balikovnacz.id5039.com Open in urlscan Pro
188.114.96.3  Malicious Activity! Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request 593447619 Show response balikovnacz.id5039.com/lk/	21 KB 4 KB	217ms 197ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://balikovnacz.id5039.com/lk/593447619 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash f61dfcef659078916fcd217ddb403930a7310413f13ee546f4fcb7fa68edf85d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers alt-svc h3=":443"; ma=86400 cache-control public, max-age=0 cf-cache-status DYNAMIC cf-ray 8edb0dbc6e760b58-AMS content-encoding zstd content-type text/html; charset=UTF-8 date Fri, 06 Dec 2024 08:54:51 GMT last-modified Tue, 03 Dec 2024 01:39:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UsttYD4So54oZH8kHg%2F50iraDzwzNNXA8zu6pgwMOrFv8mg4I76nPNLhmawU6Ll%2FhlTcKNBJFiSd1aBhJSw5P8j%2BR5mPTiL3fVjOMoxInoJCwkuPnByA8%2BWpt79DbOk3uezH0nkl9SgD"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=17561&min_rtt=14373&rtt_var=8541&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4140&recv_bytes=4527&delivery_rate=712&cwnd=12000&unsent_bytes=0&cid=376a0006239f31fc&ts=203&x=1" cfExtPri cfHdrFlush;dur=0 x-powered-by Express
GET H3	200	index.0610cae5.js Show response balikovnacz.id5039.com/assets/	590 KB 197 KB	44ms 44ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://balikovnacz.id5039.com/assets/index.0610cae5.js Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/lk/593447619 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash c676bb6ff49dc70cf58468dab072f65f230d8601c11821aaf966054e9b3e71e0 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://balikovnacz.id5039.com Referer https://balikovnacz.id5039.com/lk/593447619 Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"93892-19392feb6e4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6nLmP6gg5NhBCwSKpZz0b%2FKYv6TIPL5t3ZtO5zzKoHaJ7peR%2BFhjDDLvF87cSRG%2F7Gz1fSN%2Fhgnch8p7O7CcQj%2FjxOacw0h6Eo6VOodXcF7PcPA0p1chVH4sI0smI8lEbWYSLKA72wjS"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16797&min_rtt=14373&rtt_var=4782&sent=18&recv=14&lost=0&retrans=0&sent_bytes=9570&recv_bytes=5345&delivery_rate=301808&cwnd=12000&unsent_bytes=0&cid=376a0006239f31fc&ts=252&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:51 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Wed, 04 Dec 2024 18:46:26 GMT priority u=1,i=?0 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8edb0dbda8470b58-AMS x-powered-by Express server cloudflare
GET H3	200	index.976c632a.css balikovnacz.id5039.com/assets/	505 KB 94 KB	43ms 43ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://balikovnacz.id5039.com/assets/index.976c632a.css Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/lk/593447619 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash fee409595c250a0d84b057bea41e14168be32aa2e312b4ef4753d4a11ecf9264 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://balikovnacz.id5039.com/lk/593447619 Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"7e429-19392feb6e0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BQWBD33CtFJzqJs8RHqqgCNrzVLekhMdj23NMqhPqmNd6FWze%2FyU6DnQ12mZGVnx5zysiAYjoF503ewcDvF5GGzxntyBfOHdAG0Jbn7vZfb2HxPcyt6XJaK55E%2BknJVLDB6CczY%2F%2Fvbq"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16797&min_rtt=14373&rtt_var=4782&sent=17&recv=14&lost=0&retrans=0&sent_bytes=8819&recv_bytes=5345&delivery_rate=301808&cwnd=12000&unsent_bytes=0&cid=376a0006239f31fc&ts=251&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:51 GMT content-type text/css; charset=UTF-8 vary Accept-Encoding last-modified Wed, 04 Dec 2024 18:46:26 GMT priority u=0,i=?0 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8edb0dbda8490b58-AMS x-powered-by Express server cloudflare
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	83ms 31ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Noto+Sans Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/assets/index.976c632a.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6cc599dd792ce8721bcde43fe557fa43448556e56e1b55dbd3c7e8449906ccfe Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://balikovnacz.id5039.com/ Response headers strict-transport-security max-age=31536000 cache-control private, max-age=86400 timing-allow-origin * content-encoding gzip cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 06 Dec 2024 08:54:51 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 08:54:51 GMT x-xss-protection 0 content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site server ESF x-frame-options SAMEORIGIN
