bestchange.weber-site.com Open in urlscan Pro
2606:4700:3033::6815:5659  Malicious Activity! Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bestchange.weber-site.com/	265 KB 17 KB	287ms 268ms	Document text/html	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bestchange.weber-site.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash b025ce964655ab5131c97071a99a0aae6397d984812ad6b06d0e2bf713acb279 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 78f1e4d94a1edfe9-NRT content-encoding br content-type text/html; charset=utf-8 date Wed, 25 Jan 2023 15:03:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbVuA%2BFuvbJqw9Dwg3z21UJ521LRlP9FtsU6qeUXXQxzbH8hwuwF1QwHFs%2FMr7ZhdcXxg212BZA9iRezO%2Fr0JK6qicBZnI7ZeISvn%2FB%2FjIf4ox7%2BnmoeVE1QXVPFO70CNBpHfKT38fBvy5U7l%2B6PGUsie757MGaE"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by ASP.NET x-powered-by-plesk PleskWin
GET H2	200	site.css bestchange.weber-site.com/css/	120 KB 20 KB	13ms 11ms	Stylesheet text/css	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bestchange.weber-site.com/css/site.css Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 22f9159b4abeeff8a6799d7776417d42980512ad4b1438f615569268442f5663 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 331 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Sun, 11 Sep 2022 15:08:48 GMT server cloudflare etag W/"1d8c5f064b65f3d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erv8u06vO3ieNpJ2K6WtXn3ug2z1DtnDtUxT2bkFCZCzAn%2BARIfi0XzB1HODFOyDLzxdqddNvjDs5PXUK9We%2FfIIXai0OL7p0d8veHHkX5%2Br2He5yYNNzEHlzdej1rPiNcUFkFiH%2Fa6fIvkF%2FaHLkSr1M2Jh6Alf"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 78f1e4db0c56dfe9-NRT
GET H2	200	js Show response www.googletagmanager.com/gtag/	110 KB 43 KB	96ms 51ms	Script application/javascript	2404:6800:4004:81e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-121069516-1 Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e09c6e02522e2c9fce770763efe6ca57864940c96d94147babc156913ca933f0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 44035 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 25 Jan 2023 15:03:09 GMT
GET H3	200	logo-5.png bestchange.weber-site.com/	28 KB 28 KB	9ms 9ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/logo-5.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash c3b716b8c9f0512a823d5344325a44db56a48d456017e2dc3df9abbfba864590 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 331 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 28289 x-powered-by-plesk PleskWin last-modified Sat, 24 Dec 2022 22:34:43 GMT server cloudflare etag "1d917e7eae6ed01" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPSASjgb4qXDVNoCltThuX9O3a%2BElBHYg1ShMVwH8dcDY7LFkNVm0JBRKeYy%2Fz2uPXPMPbcmzNHLwR7xT84AUZVAaKAMFZT8XuKYb%2B7SZMFVhS6vmdQYoXRPq1%2BRZK75OgUdca9Mn1Pg%2Fv6p%2BCdX%2FgOPxOXA0MyE"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4db49a180b9-NRT
GET H3	200	ajax.gif bestchange.weber-site.com/	2 KB 2 KB	8ms 8ms	Image image/gif	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/ajax.gif Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 1d18cf416aa23438eebc5376957d7d8f4493e575b61ac4adddeaa526d2894bb6 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 330 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1678 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:13:51 GMT server cloudflare etag "1d8c5172b5f170e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hD%2FoNCkViYRMNsUYeQ04vtIiQYTtjlR2WhcwS3sr5jXGsp5CJ5Ux4FiJPdGwUntlxzJ%2BFXgOk%2B%2FuVNPcleekqRIC1pJc5mk6IqE0Iu76aW4KXC%2FKrpEOgnA9QvcgYjIHeeqTkMbv2cc0ZHaeURaXsn4UEsbktjA"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4db59a780b9-NRT
