pcloak.blob.core.windows.net Open in urlscan Pro
20.60.220.36  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 6x6j7g318.html Show response pcloak.blob.core.windows.net/web/	1 KB 2 KB	520ms 114ms	Document text/html	20.60.220.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pcloak.blob.core.windows.net/web/6x6j7g318.html?fbclid=PAAaawQZM6dDFMCPnkNPifnjq0144Y762ZQ7ADuVfiVJrMggNwB2ix4laOY1Q_aem_th_Acw_43d0xQw1sprfM6pdtU14bW8SqdZEhmJn5b2IdC2Zf7QIKgYwkOnVH_CvnJ8Z8niamGsI_wQ48nm2YBmeO7U3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 7c27fce0cb90a72b776ed2a342c2a7c6f4413b9c410d9568c566325b47185a10 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Length 1312 Content-MD5 9yKO+spl9bM4tteQbpUZ7Q== Content-Type text/html Date Tue, 11 Jul 2023 01:00:43 GMT ETag 0x8DB5ED079674B81 Last-Modified Sat, 27 May 2023 16:36:08 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-blob-type BlockBlob x-ms-lease-status unlocked x-ms-request-id eddd2a8f-c01e-0043-5393-b3a451000000 x-ms-version 2009-09-19
GET H/1.1	404 The specified blob does not exist.	jquery.min.js pcloak.blob.core.windows.net/web/	0 0	108ms 108ms	Script application/xml	20.60.220.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pcloak.blob.core.windows.net/web/jquery.min.js Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6j7g318.html?fbclid=PAAaawQZM6dDFMCPnkNPifnjq0144Y762ZQ7ADuVfiVJrMggNwB2ix4laOY1Q_aem_th_Acw_43d0xQw1sprfM6pdtU14bW8SqdZEhmJn5b2IdC2Zf7QIKgYwkOnVH_CvnJ8Z8niamGsI_wQ48nm2YBmeO7U3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://pcloak.blob.core.windows.net/web/6x6j7g318.html?fbclid=PAAaawQZM6dDFMCPnkNPifnjq0144Y762ZQ7ADuVfiVJrMggNwB2ix4laOY1Q_aem_th_Acw_43d0xQw1sprfM6pdtU14bW8SqdZEhmJn5b2IdC2Zf7QIKgYwkOnVH_CvnJ8Z8niamGsI_wQ48nm2YBmeO7U3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-ms-request-id eddd2b03-c01e-0043-3493-b3a451000000 Date Tue, 11 Jul 2023 01:00:43 GMT x-ms-version 2009-09-19 Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-Length 215 Content-Type application/xml
GET H/1.1	200 OK	cloakan.js Show response pcloak.blob.core.windows.net/web/	308 B 717 B	328ms 109ms	Script text/javascript	20.60.220.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pcloak.blob.core.windows.net/web/cloakan.js Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6j7g318.html?fbclid=PAAaawQZM6dDFMCPnkNPifnjq0144Y762ZQ7ADuVfiVJrMggNwB2ix4laOY1Q_aem_th_Acw_43d0xQw1sprfM6pdtU14bW8SqdZEhmJn5b2IdC2Zf7QIKgYwkOnVH_CvnJ8Z8niamGsI_wQ48nm2YBmeO7U3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a Request headers accept-language de-DE,de;q=0.9 Referer https://pcloak.blob.core.windows.net/web/6x6j7g318.html?fbclid=PAAaawQZM6dDFMCPnkNPifnjq0144Y762ZQ7ADuVfiVJrMggNwB2ix4laOY1Q_aem_th_Acw_43d0xQw1sprfM6pdtU14bW8SqdZEhmJn5b2IdC2Zf7QIKgYwkOnVH_CvnJ8Z8niamGsI_wQ48nm2YBmeO7U3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Tue, 11 Jul 2023 01:00:43 GMT Last-Modified Mon, 13 Jun 2022 14:36:49 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 zPiKctHo6j8i1UGOFPpInw== ETag 0x8DA4D4A263C11C2 Content-Type text/javascript x-ms-request-id eddd2bbb-c01e-0043-5293-b3a451000000 x-ms-version 2009-09-19 Content-Length 308
