Submitted URL: https://analytics24.live/
Effective URL: https://analytics24.live/sites
Submission Tags: phishingrod
Submission: On January 01 via api from DE — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3030::ac43:c3d1, located in United States and belongs to CLOUDFLARENET, US. The main domain is analytics24.live.
TLS certificate: Issued by E1 on December 8th 2023. Valid for: 3 months.
This is the only time analytics24.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 2606:4700:303... 13335 (CLOUDFLAR...)
3 40.114.178.124 8075 (MICROSOFT...)
12 2
Apex Domain
Subdomains
Transfer
10 analytics24.live
analytics24.live
64 KB
3 duckduckgo.com
icons.duckduckgo.com — Cisco Umbrella Rank: 122854
9 KB
12 2
Domain Requested by
10 analytics24.live 1 redirects analytics24.live
3 icons.duckduckgo.com analytics24.live
12 2

This site contains links to these domains. Also see Links.

Domain
github.com
docs.plausible.io
twitter.com
plausible.io
fosstodon.org
Subject Issuer Validity Valid
analytics24.live
E1
2023-12-08 -
2024-03-07
3 months crt.sh
*.duckduckgo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-06 -
2024-11-05
a year crt.sh

This page contains 1 frames:

Primary Page: https://analytics24.live/sites
Frame ID: E65B48E0725FC90A0E627F1439456068
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Plausible ยท Simple, privacy-friendly alternative to Google AnalyticsGitHub icon

Page URL History Show full URLs

  1. https://analytics24.live/ HTTP 302
    https://analytics24.live/sites Page URL

Page Statistics

12
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

72 kB
Transfer

147 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://analytics24.live/ HTTP 302
    https://analytics24.live/sites Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request sites
analytics24.live/
Redirect Chain
  • https://analytics24.live/
  • https://analytics24.live/sites
14 KB
4 KB
Document
General
Full URL
https://analytics24.live/sites
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c3d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a22db7ff9eb9d0e41a6632385fea6a088f2f5798aa894588168133d1c1594dd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83e99b136858f100-CDG
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-window-policy
deny
date
Mon, 01 Jan 2024 09:06:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nnFKUgHDSL5mxn7ToxHGWI8x44AsyP7IhlMq85FVyXQ4WWWaCz79rfkTuNI3PuzgWgw7UujVu%2FoEsD3FxdBLTZcfdCP%2Bl4Bm%2Bi6LES%2FRr3VIEme3UtOz%2BDhFBJYrbWU9F5HHg48CNV%2FmViOp97u"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
F6Yt54MFdeqkJ1QFaffh
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
83e99b111d51f100-CDG
content-type
text/html; charset=utf-8
cross-origin-window-policy
deny
date
Mon, 01 Jan 2024 09:06:21 GMT
location
/sites
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJp47XnR1aioz%2Bn7PxhI9DsSgp73QG3%2FuuWYWr6%2BQQFJmaSnrqiLgH%2FJ1PAypWw%2FCOgquE0lcin4jDn7go28WqlOKdQ6EoRJe4F%2Fvazy3nemg4Klktw9hVqlEgEVbaqoMFDGx54A1oC6x3YPJt3T"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
F6Yt523pDPe-_GAFaffR
x-xss-protection
1; mode=block
app-2f95614d5ddd7c743fddcc49d25ff252.css
analytics24.live/css/
58 KB
12 KB
Stylesheet
General
Full URL
https://analytics24.live/css/app-2f95614d5ddd7c743fddcc49d25ff252.css?vsn=d
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c3d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
358761524ddb841946b40e2a9df4f27c898f4b4d8d6bf64a0f3d3844f83e53ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analytics24.live/sites
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 09:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 01 Jan 2024 09:06:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSWNEkvowaYitixMZvvsasHa%2BFGdVZj3eWGmYvjFhOU59uc7qrbTrC7jSrlzHlMu3r%2FR26%2BNmyOaTzz6e8DQHPdn8OAaRkttoUY%2FtFi5MMXD6PPsOHH0WhlijWO4I9RzDGqm0ZLo6Kba4j5UTtfJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
83e99b13cc4830e7-FRA
alt-svc
h3=":443"; ma=86400
plausible.js
analytics24.live/js/
1 KB
1 KB
Script
General
Full URL
https://analytics24.live/js/plausible.js
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c3d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73a7193ba93df9cc843041800fd81ddfd92539a9172742ea824fec611065b29a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analytics24.live/sites
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 09:06:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-request-id
F6Yt54eXgr_XSscEzjXy
last-modified
Mon, 01 Jan 2024 09:06:21 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MmvyfNLxZR16vZTwd%2F99Mzejavh8U1I6xqyVjm8KSWBAYZb1gKzqYLvTyfhbridDmww%2F0%2FB7gkBimFtLZwruUMD0UJcGDw1oCWZ6ihG3aJFC87JMwEDJ8c1vkRwiJYM94qwiRJSc5TgUq9tkKoC1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
83e99b13dc4b30e7-FRA
applyTheme-4258f90e1dad263b05620ffcdcb10429.js
analytics24.live/js/
645 B
727 B
Script
General
Full URL
https://analytics24.live/js/applyTheme-4258f90e1dad263b05620ffcdcb10429.js?vsn=d
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c3d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca537ffd74c2ce3288298f1d3bbb312b9228af5bfe15958c4005e8636bd12685

