www.freeaudit.trykrackedretention.com Open in urlscan Pro
35.152.119.144  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.freeaudit.trykrackedretention.com/	16 KB 5 KB	324ms 29ms	Document text/html	35.152.119.144 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.freeaudit.trykrackedretention.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.152.119.144 Milan, Italy, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-152-119-144.eu-south-1.compute.amazonaws.com Software / Resource Hash 382bbc4ad4805aec2eaff075521272165c862f3062d500889800b4d1e72244d0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 344228 content-encoding gzip content-length 4843 content-type text/html date Thu, 10 Oct 2024 11:52:29 GMT strict-transport-security max-age=31536000 vary x-wf-forwarded-proto, Accept-Encoding x-cache HIT x-cache-hits 0 x-cluster-name eu-south-1-prod-hosting-red x-lambda-id d2e35577-7a1a-46af-a34c-7fd11186e963 x-served-by cache-mxp6953-MXP x-timer S1728561150.727779,VS0,VE2
GET H3	200	kracked-landing-page.81ea58c37.css cdn.prod.website-files.com/66bf85db76df65d099ba4740/css/	50 KB 11 KB	215ms 178ms	Stylesheet text/css	104.18.161.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/css/kracked-landing-page.81ea58c37.css Requested by Host: www.freeaudit.trykrackedretention.com URL: https://www.freeaudit.trykrackedretention.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c7a7925bdadde71a6f3750283962af28e51a619297a9da96a9fa99d6f588dc7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.freeaudit.trykrackedretention.com/ Response headers content-encoding gzip cf-cache-status HIT etag "b8497db978c963df9e197758fa76cff0" x-amz-version-id 7WATcmqD6PQojGpMdHifj1o00xnolnn. alt-svc h3=":443"; ma=86400 date Thu, 10 Oct 2024 11:52:29 GMT content-type text/css last-modified Mon, 16 Sep 2024 23:33:58 GMT vary Accept-Encoding x-amz-id-2 QI7tra+w2EtMLlnjY91o7NRd+7Icp4uAggjVQUsY0cqQMSJzrbU+HmxtRBDJktFCZ2sFkPCUHB8= cache-control public, max-age=31536000, immutable x-amz-request-id Q0ESFZ9DBZ7KMM7Q cf-ray 8d0667924a410f7a-MXP accept-ranges bytes access-control-allow-origin * content-length 10366 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 6 KB	115ms 34ms	Script text/javascript	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: www.freeaudit.trykrackedretention.com URL: https://www.freeaudit.trykrackedretention.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.freeaudit.trykrackedretention.com/ Response headers content-encoding gzip age 3641 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Fri, 10 Oct 2025 10:51:48 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 10 Oct 2024 10:51:48 GMT last-modified Tue, 03 Mar 2020 19:15:00 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 5437 x-xss-protection 0 server sffe
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 30 KB	122ms 44ms	Script application/javascript	52.222.232.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=66bf85db76df65d099ba4740 Requested by Host: www.freeaudit.trykrackedretention.com URL: https://www.freeaudit.trykrackedretention.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.232.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-232-39.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.freeaudit.trykrackedretention.com Referer https://www.freeaudit.trykrackedretention.com/ Response headers access-control-max-age 3000 content-encoding br etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" age 31865 access-control-allow-methods GET x-cache Hit from cloudfront x-amz-cf-id 0F68MQkJifBS_1OOpDYk1oN9THmShfdHwyoF-_KGx8Q1JVQajF-YSw== date Thu, 10 Oct 2024 03:01:38 GMT content-type application/javascript last-modified Mon, 20 Jul 2020 17:53:02 GMT vary Accept-Encoding cache-control max-age=84600, must-revalidate via 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop FRA56-P4 server AmazonS3
