lsaandfzddfatal.christmas Open in urlscan Pro
2606:4700:3033::ac43:91b9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lsaandfzddfatal.christmas/
Submission: On December 24 via api (December 24th 2024, 9:49:33 am UTC) from BE — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3033::ac43:91b9, located in United States and belongs to CLOUDFLARENET, US. The main domain is lsaandfzddfatal.christmas.
TLS certificate: Issued by WE1 on December 16th 2024. Valid for: 3 months.

This is the only time lsaandfzddfatal.christmas was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
18	2606:4700:303... 2606:4700:3033::ac43:91b9		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a		15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:7ad		13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::2003		15169 (GOOGLE) (GOOGLE)
24	4

18 2606:4700:3033::ac43:91b9 (United States)

ASN13335 (CLOUDFLARENET, US)

lsaandfzddfatal.christmas	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:7ad (United States)

ASN13335 (CLOUDFLARENET, US)

code.ionicframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	lsaandfzddfatal.christmas lsaandfzddfatal.christmas	133 KB
3	gstatic.com fonts.gstatic.com	54 KB
2	ionicframework.com code.ionicframework.com — Cisco Umbrella Rank: 22236	118 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
24	4

	Domain	Requested by
18	lsaandfzddfatal.christmas	lsaandfzddfatal.christmas
3	fonts.gstatic.com	fonts.googleapis.com
2	code.ionicframework.com	lsaandfzddfatal.christmas code.ionicframework.com
1	fonts.googleapis.com	lsaandfzddfatal.christmas
24	4

This site contains no links.

Subject Issuer	Validity	Valid
lsaandfzddfatal.christmas WE1	`2024-12-16` - `2025-03-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
ionicframework.com WE1	`2024-11-08` - `2025-02-06`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://lsaandfzddfatal.christmas/
Frame ID: D6E710318F94EC3E04E3160C77CC9C08
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Insights - Empowering Your Workflow

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+ionicons(?:\.min)?\.css

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

306 kB
Transfer

659 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
lsaandfzddfatal.christmas/ 14 KB
4 KB 660ms
629ms Document
text/html 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lsaandfzddfatal.christmas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash: 8c675218619f5179627dea434e2a5c86871e678ec0f1587433f20ff914b169c8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f6fae79f9a5d2b6-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 24 Dec 2024 09:49:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=REMqZfCnMhdpwv85pXxImIFHA2Gl14fTno2iDBRo6Dyujh2KfIXqBYQeRmCctViSXnBZamjTsI9413Worzpbp0iHxGCW9PSuvuMTnkUpM8mj1puDV1jpOrhKXcW9IOTwjS0uOMjBN0%2B72xqttEF1MBs0MUQoGI4w"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=5898&min_rtt=5873&rtt_var=965&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3995&recv_bytes=2302&delivery_rate=670594&cwnd=253&unsent_bytes=0&cid=107c1e3e7a2530f4&ts=635&x=0"
x-powered-by: PHP/8.0.30

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Requested by

Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8d9e6e3ef6c6150c59d707d4a7f2d3b64ce148d93bf22c88de86671471c8132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 24 Dec 2024 09:49:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 09:49:28 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 24 Dec 2024 09:33:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 bootstrap.min.css
lsaandfzddfatal.christmas/css/ 111 KB
20 KB 332ms
330ms Stylesheet
text/css 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lsaandfzddfatal.christmas/css/bootstrap.min.css
Requested by: Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96b126417447a9c5d415f06e00e2e6372248c9857f5ff60b6477f8c6f55c449a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"1bd5b-539c026dbdb00"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5dJnF2dcUgeV6f6T0a1ApeL9Skq2JKqKGdQFmi7TKffx7B7EyHnGcQF%2BVy8xuNjWpiYcD9ZOaR5WWmTiAzP8CR62bJB3G9sSPc%2BFesZ6820NAxafNU3Fe8D1bToYamIw0cGJXu%2B2IVuYPfxxiR%2BHRE9QtZ5GxEGS"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6fae7dfa18d2b6-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6277&min_rtt=5873&rtt_var=694&sent=64&recv=30&lost=0&retrans=0&sent_bytes=52522&recv_bytes=3139&delivery_rate=1760106&cwnd=257&unsent_bytes=0&cid=107c1e3e7a2530f4&ts=970&x=0"
date: Tue, 24 Dec 2024 09:49:28 GMT
content-type: text/css
last-modified: Wed, 10 Aug 2016 23:38:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 50 KB
9 KB 39ms
20ms Stylesheet
text/css 2606:4700:20::681a:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css