GET H3	200	linkInfo Show response api.id5039.com/	406 B 998 B	185ms 184ms	XHR application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.id5039.com/linkInfo?id=593447619 Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/assets/index.0610cae5.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4336102a40ec4be022d3b9a3531e4ff2d1051175916759e7ec087edd74d5465a Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Accept application/json, text/plain, */* Referer https://balikovnacz.id5039.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yu4C7Ytm25RoZCwOcCJTE5%2F5GItjclO7nzKlfoArY%2FBsEQD7%2Fc5qTTvN91xiOTIULuL3BQ4qITfyQ5eCW1oFgJO6E3gKKce0oRtUEUu2bORMNAqTmDPGOPlPpZa%2BiMvC3g%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8edb0dbee9f30b58-AMS access-control-allow-origin https://balikovnacz.id5039.com alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15250&min_rtt=14373&rtt_var=439&sent=281&recv=79&lost=0&retrans=0&sent_bytes=317375&recv_bytes=8909&delivery_rate=95248&cwnd=162000&unsent_bytes=0&cid=376a0006239f31fc&ts=597&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:52 GMT content-type application/json; charset=utf-8 vary Origin server cloudflare priority u=1,i
GET H3	200	favicon.ico balikovnacz.id5039.com/	21 KB 4 KB	45ms 45ms	Other text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://balikovnacz.id5039.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash f61dfcef659078916fcd217ddb403930a7310413f13ee546f4fcb7fa68edf85d Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://balikovnacz.id5039.com/lk/593447619 Response headers server cloudflare cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status REVALIDATED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uzpCKJdTr6rHwOcEwvN3D4CMmQlzTtq4DLcsQSSrCvzbEwkDidZNrXVZSVxad5VGUjbK5WknrmLZ3bq6JPAAKFUFCaTyAvqP8FvdQLSpJVq0flCU85Z0EgucMHbiBjruh8%2FDBFwBo0K%2F"}],"group":"cf-nel","max_age":604800} cf-ray 8edb0dbef9fa0b58-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15361&min_rtt=14373&rtt_var=288&sent=277&recv=78&lost=0&retrans=0&sent_bytes=312752&recv_bytes=8864&delivery_rate=9257568&cwnd=162000&unsent_bytes=0&cid=376a0006239f31fc&ts=460&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:52 GMT content-type text/html; charset=UTF-8 x-powered-by Express vary Accept-Encoding last-modified Tue, 03 Dec 2024 01:39:27 GMT priority u=1,i
GET H3	200	components.53d9ded9.js Show response balikovnacz.id5039.com/assets/	2 KB 1 KB	83ms 83ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://balikovnacz.id5039.com/assets/components.53d9ded9.js Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/assets/index.0610cae5.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 5684f5168dc09edcd68f923deb29ac6d8d42d29638a31ef094b8eb2afe000d38 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://balikovnacz.id5039.com Referer https://balikovnacz.id5039.com/assets/index.0610cae5.js Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"649-1938a2c1c98" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TT8Rqv53Cs6KMa%2Fs8P%2FpD84zBq%2BwOs670qvqT11X%2BfbhYDAC5WtaZpmMMnOc6IrunSi0UQbBG%2Br4eBcpiIn4y%2BhVQZzPuG14QS1Esh42hmK5YE8fnB8zpCi1TnG0t8WuksF8b6kweGg3"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15653&min_rtt=14373&rtt_var=1135&sent=283&recv=81&lost=0&retrans=0&sent_bytes=318421&recv_bytes=9331&delivery_rate=55267&cwnd=162000&unsent_bytes=0&cid=376a0006239f31fc&ts=681&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:52 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 03 Dec 2024 01:39:27 GMT priority u=1,i=?0 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8edb0dc01b5d0b58-AMS x-powered-by Express server cloudflare
GET H3	200	getMessages Show response api.id5039.com/	2 KB 1 KB	117ms 117ms	XHR application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.id5039.com/getMessages?linkId=593447619 Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/assets/index.0610cae5.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 288bff5ae4d7ee116a5168ed825c92f5bb325ce6ea3531ece75b5ddbf229b54f Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Accept application/json, text/plain, */* Referer https://balikovnacz.id5039.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W6NwzPK9yHJAeppWhSm0ox7auZLmfV4wop9mTZ0wXJ%2BMNllU3PWyqXQ242Lxur0t96Rj80tBEumP%2Fs41Y6xSIA3iOiOEVP%2Bm0iNRcpNenxxjHfr0zY14PnlazbKFgDUyRQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8edb0dc0abe50b58-AMS access-control-allow-origin https://balikovnacz.id5039.com alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16249&min_rtt=14362&rtt_var=540&sent=620&recv=121&lost=0&retrans=0&sent_bytes=714975&recv_bytes=12888&delivery_rate=5425481&cwnd=291600&unsent_bytes=0&cid=376a0006239f31fc&ts=811&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:52 GMT content-type application/json; charset=utf-8 vary Origin server cloudflare priority u=1,i