GET H3	200	kracked-landing-page.a1417e1c0.js Show response cdn.prod.website-files.com/66bf85db76df65d099ba4740/js/	153 KB 57 KB	122ms 87ms	Script text/javascript	104.18.161.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/js/kracked-landing-page.a1417e1c0.js Requested by Host: www.freeaudit.trykrackedretention.com URL: https://www.freeaudit.trykrackedretention.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 501b36d72c5c01bbf6fa00f5ef2bb0ad45222802780bf08f52590718eeb75136 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.freeaudit.trykrackedretention.com/ Response headers content-encoding gzip cf-cache-status HIT etag "222f5e59cd31b1cd0d0e41d8d4ecd5ae" x-amz-version-id oWc6kccKcEKyMaE75FglsdeGMXgWDIat age 166737 alt-svc h3=":443"; ma=86400 date Thu, 10 Oct 2024 11:52:29 GMT content-type text/javascript last-modified Mon, 16 Sep 2024 23:33:58 GMT vary Accept-Encoding x-amz-id-2 oA6kQThkdZGe3zY/lFTTr5QhBexf8ykD1RGvHofquBsvqRhBBm7tX33REiQpUy9YvdlU2abxyVQ= cache-control public, max-age=31536000, immutable x-amz-request-id Q0EMBCRYWSWVA8AS cf-ray 8d0667924a430f7a-MXP accept-ranges bytes access-control-allow-origin * content-length 57687 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	css fonts.googleapis.com/	31 KB 1 KB	171ms 83ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Varela:400%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fc60aa8741949a164551f43eda041f4516d68af1a649e620906345b43380e2d7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.freeaudit.trykrackedretention.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Thu, 10 Oct 2024 11:52:30 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 10 Oct 2024 11:52:30 GMT content-type text/css; charset=utf-8 last-modified Thu, 10 Oct 2024 11:52:30 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	universal-script Show response 207403.t.hyros.com/v1/lst/	77 KB 78 KB	487ms 184ms	Script text/javascript	3.225.192.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://207403.t.hyros.com/v1/lst/universal-script?ph=66c93351b5bee4f2b4a80adbc97b79a22b92bf3f1fe9585876454571a44916fa&tag=!clicked&ref_url=https://www.freeaudit.trykrackedretention.com/ Requested by Host: www.freeaudit.trykrackedretention.com URL: https://www.freeaudit.trykrackedretention.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.225.192.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-192-188.compute-1.amazonaws.com Software / Resource Hash 545b657811056d8ef7838659e39e0dc2b6ab1a6bb6b0d45b425cb06e7347b121 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.freeaudit.trykrackedretention.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 access-control-expose-headers Session-ID, L-Gen-ID access-control-allow-credentials true access-control-allow-methods GET, PUT, POST, OPTIONS, DELETE content-length 79338 date Thu, 10 Oct 2024 11:52:30 GMT content-type text/javascript;charset=ISO-8859-1
GET H3	200	66bfa31f2dbe03d07b7cf01b_ClashGrotesk-Regular.otf cdn.prod.website-files.com/66bf85db76df65d099ba4740/	37 KB 37 KB	118ms 84ms	Font application/x-font-otf	104.18.161.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/66bfa31f2dbe03d07b7cf01b_ClashGrotesk-Regular.otf Requested by Host: cdn.prod.website-files.com URL: https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/css/kracked-landing-page.81ea58c37.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d314eca15d9c38f6e9fc24eb60676ce09241eef0884a44fdfa3030cd03ef783 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.freeaudit.trykrackedretention.com Referer https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/css/kracked-landing-page.81ea58c37.css Response headers access-control-max-age 3000 cf-cache-status HIT etag "3eddd09d790acf3972142ee8a9c6f4e8" x-amz-version-id wSpRVBPU786CBNhtgJ3OvFZnY1w4zPoQ access-control-allow-methods GET, HEAD alt-svc h3=":443"; ma=86400 date Thu, 10 Oct 2024 11:52:30 GMT content-type application/x-font-otf vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding last-modified Fri, 16 Aug 2024 19:06:09 GMT x-amz-id-2 i+FMGpc5i3Iw6XbGu9XjL5bUXSb/2ZOAnW8m4YeZC4A0m+wkLLiRm18hisj5FyK0u6YtHY8NSgA= cache-control max-age=31536000, must-revalidate x-amz-request-id Q0EQASZ2J1T5EED8 cf-ray 8d0667944df6bb11-MXP accept-ranges bytes access-control-allow-origin * content-length 37660 server cloudflare x-amz-server-side-encryption AES256