GET H3	200	bg.png bestchange.weber-site.com/	344 B 882 B	7ms 7ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/bg.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash b0a21614cf0af4e8ef22f21ded2040df872fba31a6eacea40edf990b9cbbb6d2 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 329 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 344 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:13:51 GMT server cloudflare etag "1d8c5172b5f10d8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52o3NPn%2F%2BjBO%2FrNUfU%2FmyuZcfefuOrR%2FHESe2mUxnsU7BgokzN%2F9AvERdGOemcv161k3VEZd79zTu7qfMRpO6vdMXNRiPvuci6CdcazKaXCWG0wvi79hANgZhb%2FOcoF6E6mXtUoY3P1Tu4kXBEz0Hwuik4uiONmP"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4db59a980b9-NRT
GET H3	200	menu-new.png bestchange.weber-site.com/	1 KB 2 KB	11ms 11ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/menu-new.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash c33264b55f546bcae3de7a67ecc5716adecd92f527afc53068ec5fba0452538e Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 329 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1191 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:14:03 GMT server cloudflare etag "1d8c51732861b27" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CM6TvcoLMRxUF1SCQfKywSLGF0EAzM74ewEPMt0rRTdPw%2FFl689P%2BsxLZnWP1NsvNQrdsH7eGTk6t520I%2Bq87i%2BzU7ofXIL35YM8eyPqla9YMJLkJ5TLEcgyHdDReS4JIJ3RGRl%2FL7yQkxBN7wtRMp0qNc6f1gf8"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4db59aa80b9-NRT
GET H3	200	menu-li.png bestchange.weber-site.com/	1 KB 2 KB	8ms 7ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/menu-li.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 2dbed1a7040a2a2710eae30a1fc60dbe0c4bb865ef040a8999795a00e695f255 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 329 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1140 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:14:02 GMT server cloudflare etag "1d8c51731ed8d74" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRrVWfrfp4jv0J5xcg19tAgBVDvkEIfJDQmDdKUMiAq%2Fch10JaTVQIEfD4p5qbEgI40oqZPhnNwyuveFfqBinDVskGrVS5BcYK4bCANtIlF0%2BSZipTNzSY%2BRZ7uxhdZ2YR1gZUSyN3I5E78e7o1%2Fn5b4NSbrioi5"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4db59ac80b9-NRT
GET H3	200	c-block-new.png bestchange.weber-site.com/	4 KB 4 KB	10ms 9ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/c-block-new.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 6b30dc267a840a4d838e179be5450002d42039ec66f54834dbd6be52f7fe5bb9 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 329 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3766 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:13:52 GMT server cloudflare etag "1d8c5172bf7a6b6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BK68HcAR%2B6sFlDyiVSqblreNXs9gp%2Fzk9urQLvTFpf8F0tBCQbBS7TOPaO6NVlX%2FunaN%2BNOX%2B3NVgGupl6YkZL6yXVG2f4QbiV9yndJoZLV4HOQRHaWGq5FeHNFf0Bb%2BZrG40DSQDhgjEpIsY3wcBjWmRYYUnOl9"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4db59ad80b9-NRT
GET H3	200	intro-new.png bestchange.weber-site.com/	2 KB 2 KB	11ms 10ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/intro-new.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash f2aa107f4393868e35392d56391fc6afc07a5e1d812aae9c7bf176a10b4f75fc Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 329 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1765 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:13:59 GMT server cloudflare etag "1d8c5173023c365" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzVsRS8Yi%2Bw4WNa6c2Ij253%2FHvurBXw0nW%2BFbMoalUpQveOuaGvPmUVeiy45J43vA9wbroiREdMdebAn8CDrQ8fYeqML6DqWfEutye16tXufOvscSpV9lwxF1UBq40vM52IfNW7pGKd%2F7POSpYqW7ICtC7PkF%2BFp"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4db59ae80b9-NRT