GET H3	200	attachment.990a1ffb.svg balikovnacz.id5039.com/assets/	2 KB 2 KB	45ms 44ms	Image image/svg+xml	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://balikovnacz.id5039.com/assets/attachment.990a1ffb.svg Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 990a1ffbad07e73fc9be0fdf9c9a9ea130edb2949841e62174eb5d668fb57398 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://balikovnacz.id5039.com/lk/593447619 Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"7f5-1938a2c1c98" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLkuY5hec9RmshVDRcdDc9ukf7gd4X6rSMZt%2FscOTzIYSVce5CSOfLtXGQIQsQALX22GklnmV7yDb4kby8KLnVmDlyNQPiVJRhT1ovymbKiYH1NZ4URa51h7J21oo%2BtQR3wpJ%2FU%2BzpGa"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15977&min_rtt=14373&rtt_var=1500&sent=287&recv=87&lost=0&retrans=0&sent_bytes=319809&recv_bytes=11357&delivery_rate=15688&cwnd=162000&unsent_bytes=0&cid=376a0006239f31fc&ts=739&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:52 GMT content-type image/svg+xml vary Accept-Encoding last-modified Tue, 03 Dec 2024 01:39:27 GMT priority u=3,i cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8edb0dc0abe70b58-AMS x-powered-by Express server cloudflare
GET H3	200	send.5f7c5855.svg balikovnacz.id5039.com/assets/	1 KB 1 KB	45ms 45ms	Image image/svg+xml	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://balikovnacz.id5039.com/assets/send.5f7c5855.svg Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 5f7c58559ed9e147a2d85be5ba0795e06d784bb8ebadddcd75ffcbaacf860650 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://balikovnacz.id5039.com/lk/593447619 Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"53f-1938a2c1c98" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBdrpWhfFCkIDAWUq7m2mjuPvlJ8v%2FILdMkQrkVG917YI9oGHwrM8ZtpBcSjGFrTjC7FC8tGKkZEwqsAXCOJvWiwRN26C77KpEqLpwsKE3ss1%2B6bUvyYsVMl8kCoxfsP1yGEtGPPyMAi"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15977&min_rtt=14373&rtt_var=1500&sent=288&recv=87&lost=0&retrans=0&sent_bytes=320551&recv_bytes=11357&delivery_rate=15688&cwnd=162000&unsent_bytes=0&cid=376a0006239f31fc&ts=739&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:52 GMT content-type image/svg+xml vary Accept-Encoding last-modified Tue, 03 Dec 2024 01:39:27 GMT priority u=3,i cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8edb0dc0abe90b58-AMS x-powered-by Express server cloudflare
GET H3	200	checkStatus Show response api.id5039.com/	87 B 764 B	105ms 104ms	XHR application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.id5039.com/checkStatus?linkId=593447619&singleRedirectUsed=false&currentPathName=lk Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/assets/index.0610cae5.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d5d0aab529856f8b0f82b358cb9d679953c67f32b27d5042dc4416ef622e664 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Accept application/json, text/plain, */* Referer https://balikovnacz.id5039.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zgaqymtP8qVDr%2FdVehXGN8zxug2RHPZgTfBS9bfdKUpoDA4Q8fMxPSMxwsjaAoLCmkx213UNsW8pmoTp4eLi2FDxT8Uo9tvPvDtTxJ0IX9c1VAGQXFsC4hxoYuXyhZRV3g%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8edb0dc0abec0b58-AMS access-control-allow-origin https://balikovnacz.id5039.com alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16249&min_rtt=14362&rtt_var=540&sent=619&recv=121&lost=0&retrans=0&sent_bytes=714188&recv_bytes=12888&delivery_rate=5425481&cwnd=291600&unsent_bytes=0&cid=376a0006239f31fc&ts=799&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:52 GMT content-type application/json; charset=utf-8 vary Origin server cloudflare priority u=1,i
