justpremium.xyz Open in urlscan Pro
2606:4700:3030::ac43:9152  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response justpremium.xyz/fire-kirin/	44 KB 10 KB	584ms 495ms	Document text/html	2606:4700:3030::ac43:9152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:9152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a32ffd6de36c94737e8f3f67fcafff762cfb35a7121a0e5cddf83c701bca13db Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 77bea0b56c8e9134-FRA content-encoding br content-type text/html date Mon, 19 Dec 2022 08:04:30 GMT last-modified Wed, 12 Oct 2022 21:16:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iixErQqxnkHP7c1%2Bs3hKV4rbFSdCmg85wD4bGM91BntNR1B2TxoW3CNxtZBiGk4WWpOs69738Pv9pMmuXV2lHdR0BR0CjdZaTT%2F9rH4y2nt1iJlfei7%2Bi7Pf0ID9DXGNkMfNw%2FfDylg3Yq7ICn8%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H2	200	js Show response www.googletagmanager.com/gtag/	224 KB 78 KB	196ms 79ms	Script application/javascript	2a00:1450:400d:807::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-2KQ3X236H2 Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 974a3fa30f4c0f1881a9db40cb7026e18885505ba16b1bff6afb40da4c6cd500 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://justpremium.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 19 Dec 2022 08:04:30 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78929 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Mon, 19 Dec 2022 08:04:30 GMT
GET H2	200	bundle.min.js Show response browser.sentry-cdn.com/6.4.1/	66 KB 21 KB	23ms 7ms	Script application/javascript	2a04:4e42::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://browser.sentry-cdn.com/6.4.1/bundle.min.js Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer Origin https://justpremium.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 19 Dec 2022 08:04:30 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains last-modified Wed, 19 May 2021 16:36:38 GMT server Fastly age 2923016 etag "42639cce5db857005b8285dedd67553d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 20972 expires Wed, 15 Nov 2023 12:07:34 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	162ms 46ms	Script text/javascript	2a00:1450:400d:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 19 Dec 2022 06:27:24 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 5826 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Mon, 19 Dec 2022 08:27:24 GMT
GET H2	200	style.css justpremium.xyz/fire-kirin/	5 KB 2 KB	545ms 542ms	Stylesheet text/html	2606:4700:3030::ac43:9152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://justpremium.xyz/fire-kirin/style.css Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:9152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash d8e976f7adf63a0e0a8c0056226f0fc8b99bb85d4c691ef0fec5f3e72f531a5f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 19 Dec 2022 08:04:30 GMT content-encoding br cf-cache-status MISS last-modified Mon, 19 Dec 2022 08:04:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.34 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkb90skltWJMDte3EOxOOCMn6PldsGvmqHQocuYQatfQ51FUafgE0OA19B8%2BfXtO6Sf7r2EOW%2BqUWR1D3F3Dq3xHncF1IeUMGGC81qZ9ufZTqJHnA71UJhHexft6KPR2FSG7Zb%2BG9rGCRa0Pa3w%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 x-turbo-charged-by LiteSpeed cf-ray 77bea0b96e089134-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	356 B 790 B	187ms 69ms	Stylesheet text/css	2a00:1450:400d:804::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Acme Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bb0e29a5bc034b3b31471d63c2ddca4aab93d8a65ba059de57c099650fb5a11a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 19 Dec 2022 08:04:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 19 Dec 2022 06:10:14 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 19 Dec 2022 08:04:30 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 612 B	187ms 69ms	Stylesheet text/css	2a00:1450:400d:804::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 19 Dec 2022 08:04:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 19 Dec 2022 06:54:47 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 19 Dec 2022 08:04:30 GMT
GET H2	200	css fonts.googleapis.com/	1014 B 501 B	189ms 71ms	Stylesheet text/css	2a00:1450:400d:804::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Rajdhani Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 17001b7a4b46177ae9387819efc44fa0cddac40662144ffce15d278a38cb8359 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 19 Dec 2022 08:04:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 19 Dec 2022 07:17:47 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 19 Dec 2022 08:04:30 GMT