GET H3	200	pictures.png bestchange.weber-site.com/	18 KB 19 KB	8ms 7ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/pictures.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 21719a9a397921bac4ccdcccdc8b488aa4b3623260cbb86d83c1917758045dc3 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 329 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 18921 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:14:05 GMT server cloudflare etag "1d8c51733b70569" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RysRzrggK3vcqHKqSOoA9458Rs2VOWNX4xwVD2I5IGQJzop7jYtd3Gyt3cn3WARrOCrr3YX%2FBKmftNxIT7%2BAi53TWn86F3DH3m15%2Fb3uaL6hjKfhSukiQqo2VpfjtJysfwisoIXbwwlYSnjlv2p7OU8AVWllPjA%2F"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4db59af80b9-NRT
GET H3	200	mrblock-new.png bestchange.weber-site.com/	3 KB 4 KB	10ms 9ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/mrblock-new.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 62d2d29a39b8a64812fa53eff6834729628dc532c4871afed886ac044c16b53a Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 329 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3294 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:14:04 GMT server cloudflare etag "1d8c517331ebade" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXKKq4NnnyLiFDtGvVbM3olVeXXTRAkUFhxvJCeepIe%2FRZMryjEuVP4Wg%2BaNB9yfxs3q3YMRI7U02O3GcwU06IQAJ9HVb3Jsxp%2BInL2Y2UNN5V6bWEkd3NxKz%2F5qFrOKgMDe92rxQbvIpitmWQrbR5lYJM5I86Sz"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4db59b080b9-NRT
GET H3	200	tabs.png bestchange.weber-site.com/	4 KB 4 KB	8ms 8ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/tabs.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 8e50123970bba359b24d349947037dd8845f847c92ffd3d78e418adac56ed3a9 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 329 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3921 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:14:12 GMT server cloudflare etag "1d8c51737e36551" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hStAMm11UWdzXXcTb%2FJrcZOQNA%2BzV%2BsPDr%2BcUSN8QfcHqRmawyok7SwUXp4b0HIrJAJK%2FKvuCTQult7e0Ku4sDC7seP3%2FmgBt0R0%2BuGxd76ZppwLBN75cPLi6MuXh86GRrYAD%2Bucn%2BrNrypgBXLmEeF3JRBpkK5T"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4db59b280b9-NRT
GET H3	200	crate.png bestchange.weber-site.com/	2 KB 3 KB	8ms 8ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/crate.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 00349be05c52ba401aa257a772827965391f197114015ad37bf6d90f3e60ca07 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 329 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2545 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:13:54 GMT server cloudflare etag "1d8c5172d28dcf1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjte3tys1YJqoyFmM5xQg3Rq5T63m3J2bwUBKETBrEo4AejSyoAuzIW3Cw%2FkXXeKrQqJM7WW53k%2F5uoZVqzUBMPR2sBxfiO7RLt1eA2eu01moNoJuOttf5br4rlCgcaX1sRG77cQTQFil0ugUIFABW9vx9C80%2Fc0"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4db69ef80b9-NRT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	44ms 2ms	Script text/javascript	2404:6800:4004:81f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-121069516-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 25 Jan 2023 13:06:42 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 6987 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20085 expires Wed, 25 Jan 2023 15:06:42 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 213 B	39ms 39ms	XHR text/plain	2404:6800:4004:81f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=980670598&t=pageview&_s=1&dl=https%3A%2F%2Fbestchange.weber-site.com%2F&ul=en-us&de=UTF-8&dt=Home%20page%20-%20BestChange&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=138684623&gjid=1131455714&cid=582880160.1674658989&tid=UA-121069516-1&_gid=1536162534.1674658989&_r=1&_slc=1&gtm=2ou1n0&z=1300100911 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://bestchange.weber-site.