cztake.net Open in urlscan Pro
185.149.120.87  Malicious Activity! Public Scan

15 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.html Show response cztake.net/	292 KB 292 KB	1231ms 394ms	Document text/html	185.149.120.87 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://cztake.net/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.149.120.87 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Express Resource Hash dbeeb6085e1efec1ea21a1be124431bf5eede0f1c7ba924dcb850133fda41a42 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Cache-Control public, max-age=0 Connection keep-alive Content-Length 298787 Content-Type text/html; charset=UTF-8 Date Fri, 14 Oct 2022 15:08:13 GMT ETag W/"48f23-181e2f29e40" Keep-Alive timeout=5 Last-Modified Sat, 09 Jul 2022 12:32:40 GMT X-Powered-By Express
GET H2	200	jquery-3.4.1.min.js Show response code.jquery.com/	86 KB 30 KB	103ms 28ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.min.js Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:13 GMT content-encoding gzip last-modified Wed, 16 Feb 2022 10:50:39 GMT server nginx etag W/"620cd6ff-15851" vary Accept-Encoding x-hw 1665760093.dop054.ch4.t,1665760093.cds265.ch4.hn,1665760093.cds190.ch4.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30638
GET H2	200	m2.css static.tumblr.com/bejxdgc/NDhpx23f1/	64 KB 64 KB	99ms 25ms	Stylesheet text/css	192.0.77.40 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://static.tumblr.com/bejxdgc/NDhpx23f1/m2.css Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS assets.tumblr.com Software nginx / Resource Hash 29e89f00341d65ffbab6fdfce78f7e42a1daf4bda2e3615ad9466e2ce47760ef Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers x-nc HIT mdw 2 date Fri, 14 Oct 2022 15:08:13 GMT strict-transport-security max-age=31536000; preload last-modified Fri, 30 Aug 2019 15:37:50 GMT server nginx etag "376dd17dad7defb0a0c4f2d99445382f" access-control-max-age 86400 access-control-allow-methods GET content-type text/css access-control-allow-origin * accept-ranges bytes content-length 65054
GET H2	200	main-branding-base.css static.tumblr.com/bejxdgc/H7hpx23gv/	510 KB 511 KB	99ms 26ms	Stylesheet text/css	192.0.77.40 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://static.tumblr.com/bejxdgc/H7hpx23gv/main-branding-base.css Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS assets.tumblr.com Software nginx / Resource Hash be9a62a389ef14e5aa7c9c7ef9f7bec271ecce1f86aa8f0cdcc9a5e3acf7948e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers x-nc HIT mdw 2 date Fri, 14 Oct 2022 15:08:13 GMT strict-transport-security max-age=31536000; preload last-modified Fri, 30 Aug 2019 15:38:57 GMT server nginx etag "0acc5b1299f898a0c3a615c3aab31699" access-control-max-age 86400 access-control-allow-methods GET content-type text/css access-control-allow-origin * accept-ranges bytes content-length 522276
GET H2	200	V22-Luf7_400x400.jpg pbs.twimg.com/profile_images/1364491704817098753/	26 KB 26 KB	161ms 30ms	Image image/jpeg	2606:2800:220:13d:2176:94a:948:148e EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1364491704817098753/V22-Luf7_400x400.jpg Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:220:13d:2176:94a:948:148e , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/80C2) / Resource Hash 8ccba583dc223bdf71d25040e2d3ebcf24da20d7250cced599fbea7f60dd3d50 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:13 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff age 306247 x-cache HIT server-timing x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=3 content-length 26360 x-response-time 10 surrogate-key profile_images profile_images/bucket/3 profile_images/1364491704817098753 last-modified Wed, 24 Feb 2021 08:23:48 GMT server ECS (cha/80C2) x-tw-cdn VZ, VZ, VZ, VZ, VZ, VZ, VZ content-type image/jpeg access-control-allow-origin * x-transaction-id c05e7fe609535355 access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate perf 7626143928 x-connection-hash 01b2ef32667fa4133dd8537cb4fcda23c8d86a706998220a03a4eaaf96a2289e accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H/1.1	404 Not Found	1UATD6Vui-5Xa4Vb2QAOtbg_002.png cztake.net/medium/	177 B 177 B	198ms 198ms	Image text/html	185.149.120.87 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://cztake.net/medium/1UATD6Vui-5Xa4Vb2QAOtbg_002.png Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.149.120.87 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Express Resource Hash 2a98bf33cfbe250ca0b1a81b9f9deea79fa9fd3a265731d24b9660c511ba6b05 Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://cztake.net/index.html Origin https://cztake.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Security-Policy default-src 'none' Date Fri, 14 Oct 2022 15:08:13 GMT X-Content-Type-Options nosniff X-Powered-By Express Content-Type text/html; charset=utf-8 Connection keep-alive Keep-Alive timeout=5 Content-Length 177