GET H2	200	css2 fonts.googleapis.com/	1 KB 496 B	188ms 70ms	Stylesheet text/css	2a00:1450:400d:804::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Bangers&display=swap Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d90374a184dc4e8e7f4716de4113543ec19410d60b9c5de5bedeba70a2eb4eff Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 19 Dec 2022 08:04:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 19 Dec 2022 08:04:30 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 19 Dec 2022 08:04:30 GMT
GET H2	200	16403301119d04ee9d2ae57773efc043f7641e41a4.png d13pxqgp3ixdbh.cloudfront.net/uploads/	168 KB 169 KB	697ms 636ms	Image image/png	2600:9000:2104:9600:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d13pxqgp3ixdbh.cloudfront.net/uploads/16403301119d04ee9d2ae57773efc043f7641e41a4.png Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9600:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 550cdba2a78f5ab43492a02de2fd9e92fcb53c2e15b282af3fd4d497a98d835c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id jrQc8R_OsVhyPFFeyQa1AOeANOrkMI3a date Mon, 19 Dec 2022 08:04:31 GMT via 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront) last-modified Fri, 24 Dec 2021 07:15:12 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 etag "90b43a13878e1af7108770b8405cee5d" x-cache RefreshHit from cloudfront content-type image/png accept-ranges bytes content-length 172134 x-amz-cf-id sK85PG8TgcjoqIr0drQQJOhZnbnS3pIqqt1_EBM38fPGYLznbLPM5w==
GET H2	200	main.js Show response justpremium.xyz/fire-kirin/	5 KB 2 KB	541ms 539ms	Script text/html	2606:4700:3030::ac43:9152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://justpremium.xyz/fire-kirin/main.js Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:9152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash 63b7c8db7434b134c5c705205b3b72e789b19b89a468ea3944bea3551e6d5971 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 19 Dec 2022 08:04:30 GMT content-encoding br cf-cache-status MISS last-modified Mon, 19 Dec 2022 08:04:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.34 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhlWD65VeKj5iFLT4fuWLzJo%2F8pX%2FkfPZ45NAA0mHMvEm4iD8Z7UElcKHNSJQjQbqLpEukraQQqAPrmGHFSGZk47TRbAkjh1JksuUP1kWeW4UIpSlLrb6P62WEOi0v%2BSgZIF5Aigtd%2F0rowjZmE%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 x-turbo-charged-by LiteSpeed cf-ray 77bea0b97e0c9134-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	1637981512e3497ece95fb3d4e5d2b35b888051740.png d13pxqgp3ixdbh.cloudfront.net/uploads/	21 KB 22 KB	734ms 673ms	Image image/png	2600:9000:2104:9600:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d13pxqgp3ixdbh.cloudfront.net/uploads/1637981512e3497ece95fb3d4e5d2b35b888051740.png Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9600:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0e089e3beebb1a41945a1ddd0267b2c946e00326d3becc1dc37cf4351cac4d16 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id 6XvuA1bhqXErwSj31qQk7GUiTylExqNM date Mon, 19 Dec 2022 08:04:31 GMT via 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront) last-modified Sat, 27 Nov 2021 02:51:53 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 etag "2956535430896b9d17ca4b5752a4ea49" x-cache RefreshHit from cloudfront content-type image/png accept-ranges bytes content-length 21922 x-amz-cf-id 0cwbfAhjHcrxhZE-LrfWcfcC3BzsXOzhFfrBt_7MpjQ4aoSBAoF2zA==
GET H2	200	vaafb692b2aea4879b33c060e79fe94621666317369993 Show response static.cloudflareinsights.com/beacon.min.js/	17 KB 6 KB	94ms 66ms	Script text/javascript	2606:4700::6810:3865 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Request headers Referer Origin https://justpremium.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 19 Dec 2022 08:04:30 GMT content-encoding gzip last-modified Fri, 21 Oct 2022 01:56:09 GMT server cloudflare etag W/2022.10.1 vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 77bea0b99d5e90e6-FRA
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 30 KB	165ms 48ms	Script text/javascript	2a00:1450:400d:807::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 19 Dec 2022 06:29:39 GMT content-encoding gzip x-content-type-options nosniff age 5691 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30028 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 19 Dec 2023 06:29:39 GMT
