2B"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f5c2c19-FRA
GET H2	200	step2-PO.jpg harangesn.com/Robert_Lewandowski/images/	26 KB 27 KB	49ms 47ms	Image image/jpeg	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/step2-PO.jpg Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0ed461426dbec59a8dd7cdc8d0eff2923e6c43dbfb2d5636993a606a31fbbfde` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 26823 cf-request-id 0870349e1700002c195e9de000000001 last-modified Mon, 12 Oct 2020 13:24:23 GMT server cloudflare etag "5f845907-68c7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h%2BFOCHKBJ1ikrCFJrVrocB6MqIUsT87tNfGrI%2BbapP4ACt5Gh68K9E3ljFBvPCXrZMzdqzfIoK08Je%2B2knIv92Onl5lGZFWH8JXROMFGZ64DIDZfV%2Fd8Irlq"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f5d2c19-FRA
GET H2	200	step3-PO.jpg harangesn.com/Robert_Lewandowski/images/	29 KB 29 KB	46ms 45ms	Image image/jpeg	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/step3-PO.jpg Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d40ee288c0df08b124f757f8c3b25d6be571c67a23e2afbd7b74a0ac3dd55d78` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 29622 cf-request-id 0870349e1700002c192733e000000001 last-modified Mon, 12 Oct 2020 13:24:23 GMT server cloudflare etag "5f845907-73b6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ez6MI7SBD0avfennBKZDAr7%2B3qUBjWAciirkPbYb4tTsUjMqkSqFg5TWTCoUdo3f9hcFKyNLJRNf2SM07kuNQk0vsaeasAsJRHm66hRiP%2FhWpb8gSKUZ%2FcRS"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f5e2c19-FRA
GET H2	200	side1.png harangesn.com/Robert_Lewandowski/images/	32 KB 33 KB	43ms 41ms	Image image/png	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/side1.png Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8eb42717ed064abffa8051c7e4051f8b647ef33f935091cac36cf8036e431f13` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 33056 cf-request-id 0870349e1700002c195a810000000001 last-modified Mon, 12 Oct 2020 13:24:22 GMT server cloudflare etag "5f845906-8120" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CfGvLLwr%2FR5Td4ndtGpdeHcANka5HASrnRPxqfec6tT5uX6xPvLCs21RpQZYS9%2B0J0f93DZh8SC0DmVQBRbNjxhd8B2rrDQBJzy8RMr4ZUAMjN5uTtGwBAZe"}],"group":"cf-nel"} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f5f2c19-FRA
GET H2	200	canadian-man2.png harangesn.com/Robert_Lewandowski/images/	41 KB 41 KB	46ms 44ms	Image image/png	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/canadian-man2.png Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a336c389c255cb2f277b85669df704f399dea0d0f2078f8dfd33bcf5060dab87` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 41487 cf-request-id 0870349e1700002c1935a85000000001 last-modified Mon, 12 Oct 2020 13:24:20 GMT server cloudflare etag "5f845904-a20f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FcaPQeYC%2F0%2F1OHwrnd6XN5TgaspKXSl2i%2Fqvt3%2BDXWizeVZLGVt%2BRbuoi0Upr9tIYRSjYh64YKNUcr2y%2FPfpj6tpayh8NDw4l4gXIKLRHrTYtFkSFJRvkB5t"}],"group":"cf-nel"} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f612c19-FRA
GET H2	200	side3.png harangesn.com/Robert_Lewandowski/images/	35 KB 35 KB	53ms 51ms	Image image/png	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/side3.png Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `99563326c935b6bfc617246aa95a64c4a8ba9fc5ae7addca6a9258d83e24d001` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 35892 cf-request-id 0870349e1700002c192c856000000001 last-modified Mon, 12 Oct 2020 13:24:22 GMT server cloudflare etag "5f845906-8c34" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ps6zLh%2FAIdhzW5I5U9PypW4B9ckH1eqzQzMbVqypw8wr9osa%2ByHWWlaLogIcnj0i49h9m0Y6h41ZepqICMlSleZztThF7L27KPPZEAn3Su8BhOkhlabtuGY3"}],"group":"cf-nel"} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f622c19-FRA
GET H2	200	side4.png harangesn.com/Robert_Lewandowski/images/	24 KB 24 KB	42ms 41ms	Image image/png	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/side4.png Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d3aefd07e56012ef1e8ed28ecd13ac931d1d9f28aa55e4afff7955745f3d62f4` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 24219 cf-request-id 0870349e1800002c19262d7000000001 last-modified Mon, 12 Oct 2020 13:24:22 GMT server cloudflare etag "5f845906-5e9b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6wNCL0G6YJhHb7pzcsLrWK%2BpIrJmj50NTwvE7ibTUtd4wq%2B3tXRgIOFCdv46v8QvVhy3pzA9F2yCXn22cnJwHmSK4yFLs19HUyZQ%2FI6MAcjMJ4GOcHha%2B6HI"}],"group":"cf-nel"} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f632c19-FRA
GET H2	200	canadian-woman.png harangesn.com/Robert_Lewandowski/images/	38 KB 39 KB	48ms 47ms	Image image/png	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/canadian-woman.png Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5a34e4960d8580d69f00c8250468e958d6edc0d216f0a772e42dfc407a74e4cb` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 39326 cf-request-id 0870349e1800002c191a96e000000001 last-modified Mon, 12 Oct 2020 13:24:20 GMT server cloudflare etag "5f845904-999e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xdC7onTyKkhfHqvzUU5dApMBr%2FUOr3YA7eIo%2BzmWkNfYTPOsufY33J0SUkvUR7wCFTG%2BOAzu5cQ8NacsPLRHhpv6JWwWh6CCh2KgFSpRD1wrYl8ZdkoMKuKv"}],"group":"cf-nel"} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f642c19-FRA
