urlscan.io logo urlscan.io
SecurityTrails logo

edlcu4.gq Open in urlscan Pro
2606:4700:3035::6815:1c16  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://edlcu4.gq/au-4146-fixed-new
Effective URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Submission: On December 13 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3035::6815:1c16, located in United States and belongs to CLOUDFLARENET, US. The main domain is edlcu4.gq.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 9th 2021. Valid for: a year.
This is the only time edlcu4.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer) Microsoft (Consumer) Generic (Online)

Downloads These files were downloaded by the website

Incomplete This computer is BLOCKED.html
Downloaded from: https://edlcu4.gq/au-4146-fixed-new/Chromium/index.html
Incomplete This computer is BLOCKED.html
Downloaded from: https://edlcu4.gq/au-4146-fixed-new/Chromium/index.html
Incomplete This computer is BLOCKED.html
Downloaded from: https://edlcu4.gq/au-4146-fixed-new/Chromium/index.html

Domain & IP information

IP Address AS Autonomous System
3 15 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
18 6
15    2606:4700:3035::6815:1c16 (United States)

ASN13335 (CLOUDFLARENET, US)
edlcu4.gq
3    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Domain Requested by
15 edlcu4.gq 3 redirects edlcu4.gq
3 maxcdn.bootstrapcdn.com edlcu4.gq
1 fonts.googleapis.com edlcu4.gq
1 code.jquery.com edlcu4.gq
1 ajax.googleapis.com edlcu4.gq
18 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-11-09 -
2022-11-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh

This page contains 2 frames:

Primary Page: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Frame ID: E39C2492BF08D7628F5B9EF65FD4059D
Requests: 17 HTTP requests in this frame

Frame: https://edlcu4.gq/au-4146-fixed-new/Chromium/err.mp3
Frame ID: E69A5F56CE859FE3F8A6B180F7CEA465
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Windows Helpline-and-Services

Page URL History Show full URLs

  1. http://edlcu4.gq/au-4146-fixed-new HTTP 301
    https://edlcu4.gq/au-4146-fixed-new HTTP 301
    http://edlcu4.gq/au-4146-fixed-new/ HTTP 301
    https://edlcu4.gq/au-4146-fixed-new/ Page URL
  2. https://edlcu4.gq/au-4146-fixed-new/Chromium/ Page URL

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

834 kB
Transfer

1390 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://edlcu4.gq/au-4146-fixed-new HTTP 301
    https://edlcu4.gq/au-4146-fixed-new HTTP 301
    http://edlcu4.gq/au-4146-fixed-new/ HTTP 301
    https://edlcu4.gq/au-4146-fixed-new/ Page URL
  2. https://edlcu4.gq/au-4146-fixed-new/Chromium/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://edlcu4.gq/au-4146-fixed-new HTTP 301
  • https://edlcu4.gq/au-4146-fixed-new HTTP 301
  • http://edlcu4.gq/au-4146-fixed-new/ HTTP 301
  • https://edlcu4.gq/au-4146-fixed-new/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
edlcu4.gq/au-4146-fixed-new/
Redirect Chain
  • http://edlcu4.gq/au-4146-fixed-new
  • https://edlcu4.gq/au-4146-fixed-new
  • http://edlcu4.gq/au-4146-fixed-new/
  • https://edlcu4.gq/au-4146-fixed-new/
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://edlcu4.gq/au-4146-fixed-new/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3059850f6062e7a75fe102fe23f3d9680b96ee76d3a141b8a6d6ed744412871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 13 Dec 2021 07:12:29 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHvxTH5iSzi2FvtBoGCFGr%2B93mLVzamsRMe7gfabnZoHJx9f9gjADNCpCpyu1%2BsKpt66WAzVH7r4OgRBqIRQH%2FZHLQFnMpzZyCHjZtSMX7qzTLbI8MgOYtbmzK3loqb%2Fi3FvlWbmM7M%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6bcd62698cc605cc-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Mon, 13 Dec 2021 07:12:29 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 13 Dec 2021 08:12:29 GMT
Location
https://edlcu4.gq/au-4146-fixed-new/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lyceiz6qKH2CkJVQzPOAMbi%2FczJqYT1JRlWgcENFj4O7grxZdiXL8Hyu8Y2v6RIqxz6am%2BCSHs5%2BQvNX5hRIjCviydqdw2fBSLLspSLRp1SXAgFPkl4YcU73tVublR5Vr1sALn%2FYw%2Bw%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6bcd62696cbe83ba-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Primary Request /
edlcu4.gq/au-4146-fixed-new/Chromium/ 		321 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://edlcu4.gq/au-4146-fixed-new/Chromium/
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edcd2c4e1b30f64d0b1ff0f90134ef2b513cb2316cac8b8ba725a90789da6d00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://edlcu4.gq/au-4146-fixed-new/