GET H3	200	66bf9a5bba42a739b12ba469_ClashGrotesk-Medium.otf cdn.prod.website-files.com/66bf85db76df65d099ba4740/	37 KB 37 KB	221ms 188ms	Font application/x-font-otf	104.18.161.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/66bf9a5bba42a739b12ba469_ClashGrotesk-Medium.otf Requested by Host: cdn.prod.website-files.com URL: https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/css/kracked-landing-page.81ea58c37.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc3205fc864f3b96cd908df4bcb4479ced39799e52a2a44af73d256c624933ec Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.freeaudit.trykrackedretention.com Referer https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/css/kracked-landing-page.81ea58c37.css Response headers access-control-max-age 3000 cf-cache-status HIT etag "4b73d2794828d92197e9cdaf797f1f0a" x-amz-version-id XXCi9ve9sprUrrDkvnXY6Zx.rFpq7syq access-control-allow-methods GET, HEAD alt-svc h3=":443"; ma=86400 date Thu, 10 Oct 2024 11:52:30 GMT content-type application/x-font-otf vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding last-modified Fri, 16 Aug 2024 18:28:45 GMT x-amz-id-2 XkVBgcpS99IiooLTfSxVkven1pRBnQ5BKwNFPj9kAuyCrnn9OJvuKQidm6Fz9DzjptXyZIfK0Ko= cache-control max-age=31536000, must-revalidate x-amz-request-id Q0ETYPYJP1PJYYCA cf-ray 8d0667944dfbbb11-MXP accept-ranges bytes access-control-allow-origin * content-length 37648 server cloudflare x-amz-server-side-encryption AES256
GET H3	200	66bff85ff8839e3766ff233b_66bd22ed6d8c86af5fb370bd_087aa89ed3335d86677f46b5853d0d01_1200_80.webp cdn.prod.website-files.com/66bf85db76df65d099ba4740/	13 KB 14 KB	83ms 80ms	Image image/webp	104.18.161.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/66bff85ff8839e3766ff233b_66bd22ed6d8c86af5fb370bd_087aa89ed3335d86677f46b5853d0d01_1200_80.webp Requested by Host: www.freeaudit.trykrackedretention.com URL: https://www.freeaudit.trykrackedretention.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19919b6a1d452e7502d180c6331f86d8220748ddd1f77d624836bd7da130942f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.freeaudit.trykrackedretention.com/ Response headers cf-cache-status HIT etag "e3f2c5621dbdbb4d13e59137d9c19fc5" x-amz-version-id MWjXxPY6R7aCT0K3fxzJw3u5oGzB5vP0 alt-svc h3=":443"; ma=86400 date Thu, 10 Oct 2024 11:52:30 GMT content-type image/webp last-modified Sat, 17 Aug 2024 01:09:53 GMT vary Accept-Encoding x-amz-id-2 z3QfWCcBzKBOUerdMe+yMNFMDzpJxgSTyW8JMqUUGbY0kYu+i8bLTuVpZDg6U5RBiYK5U6o+x2RZSwv3NZFw8q/RvxvBIZaI cache-control max-age=31536000, must-revalidate x-amz-request-id GV6STA4XNXB0VKMJ cf-ray 8d0667941cdd0f7a-MXP accept-ranges bytes access-control-allow-origin * content-length 13498 server cloudflare x-amz-server-side-encryption AES256
GET H3	200	66c37c8af914c6cc4febd150_4ALLFAMILY-p-800.png cdn.prod.website-files.com/66bf85db76df65d099ba4740/	87 KB 87 KB	55ms 51ms	Image image/png	104.18.161.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/66c37c8af914c6cc4febd150_4ALLFAMILY-p-800.png Requested by Host: www.freeaudit.trykrackedretention.com URL: https://www.freeaudit.trykrackedretention.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8b51ebb5e60cc7f94752b3ae7bcef43690b1ccdc19ecb91c66b7a87a5e6d4ba Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.freeaudit.trykrackedretention.com/ Response headers cf-cache-status HIT etag "6cede953f3ddb56205b9b9f5d1d61ccf" x-amz-version-id G9CEtrUUZjzzImI_PHfrdD6Q4As59KiP age 166738 alt-svc h3=":443"; ma=86400 date Thu, 10 Oct 2024 11:52:30 GMT content-type image/png last-modified Mon, 19 Aug 2024 17:10:41 GMT vary Accept-Encoding x-amz-id-2 JUf/7VlDaQK4g8SvgI+n4OVBsi7dGIWt0hx6u1feh08U2tSGQwhYJkkcBLVENEvSTf49f9D0MLA= cache-control max-age=31536000, must-revalidate x-amz-request-id Q0EP9HVC67JRQKNZ cf-ray 8d0667941ce50f7a-MXP accept-ranges bytes access-control-allow-origin * content-length 88687 server cloudflare x-amz-server-side-encryption AES256