GET H/1.1	200 OK	style.css pcloak.blob.core.windows.net/web/	166 B 568 B	218ms 110ms	Stylesheet text/css	20.60.220.36 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pcloak.blob.core.windows.net/web/style.css Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6j7g318.html?fbclid=PAAaawQZM6dDFMCPnkNPifnjq0144Y762ZQ7ADuVfiVJrMggNwB2ix4laOY1Q_aem_th_Acw_43d0xQw1sprfM6pdtU14bW8SqdZEhmJn5b2IdC2Zf7QIKgYwkOnVH_CvnJ8Z8niamGsI_wQ48nm2YBmeO7U3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.220.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5 Request headers accept-language de-DE,de;q=0.9 Referer https://pcloak.blob.core.windows.net/web/6x6j7g318.html?fbclid=PAAaawQZM6dDFMCPnkNPifnjq0144Y762ZQ7ADuVfiVJrMggNwB2ix4laOY1Q_aem_th_Acw_43d0xQw1sprfM6pdtU14bW8SqdZEhmJn5b2IdC2Zf7QIKgYwkOnVH_CvnJ8Z8niamGsI_wQ48nm2YBmeO7U3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Tue, 11 Jul 2023 01:00:43 GMT Last-Modified Mon, 13 Jun 2022 14:36:49 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 9ruAIrm4XHnQO3/sM8J0AQ== ETag 0x8DA4D4A26527CA0 Content-Type text/css x-ms-request-id eddd2b69-c01e-0043-0993-b3a451000000 x-ms-version 2009-09-19 Content-Length 166
GET H2	200	px.php Show response www.cloakan.co/	743 B 682 B	311ms 144ms	XHR text/html	77.245.159.14 NIOBEBILISIMHIZME...
General Check archive.org Show headers Download Go to Full URL https://www.cloakan.co/px.php?id=6x6j7g318 Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/6x6j7g318.html?fbclid=PAAaawQZM6dDFMCPnkNPifnjq0144Y762ZQ7ADuVfiVJrMggNwB2ix4laOY1Q_aem_th_Acw_43d0xQw1sprfM6pdtU14bW8SqdZEhmJn5b2IdC2Zf7QIKgYwkOnVH_CvnJ8Z8niamGsI_wQ48nm2YBmeO7U3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR), Reverse DNS stilgar.wlsrv.com Software LiteSpeed / PHP/7.3.33 Resource Hash d1bf28852a5a1af79eba1fc7f1dbfbe75c589302b9cf12e2d5db58c65f5fdfea Request headers accept-language de-DE,de;q=0.9 Referer https://pcloak.blob.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 01:00:44 GMT content-encoding br server LiteSpeed x-powered-by PHP/7.3.33 vary Accept-Encoding,User-Agent content-type text/html; charset=UTF-8 access-control-allow-origin * alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000 content-length 405
GET H2	200	nv.php Show response www.cloakan.co/	234 B 388 B	301ms 161ms	Script text/html	77.245.159.14 NIOBEBILISIMHIZME...