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analytics24.live/sites
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 09:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 01 Jan 2024 09:06:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FX5BT%2FYn4%2Bf6%2FKUFi1OtaTeTZUo%2BXBOvYjIPImdqrhiYHmhl13o7dUhrEm51YF3W2dEO5719z%2FyVGs97APusroOKkopNlm16YuD%2B3OtjK6AqURyh%2FX7lb%2FRVG7G5KGYZdhFmjnwxoEi5N0FogeBo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
83e99b13dc4c30e7-FRA
alt-svc
h3=":443"; ma=86400
plausible_logo_dark-9fff186187e2a9c972ae81c88e63e830.png
analytics24.live/images/icon/
13 KB
14 KB
Image
General
Full URL
https://analytics24.live/images/icon/plausible_logo_dark-9fff186187e2a9c972ae81c88e63e830.png?vsn=d
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c3d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3962c5b0e8f2e33fe0c739b327ddce92f3d3a4e5cba35c0a35184f2228f2fa8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analytics24.live/sites
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 09:06:21 GMT
cf-cache-status
MISS
last-modified
Mon, 01 Jan 2024 09:06:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BREWUZRjcjGIQgIJaQH1XfRFa7PPxvmfyhzSEMVUaStJdtiLCFreBIZttCM1GvZNztYUwRNQHFYAh%2BuRg6DwRs2Ez9XVmd%2FA9tEX4aBWy4%2BUVIDuxQoa60Ojek%2ByJji2MSwci7x68MS%2Fnzw4%2Bus"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83e99b13dc4e30e7-FRA
alt-svc
h3=":443"; ma=86400
content-length
13385
plausible_logo-973ea42fac38d21a0a8cda9cfb9231c9.png
analytics24.live/images/icon/
14 KB
14 KB
Image
General
Full URL
https://analytics24.live/images/icon/plausible_logo-973ea42fac38d21a0a8cda9cfb9231c9.png?vsn=d
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c3d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27877c46b89fdcbdb2dae41be657c7408470ebf8445f1211091ec6738d49318

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analytics24.live/sites
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 09:06:21 GMT
cf-cache-status
MISS
last-modified
Mon, 01 Jan 2024 09:06:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sowGAn3ONhbD%2BP%2F2cDeV5O46zBnvb0NI3NmNAxqLx7d2XDHNltmNxjFbkTsPG2eD8sqmC1%2FD9AyRsLzqmiiy1fwmuf1yU9%2FtGS0Pst9y77lV7CvEEM8n%2FZuGijky9p0kg%2F8iRMOtggpCv358Xz8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83e99b13dc5030e7-FRA
alt-svc
h3=":443"; ma=86400
content-length
14118
m1-sms.ico
icons.duckduckgo.com/ip3/
1 KB
3 KB
Image
General
Full URL
https://icons.duckduckgo.com/ip3/m1-sms.ico
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e5db88ea2322863ca17817b99d60006c625a31cff0dad49cf05d3c6d16a75c17
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 09:06:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
server
nginx
referrer-policy
origin
etag
"605d3cea-5c6"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
interest-cohort=()
content-length
1478
x-xss-protection
1;mode=block
mubasher-o.ico
icons.duckduckgo.com/ip3/
1 KB
3 KB
Image
General
Full URL
https://icons.duckduckgo.com/ip3/mubasher-o.ico
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e5db88ea2322863ca17817b99d60006c625a31cff0dad49cf05d3c6d16a75c17
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 09:06:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
server
nginx
referrer-policy
origin
etag
"605d3cea-5c6"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
interest-cohort=()
content-length
1478
x-xss-protection
1;mode=block
mubasher-sms.ico
icons.duckduckgo.com/ip3/
1 KB
3 KB
Image
General
Full URL
https://icons.duckduckgo.com/ip3/mubasher-sms.ico
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
40.114.178.124 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e5db88ea2322863ca17817b99d60006c625a31cff0dad49cf05d3c6d16a75c17
Security Headers
Name Value
Content-Security-Policy default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 09:06:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ https://spreadprivacy.com ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
server
nginx
referrer-policy
origin
etag
"605d3cea-5c6"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
interest-cohort=()
content-length
1478
x-xss-protection
1;mode=block
plausible_logo_sm.png
analytics24.live/images/icon/
4 KB
5 KB
Image
General
Full URL
https://analytics24.live/images/icon/plausible_logo_sm.png
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c3d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5360784aa2507988a85cdbad0983fb721f35ca9287b33e0d2c104ddd3128f014