GET H3	200	66c36980a3a1c6ceb443dccf_DNA-p-500.png cdn.prod.website-files.com/66bf85db76df65d099ba4740/	99 KB 100 KB	240ms 235ms	Image image/png	104.18.161.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/66c36980a3a1c6ceb443dccf_DNA-p-500.png Requested by Host: www.freeaudit.trykrackedretention.com URL: https://www.freeaudit.trykrackedretention.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c95db0169cbaf0682e5123db0a69c761bb3ab7d8527728b5986c15c89dfdc280 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.freeaudit.trykrackedretention.com/ Response headers cf-cache-status MISS etag "167fbe02160ba72fd24052c14524c5b8" x-amz-version-id HL6BIK5ELvfnGt0_u1wXfZKc_E3J60uV alt-svc h3=":443"; ma=86400 date Thu, 10 Oct 2024 11:52:30 GMT content-type image/png last-modified Mon, 19 Aug 2024 15:49:21 GMT vary Accept-Encoding x-amz-id-2 WqXRxfMY/JlHLXc/w9BX57KRhMZgM00wokq3CTGMtup2M7k2JecnA0UaQ7SCaAfbYLtzq8eBO0Db8sz0HMMiLjhe4ppOeUmlETObTMkwhV4= cache-control max-age=31536000, must-revalidate x-amz-request-id CEKAPJJ7KNA1YWEJ cf-ray 8d0667941ce80f7a-MXP accept-ranges bytes access-control-allow-origin * content-length 101871 server cloudflare x-amz-server-side-encryption AES256
GET H3	200	66c36b3304eea4e274e5d67e_Body%2520Restore-p-500.png cdn.prod.website-files.com/66bf85db76df65d099ba4740/	81 KB 82 KB	170ms 166ms	Image image/png	104.18.161.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/66c36b3304eea4e274e5d67e_Body%2520Restore-p-500.png Requested by Host: www.freeaudit.trykrackedretention.com URL: https://www.freeaudit.trykrackedretention.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2a44fc34945ae74820697da6fba02dbb44207e8f607e4e61d9d9b3e3d7f9e60 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.freeaudit.trykrackedretention.com/ Response headers cf-cache-status HIT etag "4d525edbe14d4baca2116f436d0147f6" x-amz-version-id OVUmVO6srtmLGCEzz8YYSfX.3IukC4.h alt-svc h3=":443"; ma=86400 date Thu, 10 Oct 2024 11:52:30 GMT content-type image/png last-modified Mon, 19 Aug 2024 15:56:36 GMT vary Accept-Encoding x-amz-id-2 XH/aR7b78P3l3Mq+/O/i68OjukgVnzdnh1XV6geGZDazloyaWPwom7lI3ULz8D1OtPEvrbEBTv8= cache-control max-age=31536000, must-revalidate x-amz-request-id Q0EK9V4K89QZY6P1 cf-ray 8d0667941ce90f7a-MXP accept-ranges bytes access-control-allow-origin * content-length 83132 server cloudflare x-amz-server-side-encryption AES256
GET H3	200	66bfcc95c52b542e8bb145a4_Email%20(4)-p-500.png cdn.prod.website-files.com/66bf85db76df65d099ba4740/	23 KB 23 KB	80ms 76ms	Image image/png	104.18.161.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/66bfcc95c52b542e8bb145a4_Email%20(4)-p-500.png Requested by Host: www.freeaudit.trykrackedretention.com URL: https://www.freeaudit.trykrackedretention.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 089678837d64430900b7d22e40b96dbee6bde6078dd21139f871cd0ab7a69456 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.freeaudit.trykrackedretention.com/ Response headers cf-cache-status HIT etag "46f5c4df552a71d97c19e56c832c5a20" x-amz-version-id S5sDEtphmcM26WdHTOoi1ZFCNFXfkvvh alt-svc h3=":443"; ma=86400 date Thu, 10 Oct 2024 11:52:30 GMT content-type image/png last-modified Fri, 16 Aug 2024 22:03:06 GMT vary Accept-Encoding x-amz-id-2 LCXjITDtLOb+B+nDjFkPkakkdU7SXHUe5LRqR9OSBAIuRwcA9ujw+AqnRzGDcqpstPeUl4MmSpQ= cache-control max-age=31536000, must-revalidate x-amz-request-id GV6KPMQVJCBB7PCC cf-ray 8d0667941cea0f7a-MXP accept-ranges bytes access-control-allow-origin * content-length 23356 server cloudflare x-amz-server-side-encryption AES256
GET H3	200	66bfcd32852f621b38199687_Email%20(5)-p-500.png cdn.prod.website-files.com/66bf85db76df65d099ba4740/	24 KB 25 KB	117ms 113ms	Image image/png	104.18.161.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/66bfcd32852f621b38199687_Email%20(5)-p-500.png Requested by Host: www.freeaudit.trykrackedretention.com URL: https://www.freeaudit.trykrackedretention.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22afcdaf98c3037c1f230ded66fcdf914c11f9fd27985a3380264c80e697c3c1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.freeaudit.trykrackedretention.com/ Response headers cf-cache-status HIT etag "c21c0ee009fc82d03526b1b7c2f0ddf3" x-amz-version-id rYEJO8o1tJ48gahb6jFJQWHKvA_sI_gd alt-svc h3=":443"; ma=86400 date Thu, 10 Oct 2024 11:52:30 GMT content-type image/png last-modified Fri, 16 Aug 2024 22:05:41 GMT vary Accept-Encoding x-amz-id-2 4AkzijxTI7X7tVPjfTteC1N2zSDOGWAB87hZPCmDZDwdI96TBOEiqoiAlB/hx8NYYmomakO72IU= cache-control max-age=31536000, must-revalidate x-amz-request-id GV6ZHVQRP8SY0G61 cf-ray 8d0667941ceb0f7a-MXP accept-ranges bytes access-control-allow-origin * content-length 24777 server cloudflare x-amz-server-side-encryption AES256