Requested by

Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

x-fastly-request-id: f36727168d5e86943a5cbc774aad7409021e0b09
content-encoding: gzip
cf-cache-status: HIT
etag: W/"64382bc3-c854"
age: 14026
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wftfr%2FT7ZgTdsLXWEf6f%2BPlLRQwbrH78wr29sKsA%2FpVtHqCQi2jC%2BZ3lEj47z3xUUNqVfKv6p5J7Wzr%2BFjEimre%2FXARUa%2FhwFwAdYZAhgpzXn0Jc75BFDZJ1YYcGdj1xal8BfgSAaeNw%2BrvS71LBHxsJ6XG6"}],"group":"cf-nel","max_age":604800}
x-github-request-id: 844A:1E1DEE:5E13A60:5EFB2E2:6760EEB4
x-content-type-options: nosniff
expires: Tue, 17 Dec 2024 03:33:32 GMT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=6027&min_rtt=5956&rtt_var=1319&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4277&recv_bytes=4330&delivery_rate=105933&cwnd=12000&unsent_bytes=0&cid=605c94977451ad6e&ts=21&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 09:49:28 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230136-FRA
x-cache-hits: 1
last-modified: Thu, 13 Apr 2023 16:20:19 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15552000
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1735019742.263092,VS0,VE1
via: 1.1 varnish
cf-ray: 8f6fae7e0fa2972c-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8313
x-origin-cache: HIT
server: cloudflare

GET
H2 200 main.css
lsaandfzddfatal.christmas/css/ 13 KB
3 KB 338ms
337ms Stylesheet
text/css 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lsaandfzddfatal.christmas/css/main.css
Requested by: Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 834de6935f18000553fcf2ef1d739331085a07b8c23687aaaf0170727b699b34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"3216-6283abb6d9880"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FICKBFO5VEE1aKuNYk3jeGIsa5Py05s4%2B7c1abSLrwEmFtO2z7cQn7Dom9xvVeZybmdeJM4MeuRKv3Z18cLcb6t9eqgtgcgrXHdKO%2F2O3AMGnD6LpHWoiDuNpYtenfVAs6f93XY7AFPyA6mWcF5%2Fxm540GrLn4vU"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6fae7dfa19d2b6-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6277&min_rtt=5873&rtt_var=694&sent=85&recv=30&lost=0&retrans=0&sent_bytes=74210&recv_bytes=3139&delivery_rate=1760106&cwnd=257&unsent_bytes=29084&cid=107c1e3e7a2530f4&ts=975&x=0"
date: Tue, 24 Dec 2024 09:49:28 GMT
content-type: text/css
last-modified: Sun, 01 Dec 2024 19:49:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 responsive.css
lsaandfzddfatal.christmas/css/ 2 KB
1 KB 355ms
355ms Stylesheet
text/css 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lsaandfzddfatal.christmas/css/responsive.css
Requested by: Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6c274f085ba8d281e715ae0dfcdddee04f76196cdc71d9dc1403e91fa5c0123