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 25 Jan 2023 15:03:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://bestchange.weber-site.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rate.png bestchange.weber-site.com/	873 B 1 KB	9ms 8ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/rate.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash b15fec8ea1cb5d6e5f0711d23409615aaa45d103055eb3cf6332cc88d940f8f7 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 329 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 873 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:14:08 GMT server cloudflare etag "1d8c51735811369" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUePgR5TnAPIra0JGVN%2FmaIp%2FAJucSKa4u4%2Fz05jtNN89jzoBNWiLgz%2Fw%2Beb0QcMVvq8623ITz2g5x3M7RApE98Ox9ZHWk5lLkSp%2FVN5m8w4kiXa3q8UQy%2BfEZBGikeXSPTBTFY8znq2TXgaUolWZO48lRJrIy1G"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4dc8b3f80b9-NRT
GET H3	200	r-td.png bestchange.weber-site.com/	3 KB 3 KB	17ms 15ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/r-td.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 6606b9eb27690162dfc745a8d67e71eb377d47115b91e8532f3bd15426a57528 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 329 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2817 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:14:07 GMT server cloudflare etag "1d8c51734e87281" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0zNPhuiGZ3Aj3rTJ5jAl9UYgplm5JAVZLliGiNrrdf%2BjoY4YCxhFE%2BTr63Ll6DstT8jG2lSHw7OFpFPV%2FfXKxMeUrn1fEnfRgQL31XapBA0EPRhbZF%2BS4qq%2BNM07dp2cYFAhs%2FVJvGk9MeNGbZS1s7g7qV9%2Bfg4"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4dd3bda80b9-NRT
GET H3	200	search-white.svg bestchange.weber-site.com/	575 B 881 B	12ms 10ms	Image image/svg+xml	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/search-white.svg Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 9f184340afbc08963928f2dd7a6a1eee7dbe25bee4e22bcd036f9507938fe18d Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 329 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:14:11 GMT server cloudflare etag W/"1d8c517374ad1bf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FEOgy5aKn%2BDoiA7tUO5qUeCt6SoC%2B13Qq3v5kDsCQ1HDwdWO7A2sHxPOL1H%2B4YpbnTcBxq%2FFZh6edjllFuLviLDzCUf9hYYEGVglWBVj%2B8BfBVyEtyk3kRyNGqAzyyQNO8ZJxXUnFbQy76XJIqmuszLCmef2evT"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 78f1e4dd3bdd80b9-NRT
GET H3	200	r-td-bg.png bestchange.weber-site.com/	3 KB 3 KB	9ms 8ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/r-td-bg.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 06fa1f0648a835d15ac17fec335e5f42b71b1d1e4d854eaf73be0e6e4fdf5a75 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 329 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2775 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:14:07 GMT server cloudflare etag "1d8c51734e87357" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4u7h2XkB0gkBkMnETNkyDvSD3SONdD44BS4WIjRP5%2B1zftYg%2F%2BiviIj4WFexyCGRxygo7cJTbFWjpS2rq1UYH7Ro7j998j3IthWUht0SthLsIFG6FYGQrxFvJpV4t0V18CGSBgBqA16QwCJV3euYbMDD1Onjsri3"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4dd3bde80b9-NRT