GET H2	200	292521f.js Show response dyodrs1kxvg6o.cloudfront.net/	23 KB 7 KB	255ms 203ms	Script application/javascript	2600:9000:2394:ba00:4:8d81:2c00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dyodrs1kxvg6o.cloudfront.net/292521f.js Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2394:ba00:4:8d81:2c00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 988df212c000f1c5b3043b9813ed991815089f0dac63ad094351eb372166f9ff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 19 Dec 2022 07:56:30 GMT content-encoding br via 1.1 a4ca822be9cc438f72a2d23c1e665d80.cloudfront.net (CloudFront) last-modified Sun, 30 Oct 2022 13:50:57 GMT server AmazonS3 x-amz-cf-pop AMS1-P2 age 582 etag W/"d0adadb877ad5f27d0c2a369cd5acb5e" vary Accept-Encoding x-cache Error from cloudfront content-type application/javascript x-amz-cf-id A9vxeFPgvXqecy-tkoShFNB1OzUK2AWyE1DYiEOTyEXl74E3CD_Q_A==
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	162ms 67ms	XHR text/plain	2a00:1450:400d:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=822347506&t=pageview&_s=1&dl=https%3A%2F%2Fjustpremium.xyz%2Ffire-kirin%2F&ul=en-us&de=windows-1252&dt=Link%20Locked&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1503395806&gjid=598139286&cid=1265023181.1671437070&tid=UA-149924537-3&_gid=54223162.1671437070&_r=1&_slc=1&z=308385902 Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 19 Dec 2022 08:04:30 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://justpremium.xyz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 338 B	119ms 38ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-2KQ3X236H2&gtm=2oebu0&_p=822347506&_gaz=1&cid=1265023181.1671437070&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671437070&sct=1&seg=0&dl=https%3A%2F%2Fjustpremium.xyz%2Ffire-kirin%2F&dt=Link%20Locked&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2KQ3X236H2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Mon, 19 Dec 2022 08:04:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://justpremium.xyz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 347 B	56ms 18ms	Ping text/plain	2a00:1450:400c:c09::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2KQ3X236H2&cid=1265023181.1671437070&gtm=2oebu0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2KQ3X236H2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Mon, 19 Dec 2022 08:04:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://justpremium.xyz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	187ms 72ms	Image image/gif	2a00:1450:400d:80c::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2KQ3X236H2&cid=1265023181.1671437070&gtm=2oebu0&aip=1&z=1879772331 Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Mon, 19 Dec 2022 08:04:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1637981555f3a070d1eafa5af6cb0e04a7031eddb4.png d13pxqgp3ixdbh.cloudfront.net/uploads/	9 KB 9 KB	651ms 650ms	Image image/png	2600:9000:2104:9600:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d13pxqgp3ixdbh.cloudfront.net/uploads/1637981555f3a070d1eafa5af6cb0e04a7031eddb4.png Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9600:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b918121cee25d4c745994d4e4d938a2bee0ec057e2971ac555cb68199aa717e3 Request headers accept-language de-DE,de;q=0.9 Referer https://justpremium.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id Hgor08caJ4XbeX1ZYcep5X8T8d.gFoBb date Mon, 19 Dec 2022 08:04:32 GMT via 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront) last-modified Sat, 27 Nov 2021 02:52:36 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 etag "6714c8ead3fa94a7c09a86015ab368b5" x-cache RefreshHit from cloudfront content-type image/png accept-ranges bytes content-length 9239 x-amz-cf-id jdkkDBffkqIdnLkjC2rKcwWYiZZUx8ByNS9_2CjGMMHhWuoisX6FCA==
GET H2	200	16360091367caaa99ef178576d4c6fb5265af267a9.png d13pxqgp3ixdbh.cloudfront.net/uploads/	4 KB 4 KB	25ms 24ms	Image image/png	2600:9000:2104:9600:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d13pxqgp3ixdbh.cloudfront.net/uploads/16360091367caaa99ef178576d4c6fb5265af267a9.png Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9600:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f6de583a6ec286b38b78474a2405bb53ef0f27f8b674d10343247a232b58c7d0 Request headers accept-language de-DE,de;q=0.9 Referer https://justpremium.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id Rl___tpQNyovJVDW7qpPw0gBWSYTfMJh date Sun, 18 Dec 2022 10:09:45 GMT via 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront) last-modified Thu, 04 Nov 2021 06:58:57 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 age 78886 etag "7f58af5fde19eb71637875062a73f56b" x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 3789 x-amz-cf-id vDTUh2b7X0_Ko7xhKORzXcfL172NvD-X1ZIY0o2hbcK3nGdVSJY3xA==