General Check archive.org Show headers Download Go to Full URL https://www.cloakan.co/nv.php?id=6x6j7g318-m Requested by Host: pcloak.blob.core.windows.net URL: https://pcloak.blob.core.windows.net/web/cloakan.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.245.159.14 , Turkey, ASN42868 (NIOBEBILISIMHIZMETLERI, TR), Reverse DNS stilgar.wlsrv.com Software LiteSpeed / PHP/7.3.33 Resource Hash 58b4f94997efa7e844fca37d10c51532210be105b2e3d377fdcf2d29ae8d576f Request headers accept-language de-DE,de;q=0.9 Referer https://pcloak.blob.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 01:00:44 GMT content-encoding br server LiteSpeed x-powered-by PHP/7.3.33 vary Accept-Encoding,User-Agent content-type text/html; charset=UTF-8 alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000 content-length 115
GET H2	200	/ Show response egonomik.com/ Frame FD04	3 KB 2 KB	815ms 60ms	Document text/html	94.199.206.79 AEROTEK-AS
General Check archive.org Show headers Download Go to Full URL https://egonomik.com/ Requested by Host: www.cloakan.co URL: https://www.cloakan.co/nv.php?id=6x6j7g318-m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.199.206.79 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc76.turhost.com Software / Resource Hash 8f8eca27aca21047fe37f81fe6a4e59a5a77b08f34cb3a287565382e3bc1b37b Request headers Referer https://pcloak.blob.core.windows.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-type text/html date Tue, 11 Jul 2023 01:00:45 GMT last-modified Mon, 26 Jun 2023 11:33:30 GMT vary Accept-Encoding
GET H2	200	css2 fonts.googleapis.com/ Frame FD04	4 KB 951 B	77ms 30ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@200;400;600;700&display=swap Requested by Host: egonomik.com URL: https://egonomik.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 79d7416877d9d23cb097338d1f2ec7d8dfbd75be9832e2abab25c2e99318ef00 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://egonomik.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 11 Jul 2023 01:00:45 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 11 Jul 2023 01:00:45 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 11 Jul 2023 01:00:45 GMT
GET H2	200	cikin.jpg egonomik.com/ Frame FD04	12 KB 12 KB	88ms 88ms	Image image/jpeg	94.199.206.79 AEROTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://egonomik.com/cikin.jpg Requested by Host: egonomik.com URL: https://egonomik.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.199.206.79 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc76.turhost.com Software / Resource Hash 6b919f5a060b8ff86e0c04853e08ba024906288fab6465146cf32f625229093a Request headers accept-language de-DE,de;q=0.9 Referer https://egonomik.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 01:00:45 GMT content-encoding br last-modified Tue, 20 Jun 2023 14:34:40 GMT vary Accept-Encoding content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes expires Tue, 18 Jul 2023 01:00:45 GMT
GET H2	200	egoposta.png egonomik.com/ Frame FD04	4 KB 4 KB	88ms 88ms	Image image/png	94.199.206.79 AEROTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://egonomik.com/egoposta.png Requested by Host: egonomik.com URL: https://egonomik.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.199.206.79 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc76.turhost.com Software / Resource Hash ddd8edb4a24c20fa4c138429ad98182571e1af057ef3caeb0dedc14637c2534a Request headers accept-language de-DE,de;q=0.9 Referer https://egonomik.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 01:00:45 GMT content-encoding br last-modified Tue, 20 Jun 2023 15:12:19 GMT vary Accept-Encoding content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 18 Jul 2023 01:00:45 GMT
GET H2	200	logo.png egonomik.com/ Frame FD04	13 KB 13 KB	130ms 130ms	Image image/png	94.199.206.79 AEROTEK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://egonomik.com/logo.png Requested by Host: egonomik.com URL: https://egonomik.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.199.206.79 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc76.turhost.com Software / Resource Hash d7e97af02cde7424b071431c19ac0319dcd4c533ebcc0295411a47f0c442b9c3 Request headers accept-language de-DE,de;q=0.9 Referer https://egonomik.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 01:00:45 GMT content-encoding br last-modified Tue, 20 Jun 2023 15:07:26 GMT vary Accept-Encoding content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 18 Jul 2023 01:00:45 GMT
GET H2	206	cikin.mp4 egonomik.com/ Frame FD04	80 KB 0	127ms 126ms	Media video/mp4	94.199.206.79 AEROTEK-AS
General Check archive.org Show headers Download Go to Full URL https://egonomik.com/cikin.mp4 Requested by Host: egonomik.com URL: https://egonomik.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.199.206.79 Istanbul, Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS srvc76.turhost.com Software / Resource Hash Request headers Referer https://egonomik.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-792035/792036 date Tue, 11 Jul 2023 01:00:45 GMT last-modified Tue, 20 Jun 2023 14:51:23 GMT Content-Length 792036 content-type video/mp4
