verify.dcounter-bot.com Open in urlscan Pro
2606:4700:3030::ac43:962b  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= Page URL
2. https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	v Show response verify.dcounter-bot.com/	6 KB 2 KB	92ms 57ms	Document text/html	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf9a70c681f86836a5e34818eec55b1f805aa5ff587d02b1a038c59b46f2e342 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=0 cf-cache-status DYNAMIC cf-ray 83800e833e773c9f-CDG content-encoding br content-type text/html; charset=UTF-8 date Tue, 19 Dec 2023 13:40:19 GMT last-modified Mon, 18 Dec 2023 23:26:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dO9exFBf9BNEIO9Fy9OCd%2FNwU6YNLAkTd6TJix6BWu3X5bHtj12eeSQLYaqdqfbTZ0nIakWtjF%2FdxxV43spkrIzNCl8HO9FLn%2F8zkaVK1dLAZEcU%2BHMN3d%2F1RGkO6%2BMFgZ%2BBVbmTeSuSCGnczEPkn5%2FQs4NEUQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	adcf9ed6.js Show response verify.dcounter-bot.com/public/js/	968 B 639 B	55ms 53ms	Script application/javascript	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.dcounter-bot.com/public/js/adcf9ed6.js Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ab82ad8f798eb96f6ff201492bb82a1fc64b87a26a33fab12f9d01579e06cf4 Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:19 GMT content-encoding br cf-cache-status EXPIRED last-modified Sat, 14 Oct 2023 13:22:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3c8-18b2e5a70e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsAyMgVF%2BNPoUeyS4lXS%2B0c24%2FzK0kerEERyeAh5NG4TLFNyblusDEQ%2Fh9pG7eQ12TA0%2F1wCEWb9HwCM%2FhVO%2FISEnBvHUAHD5OV%2BF8yAPRn7oYzYPrr7bY45mTg6Snscxl70gVKqwik0EQNyLo8hCDw4i5mbVQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 83800e839ef53c9f-CDG alt-svc h3=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	1 KB 544 B	45ms 23ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Quicksand:700 Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 70fa744ff5b906408e5138f8294d6503fcb729a434ec593023d4ad2b6c576910 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Dec 2023 13:40:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Dec 2023 13:35:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Dec 2023 13:40:19 GMT
GET H2	200	font-awesome.min.css verify.dcounter-bot.com/public/css/	41 KB 7 KB	61ms 60ms	Stylesheet text/css	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.dcounter-bot.com/public/css/font-awesome.min.css Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53b4eb5fc69ee668b6a767354b3aa0188c7e18ef0759d6fe2b1e60ec6ca0aa34 Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:19 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 10 Dec 2023 18:50:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"a22a-18c55109f90" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbSItrVBlxfONqEKoOV%2BgIOt1LdCcItAZTFH%2FHwHO9RY%2FZ0hCRywT9CBHPZNo68jccQpuoSTypAQ3CpbK4tXHsWceegD4GD5nH7fh9rfB%2FM0U7LPeWaYdYusl0TUHd3suYnWdiR%2BmeQpZRTChCzOYyeA4ZTZAA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 83800e839ef13c9f-CDG alt-svc h3=":443"; ma=86400
GET H2	200	style.css verify.dcounter-bot.com/public/css/	3 KB 1 KB	53ms 52ms	Stylesheet text/css	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.dcounter-bot.com/public/css/style.css Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 180ea0a974ca763f65a74714d7cd3268a8548ba4b62ee470ec1606ee19999fda Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:19 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 10 Dec 2023 18:49:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"c88-18c551064f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPbLs0zbjhQ8QdlmmeFoQQIJMFKx10nuy4PzIBk6Uf6MCZeaUFiE9YD3R%2BSYC1y45gpiUPzmZha4S9JbP6J4b2AP2RDP6WJFYnMiBu2HI4b3ZkBwKBtnP6WC6GdOw7I%2BVh07sarEW%2FbH5tOxM7IKcM%2FVuUPslg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 83800e839ef33c9f-CDG alt-svc h3=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	2 KB 968 B	37ms 15ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:400 Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 28d397270696b4361f8722b8c43ff2db5ba45891f35eeecedc913088dcc58ed5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Dec 2023 13:40:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Dec 2023 12:43:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Dec 2023 13:40:19 GMT