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"80f-539c026dbdb00"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bTsNqykgYiM86z6ltEoiURfyJqL67tn63o3bdf27jWWLVN1loqOYDSo7oBN8HqJuhbtmnIESFbiwh0sFmJQmYuVrkUGDehszuinYn8cUU4y9XcDWlEm9aS2i1%2F%2BNWSE1odBIu4%2FAmA343ipVGIJELcXDrs6Zey6A"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6fae7dfa1bd2b6-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6399&min_rtt=5816&rtt_var=397&sent=111&recv=71&lost=0&retrans=0&sent_bytes=106753&recv_bytes=3139&delivery_rate=11343245&cwnd=277&unsent_bytes=0&cid=107c1e3e7a2530f4&ts=994&x=0"
date: Tue, 24 Dec 2024 09:49:28 GMT
content-type: text/css
last-modified: Wed, 10 Aug 2016 23:38:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 logo.png
lsaandfzddfatal.christmas/images/ 5 KB
6 KB 333ms
333ms Image
image/png 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lsaandfzddfatal.christmas/images/logo.png
Requested by: Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b30a251fdc89b5b169f22d51bef94cea825c534c87abb69fc44f747bd82f53df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "1525-6283b6c92b780"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mAircNSNnZ%2Blu1PLffXE15mQKeaikIgb5p5ARaJ%2FP68m0y4IUFVExa1uwlOdkqf7z3InqrX%2FQUDPvP6gSBPSrzfESOufzi%2FNmTAXSVlFJGUpEvCnr78%2FLbVHttaX%2Bj560oBukKK9EUVk0KYYaT7qh2HtmPinwneO"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6fae7dfa1cd2b6-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6277&min_rtt=5873&rtt_var=694&sent=84&recv=30&lost=0&retrans=0&sent_bytes=73594&recv_bytes=3139&delivery_rate=1760106&cwnd=257&unsent_bytes=0&cid=107c1e3e7a2530f4&ts=972&x=0"
content-length: 5413
date: Tue, 24 Dec 2024 09:49:28 GMT
content-type: image/png
last-modified: Sun, 01 Dec 2024 20:39:10 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 aboutus.png
lsaandfzddfatal.christmas/images/ 22 KB
23 KB 337ms
337ms Image
image/png 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lsaandfzddfatal.christmas/images/aboutus.png
Requested by: Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96de0f5fc2153b279973a7d5a0c8ffc3ce46edb7c74b068b3352573ac438db73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "5968-6283b2cea5480"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d0CaZxFmhwSsSVpXNk8%2BEKi87RM%2F2APsLuxksC509KnUXYu4DeU0O3kjEr0UM3ZbAm7zVkakj7xUlMtjGfwsrULfT15USbTrioi8uQSYPDm%2BxFA8Whk270N7VIY%2FzK7Dqa%2FYHj%2B6aIytrAQC0AEskE0RZ93GMoyg"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6fae7dfa1dd2b6-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6277&min_rtt=5873&rtt_var=694&sent=85&recv=30&lost=0&retrans=0&sent_bytes=74210&recv_bytes=3139&delivery_rate=1760106&cwnd=257&unsent_bytes=5497&cid=107c1e3e7a2530f4&ts=973&x=0"
content-length: 22888
date: Tue, 24 Dec 2024 09:49:28 GMT
content-type: image/png
last-modified: Sun, 01 Dec 2024 20:21:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 about-us.jpg
lsaandfzddfatal.christmas/images/ 0
511 B 1064ms
1064ms Image
image/jpg 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lsaandfzddfatal.christmas/images/about-us.jpg
Requested by: Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46QgIyslYsIxzIJSRt6t%2FWUapJNqfJvD4669yCT9bBo18fuBCWnlCsGCtjdT5W17H%2FdhSYxeb3fMrqWHWaDjyDo0ztfsVGvhx8FF2BU9soKWYh6tnM7Ro%2B%2BqOi2reaemll0In1TDs7DPRx4iCy%2B74yluNsd9OEW1"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6fae7dfa2cd2b6-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6356&min_rtt=5816&rtt_var=383&sent=114&recv=72&lost=0&retrans=0&sent_bytes=107887&recv_bytes=3139&delivery_rate=11343245&cwnd=280&unsent_bytes=0&cid=107c1e3e7a2530f4&ts=1712&x=0"
content-length: 0
date: Tue, 24 Dec 2024 09:49:29 GMT
content-type: image/jpg
x-powered-by: PHP/8.0.30
vary: Accept-Encoding
last-modified: Tue, 24 Dec 2024 09:49:29 GMT