Response headers

date
Mon, 13 Dec 2021 07:12:30 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRya7xBs0wl8ROeiSaM%2FLFGjIZLZJf%2B2lpRA3OOSTEZN0outSru4%2BoG9IY3ZQxSBX3SfTnCJEnBAu%2FTCpt0xcK7WZFgMRoOEtbc9asNtLa8Q2cD40zAL3833lOfq723aTZMhcCa0Obk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6bcd626abdd4d60c-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://edlcu4.gq/
Origin
https://edlcu4.gq
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 07:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
632, 617, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
399c6b46979f45aca2e5d6c3834f0901
cf-ray
6bcd626d58491756-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://edlcu4.gq/
Origin
https://edlcu4.gq
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 07:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
601
access-control-allow-origin
*
cdn-cachedat
08/03/2021 14:28:52
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ac1faaff987497f385d0a6828e4c2c6d
cf-ray
6bcd626d584d1756-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
style.css
edlcu4.gq/au-4146-fixed-new/Chromium/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://edlcu4.gq/au-4146-fixed-new/Chromium/css/style.css
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58aeb9f772eaa9b56371ca46af24d5cab80bbefce865447628bc7d5126bb180f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://edlcu4.gq/au-4146-fixed-new/Chromium/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 07:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 22 Sep 2021 06:39:10 GMT
server
cloudflare
etag
W/"614acf8e-f3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfUVpsRjY8tdNTlgWw1d%2BILyXzfMhMqpcXuc3TiOiQWPAMl2I29C60Y494S5eoZPEnabQ6Ncu7iSXxOft4HnBVMgnyXyPL%2BlI4TybwKL%2Bqyp8Tk9Q4CCRKG5gicnOCI%2BTSzxGekzdFo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6bcd626d483dd60c-MXP
expires
Wed, 12 Jan 2022 07:12:30 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://edlcu4.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 21:55:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Dec 2022 21:55:29 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://edlcu4.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 07:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
565, 617, 617
age
20228613
cdn-cachedat
2021-04-23 06:05:18
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
d44b997c059b29f676fef0c1ef13ecf2
cf-ray
6bcd626d7f505a07-MXP
cdn-requestcountrycode
EG
cdn-requestpullsuccess
True
rsod.png
edlcu4.gq/au-4146-fixed-new/Chromium/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edlcu4.gq/au-4146-fixed-new/Chromium/images/rsod.png
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd58a3ee5aaf16eb180c50e2e7f8cfb72bcc395a556ff3f8ceee8e9c03fff625
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://edlcu4.gq/au-4146-fixed-new/Chromium/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 07:12:30 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18843
x-xss-protection
1; mode=block
last-modified
Wed, 22 Sep 2021 06:39:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"614acf93-499b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoDhDsttOfp5VqHAwFblpkdLrjPopqZt8YuAIgTV8ih%2F%2B16Bs%2FzcUrmcuWCJ84Q4t%2FkpXrDqsxzTNO1ZDy%2B7hR%2FMXPFkrc0jDzL0oSUVjkfJ39kAjE7RPzMwOpP2SS5jEb5tSogdcMI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6bcd626da888d60c-MXP
expires
Wed, 12 Jan 2022 07:12:30 GMT
335158-windows-8-window.png
edlcu4.gq/au-4146-fixed-new/Chromium/images/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edlcu4.gq/au-4146-fixed-new/Chromium/images/335158-windows-8-window.png
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
312c6606235f1ba63b2141b812fef5398536390a76c85f5ab8bcc35a7aa8737e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://edlcu4.gq/au-4146-fixed-new/Chromium/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 07:12:31 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28697
x-xss-protection
1; mode=block
last-modified
Wed, 22 Sep 2021 06:39:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"614acf92-7019"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRBuu1yfm0IgJu2Oe2xD3sQjMHv3SyKdNm6kyNWUNBPyGDZIe52qnOLYAG0nt%2F4HBZloWgO9KW3kA8rPllkDSPSRnpFfjjNtGPXT7c1kV%2BxLr%2BYZGLIpcWCk%2BIrVEeBUFIk0JB8dI%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6bcd626f9a4cd60c-MXP
expires
Wed, 12 Jan 2022 07:12:30 GMT
win.png
edlcu4.gq/au-4146-fixed-new/Chromium/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edlcu4.gq/au-4146-fixed-new/Chromium/win.png
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b53368bc6cc77ab2dbaba4be215aa4662fce06b3a69d22631986b9d150c83290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://edlcu4.gq/au-4146-fixed-new/Chromium/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 07:12:31 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45813
x-xss-protection
1; mode=block
last-modified
Wed, 22 Sep 2021 06:37:58 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"614acf46-b2f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUmo0G9Z8TpXGdF6qD0ISWlPCeVaKw22%2BW9d13DBE1xs1RwB%2FdffbcyaH2LVRx99KIz3gxb4w3CgN0WYuGgK2j8YtZ2ZLHLm1kcYuV1%2B41KI4DmKbvliu0Qbul6nG4Bx3inq9E4YsHY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6bcd626f9a4fd60c-MXP