GET H2	200	css fonts.googleapis.com/	730 B 444 B	40ms 19ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Chango Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9b3940bc3d9192417a2192c11abff34a9cf1c5f1c1b050d724d5af292993184c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Dec 2023 13:40:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Dec 2023 13:36:35 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Dec 2023 13:40:19 GMT
GET H2	200	css fonts.googleapis.com/	4 KB 769 B	37ms 16ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Cardo:400,700|Oswald Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4dae211430cdc49f404bdf403f878382e93ccdf9d1b94e308235de2962f99426 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Dec 2023 13:40:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Dec 2023 13:40:19 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Dec 2023 13:40:19 GMT
GET H2	200	loading-old.gif verify.dcounter-bot.com/public/img/	103 KB 104 KB	69ms 69ms	Image image/gif	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://verify.dcounter-bot.com/public/img/loading-old.gif Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4127f8572d25144ec3bfa2dd7bdbfdb0b201b4824fc8a0a18720409e189e5ef2 Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:19 GMT cf-cache-status EXPIRED last-modified Sat, 09 Dec 2023 12:39:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"19cde-18c4e973e80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBYfyyC55T3lbeAdbQPK80L0s9hGB%2FXRtWl6phsAuv%2FKhkSQONUkzIjFlA%2FmFDjKZZNlJm%2F%2F2U9EGUxTB%2Fz6JU%2FWKXAd9xY6wNHOgESvKj7oWeOQ%2BzUy7WF9jvgwbuVJgml%2FQuT26LXUlTrkbL%2B6EPEnXymwSw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=14400 accept-ranges bytes cf-ray 83800e839ef73c9f-CDG alt-svc h3=":443"; ma=86400 content-length 105694
GET H2	200	6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkBgv58a-wg.woff2 fonts.gstatic.com/s/quicksand/v31/	15 KB 15 KB	29ms 9ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/quicksand/v31/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkBgv58a-wg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Quicksand:700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 25a7998fc245a7537c437d85e6f8cb4389468042ffe2ffcf7a1cdaf94e94d50e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://verify.dcounter-bot.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 15:36:31 GMT x-content-type-options nosniff age 79428 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15164 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:17:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 17 Dec 2024 15:36:31 GMT
GET H2	200	TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 fonts.gstatic.com/s/oswald/v53/	12 KB 13 KB	28ms 7ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cardo:400,700|Oswald Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://verify.dcounter-bot.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 08:54:09 GMT x-content-type-options nosniff age 17170 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12276 x-xss-protection 0 last-modified Tue, 15 Aug 2023 18:49:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Dec 2024 08:54:09 GMT