GET H3	200	o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9a6VLYz2tZ.woff2 fonts.gstatic.com/s/notosans/v38/	13 KB 13 KB	53ms 23ms	Font font/woff2	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosans/v38/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9a6VLYz2tZ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto+Sans Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software sffe / Resource Hash 08398e26afee5f2f2619ee96d5b22dfca0020ba246809a662ec645219547593e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://balikovnacz.id5039.com Referer https://fonts.googleapis.com/ Response headers age 147733 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 04 Dec 2025 15:52:39 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 15:52:39 GMT last-modified Wed, 04 Dec 2024 06:45:30 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 13048 x-xss-protection 0 server sffe
GET H3	200	materialdesignicons-webfont.633d596f.woff2 balikovnacz.id5039.com/assets/	373 KB 374 KB	45ms 44ms	Font font/woff2	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://balikovnacz.id5039.com/assets/materialdesignicons-webfont.633d596f.woff2 Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/assets/index.976c632a.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 633d596f7288835ff04eba1105f41cf6fe5c9ffed41f2cb20a3f00fb035c0c8b Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://balikovnacz.id5039.com Referer https://balikovnacz.id5039.com/assets/index.976c632a.css Response headers cf-cache-status REVALIDATED etag W/"5d2f8-1938a2c1c98" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nde4GD01ZBQKJdzQUAfIrOCHBVc%2F2C6fpNVrE9tB8MVMT9YxgH76SGFm0UQJwgqeJLk0Q5A%2ByEPRCgcGoVOPZrY9j7ImHH3smwo36ozkxsl2Yvj6phvitShbUY6cY2deQ0l%2FQf68vWsD"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15977&min_rtt=14373&rtt_var=1500&sent=291&recv=87&lost=0&retrans=0&sent_bytes=323202&recv_bytes=11357&delivery_rate=15688&cwnd=162000&unsent_bytes=0&cid=376a0006239f31fc&ts=740&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:52 GMT content-type font/woff2 vary Accept-Encoding last-modified Tue, 03 Dec 2024 01:39:27 GMT priority u=0,i=?0 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8edb0dc0bbf40b58-AMS accept-ranges bytes content-length 381688 x-powered-by Express server cloudflare
GET H3	200	o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9U6VLYz2tZ9rI.woff2 fonts.gstatic.com/s/notosans/v38/	54 KB 54 KB	55ms 25ms	Font font/woff2	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosans/v38/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9U6VLYz2tZ9rI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto+Sans Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software sffe / Resource Hash 63a676136369d0841a2da802b7cf223c882b7c538e661dc36fb35c478179dd71 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://balikovnacz.id5039.com Referer https://fonts.googleapis.com/ Response headers age 129397 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 04 Dec 2025 20:58:15 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 20:58:15 GMT last-modified Wed, 04 Dec 2024 06:44:00 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 55576 x-xss-protection 0 server sffe
OPTIONS H3	204	transition api.id5039.com/	0 0	92ms 67ms	Preflight	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.id5039.com/transition Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://balikovnacz.id5039.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET, POST, PATCH, DELETE, PUT access-control-allow-origin https://balikovnacz.id5039.com alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8edb0dc1885d1c9e-AMS date Fri, 06 Dec 2024 08:54:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=1,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6pncNCQnuzY5yrsgGACwS7Wv8Mv4Rkn3%2Fm5EUYaIcrd4uy4xFRNNNnDYR0%2B1q8hFoxglHA1QfK1gcM8QMFxh7ecjiRAP7YCzpViwPvLmytngio%2FG96DK6kEqKbB72ttHYA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=15173&min_rtt=15151&rtt_var=3212&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4139&recv_bytes=4414&delivery_rate=38478&cwnd=12000&unsent_bytes=0&cid=065d784c64dbafe2&ts=76&x=1" cfExtPri cfHdrFlush;dur=0 vary Origin, Access-Control-Request-Headers