GET H3	200	buttons.png bestchange.weber-site.com/	11 KB 12 KB	31ms 30ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/buttons.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash d4e69d6b8e010b46a258f916572c54e8f1c67b9b08862d510ebf61d18b9ee343 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:10 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 330 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 11775 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:13:52 GMT server cloudflare etag "1d8c5172bf785ff" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlFHQvMZ94ToY9WIHxs5TFVsCT5XYSaw9pJPa%2FOBDW7rESGGh02P%2F10hjDsJh%2BgWMbN%2B%2FwlXC7vNnlEnbk77DCNma9QZdvSHwy0%2FcfpeElicJFz1X%2FcQ3IkmI3OQsaZ%2Fm14Uq9an7NCh94XylcwTDkTpmi9eN2Qa"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4df8d6380b9-NRT
GET H3	200	iblock.png bestchange.weber-site.com/	3 KB 4 KB	7ms 7ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/iblock.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 5448a3ed79cbe57633b96cb311063985531d62d3dee5d7317c1e161ceb6f88e8 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:10 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 330 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3255 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:13:58 GMT server cloudflare etag "1d8c5172f8b23b7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9D%2BAp7LN1JSXWIQSYlMDicMSkVw7PQiE%2F05qVPm3iWRZwCBZBjiLMbF2aFawuT5zx9vskB%2F4mKuWz4nlCrT%2BJ11q0ucaAr1riE4d0YMVOfyEJp0LBvytmNZCxG2d7cx5LqE3LqOWsjQkLIaMXeG%2F67tnH4RKti3"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4e03dd980b9-NRT
GET H3	200	ibinner.gif bestchange.weber-site.com/	311 B 851 B	11ms 11ms	Image image/gif	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/ibinner.gif Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash ab2db7a4116821eef4ebb63a3ff9a41ed7ac1f8710fcc131746f7824c2ff79eb Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:10 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 330 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 311 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:13:58 GMT server cloudflare etag "1d8c5172f8b2e37" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqSqWpN42DJfp89E894zA5SETu6dPRP1%2Fy1CIRa98FQ39G9%2FxyIVjR%2By3O7%2FhbL2M%2BtFjVsv1CtUqMkR%2BE%2FtBYDfjnSKZKjBZAhS9yl6J6LD3H41RsFDPVPNqjXxuaWnIK2x34Z1YffRTa7uC6jaGQt9cpdZPwYZ"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4e03dda80b9-NRT
GET H2	200	hcaptcha.html Show response newassets.hcaptcha.com/captcha/v1/1f7dc62/static/ Frame 1CAA	2 KB 1 KB	44ms 27ms	Document text/html	104.16.169.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f13f4ed673e0842319f91d3ae31f9927ade2ecd5f024a550c8f5d6f43c5e4b21 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://bestchange.weber-site.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers access-control-allow-origin * age 2166652 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=1209600 cf-cache-status HIT cf-ray 78f1e4e10e1480e9-NRT content-encoding gzip content-type text/html date Wed, 25 Jan 2023 15:03:10 GMT last-modified Thu, 11 Aug 2022 21:59:15 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding via 1.1 e9ecff7f1e95f59d05af07214105f33c.cloudfront.net (CloudFront) x-amz-cf-id emujO8ufxjGHk0V1Xt6-pFRl06kbHndAGj-UL75YdgvsUIkClGB-WA== x-amz-cf-pop NRT12-C3 x-cache Hit from cloudfront x-content-type-options nosniff
GET H3	200	ajax.gif bestchange.weber-site.com/images/	2 KB 2 KB	10ms 10ms	Image image/gif	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/images/ajax.gif Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 1d18cf416aa23438eebc5376957d7d8f4493e575b61ac4adddeaa526d2894bb6 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:10 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 330 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1678 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:22:17 GMT server cloudflare etag "1d8c51858f88c0e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auaDmaDYlpv7mn77Ai8eb7MQHHmXEhSXrGH9aaYgsf372qt3ogjWa82hN%2BoiJ4OssBlJUYJ9qFGHF3dEsbRInWTZ2OCI10PhS3iiXuPUKi31dBdV5CAw74Yi%2Fkq2J0ob5jbRTw%2FbXlCgOq4kxB4d6LP6Qruaw6Pt"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4e0fe6d80b9-NRT