GET H3	200	Primary Request login Show response verify.dcounter-bot.com/	93 KB 21 KB	23ms 23ms	Document text/html	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e90208e0e72a777bb9c0632b93a8109231cc2744f7a96f4fa0e23a020686da19 Request headers Referer https://verify.dcounter-bot.com/v?data=eyJndWlsZElkIjoiMTE4Mzk4ODAzNDAxNDgxMDExMyIsImNsaWVudElkIjoiNTY4MDc4NDUzNDY4MDM3MTUwIiwiZXhwaXJlcyI6MTcwMjk5MzM3NzU2NH0= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=0 cf-cache-status DYNAMIC cf-ray 83800e99dc4c68fd-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 19 Dec 2023 13:40:22 GMT last-modified Tue, 12 Dec 2023 18:41:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkRk%2BGlOWZ%2FORjy0bMZqRhWAgLV0z%2Ff35PotIqk4ZVDwMwQR%2F05L3xYGHxU4FP1NPs5TU%2FJg5Kpm5Hig1UB%2Fya6bvxg2dmdpWp8XtD8de04242dQJ%2FDIM3D6SheaJzeIaQ6kGgtI3Tz7nHnajOGiPRQpda2L4g%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	style1.css verify.dcounter-bot.com/public/css/	2 MB 276 KB	58ms 57ms	Stylesheet text/css	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.dcounter-bot.com/public/css/style1.css Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d89042c75280584de9bcedfb7db63e140f45cc0154b0d261d31b7ee6e99b117f Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:22 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 13 Oct 2023 19:57:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"199f72-18b2a9dca90" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RzPJPPqKU4JemFgHK4Niblk%2FuZSzf1QcCILgy6geIcf%2B%2FDgO2LaqSUIAZubY69kakQay6rlxNrYXOH3oBBQ672TOFRCVozvVf65YBKqzNhYW%2B05li81RJ5qOAc5rIre8hV0yaHqfx%2BJe1Qp8LdCW%2F%2B%2FzXB1G3A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 83800e9a0c6968fd-FRA alt-svc h3=":443"; ma=86400
GET H3	200	style2.css verify.dcounter-bot.com/public/css/	4 MB 596 KB	50ms 49ms	Stylesheet text/css	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.dcounter-bot.com/public/css/style2.css Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 101d836af2fe6969d57a2a916f5dc2534874c23f4d59034326ef00d975b4068b Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:22 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 13 Oct 2023 19:56:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3b05fa-18b2a9d0f10" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffTIJEymxuSQDHhDCOcnBcXrL1AVlG0f2GHTTRWXMWiLB6OaFEolO%2FruBHveipwDvw3IeMZTacooT2oPV%2Fk%2B3e0joZhl0Fv0fBcqqNs3CJdrmNqjCLD6Y%2FxQDuk5iQP372fhJBXasjgFXSXO9zqclDIFxSsXeA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 83800e9a0c6a68fd-FRA alt-svc h3=":443"; ma=86400
GET H2	200	css2 fonts.googleapis.com/	9 KB 916 B	17ms 16ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Roboto:wght@400;500;700&display=swap Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8960258acc622b1ff18e0924562ab6fe5032697f895036c0785483076c85c6e3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 19 Dec 2023 13:40:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 19 Dec 2023 13:40:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 19 Dec 2023 13:40:22 GMT
GET H3	200	adcf9ed6.js Show response verify.dcounter-bot.com/public/js/	968 B 781 B	28ms 28ms	Script application/javascript	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.dcounter-bot.com/public/js/adcf9ed6.js Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ab82ad8f798eb96f6ff201492bb82a1fc64b87a26a33fab12f9d01579e06cf4 Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:22 GMT content-encoding br cf-cache-status EXPIRED last-modified Sat, 14 Oct 2023 13:22:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3c8-18b2e5a70e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZL1PDMCef8JZMTcxOcJO11fWAXZadPwDZ%2FJICtSgRo9drd4HCav5Xfx0iu922PtWqXU5IobCutHriquTnpOhF0%2B8BmtwRzaNt0o096zROqt83Vq5VzN67UivHz8dAYkYmXbypHamd7mUMOqZ%2Fh5Sgu%2FsgAQazw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 83800e9a0c6b68fd-FRA alt-svc h3=":443"; ma=86400
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/	85 KB 27 KB	34ms 19ms	Script application/javascript	2606:4700::6811:180e