expires
Wed, 12 Jan 2022 07:12:30 GMT
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://edlcu4.gq/
Origin
https://edlcu4.gq
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 07:12:30 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1538f"
vary
Accept-Encoding
x-hw
1639379550.dop239.fr8.t,1639379550.cds277.fr8.hn,1639379550.cds057.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30288
script.js
edlcu4.gq/au-4146-fixed-new/Chromium/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edlcu4.gq/au-4146-fixed-new/Chromium/js/script.js
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6155c8765cddcfc94a631542e159e26df0f7f1c2ba95358b4f415d946c0a1c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://edlcu4.gq/au-4146-fixed-new/Chromium/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 07:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 22 Sep 2021 06:39:19 GMT
server
cloudflare
etag
W/"614acf97-1eeb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8n4C1bDOmYzdjwSjFcf7MQVvvSfQsFoh%2Fna7ryezZOOPD6xxpnVywKy4xE7SUtHwXKVAl%2FlULdCzAbp5%2Bc1la1B83jZzbI46fpDEMwdWE7LscLfC6KuLjkIgNAdZ%2BsF5RWQsEKxF5cM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, max-age=2592000
cf-ray
6bcd626f9a49d60c-MXP
expires
Wed, 12 Jan 2022 07:12:30 GMT
css
fonts.googleapis.com/ 		29 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Comfortaa:300|Cormorant+Garamond|Cormorant+Infant|Cormorant+SC|Cormorant+Unicase|EB+Garamond|El+Messiri|Forum|Jura|Lobster|Neucha|Open+Sans+Condensed:300|PT+Sans|PT+Sans+Narrow|Philosopher|Playfair+Display+SC|Poiret+One|Ruslan+Display|Russo+One|Ubuntu&subset=cyrillic
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a1f4b14847f2a8e6e970b7455f2128e3f58075f2c0205a0f0c5ad0c96f41ee50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://edlcu4.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 07:12:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 13 Dec 2021 07:12:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Dec 2021 07:12:30 GMT
truncated
/ 		239 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd08b9849632e73574f62ca80572a17f9bbd9bb1010fe8c6380e641460abd96c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
background.png
edlcu4.gq/au-4146-fixed-new/Chromium/images/ 		186 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edlcu4.gq/au-4146-fixed-new/Chromium/images/background.png
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f92c2703bfee4212ba4b1b1616d4dfbb3a9e58e0110ce3351e28a989ed5cb69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://edlcu4.gq/au-4146-fixed-new/Chromium/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 07:12:31 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
190576
x-xss-protection
1; mode=block
last-modified
Wed, 22 Sep 2021 06:39:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"614acf92-2e870"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2F%2FKFKq0rnPUCUITIJzwzhcZvlsGcQOV5xkxr9ouRl7xuCFRcEx4rwwWLQVWgkMZxpPB%2FV7s1dr40YvAt3kyNYJh%2B2zrqTkc75fcHLl%2Fi3bGR5e62B%2F3p2eT8ZGCFZPYqAYgE2J8W6E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6bcd626f9a59d60c-MXP
expires
Wed, 12 Jan 2022 07:12:30 GMT
err.mp3
edlcu4.gq/au-4146-fixed-new/Chromium/ 		196 KB
197 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://edlcu4.gq/au-4146-fixed-new/Chromium/err.mp3
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://edlcu4.gq/au-4146-fixed-new/Chromium/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 13 Dec 2021 07:12:31 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-200831/200832
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
200832
x-xss-protection
1; mode=block
last-modified
Wed, 22 Sep 2021 06:37:56 GMT
server
cloudflare
etag
"614acf44-31080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krNqX18Pqd6feRB5KOnagYydv6i%2FDiReaqEGbRkXYLVZcj2nljtTWikL7BRrUPZe9YkfBQfaeZ%2FbNnwDWgZKnf9%2F9unk66iQrh%2B8o8I4G3s2mqkbrTELV%2F97u0iT2fEWZr52olsK%2BHI%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
6bcd626fca86d60c-MXP
beep.mp3
edlcu4.gq/au-4146-fixed-new/Chromium/ 		8 KB
9 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://edlcu4.gq/au-4146-fixed-new/Chromium/beep.mp3
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://edlcu4.gq/au-4146-fixed-new/Chromium/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 13 Dec 2021 07:12:30 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-8404/8405
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
8405
x-xss-protection
1; mode=block
last-modified
Wed, 22 Sep 2021 06:37:56 GMT
server
cloudflare
etag
"614acf44-20d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uj7qGmRWuFGlodzRCjpzBvWg98pvh2oCSmkKwupQGNJc%2BUIXS4g68jzM9W28NbociEbuQ7rqnTMBO78PRcIE06fp%2BW%2FZlOa6gYXcJB9vS5bZmDZTO7Q%2BfplKBRwTuQGnloBYKwgFhRc%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
6bcd626fca89d60c-MXP
err.mp3
edlcu4.gq/au-4146-fixed-new/Chromium/ Frame E69A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://edlcu4.gq/au-4146-fixed-new/Chromium/err.mp3
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://edlcu4.gq/au-4146-fixed-new/Chromium/