GET
H2 200 email-decode.min.js Show response
lsaandfzddfatal.christmas/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lsaandfzddfatal.christmas/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"675fc4cd-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SqGl8KfYq0IpabIYVhsxdhai1vKG%2ByJVLG31FeoFn5VCNCq0lEiY4H4EapZSwWfz2cRqWLzEKNDD7gkuNbZWXw9xCDC%2B3cXXRILFXKbYCdTYot3FMXUyeoMF1RFlIVweLVQzrXT2ElYRQyfvxb9MolnD%2FGOdodFR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f6fae7dfa2dd2b6-FRA
expires: Thu, 26 Dec 2024 09:49:28 GMT
date: Tue, 24 Dec 2024 09:49:28 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 06:12:29 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 jquery-1.10.2.min.js Show response
lsaandfzddfatal.christmas/js/vendor/ 91 KB
34 KB 320ms
320ms Script
application/javascript 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lsaandfzddfatal.christmas/js/vendor/jquery-1.10.2.min.js
Requested by: Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"16bb3-539c026dbdb00"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jbBgvJkcEmIwtaI3AAKwM7xcLLUHo%2BGatKaKO8RkJhN%2F3wgAS7DkT%2B%2BDfirwWRtmHAr1rkdm%2BFFkcRPhPUYg6obHR8QuU6sbtt1kqQ1fhJ9rBk5%2BPT0zMOH0FwSHQ6qjCkbDJyjPrUTKiGCQgKQe0hFiHH2hyXOG"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6fae7dfa2ed2b6-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6277&min_rtt=5873&rtt_var=694&sent=29&recv=30&lost=0&retrans=0&sent_bytes=16838&recv_bytes=3139&delivery_rate=1760106&cwnd=257&unsent_bytes=0&cid=107c1e3e7a2530f4&ts=968&x=0"
date: Tue, 24 Dec 2024 09:49:28 GMT
content-type: application/javascript
last-modified: Wed, 10 Aug 2016 23:38:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 modernizr-2.6.2.min.js Show response
lsaandfzddfatal.christmas/js/vendor/ 15 KB
7 KB 314ms
314ms Script
application/javascript 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lsaandfzddfatal.christmas/js/vendor/modernizr-2.6.2.min.js
Requested by: Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"3c36-539c026dbdb00"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MzgCL53Yd0cx0fJ5vGvojIjdVm4UaRDuCEx7aFqlj%2F%2F9WidB6cXcHa5rcwO79aCsLWIR43JGIPsTWWzP6YlXkkpTRkDwK7Ze8gY1ZGNidjo2A2I3pW9LwPjvOlStoOMXXtXVAUPqqoZrk6a%2F3YYev65WAbrdsVTt"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6fae7dfa2fd2b6-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6516&min_rtt=5873&rtt_var=1206&sent=21&recv=26&lost=0&retrans=0&sent_bytes=9518&recv_bytes=3139&delivery_rate=843844&cwnd=257&unsent_bytes=0&cid=107c1e3e7a2530f4&ts=961&x=0"
date: Tue, 24 Dec 2024 09:49:28 GMT
content-type: application/javascript
last-modified: Wed, 10 Aug 2016 23:38:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bootstrap.min.js Show response
lsaandfzddfatal.christmas/js/ 28 KB
9 KB 338ms
337ms Script
application/javascript 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lsaandfzddfatal.christmas/js/bootstrap.min.js
Requested by: Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"71a9-539c026dbdb00"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uaghbhXRMsfGgH1wgfXyGpmqPv6e6Nd2uF%2FZVoZ%2B08Ey37rq1LsM7dqtNzPH7nNZGpQ5HAuFlcCPaKwgf1gSwdfSTG9jSDudEioHTngVzLwGdGVDTPHgBvMP%2BdxcFhYRyRr8iak2U6Rcum%2FN4CJmwb0yaROC1hDZ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6fae7eef5ddba7-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6289&min_rtt=5977&rtt_var=719&sent=20&recv=19&lost=0&retrans=0&sent_bytes=10524&recv_bytes=6432&delivery_rate=18130&cwnd=12000&unsent_bytes=0&cid=d20d61fe2c68f07a&ts=481&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 09:49:29 GMT
content-type: application/javascript
last-modified: Wed, 10 Aug 2016 23:38:52 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H3 200 owl.carousel.min.js Show response
lsaandfzddfatal.christmas/js/ 39 KB
12 KB 341ms
340ms Script
application/javascript 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lsaandfzddfatal.christmas/js/owl.carousel.min.js
Requested by: Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"9dd1-539c026dbdb00"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BM6tP3f%2FOZeiLQQWfYYarGEZWTyHthFChCcxxEM4Hqye83ctFzNgo%2FAyAxMIwrt79FI%2FcYQLLLn8JycZTO4wejy6yJWrfRxl3nhJoAAdjCm%2BgArWMkQg2Bvyug70Gn4ahn2eEXOnk%2FralPBBAGd69Md5ptzWAQc1"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6fae7eef5edba7-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6289&min_rtt=5977&rtt_var=719&sent=29&recv=19&lost=0&retrans=0&sent_bytes=19823&recv_bytes=6432&delivery_rate=18130&cwnd=12000&unsent_bytes=0&cid=d20d61fe2c68f07a&ts=485&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 09:49:29 GMT
content-type: application/javascript
last-modified: Wed, 10 Aug 2016 23:38:52 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H3 200 jquery.sticky.js Show response
lsaandfzddfatal.christmas/js/ 6 KB
2 KB 340ms
340ms Script
application/javascript 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lsaandfzddfatal.christmas/js/jquery.sticky.js
Requested by: Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2625c28848cbca930c42cf94c85201372302f87978932e468d75466addc23e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"1616-539c026dbdb00"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2Bwhan3YWHXllddoFBV6UvyBJ1MG4uM2Bn22lsENfd46J7JTTdwve1hbyfRqDa6JGpkX7%2Fas5dsZNYYFOPHyX8rrdhDk9y6XxziuJ9w4Tz4VPbMzthuF%2FPc3tTs0M4dDdxncs7K%2Ft5GRkyCxvr%2F9SvtaPF1mnCt2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6fae7eef60dba7-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6289&min_rtt=5977&rtt_var=719&sent=30&recv=19&lost=0&retrans=0&sent_bytes=20546&recv_bytes=6432&delivery_rate=18130&cwnd=12000&unsent_bytes=0&cid=d20d61fe2c68f07a&ts=485&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 09:49:29 GMT
content-type: application/javascript
last-modified: Wed, 10 Aug 2016 23:38:52 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H3 200 wow.min.js Show response
lsaandfzddfatal.christmas/js/ 8 KB
3 KB 322ms
322ms Script
application/javascript 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lsaandfzddfatal.christmas/js/wow.min.js
Requested by: Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3162b6468674133d7b6c903e4b8a06f7faf51216d1e7f8b3edc8f326b1bfe461