GET H2	200	16360091672797e6e5257884106317b0182139b4ef.png d13pxqgp3ixdbh.cloudfront.net/uploads/	4 KB 4 KB	24ms 24ms	Image image/png	2600:9000:2104:9600:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d13pxqgp3ixdbh.cloudfront.net/uploads/16360091672797e6e5257884106317b0182139b4ef.png Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9600:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4a4f5138f554934d385e0b16137f10990a8f26ac2924fc7c766405229277d253 Request headers accept-language de-DE,de;q=0.9 Referer https://justpremium.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id S9iHL5.HmvTcVgLVQj37BIaP6wIE4Ylq date Sun, 18 Dec 2022 11:57:03 GMT via 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront) last-modified Thu, 04 Nov 2021 06:59:28 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 age 72448 etag "d1ba9e4e5057998f3b2345eda18f6ee2" x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 3788 x-amz-cf-id Q6wp7qPQUUAB81bzdRc3VXQMdadH3Fa83uf35r3GtjYzzOsIeauMeQ==
GET H2	200	16403146337e3f91c00e96d50d6236ebb35e345bbe.png d13pxqgp3ixdbh.cloudfront.net/uploads/	4 KB 4 KB	46ms 46ms	Image image/png	2600:9000:2104:9600:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d13pxqgp3ixdbh.cloudfront.net/uploads/16403146337e3f91c00e96d50d6236ebb35e345bbe.png Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9600:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e55c69dc059cb430dace67c2684ea58d2a2ad292fadc4823d8765d2866efa7a8 Request headers accept-language de-DE,de;q=0.9 Referer https://justpremium.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id o1hCy8zEWep.Noqx8koVLjvKrPet7ddr date Sun, 18 Dec 2022 16:07:53 GMT via 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront) last-modified Fri, 24 Dec 2021 02:57:15 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 age 57398 etag "269e0dc633361720c6876ed8cf61df55" x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 3745 x-amz-cf-id Mg28B-flEVQ8FAuThl3F4muTFeRMNllX8EMEu0uVFkj5-0NoGYnNBg==
GET H2	200	1637811874e1840d0490447927112fd277496555f3.png d13pxqgp3ixdbh.cloudfront.net/uploads/	12 KB 12 KB	649ms 649ms	Image image/png	2600:9000:2104:9600:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d13pxqgp3ixdbh.cloudfront.net/uploads/1637811874e1840d0490447927112fd277496555f3.png Requested by Host: justpremium.xyz URL: https://justpremium.xyz/fire-kirin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9600:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cb2ec1306c2c3ec1d22a0caaf3de77ec4ef67daaf61dd5df5e5354dc3f079eb1 Request headers accept-language de-DE,de;q=0.9 Referer https://justpremium.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id 8orQt.CC_F967iq7WyScbK9ayh5WwUSC date Mon, 19 Dec 2022 08:04:32 GMT via 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront) last-modified Thu, 25 Nov 2021 03:44:35 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 etag "67082deb1142f10f8753c048d70ef580" x-cache RefreshHit from cloudfront content-type image/png accept-ranges bytes content-length 12388 x-amz-cf-id wS9pQP0FwuaD7B7226mYXa0p5MMoYj5NseZ2KhsIqds1zizX3nXdvQ==
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	161ms 47ms	Font font/woff2	2a00:1450:400d:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://justpremium.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 14 Dec 2022 19:33:00 GMT x-content-type-options nosniff age 390690 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Dec 2023 19:33:00 GMT
POST H2	200	/ Show response o425163.ingest.sentry.io/api/5780930/store/	41 B 317 B	108ms 31ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o425163.ingest.sentry.io/api/5780930/store/?sentry_key=e0e6a104cb354a09bf094a90e676ea13&sentry_version=7 Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 818ca0a37531ff58cfe8144a95da3c2fde92f8bd3cf8d6aeb2fd82e24b0ba749 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://justpremium.xyz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 19 Dec 2022 08:04:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary Origin content-type application/json access-control-allow-origin https://justpremium.xyz access-control-expose-headers x-sentry-error, retry-after, x-sentry-rate-limits x-envoy-upstream-service-time 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41