GET DATA	200 OK	truncated / Frame FD04	547 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame FD04	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame FD04	380 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/ Frame FD04	8 KB 8 KB	72ms 22ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://egonomik.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 09 Jul 2023 02:19:04 GMT x-content-type-options nosniff age 168101 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 08 Jul 2024 02:19:04 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/ Frame FD04	8 KB 8 KB	68ms 19ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://egonomik.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 05 Jul 2023 18:19:00 GMT x-content-type-options nosniff age 456105 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 04 Jul 2024 18:19:00 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJnecmNE.woff2 fonts.gstatic.com/s/poppins/v20/ Frame FD04	5 KB 6 KB	105ms 57ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://egonomik.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 14:58:16 GMT x-content-type-options nosniff age 208949 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5544 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 07 Jul 2024 14:58:16 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 fonts.gstatic.com/s/poppins/v20/ Frame FD04	5 KB 5 KB	80ms 32ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://egonomik.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 07 Jul 2023 22:12:29 GMT x-content-type-options nosniff age 269296 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5384 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:38 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 06 Jul 2024 22:12:29 GMT
GET H2	200	pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/ Frame FD04	8 KB 8 KB	106ms 57ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://egonomik.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 08 Jul 2023 19:43:26 GMT x-content-type-options nosniff age 191839 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8000 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:59:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 07 Jul 2024 19:43:26 GMT
GET H2	200	pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2 fonts.gstatic.com/s/poppins/v20/ Frame FD04	5 KB 5 KB	73ms 25ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@200;400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9c15f7b06458075c69b40e79f03e62d43017ecf4c618487add407ee47e438684 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://egonomik.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 07 Jul 2023 07:18:05 GMT x-content-type-options nosniff age 322960 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5512 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:59:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 06 Jul 2024 07:18:05 GMT
GET DATA	200 OK	truncated / Frame FD04	177 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame FD04	351 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame FD04	242 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| cloakan string| data object| xmlHttp number| data2 string| hash object| ifrm

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pcloak.blob.core.windows.net/web/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

egonomik.com
fonts.googleapis.com
fonts.gstatic.com
pcloak.blob.core.windows.net
www.cloakan.co
20.60.220.36
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200a
77.245.159.14
94.199.206.79
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
4651fd93f167c3620b534c30bc23ae2a2e7cf742621d8e6d12553c09c388284a
4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63
58b4f94997efa7e844fca37d10c51532210be105b2e3d377fdcf2d29ae8d576f
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6b919f5a060b8ff86e0c04853e08ba024906288fab6465146cf32f625229093a
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
79d7416877d9d23cb097338d1f2ec7d8dfbd75be9832e2abab25c2e99318ef00
7c27fce0cb90a72b776ed2a342c2a7c6f4413b9c410d9568c566325b47185a10
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8f8eca27aca21047fe37f81fe6a4e59a5a77b08f34cb3a287565382e3bc1b37b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9c15f7b06458075c69b40e79f03e62d43017ecf4c618487add407ee47e438684
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986
cf906196a7c1414e11983955e101a051d55a864f2bc9fd52a453d952d92fd9b5
d1bf28852a5a1af79eba1fc7f1dbfbe75c589302b9cf12e2d5db58c65f5fdfea
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7e97af02cde7424b071431c19ac0319dcd4c533ebcc0295411a47f0c442b9c3
ddd8edb4a24c20fa4c138429ad98182571e1af057ef3caeb0dedc14637c2534a
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149