GET H3	200	jquery.min.js Show response bestchange.weber-site.com/lib/jquery/dist/	87 KB 32 KB	12ms 11ms	Script application/javascript	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bestchange.weber-site.com/lib/jquery/dist/jquery.min.js Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:10 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 330 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:14:40 GMT server cloudflare etag W/"1d8c5174892bd86" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9j8YgYrMoc6MmR0VUQdP4VkDB6R4irnZq37XmYvS%2Ffz35Ca7OyY0TDgjYgH4YYTysxUZP8jsShSa5wpM0gDLaOHDagubXKCs6Za2OjsSq1jTPrWDiI8Jbf9DZmM8sCgdOsn8kL3l0QtAtzW3n23tApc3nvNYuKbz"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 78f1e4e0fe6f80b9-NRT
GET H3	200	site.js Show response bestchange.weber-site.com/js/	3 KB 1 KB	8ms 8ms	Script application/javascript	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bestchange.weber-site.com/js/site.js?v=cOSRnak8sEA-Ii1K60FfaG403zSHudwJ8WjSTM0i7d4 Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash ba46e7e4f18dee923e9f5174d88bc59c2ad7e275b2cd7d8898d6d0c94ef5cbe9 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:10 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 330 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Wed, 14 Sep 2022 22:00:31 GMT server cloudflare etag W/"1d8c88568176292" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTw9%2B4ekn4iQyJ9BIC5LVUi2ZQwFiX9YotMIpAqW%2Bu0Fe0a67YKSB2Okq4YLe%2F9sdG%2FBBECTXR3DqLhiomaJQzNn8QWmPvW0BpkplSenQ1%2F8X1BUWe5Ypxc8QIkO1RjnXAT%2FBZjHJyKEevHvxr%2BBLZJJMCsbYZHc"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 78f1e4e0fe7080b9-NRT
GET H3	200	mfooter.png bestchange.weber-site.com/	525 B 1 KB	11ms 10ms	Image image/png	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/mfooter.png Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash b651fd4b75ca425b4cfc4ef64983b1957d7222ee223c3a2c5628980f7dfaf69a Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:10 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 330 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 525 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:14:03 GMT server cloudflare etag "1d8c51732861d8d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6B4PRcjIkEPyglAMYePWHAo8tA9R%2BBi5VpQhokUzNI9wmX3YXcxZ8m%2BLfTITA7q6nAU28RS9ib28dlDwcRcTMW6kFKiGmB5mXcavAyWrKrZN4I%2FWCd52vBK0DyfyBXqS5cNWOo%2BYKfzEoP4Br6tHFGSPfqBmf9o3"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 78f1e4e0fe7180b9-NRT
GET H3	200	trustpilot.svg bestchange.weber-site.com/	3 KB 2 KB	11ms 10ms	Image image/svg+xml	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/trustpilot.svg Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 21f5d8c6f2bd44b365405502390d28f18476efcac2e4905f8eba5f2486d28095 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:10 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 330 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:14:13 GMT server cloudflare etag W/"1d8c517387c0d5c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUXqyvRoAcjZpG10LhrkUR1kj5VBtxbZ276wOGI3vTYHtV51%2BkEjIj95idyq5%2FQsNj3grzfO%2F3UqcQPlapIVz2BsyI64hSl%2FotJpuTv58Yrf5tJ94Pi281%2FTIDdqgFRG82vyYHRrwJoSB5zJj7IznWhWAtezDk1e"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 78f1e4e0fe7380b9-NRT