POST H3	200	transition Show response api.id5039.com/	5 B 685 B	131ms 129ms	XHR application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.id5039.com/transition Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/assets/index.0610cae5.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Request headers Referer https://balikovnacz.id5039.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Accept application/json, text/plain, */* Content-Type application/json Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC access-control-allow-credentials true report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t5VORSc%2B%2BuUr9kL%2BKOMJzvNNVuYqnCEUxA%2BlYYzquL5zsds0HDeFUxvk8jzEVyJ3y0dW86Hewn3RK%2FAc1z792c%2BMayAsFa%2BMdAHNd2%2BTNjVi8eoGM1fxb3tuk8fY%2FUQVQQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8edb0dc1eda50b58-AMS access-control-allow-origin https://balikovnacz.id5039.com alt-svc h3=":443"; ma=86400 content-length 5 server-timing cfL4;desc="?proto=QUIC&rtt=15864&min_rtt=14362&rtt_var=221&sent=751&recv=143&lost=0&retrans=0&sent_bytes=862630&recv_bytes=15623&delivery_rate=9473096&cwnd=291600&unsent_bytes=0&cid=376a0006239f31fc&ts=1023&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:52 GMT content-type application/json; charset=utf-8 vary Origin server cloudflare priority u=1,i
GET H3	200	fiobanka.4a629137.js Show response balikovnacz.id5039.com/assets/	8 KB 4 KB	41ms 40ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://balikovnacz.id5039.com/assets/fiobanka.4a629137.js Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/assets/index.0610cae5.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 344608f3db5726d344f5d610261b787663fb7845a58beaa641afa989ec6ea5fc Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://balikovnacz.id5039.com Referer Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"1e82-1938a2c1c98" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kXipO%2FuzDQNfoCvGQA7hhy0hx1DK9Oehu34XPd27CD3ySMCvPKlrZ%2FhEIVveXBNJKyuRE5znS%2BxlOK2BS91p7DtYc1rcSkLqy7hGDTvOlNMmtfHKh3iJFQ3r6cHmidomuIMx6JHRvILA"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16670&min_rtt=14362&rtt_var=1034&sent=624&recv=127&lost=0&retrans=0&sent_bytes=716280&recv_bytes=14488&delivery_rate=113309&cwnd=291600&unsent_bytes=0&cid=376a0006239f31fc&ts=843&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:52 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 03 Dec 2024 01:39:27 GMT priority u=1,i=?0 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8edb0dc15cff0b58-AMS x-powered-by Express server cloudflare
GET H3	200	fiobanka.964f2f7b.css balikovnacz.id5039.com/assets/	8 KB 3 KB	50ms 50ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://balikovnacz.id5039.com/assets/fiobanka.964f2f7b.css Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/assets/index.0610cae5.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash b6d660cecae8828ed3f5643d0f1e12f4c20126158f5e8c60cf3cc4782ac53c9a Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://balikovnacz.id5039.com/lk/593447619 Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"1fea-1938a2c1c98" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GcdOKAWFdDeQOVzH5s1DpMW2CYy3X0CfjxzXMhmr3zBUbOHfOYE%2BjVOVGIgVJcD1Um%2FD6and3DT7FPtrkpVJhbixNiPM6XGc7g5szjZMXtbeFzrw9zBnZwLttgqPAzENI8qfLI%2BmJ%2B1W"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16670&min_rtt=14362&rtt_var=1034&sent=628&recv=127&lost=0&retrans=0&sent_bytes=720100&recv_bytes=14488&delivery_rate=113309&cwnd=291600&unsent_bytes=0&cid=376a0006239f31fc&ts=853&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:52 GMT content-type text/css; charset=UTF-8 vary Accept-Encoding last-modified Tue, 03 Dec 2024 01:39:27 GMT priority u=0,i=?0 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8edb0dc15d010b58-AMS x-powered-by Express server cloudflare
GET H3	200	support-avatar.62a8433f.png balikovnacz.id5039.com/assets/	50 KB 51 KB	53ms 53ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://balikovnacz.id5039.com/assets/support-avatar.62a8433f.png Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/assets/index.976c632a.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 62a8433f8d0e4ef03c0d0501eeb6812e68b3c57905fafbad6478edd4f049d7e3 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://balikovnacz.id5039.com/assets/index.976c632a.css Response headers cf-cache-status REVALIDATED etag W/"c7cd-1938a2c1c98" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RaFB98ThFH9NtytrXrF40xBIYf0akPXFv%2FKafR2U1SHZCfXtvZZrpUoF6pId0s%2B8zHojzxOvBdmQblNBfbdbz9ua1Hw1c0E9dLIte71Bitazb%2BbCBbnSEJJx%2BDXxMdHGsapAP3J%2FyP%2Fx"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16259&min_rtt=14362&rtt_var=1275&sent=631&recv=129&lost=0&retrans=0&sent_bytes=722747&recv_bytes=14578&delivery_rate=255044&cwnd=291600&unsent_bytes=0&cid=376a0006239f31fc&ts=873&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:52 GMT content-type image/png vary Accept-Encoding last-modified Tue, 03 Dec 2024 01:39:27 GMT priority u=3,i cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8edb0dc17d1e0b58-AMS accept-ranges bytes content-length 51149 x-powered-by Express server cloudflare