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 937007 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27433 last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1538f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2bM2hiDil1uUOtgKijSRph5MbBeHlnNGP78SlQRGb9ZPvl8VQUh%2BT9nBhyJsNbKyuLZc8PJmOjsrMp9HjIMHRtYFsIx9ewysRu1Hv8ULzo4zpxBYt5GxQSTRdlMXpcOFcX9lLBudbQdD43oykFVGXDj"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 83800e9a1f1e35e2-FRA expires Sun, 08 Dec 2024 13:40:22 GMT
GET H2	200	api.js Show response hcaptcha.com/1/	326 KB 92 KB	80ms 18ms	Script application/javascript	104.19.219.90
General Check archive.org Show headers Download Go to Full URL https://hcaptcha.com/1/api.js Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.219.90 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 9f57e1e7f7381ec0e4eb185ca491323450dd0742b19a6097995bac78487a1835 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:22 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 83a832076b51893181e363f73e0d6d7a.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding br x-content-type-options nosniff x-amz-version-id o2o2WA3L7Ll5QYn5daiC77yP7vRQJRVn age 0 x-amz-cf-pop LHR5-P3 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Thu, 14 Dec 2023 21:28:53 GMT server cloudflare etag W/"b0204ba9adc9845b676113f41ae6d9c6" vary Accept-Encoding content-type application/javascript cache-control max-age=300 cf-ray 83800e9b29309c07-FRA x-amz-cf-id ZUmEaP8FdvFiyN63Ss8_hDL9_uOxw1YFabSKWV4Gqte8DDare1wsmQ==
GET H3	200	44e0c1fbcf99c4476083442e4a2774e0.svg verify.dcounter-bot.com/public/img/	46 KB 16 KB	26ms 25ms	Image image/svg+xml	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://verify.dcounter-bot.com/public/img/44e0c1fbcf99c4476083442e4a2774e0.svg Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7043f6b31fdf3e4bf46e8355a80f8aee14779de2ef1a6526544b89a8b8f485bd Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:22 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 13 Oct 2023 18:51:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"b851-18b2a615218" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5qsoIPpn8aG4MOWhc0BCDvxWJiwKkapikAJ9itaCS4y2rZF1tXMDfpT74wF4j2cDGut6vJVeoVkgC%2FigERnEd%2BjpXrPyVLE2QVSZPzNJoN2P%2BG9qnvf9nbajOJxrd9FZ3x7kYRzpmrwszORDal6cRRXAJcjxg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=14400 cf-ray 83800e9a0c7168fd-FRA alt-svc h3=":443"; ma=86400
GET H3	200	0f4d1ff76624bb45a3fee4189279ee92.svg verify.dcounter-bot.com/public/img/	7 KB 4 KB	22ms 21ms	Image image/svg+xml	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://verify.dcounter-bot.com/public/img/0f4d1ff76624bb45a3fee4189279ee92.svg Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6817cfb84bc65b63f73c80c0ef16524bb32c4cf5c9a07c0c664d3ae5e022e1a4 Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:22 GMT content-encoding br cf-cache-status EXPIRED last-modified Fri, 13 Oct 2023 19:54:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1dc0-18b2a9ad4c0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38zv45rpby3Dho%2F%2FV0NLSfMwLlHAXgVDyTKUvuU7XQijfFTSA%2FgxEDdv6WR2M%2FmUkcD%2BU1WJHorZ7ugime4GzqPgb81dX8vYqaDy8H6b%2BfE%2F3yzE27jB%2BE4AopC8N1bf%2Bb3mvW4yaxa7vj26mQ0eFSsroYVLtQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=14400 cf-ray 83800e9a0c7268fd-FRA alt-svc h3=":443"; ma=86400
GET H3	200	qrcode.png verify.dcounter-bot.com/public/img/	3 KB 4 KB	47ms 47ms	Image image/png	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://verify.dcounter-bot.com/public/img/qrcode.png Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f5bc1821cc483e77a491a13860587ff30b3b4cf55273e88612942300df38f04 Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:22 GMT cf-cache-status EXPIRED last-modified Fri, 13 Oct 2023 18:51:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"cc0-18b2a612ef0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOF9vMECrscIM%2BjbKf7Hc2sgrHGgS5SDdBuLZD5UCBunjixu3XVSLhRDlW67bfceOe43VgmKyGpE3r4G9pokBnuuSrvB4gU8NHpYTQ1vTjI1Cr7gBbXnOf5vzSwUIJn%2BGdHXmIyV1pfViS0992SAJEFGTgZREg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=14400 accept-ranges bytes cf-ray 83800e9a3c8568fd-FRA alt-svc h3=":443"; ma=86400 content-length 3264