GET H3	200	66bfa87098b191d50b28ea6a_Volley%20(3).gif cdn.prod.website-files.com/66bf85db76df65d099ba4740/	963 KB 963 KB	162ms 158ms	Image image/gif	104.18.161.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/66bfa87098b191d50b28ea6a_Volley%20(3).gif Requested by Host: www.freeaudit.trykrackedretention.com URL: https://www.freeaudit.trykrackedretention.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dec9b079c3f059968a1ae13df548c1288acff3b539bf9644a1fa6138be481550 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.freeaudit.trykrackedretention.com/ Response headers cf-cache-status HIT etag "9d38cf0585e1a1305d7b7fd779c507c5" x-amz-version-id yES15mJ8O2ZlvIBvca5bnL24Qw69ue7C x-amz-storage-class INTELLIGENT_TIERING alt-svc h3=":443"; ma=86400 date Thu, 10 Oct 2024 11:52:30 GMT content-type image/gif last-modified Fri, 16 Aug 2024 19:28:50 GMT vary Accept-Encoding x-amz-id-2 S672QgpbF/m5NPmF8aO5uREtdPxwYK2zpkLpHvM+OUFJyigVcqvtwXfcuD0ocw8MYsJ5LC0Pds4= cache-control max-age=31536000, must-revalidate x-amz-request-id Q0ES7Y0Q3SVA1V3V cf-ray 8d0667941ced0f7a-MXP accept-ranges bytes access-control-allow-origin * content-length 985825 server cloudflare x-amz-server-side-encryption AES256
GET H3	200	66bfcd864cbacaafba0aff65_Email%20(6)-p-500.png cdn.prod.website-files.com/66bf85db76df65d099ba4740/	21 KB 22 KB	124ms 121ms	Image image/png	104.18.161.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/66bfcd864cbacaafba0aff65_Email%20(6)-p-500.png Requested by Host: www.freeaudit.trykrackedretention.com URL: https://www.freeaudit.trykrackedretention.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6693f6ff8dfda0c9cbfe3516f93fb3af7ffe852fcbbf392797b2a4b62e0e4d8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.freeaudit.trykrackedretention.com/ Response headers cf-cache-status HIT etag "b01fa75ddaff4105188ef00d52898c44" x-amz-version-id GPLXO59OJpuU7.8xWxdvahp4K6fdPkWv alt-svc h3=":443"; ma=86400 date Thu, 10 Oct 2024 11:52:30 GMT content-type image/png last-modified Fri, 16 Aug 2024 22:07:06 GMT vary Accept-Encoding x-amz-id-2 2zhgiJoS7t1FOgDc4kndraAuc8fKPlo1KTWiMhG2sWmN9zUAJmJBKBZYtbN+SEPAc8XvBfo3VA6S4nvw2zLL2gKxP1nzqNREYMnUeSO9/xA= cache-control max-age=31536000, must-revalidate x-amz-request-id GV6JX2Y36XPQQDMG cf-ray 8d0667941cee0f7a-MXP accept-ranges bytes access-control-allow-origin * content-length 21658 server cloudflare x-amz-server-side-encryption AES256
GET H3	200	66bfcde6670af1f9ab073d50_Email%20(7)-p-500.png cdn.prod.website-files.com/66bf85db76df65d099ba4740/	29 KB 29 KB	138ms 134ms	Image image/png	104.18.161.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prod.website-files.com/66bf85db76df65d099ba4740/66bfcde6670af1f9ab073d50_Email%20(7)-p-500.png Requested by Host: www.freeaudit.trykrackedretention.com URL: https://www.freeaudit.trykrackedretention.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d08a601cdabb3366596bb2aff7a44c08646a471de8662715abfc2edb09831fc5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.freeaudit.trykrackedretention.com/ Response headers cf-cache-status HIT etag "2b0169c7f7dfa95e71baec102def4c43" x-amz-version-id 7oS.6HU4_c2m0Ww0L_jg.4zQQyegsmFO alt-svc h3=":443"; ma=86400 date Thu, 10 Oct 2024 11:52:30 GMT content-type image/png last-modified Fri, 16 Aug 2024 22:08:41 GMT vary Accept-Encoding x-amz-id-2 RskUAtD/CxwIp+Hv9JbZkWf9HMU95/ZVMk0JBm6bjal3MAIE97JnQJEvMyjTs9nW2XbOdUjwHmz9yOcHV33N8w== cache-control max-age=31536000, must-revalidate x-amz-request-id GV6RGZ8KDGX9TCET cf-ray 8d0667941cef0f7a-MXP accept-ranges bytes access-control-allow-origin * content-length 29770 server cloudflare x-amz-server-side-encryption AES256
GET H3	200	DPEtYwqExx0AWHX5Ax4E.woff2 fonts.gstatic.com/s/varela/v16/	18 KB 19 KB	88ms 39ms	Font font/woff2	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/varela/v16/DPEtYwqExx0AWHX5Ax4E.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Varela:400%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash b113dc88c313c4beefc0c00d42ffc7e8c4124154e55a00c2b3f9e9273dd1dba8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.freeaudit.trykrackedretention.com Referer https://fonts.googleapis.com/ Response headers age 228126 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Tue, 07 Oct 2025 20:30:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 07 Oct 2024 20:30:24 GMT last-modified Wed, 27 Apr 2022 16:06:38 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18940 x-xss-protection 0 server sffe