GET H2	200	side6.png harangesn.com/Robert_Lewandowski/images/	32 KB 33 KB	44ms 43ms	Image image/png	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/side6.png Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cf2a03b86601f419ab5db89ec02a793b0e7df4d7777e8da49f75175da119e8af` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 32981 cf-request-id 0870349e1800002c19430b4000000001 last-modified Mon, 12 Oct 2020 13:24:23 GMT server cloudflare etag "5f845907-80d5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T3H0yKlEVkgrNikYa9nXPo0WlSOcw2KkJJyZ4Mq4AbQuCD9%2BTuYcnIWH0MQtQPe6lRngE%2FSkX8o8uWZmPkZ6uMK2iqQkHE%2BVprjkR5KtcF%2FJS%2BZ8Km5CyVxn"}],"group":"cf-nel"} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f652c19-FRA
GET H2	200	side7.png harangesn.com/Robert_Lewandowski/images/	28 KB 29 KB	50ms 48ms	Image image/png	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/side7.png Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8945ef654142be08a6241ccffe2fd93b08a5446da9084353a5874f5e0a4950e4` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 29061 cf-request-id 0870349e1800002c196728f000000001 last-modified Mon, 12 Oct 2020 13:24:23 GMT server cloudflare etag "5f845907-7185" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B8DgYl5fMUarK1%2Fwi4zEpggeyZ6U1bm6iXX2IGV%2FV1bOI8zAC3s3O3IJG%2BbQUWN%2BnxT4uoHFewxuCwpL%2B5NvKDeQV7YFUyFlPJErE0V52vGfQIQn8F3wQgse"}],"group":"cf-nel"} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f662c19-FRA
GET H2	200	s1.jpg harangesn.com/Robert_Lewandowski/images/	155 KB 156 KB	55ms 54ms	Image image/jpeg	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/s1.jpg Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cd0b9e9fbf7780b1248ff91b8d9fd4fe40492e71409568d15d96ce7867d3e9c2` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 159032 cf-request-id 0870349e1a00002c1967290000000001 last-modified Mon, 12 Oct 2020 13:54:41 GMT server cloudflare etag "5f846021-26d38" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eGKLlKdYoU1OJu7eis5Xk7hxyzDyuVVFgYjFLL%2FQj9EdbFNBp1dhkMDoN94qbRdP86IigZmHzYIm59SbYVTe06jSOJUIOvj9wiaJtYchB%2FBbrJgkVSf1KIB%2F"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f682c19-FRA
GET H2	200	s2.jpg harangesn.com/Robert_Lewandowski/images/	68 KB 69 KB	54ms 52ms	Image image/jpeg	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/s2.jpg Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0690e4f924777b579f13129336fd6c4212d36a73fce19054830558839bc59371` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 69652 cf-request-id 0870349e1800002c1952a38000000001 last-modified Mon, 12 Oct 2020 13:24:22 GMT server cloudflare etag "5f845906-11014" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v%2FhYHsYn6osC7IFigB90H7MjylnBV3xdopaAC7HtvzAt24AiPxk3vbxNrztxJdk6Jo2PWG17xHE0vicW%2FfyTZDJ0QDFUOpIqJE0owXAPwDO89eXNFTBru6Rs"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f692c19-FRA
GET H2	200	s3.jpg harangesn.com/Robert_Lewandowski/images/	35 KB 35 KB	47ms 46ms	Image image/jpeg	2606:4700:3032::6815:40d6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://harangesn.com/Robert_Lewandowski/images/s3.jpg Requested by Host: l.x4tds.com URL: https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:40d6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9608fa3208c3912eb475adbf8622e23b41752fb659a54fd5777a4a358538a102` Request headers Referer https://l.x4tds.com/?t=d&u=9&c=F_XktDRJ6UWG&subid1=poland01 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 23 Feb 2021 11:17:14 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 35932 cf-request-id 0870349e1800002c191ebf8000000001 last-modified Mon, 12 Oct 2020 13:24:22 GMT server cloudflare etag "5f845906-8c5c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HC6BKTNoD7A4CoMZcHwY7lC0Y9nJI8dswc%2FCbw6zKktsp96tOtp%2B%2BzaxN7AlD%2BrxHe6k0ABrajMKZlyNGF%2BGaoIiAdB%2FzN80r6d8em7Ym8evDDY0GlujYckp"}],"group":"cf-nel"} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 62608a102f6a2c19-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			l.x4tds.com/	1970-01-19 16:31:23	Name: visit_data Value: a%3A9%3A%7Bs%3A4%3A%22uuid%22%3Bs%3A36%3A%223d3d9787-0c95-4ce8-b62f-67b6fecc771b%22%3Bs%3A9%3A%22timestamp%22%3Bi%3A1614079034%3Bs%3A5%3A%22lp_id%22%3Bi%3A52%3Bs%3A7%3A%22lp_type%22%3Bi%3A2%3Bs%3A8%3A%22offer_id%22%3Bi%3A6%3Bs%3A4%3A%22code%22%3Bs%3A12%3A%22RrOgVLkCn2uI%22%3Bs%3A7%3A%22ns_code%22%3Bs%3A12%3A%22OnDPZQf4QYkm%22%3Bs%3A7%3A%22flow_id%22%3Bi%3A322%3Bs%3A6%3A%22domain%22%3Bs%3A23%3A%22https%3A%2F%2Fbitcoin-up.cash%22%3B%7D
			.x4tds.com/	1970-01-19 17:04:31	Name: __cfduid Value: dfde3134992da90b7033962e6605d7b331614079034