GET H3	200	092b071c3b3141a58787415450c27857.png verify.dcounter-bot.com/public/img/	1 KB 2 KB	43ms 43ms	Image image/png	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://verify.dcounter-bot.com/public/img/092b071c3b3141a58787415450c27857.png Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144 Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:22 GMT cf-cache-status EXPIRED last-modified Fri, 13 Oct 2023 18:51:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5fc-18b2a613aa8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIjid%2FOz2uYkap5sDGw7q2p0dIZNDUN9f0IFlmKGulnJXEdQwblS%2FlAOoiSXG3ixoCI%2BTQL7JgbQZBcbe8R%2FMh1hrWcfXVFp1W6x7QZwBxbfNlpEpncwC9MMTsTtWzYPmlorQpmsFCo2QLUI5dBsESnwjGL7Pg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=14400 accept-ranges bytes cf-ray 83800e9a3c8d68fd-FRA alt-svc h3=":443"; ma=86400 content-length 1532
GET H3	200	1fcfe97a.js Show response verify.dcounter-bot.com/public/js/	10 KB 2 KB	35ms 35ms	Script application/javascript	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.dcounter-bot.com/public/js/1fcfe97a.js Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash afc1d10946502ad05e3a7803b3af4b527f53eb56a832e8325b0b0ba424a307bb Request headers accept-language de-DE,de;q=0.9 Referer https://verify.dcounter-bot.com/login?from=9ADSOJTV650MNpXT1smaNd3YU1kNJl3YspEWhdHaYpVa3lWS3VFVNNTTE1ENZRkT6VFRORzYE1ENZRlTp9maJtGbFRWdWdVYz5UbJNXS51EeFRUT4dGROhXQE5keBR0T0smeNRTRU1UavpWSrxWRaNHbXRmbKlXZ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:22 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 18 Dec 2023 23:26:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"268e-18c7f40522e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXjwQzuvhi62qyzbbbSSVLn%2Fep9LhIN7uxFoNyTPG8eIqaXAIoZB7pe06J%2BG0ExfgYfqMHOFPrbt5GcXJ2HER29MoYPBL98gxcIfVD8yWT3UHCGY1j1zYc01OWjoocfVIgWYFJsaaId%2FMsRjBjKiZl2o6AYYlw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 83800e9a8cd168fd-FRA alt-svc h3=":443"; ma=86400
GET H3	200	3d6549bf2f38372c054eafb93fa358a9.woff2 verify.dcounter-bot.com/public/assets/	37 KB 38 KB	22ms 22ms	Font font/woff2	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.dcounter-bot.com/public/assets/3d6549bf2f38372c054eafb93fa358a9.woff2 Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/public/css/style2.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e401b056dc1eb48d44a01407ceb54372bbc44797d3259069ce96a96dfd8c104 Request headers Referer https://verify.dcounter-bot.com/public/css/style2.css Origin https://verify.dcounter-bot.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:22 GMT cf-cache-status EXPIRED last-modified Fri, 13 Oct 2023 19:55:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"950c-18b2a9baf80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAkutl0urjqTyZe1RZzxzYpKmIubXPreJq3ckX18sX9pkPg8G4BE9XXE2FxB1t0h1kp5wlDFQy60nIqRWYjU5yrPSwzsw%2B0mx2FAld2oej62sSgJeYE0sgO26%2FxSP%2BmsV9s0KfsLxCD32zA9fwVQEPKkN4dzgw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=14400 accept-ranges bytes cf-ray 83800e9b1d3e68fd-FRA alt-svc h3=":443"; ma=86400 content-length 38156
GET H3	200	71d3e9dc2bcb8e91225ba9fab588c8f2.woff2 verify.dcounter-bot.com/public/assets/	39 KB 39 KB	24ms 24ms	Font font/woff2	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.dcounter-bot.com/public/assets/71d3e9dc2bcb8e91225ba9fab588c8f2.woff2 Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/public/css/style2.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae99aaede2f373187a4fe442a2cb0ab9c2945efbab01cf33e01be517c0c4f813 Request headers Referer https://verify.dcounter-bot.com/public/css/style2.css Origin https://verify.dcounter-bot.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:22 GMT cf-cache-status EXPIRED last-modified Fri, 13 Oct 2023 19:55:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"9b54-18b2a9bc308" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww7oFufB5zFhnhZTtEmEJMPDZcaMEI4DXcky%2FdupBrGOJYtO4DVoJ6qN2OPXlLEsflJ9dcAjcXScgIsPO1vpSH%2Bjo%2FlXmAdEGUvdwBPUdmvvVzzCVoj3ctHEZcjxRxYD8TyyrhHoSWQWExbND4MnxqwGGHZXIA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=14400 accept-ranges bytes cf-ray 83800e9b1d4068fd-FRA alt-svc h3=":443"; ma=86400 content-length 39764