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"1ff7-539c026dbdb00"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=niVBAOJidPjEjcCIzezi0Hc%2B5Hl80%2Fax6M8AF4mjig634D%2BHXnHxhHL%2F9k8p5qH2ARFylqlNAwnxaqdZW0ntFaK3v16zEK%2FpyNK2ohV1Cpo7VJMe4tVKj%2Fi3DIAHmvtiWbdrwgk2qzmCZ7i3GChMRBxR%2FYjrRmVz"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6fae7eef61dba7-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6385&min_rtt=6183&rtt_var=1346&sent=16&recv=16&lost=0&retrans=0&sent_bytes=6861&recv_bytes=6303&delivery_rate=861&cwnd=12000&unsent_bytes=0&cid=d20d61fe2c68f07a&ts=468&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 09:49:29 GMT
content-type: application/javascript
last-modified: Wed, 10 Aug 2016 23:38:52 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H3 200 main.js Show response
lsaandfzddfatal.christmas/js/ 5 KB
2 KB 317ms
317ms Script
application/javascript 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lsaandfzddfatal.christmas/js/main.js
Requested by: Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd6808f1443357a7c2208297567f99f4a8ba54a538d0283e105721e42b40ddbc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"12f3-58f92f2db2a80"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wd1KdUpLz2cord6ygfOpE6Q2oM5orD1LLfh1sHJkB%2BekGQ3D84QW2cBZA8A0BUkvr73HMSzBozCellvOUrx9Uqc1b%2Fi3kreomN3S5SIqADmTunVILrbSKE1HoZNRSXTKdgkpPblW6hNpgv%2BBb1%2BTnq%2BTt%2FFnIsI9"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6fae7eef62dba7-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6385&min_rtt=6183&rtt_var=1346&sent=13&recv=16&lost=0&retrans=0&sent_bytes=4271&recv_bytes=6303&delivery_rate=861&cwnd=12000&unsent_bytes=0&cid=d20d61fe2c68f07a&ts=462&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 09:49:29 GMT
content-type: application/javascript
last-modified: Thu, 08 Aug 2019 03:49:46 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H3 200 your-image-path.jpg
lsaandfzddfatal.christmas/css/ 0
705 B 1256ms
1256ms Image
image/jpg 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lsaandfzddfatal.christmas/css/your-image-path.jpg
Requested by: Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/css/main.css