Response headers

date
Mon, 13 Dec 2021 07:12:31 GMT
content-type
audio/mpeg
content-length
200832
last-modified
Wed, 22 Sep 2021 06:37:56 GMT
etag
"614acf44-31080"
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cache-control
max-age=14400
cf-cache-status
HIT
age
1
accept-ranges
bytes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KO0J3mW18iROSnB1XXVUztqx7E9ndP5OqR%2FHcXERjF%2F2DcWa6kCSM%2FdtZHtpNtOE7le1WRODRvlF0to4ubXteqS73FHEJLL2hBm19xDko2J5KWTl6ypGtANODxTMmKqyCZslB367EQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6bcd62720c4dd60c-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
err.mp3
edlcu4.gq/au-4146-fixed-new/Chromium/ Frame E69A 		196 KB
197 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://edlcu4.gq/au-4146-fixed-new/Chromium/err.mp3
Requested by
Host: edlcu4.gq
URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://edlcu4.gq/au-4146-fixed-new/Chromium/err.mp3
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 13 Dec 2021 07:12:31 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
Content-Range
bytes 0-200831/200832
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
200832
x-xss-protection
1; mode=block
last-modified
Wed, 22 Sep 2021 06:37:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"614acf44-31080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lO7b2Vaoxsftlw%2FQGHF9AA9ztViVmFXLVj2K0%2Fe4Gaul8vnJXw0Pctv4M9LXTOQh7qtUHXDUqIMU7cYYY5Qyn7%2BQWEBfLxuxFwFjjjjnpKjoi%2BoUJ3XN7rZNy9s17BNvmMPa0a3FlqY%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
max-age=14400
cf-ray
6bcd62736d4fd60c-MXP

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer) Microsoft (Consumer) Generic (Online)

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| _0x1d83 function| _0x5afb function| _0x174966 function| _0x5106d2 function| _0x18992e function| _0x1db563 function| _0x52ad61 function| _0x4c195c boolean| isOpera boolean| isFirefox boolean| isSafari boolean| isChrome boolean| isIE function| getVariableFromURl function| $ function| jQuery object| _0x23f8 function| _0x7050f6 function| _0x5284c6 function| _0x12a488 function| _0x9a86c9 function| _0x30c573 function| _0x11a3d9 function| _0x53ad object| modal object| btn object| span object| _0x5b0c function| _0x1f2a2c function| _0x1740 function| addEvent function| _0x5b123c function| fillForm function| closeCode function| getCode function| modalClose function| getModal function| _toggleFullScreen function| open1 function| isPlaying function| forceDownload function| catchControlKeys function| prevent object| _0x5384 function| _0x5b472c function| _0x43bfdd function| _0xfb9a52 function| _0x576e function| _0x2131b4 function| _0x778f57 string| phone function| _0x53dd9b boolean| state function| confirmExit object| _0x48ed function| _0xf06536 function| _0x3b2ceb function| _0xa4326c function| _0x5cb1e3 function| _0x4cad function| _0x4fdb8e function| _0x4453df object| _0x19e5 function| _0x573f function| _0x418c73 function| _0x36c80e function| _0x4b1cb7 function| _0x4e0a10 function| _0x53ee63 function| _0x26e38b

1 Cookies

Domain/Path Name / Value
edlcu4.gq/ Name: PHPSESSID
Value: mg03i9ctvgcvfqsttdn6705jr9

3 Console Messages

Source Level URL
Text
javascript warning URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/js/script.js(Line 61)
Message:
Failed to execute 'requestFullscreen' on 'Element': API can only be initiated by a user gesture.
javascript warning URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/js/script.js(Line 61)
Message:
Failed to execute 'requestFullscreen' on 'Element': API can only be initiated by a user gesture.
javascript warning URL: https://edlcu4.gq/au-4146-fixed-new/Chromium/js/script.js(Line 61)
Message:
Failed to execute 'requestFullscreen' on 'Element': API can only be initiated by a user gesture.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block