GET H3	200	2ada321f62e9743e0f9f2882960c8f9d.woff2 verify.dcounter-bot.com/public/assets/	37 B 526 B	17ms 16ms	Font application/json	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.dcounter-bot.com/public/assets/2ada321f62e9743e0f9f2882960c8f9d.woff2 Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/public/css/style2.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08ac7ec1302a546a14a6c619d0114e95cc59f41a1c3b109900fd8e9c4003d8dd Request headers Referer https://verify.dcounter-bot.com/public/css/style2.css Origin https://verify.dcounter-bot.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 782 etag W/"25-7x2c6gDTO7JihnZNL8JCLKZZYtE" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzirt2tLDq8Judx11V7ntuoIyBIe4xdBFBkcrH07IbxRK84E1rPODUMUZvgcHT4Ea5qAkm2s0%2B7xtSURQgbYfsWXIA6WqYXJ8AFWPb7hldjKuBBrJLsgWSGKohFVTLD4lZxzQv0YgilHz8OpwR6vYiaQj6vrMg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 83800e9b1d4468fd-FRA alt-svc h3=":443"; ma=86400 content-length 37
GET H3	200	7f63813838e283aea62f1a68ef1732c2.woff2 verify.dcounter-bot.com/public/assets/	39 KB 39 KB	26ms 26ms	Font font/woff2	2606:4700:3030::ac43:962b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.dcounter-bot.com/public/assets/7f63813838e283aea62f1a68ef1732c2.woff2 Requested by Host: verify.dcounter-bot.com URL: https://verify.dcounter-bot.com/public/css/style2.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:962b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b Request headers Referer https://verify.dcounter-bot.com/public/css/style2.css Origin https://verify.dcounter-bot.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:22 GMT cf-cache-status EXPIRED last-modified Fri, 13 Oct 2023 19:55:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"9a00-18b2a9bbb38" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hfyihwo1%2FJQwdVPeklrSgn11LsDfojKzjSJ7i0CeKcSzMVNI7uy8HMJz1ud3lVPdqp1eb4UpQsKXU9PC3s6SN60SUdsd9b8CLn1RN5STPjc6tIPCHv0g%2FKmpT1NMOrCx1CQN8oDSnT3djjrtFLkzTaHQtVfpgQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=14400 accept-ranges bytes cf-ray 83800e9b1d4668fd-FRA alt-svc h3=":443"; ma=86400 content-length 39424
GET H2	200	hcaptcha.html Show response newassets.hcaptcha.com/captcha/v1/1bcdbdd/static/ Frame 101F	2 KB 882 B	27ms 20ms	Document text/html	104.19.219.90
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/static/hcaptcha.html?_v=b69zktej6i9 Requested by Host: hcaptcha.com URL: https://hcaptcha.com/1/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.219.90 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash b143d3f34c926a6e804f09146adb87d5f6cc1512f53f3128e7fbdce23990d9e9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://verify.dcounter-bot.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 352003 alt-svc h3=":443"; ma=86400 cache-control max-age=1209600 cf-cache-status HIT cf-ray 83800e9b69849c07-FRA content-encoding br content-type text/html cross-origin-embedder-policy credentialless cross-origin-resource-policy cross-origin date Tue, 19 Dec 2023 13:40:22 GMT last-modified Thu, 14 Dec 2023 21:28:53 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding via 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront) x-amz-cf-id Yml85Jdx7yMvqwNL7SEKJIvj9aq2xEkZF32kcEFA8VGT0CeQONdN-g== x-amz-cf-pop FRA56-P4 x-amz-server-side-encryption AES256 x-amz-version-id sfBs_KpP21ISqEty0JtaAonCMuRUeTuB x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	hcaptcha.html Show response newassets.hcaptcha.com/captcha/v1/1bcdbdd/static/ Frame F1DA	2 KB 943 B	22ms 15ms	Document text/html	104.19.219.90