GET H3	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 32 KB	113ms 64ms	Font font/woff2	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Varela:400%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.freeaudit.trykrackedretention.com Referer https://fonts.googleapis.com/ Response headers age 228133 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Tue, 07 Oct 2025 20:30:17 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 07 Oct 2024 20:30:17 GMT last-modified Wed, 13 Sep 2023 22:51:58 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 33092 x-xss-protection 0 server sffe
GET H3	200	JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 fonts.gstatic.com/s/montserrat/v26/	33 KB 34 KB	89ms 41ms	Font font/woff2	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Varela:400%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash 92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.freeaudit.trykrackedretention.com Referer https://fonts.googleapis.com/ Response headers age 185962 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 08 Oct 2025 08:13:08 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 08 Oct 2024 08:13:08 GMT last-modified Wed, 13 Sep 2023 22:52:07 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 34288 x-xss-protection 0 server sffe
GET H3	200	favicon.ico cdn.prod.website-files.com/img/	15 KB 2 KB	42ms 41ms	Other image/x-icon	104.18.161.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.website-files.com/img/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4239819d399860eb27d8a73417f9bd108d45d11676f68b5edaae328ec197d55e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.freeaudit.trykrackedretention.com/ Response headers content-encoding br cf-cache-status HIT etag W/"1f894f487d068a2ced95d5cd4f88598c" x-amz-version-id C5TuT6ObkzP1GjuEGkIHJatwDHqj5J6N age 25480 alt-svc h3=":443"; ma=86400 date Thu, 10 Oct 2024 11:52:30 GMT content-type image/x-icon last-modified Thu, 05 Oct 2023 23:38:20 GMT vary Accept-Encoding x-amz-id-2 GayQViL6tu3T6lZutyb4c6tFlMioDCIdU0b/wbzrrS4VcoOFLdvCxbV9CN2X4EgXC7SSJGrqWM4= cache-control max-age=84600, must-revalidate x-amz-request-id VN7C4B5K0TSY5XAG cf-ray 8d0667982a130f7a-MXP access-control-allow-origin * server cloudflare x-amz-server-side-encryption AES256
OPTIONS H2	200	gusid 207403.t.hyros.com/v1/lst/	0 0	395ms 132ms	Preflight	3.225.192.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://207403.t.hyros.com/v1/lst/gusid Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.225.192.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-192-188.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers fp,product-id,ref-url Access-Control-Request-Method GET Origin https://www.freeaudit.trykrackedretention.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers fp,product-id,ref-url access-control-allow-methods GET, PUT, POST, OPTIONS, DELETE access-control-allow-origin https://www.freeaudit.trykrackedretention.com access-control-expose-headers Session-ID, L-Gen-ID access-control-max-age 86400 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH content-length 0 date Thu, 10 Oct 2024 11:52:31 GMT strict-transport-security max-age=31536000; includeSubDomains vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H2	200	gusid Show response 207403.t.hyros.com/v1/lst/	0 544 B	164ms 163ms	XHR text/plain	3.225.192.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://207403.t.hyros.com/v1/lst/gusid Requested by Host: 207403.t.hyros.com URL: https://207403.t.hyros.com/v1/lst/universal-script?ph=66c93351b5bee4f2b4a80adbc97b79a22b92bf3f1fe9585876454571a44916fa&tag=!clicked&ref_url=https://www.freeaudit.trykrackedretention.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.225.192.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-192-188.