GET H2	200	1*8VDWw33n-eu85f0nFTbP5g.jpeg cdn-images-1.medium.com/max/800/	63 KB 63 KB	133ms 66ms	Image image/jpeg	2606:4700:7::a29f:9804 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-images-1.medium.com/max/800/1*8VDWw33n-eu85f0nFTbP5g.jpeg Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2128998b5087ea97d27333e867ea5390d83c92da20fb2b33c7175fcb9f2bfa69 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:13 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT age 65974 x-envoy-upstream-service-time 45 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 64462 pragma public sepia-upstream medium cf-bgj h2pri server cloudflare etag "16.3" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2592000 medium-fulfilled-by miro/main-20220912-192647-a63a7427a9 accept-ranges bytes cf-ray 75a13aaa0d9e8108-ORD expires Sun, 13 Nov 2022 15:08:13 GMT
GET H2	200	1*tIWs8Qk_-H0ANcEVDFGLsg.png miro.medium.com/max/240/	4 KB 5 KB	119ms 50ms	Image image/png	2606:4700:7::a29f:9904 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://miro.medium.com/max/240/1*tIWs8Qk_-H0ANcEVDFGLsg.png Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a214e8a9da8a7b9eeab2eaf27bd569cfdf5bf41fc7d3cbf09c93b20238ceaa87 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:13 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT age 335843 x-envoy-upstream-service-time 47 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4580 pragma public sepia-upstream medium server cloudflare etag "16.3" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=2592000 medium-fulfilled-by miro/main-20220525-094934-61c2d29c30 accept-ranges bytes cf-ray 75a13aaa0e67870e-ORD expires Sun, 13 Nov 2022 15:08:13 GMT
GET H2	200	1*mdJWWVTfTd7LMbR1pZvZ0A.jpeg miro.medium.com/max/240/	15 KB 15 KB	125ms 56ms	Image image/jpeg	2606:4700:7::a29f:9904 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://miro.medium.com/max/240/1*mdJWWVTfTd7LMbR1pZvZ0A.jpeg Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31ce12605ac90c6218f74f3f8365f923d69269345b0cb46e32b4feb868143428 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:13 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT age 335843 x-envoy-upstream-service-time 63 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15599 pragma public sepia-upstream medium cf-bgj h2pri server cloudflare etag "16.3" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2592000 medium-fulfilled-by miro/main-20220308-111139-470fbc5021 accept-ranges bytes cf-ray 75a13aaa0e6b870e-ORD expires Sun, 13 Nov 2022 15:08:13 GMT
GET DATA	200 OK	truncated /	14 KB 14 KB		Font font/opentype
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d1de21730854ea4db035a81914cb0bd57aa74d715af6f89b46a2d002917ca1ed Request headers Referer Origin https://cztake.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type font/opentype
GET H2	200	fell-400-normal.woff glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/	24 KB 25 KB	141ms 74ms	Font application/font-woff	2606:4700:7::a29f:9804 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff Requested by Host: static.tumblr.com URL: https://static.tumblr.com/bejxdgc/NDhpx23f1/m2.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://static.tumblr.com/ Origin https://cztake.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:13 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip age 1010957 x-envoy-upstream-service-time 68 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare access-control-max-age 86400 access-control-allow-methods GET, POST, PUT, DELETE content-type application/font-woff access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding cf-ray 75a13aaa1bb5637a-ORD access-control-allow-headers Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid expires Sat, 14 Oct 2023 15:08:13 GMT
GET DATA	200 OK	truncated /	15 KB 15 KB		Font font/opentype
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1 Request headers Referer Origin https://cztake.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type font/opentype
GET H2	200	charter-700-normal.woff glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/	15 KB 16 KB	131ms 65ms	Font application/font-woff	2606:4700:7::a29f:9804 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff Requested by Host: static.tumblr.com URL: https://static.tumblr.com/bejxdgc/NDhpx23f1/m2.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://static.tumblr.com/ Origin https://cztake.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:13 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip age 30388517 x-envoy-upstream-service-time 53 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare access-control-max-age 86400 access-control-allow-methods GET, POST, PUT, DELETE content-type application/font-woff access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding cf-ray 75a13aaa1bb9637a-ORD access-control-allow-headers Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid expires Sat, 14 Oct 2023 15:08:13 GMT