GET H3	200	user-avatar.591443a2.jpg balikovnacz.id5039.com/assets/	82 KB 83 KB	56ms 56ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://balikovnacz.id5039.com/assets/user-avatar.591443a2.jpg Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/assets/index.976c632a.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 591443a21596a961da5497ea480c84b705afc8b6a1b58ac4cb7af1063faae96b Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://balikovnacz.id5039.com/assets/index.976c632a.css Response headers cf-cache-status REVALIDATED etag W/"14901-1938a2c1c98" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fbbI9in742xF5yU0t3Th0X6n89jlg%2Fzqrlu5hBPYontxfcP%2FUgQHGiKot7Gr%2FAHE7xh6ztRZm2se36ZBGm%2FvTfWZqmHJJlwGwY0DdJn4Iw6iIxLBgmZ4snfzPnUwbbT1J6PT2TOvzqv9"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16259&min_rtt=14362&rtt_var=1275&sent=676&recv=129&lost=0&retrans=0&sent_bytes=775761&recv_bytes=14578&delivery_rate=255044&cwnd=291600&unsent_bytes=0&cid=376a0006239f31fc&ts=876&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:52 GMT content-type image/jpeg vary Accept-Encoding last-modified Tue, 03 Dec 2024 01:39:27 GMT priority u=3,i cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8edb0dc17d200b58-AMS accept-ranges bytes content-length 84225 x-powered-by Express server cloudflare
GET H3	200	o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9e6VLYz2tZ9rI.woff2 fonts.gstatic.com/s/notosans/v38/	7 KB 7 KB	22ms 22ms	Font font/woff2	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosans/v38/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9e6VLYz2tZ9rI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto+Sans Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software sffe / Resource Hash a4d84730a8450f376906e0caa1a11114a74187c2a13bb3d5cf9372cc7f667c50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://balikovnacz.id5039.com Referer https://fonts.googleapis.com/ Response headers age 129398 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 04 Dec 2025 20:58:14 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 20:58:14 GMT last-modified Wed, 04 Dec 2024 06:45:52 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 7096 x-xss-protection 0 server sffe
GET H/1.1	200	favicon-ver-BED52CBBA61C3C2EFBCD2A3F722B3146.ico ib.fio.sk/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.image.FioImage/png/	1 KB 2 KB	111ms 35ms	Other image/x-icon	92.38.6.13 FIO-BANKA-AS Fio ...
General Check archive.org Show headers Download Go to Full URL https://ib.fio.sk/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.image.FioImage/png/favicon-ver-BED52CBBA61C3C2EFBCD2A3F722B3146.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.38.6.13 Prague, Czech Republic, ASN62083 (FIO-BANKA-AS Fio banka, a.s., CZ), Reverse DNS ib.fio.sk Software / Resource Hash 0aca050a4591f115a630de050baa9c53e85f33973165ffa8c1628e7cbd4d7956 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://balikovnacz.id5039.com/ Response headers accept-range bytes x-content-type-options nosniff expires Sat, 06 Dec 2025 08:54:52 GMT date Fri, 06 Dec 2024 08:54:52 GMT last-modified Mon, 18 Nov 2024 13:32:44 GMT content-disposition inline cross-origin-embedder-policy-report-only require-corp content-type image/x-icon x-frame-options SAMEORIGIN strict-transport-security max-age=63072000 cache-control public, max-age=31536000 cross-origin-opener-policy same-origin pragma cache referrer-policy strict-origin-when-cross-origin content-length 1406 x-xss-protection 1; mode=block
GET H/1.1	200	logo_fio-ver-894B2A39F77CABA34D70A4AC4C0FE0B6.png ib.fio.sk/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.image.FioImage/png/	15 KB 15 KB	109ms 37ms	Image image/png	92.38.6.13 FIO-BANKA-AS Fio ...
General Check archive.org Show headers Download Go to Show image Full URL https://ib.fio.sk/ib/fio/resource/cz.fio.ib2.common.wicket.web.layout.image.FioImage/png/logo_fio-ver-894B2A39F77CABA34D70A4AC4C0FE0B6.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.38.6.13 Prague, Czech Republic, ASN62083 (FIO-BANKA-AS Fio banka, a.s., CZ), Reverse DNS ib.fio.sk Software / Resource Hash fef6feb74fe0e975fd7fef220538e0d892ab87ba5ed00eb3d11dc52ef370d980 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://balikovnacz.id5039.com/ Response headers accept-range bytes x-content-type-options nosniff expires Sat, 06 Dec 2025 08:54:52 GMT date Fri, 06 Dec 2024 08:54:52 GMT last-modified Mon, 18 Nov 2024 13:32:44 GMT content-disposition inline cross-origin-embedder-policy-report-only require-corp content-type image/png x-frame-options SAMEORIGIN strict-transport-security max-age=63072000 cache-control public, max-age=31536000 cross-origin-opener-policy same-origin pragma cache referrer-policy strict-origin-when-cross-origin content-length 15173 x-xss-protection 1; mode=block