GET H3	200	twitter.svg bestchange.weber-site.com/	815 B 1009 B	12ms 11ms	Image image/svg+xml	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/twitter.svg Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 34460d058100899d542e61da102006424782da31b4248aea658d3bf9e99828b3 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:10 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 330 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:14:13 GMT server cloudflare etag W/"1d8c517387c03af" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEINJweTD2DnpYnruNir58UcyOL05IizBpwCU8n4YFbtT3du9%2FwndHaefJrrGrmem%2BaAgIDWjBaPBSL6uOc9i3uPCa6MIjhGgOJd2m8%2BL9JJ6x9Zkh0g65UJ6JXyM4NZDRHeSlJxJux8MaekZ6QkRonE778lUVot"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 78f1e4e0fe7480b9-NRT
GET H3	200	facebook.svg bestchange.weber-site.com/	514 B 855 B	11ms 10ms	Image image/svg+xml	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/facebook.svg Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash b6aa63e377acb6fa27f6661d1271eb34863655fefdcfb86e7974f426b3a3d8af Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:10 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 330 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:13:56 GMT server cloudflare etag W/"1d8c5172e5a0002" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQ%2FjVkssWBlFkG78EKx6iOefowe%2BtN48qzRzvCgrOa6gWBQvLQ1heJzwti10gHsqml8giDB8QgZUtaGgi4iHbOCIC61Ktd01Y9sACoccvRcUD6jDZmy%2BRy8p5HhcQzo2fOgQ08He6lXXM019CMCfg7QTEihXvpyv"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 78f1e4e0fe7680b9-NRT
GET H3	200	instagram.svg bestchange.weber-site.com/	874 B 1 KB	11ms 10ms	Image image/svg+xml	2606:4700:3033::6815:5659 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bestchange.weber-site.com/instagram.svg Requested by Host: bestchange.weber-site.com URL: https://bestchange.weber-site.com/css/site.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5659 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 2f520c9cecb30ff8abc71a9edc9397b7a1f8debc8866cbb0ca38b5e811b1e468 Request headers accept-language jp-JP,jp;q=0.9 Referer https://bestchange.weber-site.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:10 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 330 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Sat, 10 Sep 2022 13:13:59 GMT server cloudflare etag W/"1d8c5173023c6ea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDcgchLoLaeCINORSeIzq462PwISOqAVbMf8pPOFAaaHysyQSHG%2FaG39CzO7xuUrISGkgTTQ8UrAliOk23hEvp9aqP76TeyJ5R5ufHPPCtZooHYHbyIYcXjlH8KTL77R6BiR3Lc1Mpby3x4oOszYdPsVUt5DR60x"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 78f1e4e0fe7780b9-NRT
GET H2	200	hcaptcha.js Show response newassets.hcaptcha.com/captcha/v1/1f7dc62/ Frame 1CAA	281 KB 79 KB	18ms 17ms	Script application/javascript	104.16.169.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e626cb80c06ed2f4560b3b4fef501c83d601fde61cd7cc507d77d47c916f06b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html Origin https://newassets.hcaptcha.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 25 Jan 2023 15:03:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 6b08a30faffc4f051786275c2f0fdfe2.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding gzip x-content-type-options nosniff age 2286252 x-amz-cf-pop NRT57-P4 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 11 Aug 2022 21:59:15 GMT server cloudflare etag W/"84729783ded6e9166650d2e40d1556b2" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 cf-ray 78f1e4e14e6b80e9-NRT x-amz-cf-id dZusoBJ0PsIs9XswW9cNmlRcq7vZJ4qe9247l2C2WHyHPiHL_2u7SQ==
GET DATA	200 OK	truncated / Frame 1CAA	798 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7 Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/png