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analytics24.live/sites
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 09:06:21 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"24CAA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TClkgyUC1M07LO%2BVLR520NIww0CVOz72qAtY6m5K5H4yAQ0bVQPOf0i4LIYu8ve0CupWcPLR87FplkzE0srC0oLITkg1TSsobgGhovngh4o5TZOz2X0nWMvk%2B8N%2FeVyJnhNcqPn5nUIDUXEA5Wvb"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
83e99b141cac30e7-FRA
alt-svc
h3=":443"; ma=86400
content-length
4332
app-081c80830ef119470ef56fde36c09a6e.js
analytics24.live/js/
37 KB
12 KB
Script
General
Full URL
https://analytics24.live/js/app-081c80830ef119470ef56fde36c09a6e.js?vsn=d
Requested by
Host: analytics24.live
URL: https://analytics24.live/sites
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c3d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab28154af32bb8d1fabe2c543c937340133deaf8571fcd0e3536f2736d041145

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://analytics24.live/sites
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 09:06:21 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 01 Jan 2024 09:06:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgQiCxUf%2BrWfbK%2BstNGGISda9Fr9XkMSpe4T1TZ3wH7aPsKSITkn3qUK1WZVobGXcDA6sP7xGfvwaFIcf7c94JOBHm7DSoSY1aSehoehQqkslHQ5AVSRgg%2FKlxOgBHONDfJoO5TsX7wm%2F0sBpida"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
83e99b141ca930e7-FRA
alt-svc
h3=":443"; ma=86400
event
analytics24.live/api/
0
459 B
XHR
General
Full URL
https://analytics24.live/api/event
Requested by
Host: analytics24.live
URL: https://analytics24.live/js/plausible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c3d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analytics24.live/sites
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jan 2024 09:06:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9znQ0Hhgr7WZ5wE%2FG%2Fun%2BwTalFivhqjbl0WlxQamerTxHas%2BSCfqEKIPC0mkFEUAB2NauDKFcdT6Uj3naIwQCiWddA7WmTUCdKvwXh6iKynYXdAlDl8P7dPc1RFtE80%2FItYvomtw8RnLYDi2rqD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
83e99b143cc730e7-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
F6Yt54oLOpUgjVwEzjYC

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| plausible string| pref function| reapplyTheme object| Alpine

2 Cookies

Domain/Path Name / Value
analytics24.live/ Name: logged_in
Value: true
analytics24.live/ Name: _plausible_key
Value: SFMyNTY.g3QAAAAFbQAAAAtfY3NyZl90b2tlbm0AAAAYcTlxR09yQlVSbS1wdVhlclFybHJQUkNEbQAAAA9jdXJyZW50X3VzZXJfaWRhAW0AAAAJbGFzdF9zZWVuYmWSgI1tAAAACmxvZ2luX2Rlc3RkAANuaWxtAAAAEnNlc3Npb25fdGltZW91dF9hdGJlpPWN.Bbji50j0-MXgPrKF1140eIa_vzpPYMNNTXQRMBXK30c

3 Console Messages

Source Level URL
Text
network error URL: https://icons.duckduckgo.com/ip3/mubasher-sms.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://icons.duckduckgo.com/ip3/m1-sms.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://icons.duckduckgo.com/ip3/mubasher-o.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block