Response headers

cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jWFPnro%2FNKiagVz2q5MpI3qI%2FKBDaAbdXbgWExImVPQ1V5UJfabSP5vzDwKrTip1fNiFI6DOMyp5WlnZH5uygQH6ZUnWDTV3jfWDfpz6yu%2BINAyVodocnyrFKU%2FtHO3r%2BfZXwJxH13cW2jvEg%2FTqDFuSsgdauAZ0"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6675&min_rtt=5977&rtt_var=342&sent=43&recv=31&lost=0&retrans=0&sent_bytes=34912&recv_bytes=6948&delivery_rate=2185029&cwnd=21600&unsent_bytes=0&cid=d20d61fe2c68f07a&ts=1608&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 09:49:30 GMT
content-type: image/jpg
vary: Accept-Encoding
last-modified: Tue, 24 Dec 2024 09:49:30 GMT
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f6fae8039a2dba7-FRA
accept-ranges: bytes
content-length: 0
x-powered-by: PHP/8.0.30
server: cloudflare

GET
H3 200 call-to-action-image.jpg
lsaandfzddfatal.christmas/css/ 0
697 B 1417ms
1417ms Image
image/jpg 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lsaandfzddfatal.christmas/css/call-to-action-image.jpg
Requested by: Host: lsaandfzddfatal.christmas
URL: https://lsaandfzddfatal.christmas/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/css/main.css

Response headers

cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o3aStGFiiljkTb%2BfeW2Gu2F34pOXhOcwWjQwJUwb6RT4fHvNcNOHFkq4zuKjsi2FK1KQieCPhMgwz0oBV5laLBxSTy2ZtlqwbQC38pKkRt%2FYqWhx4O3WtY0TABnvq3inNoSudZ71fXIeW3w9kLR9EFfVuHRO%2FRbE"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6722&min_rtt=5977&rtt_var=350&sent=44&recv=32&lost=0&retrans=0&sent_bytes=35640&recv_bytes=6992&delivery_rate=22715&cwnd=21600&unsent_bytes=0&cid=d20d61fe2c68f07a&ts=1769&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 09:49:30 GMT
content-type: image/jpg
vary: Accept-Encoding
last-modified: Tue, 24 Dec 2024 09:49:30 GMT
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f6fae8039a3dba7-FRA
accept-ranges: bytes
content-length: 0
x-powered-by: PHP/8.0.30
server: cloudflare

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 26ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://lsaandfzddfatal.christmas
Referer: https://fonts.googleapis.com/

Response headers

age: 64884
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 23 Dec 2025 15:48:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 15:48:05 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 28ms
12ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://lsaandfzddfatal.christmas
Referer: https://fonts.googleapis.com/

Response headers

age: 2591
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Dec 2025 09:06:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 09:06:18 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 ionicons.ttf
code.ionicframework.com/ionicons/2.0.1/fonts/ 184 KB
108 KB 27ms
26ms Font
font/ttf 2606:4700:20::681a:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://code.ionicframework.com/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.1

Requested by

Host: code.ionicframework.com
URL: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://lsaandfzddfatal.christmas
Referer: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css