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

harangesn.com
l.x4tds.com
2606:4700:3031::6815:3543
2606:4700:3032::6815:40d6
0690e4f924777b579f13129336fd6c4212d36a73fce19054830558839bc59371
0ed461426dbec59a8dd7cdc8d0eff2923e6c43dbfb2d5636993a606a31fbbfde
13e33f5779be2556718d37c7b8e1640b573e15dd2412f4319b4d049f6b664993
1a51c8f67900332a2c3971e92bb7ebb37f8b86c6e0d5e7dd80bd6f89b88d8cc4
26d6e4ac6e191768a514e744c481232de0ecb30a24b7c997ddcbb26a04e72ce9
4d4695fbb381355f4de7b76c7110d34eac8652ae1e1e70f660c4eca4dbf1fb9c
56c808d8ea2a821e61d4d16604653e2e35c85833ec366091d9bb0a90d29f68eb
5a34e4960d8580d69f00c8250468e958d6edc0d216f0a772e42dfc407a74e4cb
6c3e3619c3804fac66dcc7574c463c0f6e2537429e8a9ce2d233112e76a655ca
6e9166a5e175211cd355fd8657d4a96370e366bfa4f0851338a94b7af60edec0
8945ef654142be08a6241ccffe2fd93b08a5446da9084353a5874f5e0a4950e4
8eb42717ed064abffa8051c7e4051f8b647ef33f935091cac36cf8036e431f13
9608fa3208c3912eb475adbf8622e23b41752fb659a54fd5777a4a358538a102
9870438b6cd4d97356e56608983e0f0e47831856796c27502857044c7cecdb12
99563326c935b6bfc617246aa95a64c4a8ba9fc5ae7addca6a9258d83e24d001
996496754e5dfb67cd35f08a64ed169ac8fd9b7d2eef0d9ec2995176c8d23d3d
a336c389c255cb2f277b85669df704f399dea0d0f2078f8dfd33bcf5060dab87
a829bee3c95bb10abf53674fe285193a519569e0dade0fbc9e84532cf443d28a
b7048b0c8d2c81097e783937c9f2988ed63d14e77cde08743680c5153491d5f1
cd0b9e9fbf7780b1248ff91b8d9fd4fe40492e71409568d15d96ce7867d3e9c2
cf2a03b86601f419ab5db89ec02a793b0e7df4d7777e8da49f75175da119e8af
d3aefd07e56012ef1e8ed28ecd13ac931d1d9f28aa55e4afff7955745f3d62f4
d40ee288c0df08b124f757f8c3b25d6be571c67a23e2afbd7b74a0ac3dd55d78
ddc97e8d5580ffd186b392d624ade219676ab344ed5ee12816a707beb65775be
e20577e76d6b202c53df0086292ad3726b29607d0e720a2b89b93fb540b393ff
ef5f4990f078fcb2101cd609337f77bdfe19cfdbdafca8d4e2ce171daee7b8b9

l.x4tds.com Open in urlscan Pro 2606:4700:3031::6815:3543 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

2704 kBTransfer

2827 kBSize

2 Cookies

53 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

2 Cookies

Indicators

l.x4tds.com Open in urlscan Pro
2606:4700:3031::6815:3543 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

2704 kB
Transfer

2827 kB
Size

2
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!