GET H/1.1	200 OK	Fio_Smartbanking_2_7_Fondy_457x125_ib.png www.fio.cz/ib_pict/	83 KB 83 KB	112ms 36ms	Image image/png	92.38.6.11 FIO-BANKA-AS Fio ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.fio.cz/ib_pict/Fio_Smartbanking_2_7_Fondy_457x125_ib.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 92.38.6.11 Prague, Czech Republic, ASN62083 (FIO-BANKA-AS Fio banka, a.s., CZ), Reverse DNS www.fio.cz Software Apache / Resource Hash 59d020fa29e6c53d1a07a856934970d36ebaf2c4f52f3cfb3c40126df2dc4ed1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://balikovnacz.id5039.com/ Response headers Strict-Transport-Security max-age=31536000 Cache-Control private, max-age=0, must-revalidate ETag "14bd4-5f4e350baaf04" Connection Keep-Alive Accept-Ranges bytes Content-Length 84948 Keep-Alive timeout=5, max=100 Date Fri, 06 Dec 2024 08:54:52 GMT Last-Modified Fri, 17 Feb 2023 11:07:12 GMT Content-Type image/png Server Apache
GET H/1.1	200 OK	Fio_placeni_mobilem_hodinkami_1140x150.png www.fio.cz/ib_pict/	174 KB 175 KB	115ms 39ms	Image image/png	92.38.6.11 FIO-BANKA-AS Fio ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.fio.cz/ib_pict/Fio_placeni_mobilem_hodinkami_1140x150.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 92.38.6.11 Prague, Czech Republic, ASN62083 (FIO-BANKA-AS Fio banka, a.s., CZ), Reverse DNS www.fio.cz Software Apache / Resource Hash 254e650503324f4fcfe2c2a0b37a8ab539889d0711858b333e4b04b3719ff955 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://balikovnacz.id5039.com/ Response headers Strict-Transport-Security max-age=31536000 Cache-Control private, max-age=0, must-revalidate ETag "2b9ff-5f51d60720b0f" Connection Keep-Alive Accept-Ranges bytes Content-Length 178687 Keep-Alive timeout=5, max=100 Date Fri, 06 Dec 2024 08:54:52 GMT Last-Modified Mon, 20 Feb 2023 08:23:24 GMT Content-Type image/png Server Apache
GET H3	200	getMessages Show response api.id5039.com/	2 KB 1 KB	174ms 174ms	XHR application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.id5039.com/getMessages?linkId=593447619 Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/assets/index.0610cae5.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 288bff5ae4d7ee116a5168ed825c92f5bb325ce6ea3531ece75b5ddbf229b54f Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Accept application/json, text/plain, */* Referer https://balikovnacz.id5039.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tPpJKMFgVtX4cUkkzDP06E%2F1ifiPlfVnCVOOnL8%2Fp9gW7se18Kx2dlc9PeS%2BwZsu9HsMDDfWS%2Bfv6vK%2FE65pysnIU1mWV04A8oXS112%2FpWqvY2RhSPMCLs2merjsYklVnQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8edb0dc7bc970b58-AMS access-control-allow-origin https://balikovnacz.id5039.com alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15708&min_rtt=14362&rtt_var=476&sent=753&recv=145&lost=0&retrans=0&sent_bytes=863363&recv_bytes=16056&delivery_rate=5337&cwnd=291600&unsent_bytes=0&cid=376a0006239f31fc&ts=1989&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:53 GMT content-type application/json; charset=utf-8 vary Origin server cloudflare priority u=1,i
GET H3	200	getMessages Show response api.id5039.com/	2 KB 1 KB	117ms 116ms	XHR application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.id5039.com/getMessages?linkId=593447619 Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/assets/index.0610cae5.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 288bff5ae4d7ee116a5168ed825c92f5bb325ce6ea3531ece75b5ddbf229b54f Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Accept application/json, text/plain, */* Referer https://balikovnacz.id5039.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LguDruTV%2FS2u9sfsjc3gcCAiyJrWKMJjHtcrLXukZUSVs3Xa5tzIiRZRzCXLJQrUkKyZYGnlaY2vHwlOZYmR2UPM%2F2nL6a1hcvgx4aL1fGCzMxjMc8WMiY%2FmROqENB8AoA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8edb0dcdfd050b58-AMS access-control-allow-origin https://balikovnacz.id5039.com alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15598&min_rtt=14362&rtt_var=577&sent=756&recv=147&lost=0&retrans=0&sent_bytes=864650&recv_bytes=16489&delivery_rate=7190&cwnd=291600&unsent_bytes=0&cid=376a0006239f31fc&ts=2927&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:54 GMT content-type application/json; charset=utf-8 vary Origin server cloudflare priority u=1,i