GET H2	200	html.2975732.6aaf4.0.js Show response dwmsurhf1svv8.cloudfront.net/public/external/v2/	13 KB 13 KB	376ms 333ms	Script application/javascript	2600:9000:238d:c400:1b:9327:5500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dwmsurhf1svv8.cloudfront.net/public/external/v2/html.2975732.6aaf4.0.js Requested by Host: dyodrs1kxvg6o.cloudfront.net URL: https://dyodrs1kxvg6o.cloudfront.net/292521f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:238d:c400:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 016a23fa00632fce061a8dd7e32dcf769cc71f55e5337f6b5688847946907a8c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 19 Dec 2022 08:04:31 GMT via 1.1 0e12b175c31e0e750266df78bf0e1068.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-P1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id w2f3p3OT0vZRFEfCsUfvQS1LcqxYCjo93YE52YsIjVnM03ejAvvN6Q==
GET H2	200	css_front.css dwmsurhf1svv8.cloudfront.net/public/external/	6 KB 7 KB	216ms 173ms	Stylesheet text/css	2600:9000:238d:c400:1b:9327:5500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dwmsurhf1svv8.cloudfront.net/public/external/css_front.css Requested by Host: dyodrs1kxvg6o.cloudfront.net URL: https://dyodrs1kxvg6o.cloudfront.net/292521f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:238d:c400:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 19 Dec 2022 08:04:31 GMT via 1.1 0e12b175c31e0e750266df78bf0e1068.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-P1 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id 3lt7LRKyYBzNWoS0yAsd8M-2509hLDbRK2DbhWm-dHb9229oaIRryQ==
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	68ms 68ms	XHR text/plain	2a00:1450:400d:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=822347506&t=pageView&_s=1&dl=https%3A%2F%2Fjustpremium.xyz%2Ffire-kirin%2F&ul=en-us&de=windows-1252&dt=Link%20Locked&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=1831662954&gjid=826764445&cid=1265023181.1671437070&tid=UA-85922709-2&_gid=54223162.1671437070&_r=1&_slc=1&cd1=0&z=2030356775 Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 19 Dec 2022 08:04:30 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://justpremium.xyz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	css.css dwmsurhf1svv8.cloudfront.net/public/clockers/CustomButton/	1010 B 1 KB	166ms 166ms	Stylesheet text/css	2600:9000:238d:c400:1b:9327:5500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dwmsurhf1svv8.cloudfront.net/public/clockers/CustomButton/css.css Requested by Host: dyodrs1kxvg6o.cloudfront.net URL: https://dyodrs1kxvg6o.cloudfront.net/292521f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:238d:c400:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 19 Dec 2022 08:04:31 GMT via 1.1 0e12b175c31e0e750266df78bf0e1068.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-P1 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id 9wFCY-WVl6mHKOVSN0lZWAd2GP2Dz1qWmV1NPjm-Dtkk8yMkqGuVkw==
POST H3	204	rum Show response justpremium.xyz/cdn-cgi/	0 177 B	10ms 10ms	XHR text/plain	2606:4700:3030::ac43:9152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://justpremium.xyz/cdn-cgi/rum? Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.4.1/bundle.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:9152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 content-type application/json Response headers date Mon, 19 Dec 2022 08:04:31 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://justpremium.xyz x-frame-options DENY access-control-allow-credentials true cf-ray 77bea0c16ff29223-FRA
GET H2	200	guid Show response dwmsurhf1svv8.cloudfront.net/public/	0 275 B	318ms 318ms	Script text/html	2600:9000:238d:c400:1b:9327:5500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dwmsurhf1svv8.cloudfront.net/public/guid?cpguid=udwkuy58u&e=ll&t=1671437071890 Requested by Host: dyodrs1kxvg6o.cloudfront.net URL: https://dyodrs1kxvg6o.cloudfront.net/292521f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:238d:c400:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 19 Dec 2022 08:04:32 GMT via 1.1 0e12b175c31e0e750266df78bf0e1068.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-P1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id NnL1AbgXtZZcKMMe1-LeGw-pqlP_XAkD2TD7umKcw_ySGVATRohlpA==