GET DATA	200 OK	truncated /	14 KB 14 KB		Font font/opentype
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 99a9df080944a29084bf6f88ccc49b1f3a0cee1aed655c640ca433871a6af398 Request headers Referer Origin https://cztake.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type font/opentype
GET H2	200	marat-sans-600-normal.woff glyph.medium.com/font/6f4b679/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/	21 KB 22 KB	94ms 79ms	Font application/font-woff	2606:4700:7::a29f:9804 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://glyph.medium.com/font/6f4b679/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/marat-sans-600-normal.woff Requested by Host: static.tumblr.com URL: https://static.tumblr.com/bejxdgc/NDhpx23f1/m2.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55d27bc022e15405d265e47606de521b651c850f277a949468158bdff378ba30 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://static.tumblr.com/ Origin https://cztake.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:13 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip age 145423 x-envoy-upstream-service-time 76 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare access-control-max-age 86400 access-control-allow-methods GET, POST, PUT, DELETE content-type application/font-woff access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding cf-ray 75a13aaa1bbc637a-ORD access-control-allow-headers Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid expires Sat, 14 Oct 2023 15:08:13 GMT
GET H2	200	aVq2oAP-_normal.jpg pbs.twimg.com/profile_images/1006221503548059657/	2 KB 2 KB	27ms 27ms	Image image/jpeg	2606:2800:220:13d:2176:94a:948:148e EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1006221503548059657/aVq2oAP-_normal.jpg Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:220:13d:2176:94a:948:148e , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/8197) / Resource Hash 8ed4d5864bd422a465a7a7cb8270d1cfbd7d7bb28b47a70da3b10e45562bf9c0 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:13 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff age 161723 x-cache HIT server-timing x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1 content-length 1807 x-response-time 10 surrogate-key profile_images profile_images/bucket/3 profile_images/1006221503548059657 last-modified Mon, 11 Jun 2018 17:05:55 GMT server ECS (cha/8197) x-tw-cdn VZ, VZ, VZ content-type image/jpeg access-control-allow-origin * x-transaction-id a1f8e9afb32ce29d access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate perf 7626143928 x-connection-hash 69d2999998374ea0537afcf9e5bd718dde340b1349b5ab7a16d704c8932060f1 accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	a3a234d295e0a5824b856d5ddf228d0c_bigger.jpeg pbs.twimg.com/profile_images/2924807632/	2 KB 2 KB	30ms 27ms	Image image/jpeg	2606:2800:220:13d:2176:94a:948:148e EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/2924807632/a3a234d295e0a5824b856d5ddf228d0c_bigger.jpeg Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:220:13d:2176:94a:948:148e , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/81DD) / Resource Hash bf82b5b7148bf7f3ae01c94d29508087c09fa250768f4e54f015e6b02816487f Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:13 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff age 148694 x-cache HIT server-timing x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2 content-length 1794 x-response-time 9 surrogate-key profile_images profile_images/bucket/5 profile_images/2924807632 last-modified Thu, 04 Nov 2010 01:42:54 GMT server ECS (cha/81DD) x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * x-transaction-id 34928d61d6cee0d9 access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate perf 7626143928 x-connection-hash f351a8614db2489ed71b1e702b4a37c815238efa4543117e48894e55e4527b8a accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET		avatar-bitcoin.jpg whereaccepts.com/wp-content/uploads/2019/05/	0 0