GET H3	200	getMessages Show response api.id5039.com/	2 KB 1 KB	108ms 108ms	XHR application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.id5039.com/getMessages?linkId=593447619 Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/assets/index.0610cae5.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 288bff5ae4d7ee116a5168ed825c92f5bb325ce6ea3531ece75b5ddbf229b54f Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Accept application/json, text/plain, */* Referer https://balikovnacz.id5039.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dHN2vp3mM0Rra%2F2i33ngB%2Fs4Sn%2BSbCVPwzpzBzyEF4wuvQbgCi7kTRppsArc8zTdBpmE8iLB%2Bp090%2Bo4CHznjSeVRUcAfrNddQ6h48cz5ViBk%2BkXhexxqV2MzoOMqAJ%2Bww%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8edb0dd43c7f0b58-AMS access-control-allow-origin https://balikovnacz.id5039.com alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15836&min_rtt=14362&rtt_var=907&sent=759&recv=149&lost=0&retrans=0&sent_bytes=865935&recv_bytes=16922&delivery_rate=10625&cwnd=291600&unsent_bytes=0&cid=376a0006239f31fc&ts=3924&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:55 GMT content-type application/json; charset=utf-8 vary Origin server cloudflare priority u=1,i
GET H3	200	getMessages Show response api.id5039.com/	2 KB 1 KB	109ms 109ms	XHR application/json	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.id5039.com/getMessages?linkId=593447619 Requested by Host: balikovnacz.id5039.com URL: https://balikovnacz.id5039.com/assets/index.0610cae5.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 288bff5ae4d7ee116a5168ed825c92f5bb325ce6ea3531ece75b5ddbf229b54f Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Accept application/json, text/plain, */* Referer https://balikovnacz.id5039.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9i76gLC4vg02y9oKbpCe8atOSLXKrwNFUM3575eZtROm4d7906yYdYFf7U9nHoHuzoYaOUdnxwBCqMGTQajsHv4u68rC6ZXKXE06Fh820VHgaCw0hNR0Lb7Zy18Jsxoyw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8edb0dda7c740b58-AMS access-control-allow-origin https://balikovnacz.id5039.com alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=15665&min_rtt=14362&rtt_var=1021&sent=762&recv=151&lost=0&retrans=0&sent_bytes=867224&recv_bytes=17355&delivery_rate=11433&cwnd=291600&unsent_bytes=0&cid=376a0006239f31fc&ts=4924&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 06 Dec 2024 08:54:56 GMT content-type application/json; charset=utf-8 vary Origin server cloudflare priority u=1,i

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fio Banka (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.id5039.com
balikovnacz.id5039.com
fonts.googleapis.com
fonts.gstatic.com
ib.fio.sk
www.fio.cz
142.250.185.99
188.114.96.3
188.114.97.3
2a00:1450:4001:80b::200a
92.38.6.11
92.38.6.13
08398e26afee5f2f2619ee96d5b22dfca0020ba246809a662ec645219547593e
0aca050a4591f115a630de050baa9c53e85f33973165ffa8c1628e7cbd4d7956
1d5d0aab529856f8b0f82b358cb9d679953c67f32b27d5042dc4416ef622e664
254e650503324f4fcfe2c2a0b37a8ab539889d0711858b333e4b04b3719ff955
288bff5ae4d7ee116a5168ed825c92f5bb325ce6ea3531ece75b5ddbf229b54f
344608f3db5726d344f5d610261b787663fb7845a58beaa641afa989ec6ea5fc
4336102a40ec4be022d3b9a3531e4ff2d1051175916759e7ec087edd74d5465a
5684f5168dc09edcd68f923deb29ac6d8d42d29638a31ef094b8eb2afe000d38
591443a21596a961da5497ea480c84b705afc8b6a1b58ac4cb7af1063faae96b
59d020fa29e6c53d1a07a856934970d36ebaf2c4f52f3cfb3c40126df2dc4ed1
5f7c58559ed9e147a2d85be5ba0795e06d784bb8ebadddcd75ffcbaacf860650
62a8433f8d0e4ef03c0d0501eeb6812e68b3c57905fafbad6478edd4f049d7e3
633d596f7288835ff04eba1105f41cf6fe5c9ffed41f2cb20a3f00fb035c0c8b
63a676136369d0841a2da802b7cf223c882b7c538e661dc36fb35c478179dd71
6cc599dd792ce8721bcde43fe557fa43448556e56e1b55dbd3c7e8449906ccfe
990a1ffbad07e73fc9be0fdf9c9a9ea130edb2949841e62174eb5d668fb57398
a4d84730a8450f376906e0caa1a11114a74187c2a13bb3d5cf9372cc7f667c50
b6d660cecae8828ed3f5643d0f1e12f4c20126158f5e8c60cf3cc4782ac53c9a
c676bb6ff49dc70cf58468dab072f65f230d8601c11821aaf966054e9b3e71e0
f61dfcef659078916fcd217ddb403930a7310413f13ee546f4fcb7fa68edf85d
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fee409595c250a0d84b057bea41e14168be32aa2e312b4ef4753d4a11ecf9264
fef6feb74fe0e975fd7fef220538e0d892ab87ba5ed00eb3d11dc52ef370d980