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/static/hcaptcha.html Requested by Host: hcaptcha.com URL: https://hcaptcha.com/1/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.219.90 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash f9ddd6aeaece2d7301af89b6609dc615ea48bc55cc4f7c894ae3135872b96df1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://verify.dcounter-bot.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 352003 alt-svc h3=":443"; ma=86400 cache-control max-age=1209600 cf-cache-status HIT cf-ray 83800e9b69839c07-FRA content-encoding br content-type text/html cross-origin-embedder-policy credentialless cross-origin-resource-policy cross-origin date Tue, 19 Dec 2023 13:40:22 GMT last-modified Thu, 14 Dec 2023 21:28:53 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding via 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront) x-amz-cf-id Yml85Jdx7yMvqwNL7SEKJIvj9aq2xEkZF32kcEFA8VGT0CeQONdN-g== x-amz-cf-pop FRA56-P4 x-amz-server-side-encryption AES256 x-amz-version-id sfBs_KpP21ISqEty0JtaAonCMuRUeTuB x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	hcaptcha.js Show response newassets.hcaptcha.com/captcha/v1/1bcdbdd/ Frame F1DA	326 KB 92 KB	22ms 22ms	Script application/javascript	104.19.219.90
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/hcaptcha.js Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/static/hcaptcha.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.219.90 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 9f57e1e7f7381ec0e4eb185ca491323450dd0742b19a6097995bac78487a1835 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/static/hcaptcha.html Origin https://newassets.hcaptcha.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 83a832076b51893181e363f73e0d6d7a.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding br x-content-type-options nosniff x-amz-version-id o2o2WA3L7Ll5QYn5daiC77yP7vRQJRVn age 352059 x-amz-cf-pop LHR5-P3 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Thu, 14 Dec 2023 21:28:53 GMT server cloudflare etag W/"b0204ba9adc9845b676113f41ae6d9c6" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 cf-ray 83800e9be9f59c07-FRA x-amz-cf-id ZUmEaP8FdvFiyN63Ss8_hDL9_uOxw1YFabSKWV4Gqte8DDare1wsmQ==
GET H2	200	hcaptcha.js newassets.hcaptcha.com/captcha/v1/1bcdbdd/ Frame 101F	326 KB 92 KB	21ms 20ms	Script application/javascript	104.19.219.90
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/hcaptcha.js Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/static/hcaptcha.html?_v=b69zktej6i9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.219.90 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/static/hcaptcha.html?_v=b69zktej6i9 Origin https://newassets.hcaptcha.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 83a832076b51893181e363f73e0d6d7a.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding br x-content-type-options nosniff x-amz-version-id o2o2WA3L7Ll5QYn5daiC77yP7vRQJRVn age 352059 x-amz-cf-pop LHR5-P3 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Thu, 14 Dec 2023 21:28:53 GMT server cloudflare etag W/"b0204ba9adc9845b676113f41ae6d9c6" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 cf-ray 83800e9be9fb9c07-FRA x-amz-cf-id ZUmEaP8FdvFiyN63Ss8_hDL9_uOxw1YFabSKWV4Gqte8DDare1wsmQ==
GET DATA	200 OK	truncated / Frame F1DA	798 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
POST H2	200	checksiteconfig api.hcaptcha.com/ Frame 101F	721 B 894 B	46ms 38ms	XHR application/json	104.19.219.90
General Check archive.org Show headers Download Go to Full URL https://api.hcaptcha.com/checksiteconfig?v=1bcdbdd&host=verify.dcounter-bot.com&sitekey=f5561ba9-8f1e-40ca-9b5b-a0b3f719ef34&sc=1&swa=1&spst=1 Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/hcaptcha.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.219.90 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept application/json Referer https://newassets.hcaptcha.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Tue, 19 Dec 2023 13:40:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff content-encoding br server cloudflare vary Origin, Accept-Encoding access-control-allow-methods GET, HEAD, POST, OPTIONS content-type application/json access-control-allow-origin https://newassets.hcaptcha.com access-control-allow-credentials true cf-ray 83800e9c5a719c07-FRA access-control-allow-headers Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path alt-svc h3=":443"; ma=86400