POST H2	200	checksiteconfig Show response hcaptcha.com/ Frame 1CAA	554 B 823 B	28ms 24ms	XHR application/json	104.16.169.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hcaptcha.com/checksiteconfig?v=1f7dc62&host=www.bestchange.com&sitekey=96698d85-c7f5-46b2-a9b8-8a2d6c7ec963&sc=1&swa=1 Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b27eac8c717caceb7fbb7c7c64cd46133c05d23f6216b0fa603809808d2c5e79 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept application/json Referer https://newassets.hcaptcha.com/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type text/plain Response headers date Wed, 25 Jan 2023 15:03:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff content-encoding gzip server cloudflare vary Origin, Accept-Encoding access-control-allow-methods GET, HEAD, POST, OPTIONS content-type application/json access-control-allow-origin https://newassets.hcaptcha.com access-control-allow-credentials true cf-ray 78f1e4e1aeb880e9-NRT access-control-allow-headers Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path cf-chl-bypass 2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bestchange (Crypto Exchange)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.weber-site.com/	1970-01-20 18:46:58	Name: _ga Value: GA1.2.582880160.1674658989
			.weber-site.com/	1970-01-20 09:12:25	Name: _gid Value: GA1.2.1536162534.1674658989
			.weber-site.com/	1970-01-20 09:10:59	Name: _gat_gtag_UA_121069516_1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bestchange.weber-site.com
hcaptcha.com
newassets.hcaptcha.com
www.google-analytics.com
www.googletagmanager.com
104.16.169.131
2404:6800:4004:81e::2008
2404:6800:4004:81f::200e
2606:4700:3033::6815:5659
00349be05c52ba401aa257a772827965391f197114015ad37bf6d90f3e60ca07
06fa1f0648a835d15ac17fec335e5f42b71b1d1e4d854eaf73be0e6e4fdf5a75
1d18cf416aa23438eebc5376957d7d8f4493e575b61ac4adddeaa526d2894bb6
21719a9a397921bac4ccdcccdc8b488aa4b3623260cbb86d83c1917758045dc3
21f5d8c6f2bd44b365405502390d28f18476efcac2e4905f8eba5f2486d28095
22f9159b4abeeff8a6799d7776417d42980512ad4b1438f615569268442f5663
2dbed1a7040a2a2710eae30a1fc60dbe0c4bb865ef040a8999795a00e695f255
2f520c9cecb30ff8abc71a9edc9397b7a1f8debc8866cbb0ca38b5e811b1e468
34460d058100899d542e61da102006424782da31b4248aea658d3bf9e99828b3
4e626cb80c06ed2f4560b3b4fef501c83d601fde61cd7cc507d77d47c916f06b
5448a3ed79cbe57633b96cb311063985531d62d3dee5d7317c1e161ceb6f88e8
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
62d2d29a39b8a64812fa53eff6834729628dc532c4871afed886ac044c16b53a
6606b9eb27690162dfc745a8d67e71eb377d47115b91e8532f3bd15426a57528
6b30dc267a840a4d838e179be5450002d42039ec66f54834dbd6be52f7fe5bb9
8e50123970bba359b24d349947037dd8845f847c92ffd3d78e418adac56ed3a9
9f184340afbc08963928f2dd7a6a1eee7dbe25bee4e22bcd036f9507938fe18d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
ab2db7a4116821eef4ebb63a3ff9a41ed7ac1f8710fcc131746f7824c2ff79eb
b025ce964655ab5131c97071a99a0aae6397d984812ad6b06d0e2bf713acb279
b0a21614cf0af4e8ef22f21ded2040df872fba31a6eacea40edf990b9cbbb6d2
b15fec8ea1cb5d6e5f0711d23409615aaa45d103055eb3cf6332cc88d940f8f7
b27eac8c717caceb7fbb7c7c64cd46133c05d23f6216b0fa603809808d2c5e79
b651fd4b75ca425b4cfc4ef64983b1957d7222ee223c3a2c5628980f7dfaf69a
b6aa63e377acb6fa27f6661d1271eb34863655fefdcfb86e7974f426b3a3d8af
ba46e7e4f18dee923e9f5174d88bc59c2ad7e275b2cd7d8898d6d0c94ef5cbe9
c33264b55f546bcae3de7a67ecc5716adecd92f527afc53068ec5fba0452538e
c3b716b8c9f0512a823d5344325a44db56a48d456017e2dc3df9abbfba864590
d4e69d6b8e010b46a258f916572c54e8f1c67b9b08862d510ebf61d18b9ee343
e09c6e02522e2c9fce770763efe6ca57864940c96d94147babc156913ca933f0
f13f4ed673e0842319f91d3ae31f9927ade2ecd5f024a550c8f5d6f43c5e4b21
f2aa107f4393868e35392d56391fc6afc07a5e1d812aae9c7bf176a10b4f75fc
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b