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Ref-Url https://www.freeaudit.trykrackedretention.com/ Referer https://www.freeaudit.trykrackedretention.com/ Product-ID 207403 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 fp db005e7cb84ade0cd37fc9c56ee3b455 Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 access-control-expose-headers Session-ID, L-Gen-ID etag HB-ET_c35cb3a4c30a2a400959a021bcf4c4708574d40955c596f8e018387c24ac1335 access-control-allow-credentials true access-control-allow-methods GET, PUT, POST, OPTIONS, DELETE access-control-allow-origin https://www.freeaudit.trykrackedretention.com content-length 0 date Thu, 10 Oct 2024 11:52:31 GMT session-id HB-ET_c35cb3a4c30a2a400959a021bcf4c4708574d40955c596f8e018387c24ac1335
OPTIONS H2	200	session lg.hyr.so/v1/lst/	0 0	424ms 141ms	Preflight	3.225.192.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://lg.hyr.so/v1/lst/session Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.225.192.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-192-188.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers access-control-allow-headers,access-control-allow-origin,content-type Access-Control-Request-Method GET Origin https://www.freeaudit.trykrackedretention.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers access-control-allow-headers,access-control-allow-origin,content-type access-control-allow-methods GET, PUT, POST, OPTIONS, DELETE access-control-allow-origin https://www.freeaudit.trykrackedretention.com access-control-expose-headers Session-ID, L-Gen-ID access-control-max-age 86400 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH content-length 0 date Thu, 10 Oct 2024 11:52:31 GMT strict-transport-security max-age=31536000; includeSubDomains vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H2	200	session Show response lg.hyr.so/v1/lst/	0 390 B	399ms 132ms	XHR text/plain	3.225.192.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://lg.hyr.so/v1/lst/session Requested by Host: 207403.t.hyros.com URL: https://207403.t.hyros.com/v1/lst/universal-script?ph=66c93351b5bee4f2b4a80adbc97b79a22b92bf3f1fe9585876454571a44916fa&tag=!clicked&ref_url=https://www.freeaudit.trykrackedretention.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.225.192.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-192-188.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Access-Control-Allow-Origin * Referer https://www.freeaudit.trykrackedretention.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-type application/json; charset=utf-8 Access-Control-Allow-Headers * Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 access-control-expose-headers Session-ID, L-Gen-ID etag LS_1a2d392cbfe53d20c5f9eb558dd1b63b29d8921bee8503557d3972c3397cd8a6 access-control-allow-credentials true access-control-allow-methods GET, PUT, POST, OPTIONS, DELETE access-control-allow-origin https://www.freeaudit.trykrackedretention.com content-length 0 date Thu, 10 Oct 2024 11:52:32 GMT l-gen-id LS_1a2d392cbfe53d20c5f9eb558dd1b63b29d8921bee8503557d3972c3397cd8a6
GET H2	200	pc Show response 207403.t.hyros.com/v1/lst/	117 B 439 B	156ms 156ms	XHR application/json	3.225.192.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://207403.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fwww.freeaudit.trykrackedretention.com%2F&u_agent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F129.0.0.0+Safari%2F537.36&fp=db005e7cb84ade0cd37fc9c56ee3b455 Requested by Host: 207403.t.hyros.com URL: https://207403.t.hyros.com/v1/lst/universal-script?ph=66c93351b5bee4f2b4a80adbc97b79a22b92bf3f1fe9585876454571a44916fa&tag=!clicked&ref_url=https://www.freeaudit.trykrackedretention.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.225.192.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-192-188.compute-1.amazonaws.com Software / Resource Hash 8f5c0253baffa445fafd84f47f57958db8f38c576c0f4c67a51dfd15ba718a16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Session-ID HB-ET_c35cb3a4c30a2a400959a021bcf4c4708574d40955c596f8e018387c24ac1335 Referer https://www.freeaudit.trykrackedretention.com/ Product-ID 207403 Access-Control-Allow-Origin * User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-type application/json; charset=utf-8 L-Gen-ID LS_1a2d392cbfe53d20c5f9eb558dd1b63b29d8921bee8503557d3972c3397cd8a6 Access-Control-Allow-Headers * Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 86400 access-control-expose-headers Session-ID, L-Gen-ID access-control-allow-credentials true access-control-allow-methods GET, PUT, POST, OPTIONS, DELETE access-control-allow-origin https://www.freeaudit.trykrackedretention.com content-length 117 date Thu, 10 Oct 2024 11:52:32 GMT content-type application/json;charset=UTF-8