GET H2	200	check.php Show response dwmsurhf1svv8.cloudfront.net/public/external/	78 B 370 B	321ms 321ms	Script application/javascript	2600:9000:238d:c400:1b:9327:5500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dwmsurhf1svv8.cloudfront.net/public/external/check.php?it=2975732&time=1671437073431 Requested by Host: dyodrs1kxvg6o.cloudfront.net URL: https://dyodrs1kxvg6o.cloudfront.net/292521f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:238d:c400:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 19 Dec 2022 08:04:33 GMT via 1.1 0e12b175c31e0e750266df78bf0e1068.cloudfront.net (CloudFront) server Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-P1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id ISq7b2URl4UsSRzzdtcwyNgbxkWOpp8iBj9narVzRzvYe9YhHA0Fpg==
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	97ms 36ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-2KQ3X236H2&gtm=2oebu0&_p=822347506&cid=1265023181.1671437070&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1671437070&sct=1&seg=0&dl=https%3A%2F%2Fjustpremium.xyz%2Ffire-kirin%2F&dt=Link%20Locked&en=scroll&epn.percent_scrolled=90&_et=3 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2KQ3X236H2 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Mon, 19 Dec 2022 08:04:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://justpremium.xyz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| gtag object| dataLayer object| Sentry object| __SENTRY__ string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady function| $ function| jQuery object| CPABUILDSETTINGS string| forward object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker number| baba function| bntcss number| valactivity number| prostep number| prostepDelay number| recentCoin number| card1 number| card2 number| card3 number| card4 number| cardvalue function| random function| RecentActivity function| claim function| myFunction number| currentCardNum function| card function| next2 object| __cfBeacon object| __sentry_instrumentation_handlers__

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.justpremium.xyz/	1970-01-20 08:18:43	Name: _gid Value: GA1.2.54223162.1671437070
			.justpremium.xyz/	1970-01-20 08:17:17	Name: _gat Value: 1
			.justpremium.xyz/	1970-01-20 17:53:17	Name: _ga_2KQ3X236H2 Value: GS1.1.1671437070.1.0.1671437070.60.0.0
			justpremium.xyz/	1970-01-20 08:31:41	Name: _cpguid Value: udwkuy58u
			.justpremium.xyz/	1970-01-20 17:53:17	Name: _ga Value: GA1.2.1265023181.1671437070
			.justpremium.xyz/	1970-01-20 08:17:17	Name: _gat_customTemplateGlobal Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
browser.sentry-cdn.com
d13pxqgp3ixdbh.cloudfront.net
dwmsurhf1svv8.cloudfront.net
dyodrs1kxvg6o.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
justpremium.xyz
o425163.ingest.sentry.io
region1.analytics.google.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.de
www.googletagmanager.com
2001:4860:4802:32::36
2600:9000:2104:9600:1c:b3e3:eb40:21
2600:9000:238d:c400:1b:9327:5500:21
2600:9000:2394:ba00:4:8d81:2c00:21
2606:4700:3030::ac43:9152
2606:4700::6810:3865
2a00:1450:400c:c09::9b
2a00:1450:400d:804::200a
2a00:1450:400d:807::2008
2a00:1450:400d:807::200a
2a00:1450:400d:80c::2003
2a00:1450:400d:80d::200e
2a00:1450:400d:80e::2003
2a04:4e42::729
34.120.195.249
016a23fa00632fce061a8dd7e32dcf769cc71f55e5337f6b5688847946907a8c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0e089e3beebb1a41945a1ddd0267b2c946e00326d3becc1dc37cf4351cac4d16
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
17001b7a4b46177ae9387819efc44fa0cddac40662144ffce15d278a38cb8359
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
4a4f5138f554934d385e0b16137f10990a8f26ac2924fc7c766405229277d253
550cdba2a78f5ab43492a02de2fd9e92fcb53c2e15b282af3fd4d497a98d835c
63b7c8db7434b134c5c705205b3b72e789b19b89a468ea3944bea3551e6d5971
818ca0a37531ff58cfe8144a95da3c2fde92f8bd3cf8d6aeb2fd82e24b0ba749
974a3fa30f4c0f1881a9db40cb7026e18885505ba16b1bff6afb40da4c6cd500
988df212c000f1c5b3043b9813ed991815089f0dac63ad094351eb372166f9ff
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a32ffd6de36c94737e8f3f67fcafff762cfb35a7121a0e5cddf83c701bca13db
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b918121cee25d4c745994d4e4d938a2bee0ec057e2971ac555cb68199aa717e3
bb0e29a5bc034b3b31471d63c2ddca4aab93d8a65ba059de57c099650fb5a11a
cb2ec1306c2c3ec1d22a0caaf3de77ec4ef67daaf61dd5df5e5354dc3f079eb1
d8e976f7adf63a0e0a8c0056226f0fc8b99bb85d4c691ef0fec5f3e72f531a5f
d90374a184dc4e8e7f4716de4113543ec19410d60b9c5de5bedeba70a2eb4eff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55c69dc059cb430dace67c2684ea58d2a2ad292fadc4823d8765d2866efa7a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6de583a6ec286b38b78474a2405bb53ef0f27f8b674d10343247a232b58c7d0