GET H2	404	4ZyABl-E_400x400.jpg pbs.twimg.com/profile_images/1178449867590512640/	0 209 B	28ms 26ms	Image text/plain	2606:2800:220:13d:2176:94a:948:148e EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1178449867590512640/4ZyABl-E_400x400.jpg Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:220:13d:2176:94a:948:148e , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/81FC) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:13 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff age 3537 x-cache 404-HIT server-timing x-cache;desc= 404-HIT,x-tw-cdn;desc=VZ,edge;dur=2 content-length 0 x-response-time 8 last-modified Fri, 14 Oct 2022 14:09:16 GMT server ECS (cha/81FC) x-tw-cdn VZ, VZ, VZ access-control-allow-origin * x-transaction-id fb7c6620c64b3333 access-control-expose-headers Content-Length cache-control max-age=3600, must-revalidate perf 7626143928 x-connection-hash 6c76140a0474aeda209180182f592a7cc3acf9b0066f156325f3e28b99e6af1f accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	pTlu6wrD_400x400.jpg pbs.twimg.com/profile_images/1076901702102597632/	46 KB 46 KB	29ms 27ms	Image image/jpeg	2606:2800:220:13d:2176:94a:948:148e EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1076901702102597632/pTlu6wrD_400x400.jpg Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:220:13d:2176:94a:948:148e , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/8095) / Resource Hash 198f7f8d32f771479af26f52469b8dd04dc50cd187aceb661dd3beeffaa2aebc Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:13 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff age 393384 x-cache HIT server-timing x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1 content-length 46912 x-response-time 11 surrogate-key profile_images profile_images/bucket/0 profile_images/1076901702102597632 last-modified Sun, 23 Dec 2018 18:03:48 GMT server ECS (cha/8095) x-tw-cdn VZ, VZ, VZ content-type image/jpeg access-control-allow-origin * x-transaction-id 4c0eb050aa5d6728 access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate perf 7626143928 x-connection-hash a310f5dbc8cd48f49d7651a0d820ad03b59b9a0ee01808db56fb92f00e4b37cf accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	VItKwBD2_400x400.jpg pbs.twimg.com/profile_images/817962897011867651/	18 KB 18 KB	27ms 27ms	Image image/jpeg	2606:2800:220:13d:2176:94a:948:148e EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/817962897011867651/VItKwBD2_400x400.jpg Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:220:13d:2176:94a:948:148e , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/81B9) / Resource Hash 8c16cea95eec6f9f7932b7571e6ee2f375f89cd5bdcc955b05a7c09619c8c0aa Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:14 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff age 327210 x-cache HIT server-timing x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2 content-length 18508 x-response-time 12 surrogate-key profile_images profile_images/bucket/2 profile_images/817962897011867651 last-modified Sun, 08 Jan 2017 05:13:26 GMT server ECS (cha/81B9) x-tw-cdn VZ, VZ, VZ content-type image/jpeg access-control-allow-origin * x-transaction-id 95614ec0cefe4920 access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate perf 17155602616 x-connection-hash 3651a26f37f865ac05698ebe34c577cb2b698731a4d017caff054ea171511d5c accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	404	63LLvWj2_400x400.png pbs.twimg.com/profile_images/1123797849471377413/	0 117 B	31ms 29ms	Image text/plain	2606:2800:220:13d:2176:94a:948:148e EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1123797849471377413/63LLvWj2_400x400.png Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:220:13d:2176:94a:948:148e , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/8199) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:14 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff age 3538 x-cache 404-HIT server-timing x-cache;desc= 404-HIT,x-tw-cdn;desc=VZ,edge;dur=2 content-length 0 x-response-time 13 last-modified Fri, 14 Oct 2022 14:09:16 GMT server ECS (cha/8199) x-tw-cdn VZ, VZ, VZ access-control-allow-origin * x-transaction-id f5336121ee7e42b0 access-control-expose-headers Content-Length cache-control max-age=3600, must-revalidate perf 7626143928 x-connection-hash 91d9fe23750e450d6f8917bd63e0e461d3da26e1be4bf498ba3e9145472e6c1f accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	404	j_33c0np_400x400.jpg pbs.twimg.com/profile_images/1236403494392864768/	0 213 B	57ms 56ms	Image text/plain	2606:2800:220:13d:2176:94a:948:148e EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1236403494392864768/j_33c0np_400x400.jpg Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:220:13d:2176:94a:948:148e , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (cha/81BD) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:14 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff age 0 x-cache MISS server-timing x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=28 content-length 0 x-response-time 8 last-modified Fri, 14 Oct 2022 15:08:14 