OPTIONS H2	200	pc 207403.t.hyros.com/v1/lst/	0 0	133ms 132ms	Preflight	3.225.192.188 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://207403.t.hyros.com/v1/lst/pc?ref_url=https%3A%2F%2Fwww.freeaudit.trykrackedretention.com%2F&u_agent=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F129.0.0.0+Safari%2F537.36&fp=db005e7cb84ade0cd37fc9c56ee3b455 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.225.192.188 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-192-188.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id Access-Control-Request-Method GET Origin https://www.freeaudit.trykrackedretention.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers access-control-allow-headers,access-control-allow-origin,content-type,l-gen-id,product-id,session-id access-control-allow-methods GET, PUT, POST, OPTIONS, DELETE access-control-allow-origin https://www.freeaudit.trykrackedretention.com access-control-expose-headers Session-ID, L-Gen-ID access-control-max-age 86400 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH content-length 0 date Thu, 10 Oct 2024 11:52:32 GMT strict-transport-security max-age=31536000; includeSubDomains vary Origin Access-Control-Request-Method Access-Control-Request-Headers

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| WebFont object| head object| script function| $ function| jQuery function| tram object| Webflow object| hrs object| FPJS object| dataLayer string| documentUrl function| mcAsyncInit

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			207403.t.hyros.com/v1/lst	1970-01-21 09:45:21	Name: __mh_tt_s Value: HB-ET_c35cb3a4c30a2a400959a021bcf4c4708574d40955c596f8e018387c24ac1335
			.prod.website-files.com/	1970-01-21 00:09:22	Name: __cf_bm Value: .RD_MvoSZH5Z0L_ac1gE96B3hQpR4KZuR29w5N_95Wo-1728561149-1.0.1.1-skwZCBuCoLywt9uuI_ZilU2fk4Wp5GzmR2L6ujqCRFm4jSc2jOCY_axidAqPSja4ft2KI7yG3XzXipiE10sf.w

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

207403.t.hyros.com
ajax.googleapis.com
cdn.prod.website-files.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
lg.hyr.so
www.freeaudit.trykrackedretention.com
104.18.161.117
142.250.184.227
2a00:1450:4001:827::200a
2a00:1450:4001:82b::200a
3.225.192.188
35.152.119.144
52.222.232.39
089678837d64430900b7d22e40b96dbee6bde6078dd21139f871cd0ab7a69456
0d314eca15d9c38f6e9fc24eb60676ce09241eef0884a44fdfa3030cd03ef783
19919b6a1d452e7502d180c6331f86d8220748ddd1f77d624836bd7da130942f
22afcdaf98c3037c1f230ded66fcdf914c11f9fd27985a3380264c80e697c3c1
382bbc4ad4805aec2eaff075521272165c862f3062d500889800b4d1e72244d0
4239819d399860eb27d8a73417f9bd108d45d11676f68b5edaae328ec197d55e
501b36d72c5c01bbf6fa00f5ef2bb0ad45222802780bf08f52590718eeb75136
545b657811056d8ef7838659e39e0dc2b6ab1a6bb6b0d45b425cb06e7347b121
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8f5c0253baffa445fafd84f47f57958db8f38c576c0f4c67a51dfd15ba718a16
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
9c7a7925bdadde71a6f3750283962af28e51a619297a9da96a9fa99d6f588dc7
a8b51ebb5e60cc7f94752b3ae7bcef43690b1ccdc19ecb91c66b7a87a5e6d4ba
b113dc88c313c4beefc0c00d42ffc7e8c4124154e55a00c2b3f9e9273dd1dba8
b2a44fc34945ae74820697da6fba02dbb44207e8f607e4e61d9d9b3e3d7f9e60
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c6693f6ff8dfda0c9cbfe3516f93fb3af7ffe852fcbbf392797b2a4b62e0e4d8
c95db0169cbaf0682e5123db0a69c761bb3ab7d8527728b5986c15c89dfdc280
d08a601cdabb3366596bb2aff7a44c08646a471de8662715abfc2edb09831fc5
dc3205fc864f3b96cd908df4bcb4479ced39799e52a2a44af73d256c624933ec
dec9b079c3f059968a1ae13df548c1288acff3b539bf9644a1fa6138be481550
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc60aa8741949a164551f43eda041f4516d68af1a649e620906345b43380e2d7