Response headers

x-fastly-request-id: 3ed5dd21e7e28cedf81b8f032c17fdbbb4915835
content-encoding: gzip
cf-cache-status: HIT
etag: W/"64382bc3-2e05c"
age: 40066
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2F73H%2FyaKXaafgOFSp0zGsxeWvLcZnaQgBYt0S9HGaQk%2BGZXfV3uWFXJvkoWkEolYErg%2BDHQu2gK3xVIXXYLuAJmxOahb8suV8JpuNw0yzmQ90GCsCy%2FHTCfL5hmk5vAgp%2F0DE4I%2B2ZyOeRvfRESRIYgzy87"}],"group":"cf-nel","max_age":604800}
x-github-request-id: 9BCB:23B7B3:97C789:9CE1CF:67502818
x-content-type-options: nosniff
expires: Wed, 04 Dec 2024 10:09:52 GMT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=6267&min_rtt=6124&rtt_var=1100&sent=11&recv=9&lost=0&retrans=0&sent_bytes=2678&recv_bytes=4264&delivery_rate=97991&cwnd=12000&unsent_bytes=0&cid=64e54d83fe6bb637&ts=18&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 09:49:29 GMT
content-type: font/ttf
last-modified: Thu, 13 Apr 2023 16:20:19 GMT
x-served-by: cache-fra-eddf8230050-FRA
x-cache-hits: 5
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15552000
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1734993704.639492,VS0,VE1
via: 1.1 varnish
cf-ray: 8f6fae804fb1d299-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 110019
server: cloudflare

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 23ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://lsaandfzddfatal.christmas
Referer: https://fonts.googleapis.com/

Response headers

age: 517103
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 18 Dec 2025 10:11:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 10:11:06 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 favicon.ico
lsaandfzddfatal.christmas/images/ 2 KB
2 KB 1084ms
1084ms Other
text/html 2606:4700:3033::ac43:91b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lsaandfzddfatal.christmas/images/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:91b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash: 1318a12721b234cbbf4ee865e13189934fe11f9fc80e9227ff5640a1cb8fb56f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://lsaandfzddfatal.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gv6XQxSXLKYFm8l%2Bq7S4zxoGbKAW%2FubK9fXRpEgYnFbhqJj8rS5XJiFYOLicD2MPF1NTek%2BeY7ugsgg01zrCVcMhEkbRgXZftkX1bmVC3xfshaM1Mua5%2FdON%2FVPpFk33AWMhtVhbpZcq3cIcKDDue%2BPUGpkswjnD"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f6fae8909abdba7-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6640&min_rtt=5977&rtt_var=426&sent=46&recv=33&lost=0&retrans=0&sent_bytes=36384&recv_bytes=7360&delivery_rate=71869&cwnd=21600&unsent_bytes=0&cid=d20d61fe2c68f07a&ts=2855&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 24 Dec 2024 09:49:31 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.30
vary: Accept-Encoding
last-modified: Tue, 24 Dec 2024 09:49:31 GMT
priority: u=1,i

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| html5 object| Modernizr function| yepnope object| jQuery110206541882474191938 function| WOW function| init object| wow

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.ionicframework.com
fonts.googleapis.com
fonts.gstatic.com
lsaandfzddfatal.christmas
2606:4700:20::681a:7ad
2606:4700:3033::ac43:91b9
2a00:1450:4001:827::2003
2a00:1450:4001:82f::200a
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
1318a12721b234cbbf4ee865e13189934fe11f9fc80e9227ff5640a1cb8fb56f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3162b6468674133d7b6c903e4b8a06f7faf51216d1e7f8b3edc8f326b1bfe461
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
834de6935f18000553fcf2ef1d739331085a07b8c23687aaaf0170727b699b34
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8c675218619f5179627dea434e2a5c86871e678ec0f1587433f20ff914b169c8
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
96b126417447a9c5d415f06e00e2e6372248c9857f5ff60b6477f8c6f55c449a
96de0f5fc2153b279973a7d5a0c8ffc3ce46edb7c74b068b3352573ac438db73
a6c274f085ba8d281e715ae0dfcdddee04f76196cdc71d9dc1403e91fa5c0123
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b30a251fdc89b5b169f22d51bef94cea825c534c87abb69fc44f747bd82f53df
bd6808f1443357a7c2208297567f99f4a8ba54a538d0283e105721e42b40ddbc
c8d9e6e3ef6c6150c59d707d4a7f2d3b64ce148d93bf22c88de86671471c8132
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e2625c28848cbca930c42cf94c85201372302f87978932e468d75466addc23e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855