GMT server ECS (cha/81BD) x-tw-cdn VZ, VZ access-control-allow-origin * x-transaction-id 786b76cf68c0cd05 access-control-expose-headers Content-Length cache-control max-age=3600, must-revalidate perf 7626143928 x-connection-hash 5fe8a812f7dda0e5e1120e0b8d6d081079f76b8ef2a8b5f8e1e2b56d728613af accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	cdf6b1bd1203bb5ee824f0744edecb4a47ed19f8.jpeg archive.ph/osl5K/	1 KB 2 KB	583ms 172ms	Image image/jpeg	217.197.116.88 E-STYLEISP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://archive.ph/osl5K/cdf6b1bd1203bb5ee824f0744edecb4a47ed19f8.jpeg Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 217.197.116.88 , Russian Federation, ASN20655 (E-STYLEISP-AS, RU), Reverse DNS 217-197-116-88.estt.ru Software nginx / Resource Hash f449db6051701c42b20cb571f05697e59c8e895c481530e26fb9d2b5ff47cd64 Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:14 GMT last-modified Fri, 20 Sep 2019 17:43:41 GMT server nginx etag cdf6b1b-d120-3bb5ee82 content-type image/jpeg access-control-allow-origin * cache-control maxage=3600 x-host p-archiveweb33 accept-ranges bytes content-length 1528 expires Fri, 14 Oct 2022 16:00:06 GMT
GET H2	200	0a084b8fce0ae610c4c69c4fd5a6c7c000c4a690 archive.ph/osl5K/	1 KB 2 KB	587ms 176ms	Image image/jpeg	217.197.116.88 E-STYLEISP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://archive.ph/osl5K/0a084b8fce0ae610c4c69c4fd5a6c7c000c4a690 Requested by Host: cztake.net URL: https://cztake.net/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 217.197.116.88 , Russian Federation, ASN20655 (E-STYLEISP-AS, RU), Reverse DNS 217-197-116-88.estt.ru Software nginx / Resource Hash 7f516a34ba1bd1a50c6040864b8bcc7295146313f009a7285db4e5410cfd92e4 Request headers accept-language en-US,en;q=0.9 Referer https://cztake.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Fri, 14 Oct 2022 15:08:14 GMT last-modified Fri, 20 Sep 2019 17:43:41 GMT server nginx etag 0a084b8-fce0-ae610c4c content-type image/jpeg access-control-allow-origin * cache-control maxage=3600 x-host p-archiveweb33 accept-ranges bytes content-length 1454 expires Fri, 14 Oct 2022 16:00:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

whereaccepts.com

URL

https://whereaccepts.com/wp-content/uploads/2019/05/avatar-bitcoin.jpg

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.medium.com/	1969-12-31 23:59:59	Name: __cfruid Value: 91b753a459aacf5f43c74253d0ee2f124d968f27-1665760093

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pbs.twimg.com/profile_images/1178449867590512640/4ZyABl-E_400x400.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cztake.net/medium/1UATD6Vui-5Xa4Vb2QAOtbg_002.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://whereaccepts.com/wp-content/uploads/2019/05/avatar-bitcoin.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://pbs.twimg.com/profile_images/1123797849471377413/63LLvWj2_400x400.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pbs.twimg.com/profile_images/1236403494392864768/j_33c0np_400x400.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

archive.ph
cdn-images-1.medium.com
code.jquery.com
cztake.net
glyph.medium.com
miro.medium.com
pbs.twimg.com
static.tumblr.com
whereaccepts.com
whereaccepts.com
185.149.120.87
192.0.77.40
2001:4de0:ac18::1:a:3a
217.197.116.88
2606:2800:220:13d:2176:94a:948:148e
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
198f7f8d32f771479af26f52469b8dd04dc50cd187aceb661dd3beeffaa2aebc
2128998b5087ea97d27333e867ea5390d83c92da20fb2b33c7175fcb9f2bfa69
29e89f00341d65ffbab6fdfce78f7e42a1daf4bda2e3615ad9466e2ce47760ef
2a98bf33cfbe250ca0b1a81b9f9deea79fa9fd3a265731d24b9660c511ba6b05
31ce12605ac90c6218f74f3f8365f923d69269345b0cb46e32b4feb868143428
55d27bc022e15405d265e47606de521b651c850f277a949468158bdff378ba30
582a04757d62c3d9ad1c9cc5d7e40787a900fd02b3aeace43d41008a7658d071
7f516a34ba1bd1a50c6040864b8bcc7295146313f009a7285db4e5410cfd92e4
8c16cea95eec6f9f7932b7571e6ee2f375f89cd5bdcc955b05a7c09619c8c0aa
8ccba583dc223bdf71d25040e2d3ebcf24da20d7250cced599fbea7f60dd3d50
8ed4d5864bd422a465a7a7cb8270d1cfbd7d7bb28b47a70da3b10e45562bf9c0
99a9df080944a29084bf6f88ccc49b1f3a0cee1aed655c640ca433871a6af398
a214e8a9da8a7b9eeab2eaf27bd569cfdf5bf41fc7d3cbf09c93b20238ceaa87
be9a62a389ef14e5aa7c9c7ef9f7bec271ecce1f86aa8f0cdcc9a5e3acf7948e
bf82b5b7148bf7f3ae01c94d29508087c09fa250768f4e54f015e6b02816487f
d1de21730854ea4db035a81914cb0bd57aa74d715af6f89b46a2d002917ca1ed
dbeeb6085e1efec1ea21a1be124431bf5eede0f1c7ba924dcb850133fda41a42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fed51ae35ba9d9c900b99b774df79551240e4954aa5bdd2289cf32d64c1715
f449db6051701c42b20cb571f05697e59c8e895c481530e26fb9d2b5ff47cd64
ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1