GET H3	200	hsw.js newassets.hcaptcha.com/c/2458d9b/ Frame 101F	499 KB 217 KB	16ms 16ms	Script application/javascript	104.19.218.90
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/c/2458d9b/hsw.js Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/hcaptcha.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.218.90 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/static/hcaptcha.html?_v=b69zktej6i9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:40:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding br x-content-type-options nosniff x-amz-version-id 1JhSB37kavMYpA6c5WxU_Q.zUc_dI7mQ age 16435 x-amz-cf-pop FRA56-P4 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Thu, 14 Dec 2023 16:59:11 GMT server cloudflare etag W/"9d671418ff661c7370b4e3530ac92335" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=3024000 cf-ray 83800e9cac1630f3-FRA x-amz-cf-id bS9ZkzCIa-hVUNwwlYy6b4z-tqCWfsiyYU0_S6QU56_cIakExrkI4w==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discord (Instant Messenger)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://verify.dcounter-bot.com/ Message: Failed to decode downloaded font: https://verify.dcounter-bot.com/public/assets/2ada321f62e9743e0f9f2882960c8f9d.woff2
other	warning	URL: https://verify.dcounter-bot.com/ Message: OTS parsing error: invalid sfntVersion: 2065853797

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hcaptcha.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
hcaptcha.com
newassets.hcaptcha.com
verify.dcounter-bot.com
104.19.218.90
104.19.219.90
2606:4700:3030::ac43:962b
2606:4700::6811:180e
2a00:1450:4001:812::2003
2a00:1450:4001:831::200a
08ac7ec1302a546a14a6c619d0114e95cc59f41a1c3b109900fd8e9c4003d8dd
101d836af2fe6969d57a2a916f5dc2534874c23f4d59034326ef00d975b4068b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
180ea0a974ca763f65a74714d7cd3268a8548ba4b62ee470ec1606ee19999fda
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac
25a7998fc245a7537c437d85e6f8cb4389468042ffe2ffcf7a1cdaf94e94d50e
28d397270696b4361f8722b8c43ff2db5ba45891f35eeecedc913088dcc58ed5
4127f8572d25144ec3bfa2dd7bdbfdb0b201b4824fc8a0a18720409e189e5ef2
440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b
4dae211430cdc49f404bdf403f878382e93ccdf9d1b94e308235de2962f99426
53b4eb5fc69ee668b6a767354b3aa0188c7e18ef0759d6fe2b1e60ec6ca0aa34
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5f5bc1821cc483e77a491a13860587ff30b3b4cf55273e88612942300df38f04
6817cfb84bc65b63f73c80c0ef16524bb32c4cf5c9a07c0c664d3ae5e022e1a4
7043f6b31fdf3e4bf46e8355a80f8aee14779de2ef1a6526544b89a8b8f485bd
70fa744ff5b906408e5138f8294d6503fcb729a434ec593023d4ad2b6c576910
7ab82ad8f798eb96f6ff201492bb82a1fc64b87a26a33fab12f9d01579e06cf4
8960258acc622b1ff18e0924562ab6fe5032697f895036c0785483076c85c6e3
8e401b056dc1eb48d44a01407ceb54372bbc44797d3259069ce96a96dfd8c104
9b3940bc3d9192417a2192c11abff34a9cf1c5f1c1b050d724d5af292993184c
9f57e1e7f7381ec0e4eb185ca491323450dd0742b19a6097995bac78487a1835
ae99aaede2f373187a4fe442a2cb0ab9c2945efbab01cf33e01be517c0c4f813
afc1d10946502ad05e3a7803b3af4b527f53eb56a832e8325b0b0ba424a307bb
b143d3f34c926a6e804f09146adb87d5f6cc1512f53f3128e7fbdce23990d9e9
cf9a70c681f86836a5e34818eec55b1f805aa5ff587d02b1a038c59b46f2e342
d89042c75280584de9bcedfb7db63e140f45cc0154b0d261d31b7ee6e99b117f
e90208e0e72a777bb9c0632b93a8109231cc2744f7a96f4fa0e23a020686da19
f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144
f9ddd6aeaece2d7301af89b6609dc615ea48bc55cc4f7c894ae3135872b96df1