iradiumclover.com Open in urlscan Pro
2606:4700:3031::ac43:9a85 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/lowsss/kembibi.html#5ltbrnunq31d74.PMNOoQjbdKFjBvtu?fmCw4sccml7VcxpXBcdc9kcpc3sfqfCFncbbb4Q
Effective URL:
https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
Submission: On March 31 via api (March 31st 2022, 2:16:39 pm UTC) from BE — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3031::ac43:9a85, located in United States and belongs to CLOUDFLARENET, US. The main domain is iradiumclover.com.
TLS certificate: Issued by E1 on March 30th 2022. Valid for: 3 months.

This is the only time iradiumclover.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:813::2010	15169 (GOOGLE) (GOOGLE)
1 1	45.158.10.66 45.158.10.66	400377 (AS-DC) (AS-DC)
1	102.129.133.21 102.129.133.21	61317 (ASDETUK w...) (ASDETUK www.heficed.com)
1 2	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2606:4700:303... 2606:4700:3031::ac43:9a85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	108.157.5.251 108.157.5.251	16509 (AMAZON-02) (AMAZON-02)
2	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	12

1 2a00:1450:4001:813::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.158.10.66 (Washington, United States) 1 redirects

ASN400377 (AS-DC, US)
PTR: texturecast.org.uk

poweredchannel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 102.129.133.21 (Reston, United States)

ASN61317 (ASDETUK www.heficed.com, GB)

cannedclips.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

caotingdiger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trk-tempore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:3031::ac43:9a85 (United States)

ASN13335 (CLOUDFLARENET, US)

iradiumclover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.5.251 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-5-251.dus51.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

event.trk-tempore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	iradiumclover.com iradiumclover.com	1 MB
5	trk-tempore.com trk-tempore.com — Cisco Umbrella Rank: 89369 event.trk-tempore.com — Cisco Umbrella Rank: 235763	3 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 990	949 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	716 B
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 18900	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	114 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1187	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 229	30 KB
1	caotingdiger.com 1 redirects caotingdiger.com	773 B
1	cannedclips.com cannedclips.com — Cisco Umbrella Rank: 369719	439 B
1	poweredchannel.com 1 redirects poweredchannel.com — Cisco Umbrella Rank: 358416	278 B
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 494	693 B
47	12

	Domain	Requested by
26	iradiumclover.com	cannedclips.com iradiumclover.com
4	event.trk-tempore.com	trk-tempore.com
4	tr.snapchat.com	sc-static.net iradiumclover.com
3	www.facebook.com	iradiumclover.com
2	a.mgid.com	iradiumclover.com
2	connect.facebook.net	iradiumclover.com connect.facebook.net
1	sc-static.net	iradiumclover.com
1	trk-tempore.com	iradiumclover.com
1	cdnjs.cloudflare.com	iradiumclover.com
1	caotingdiger.com	1 redirects
1	cannedclips.com	storage.googleapis.com
1	poweredchannel.com	1 redirects
1	storage.googleapis.com
47	13

This site contains no links.

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
cannedclips.com R3	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.iradiumclover.com E1	`2022-03-30` - `2022-06-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-07` - `2022-04-07`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-13` - `2023-01-13`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
Frame ID: F1A6AEA9A31E2B56DD9F4517ED0C675F
Requests: 41 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1
Frame ID: B76D884D9C474633F4A195D842DC76DD
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: BDBCCAB06140842FF693254D7E67AE27
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 29D689A09C59E94C43FC56F5638B91FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ZDFmediathek - Die jüngste Investition von Lena hat Experten beunruhigt und große Banken zittern lassen

Page URL History Show full URLs

https://storage.googleapis.com/lowsss/kembibi.html Page URL
http://poweredchannel.com/anchor5ltbrnunq31d74.PMNOoQjbdKFjBvtu?fmCw4sccml7VcxpXBcdc9kcpc3sfqfCFncbbb4Q HTTP 302
https://cannedclips.com/0/0/0/478c9369ce3232c3f0a3b3101b6c01d6/2_369522_2563267/1567_1288607_3412616... Page URL
https://caotingdiger.com/index2.php?id=106&s1=350616&s2=695852602&s3=3311&p=de2bit5j HTTP 301
https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7 Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

98 %
HTTPS

58 %
IPv6

12
Domains

13
Subdomains

12
IPs

3
Countries

1252 kB
Transfer

1784 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/lowsss/kembibi.html Page URL
http://poweredchannel.com/anchor5ltbrnunq31d74.PMNOoQjbdKFjBvtu?fmCw4sccml7VcxpXBcdc9kcpc3sfqfCFncbbb4Q HTTP 302
https://cannedclips.com/0/0/0/478c9369ce3232c3f0a3b3101b6c01d6/2_369522_2563267/1567_1288607_3412616_11/830759346 Page URL
https://caotingdiger.com/index2.php?id=106&s1=350616&s2=695852602&s3=3311&p=de2bit5j HTTP 301
https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://poweredchannel.com/anchor5ltbrnunq31d74.PMNOoQjbdKFjBvtu?fmCw4sccml7VcxpXBcdc9kcpc3sfqfCFncbbb4Q HTTP 302
https://cannedclips.com/0/0/0/478c9369ce3232c3f0a3b3101b6c01d6/2_369522_2563267/1567_1288607_3412616_11/830759346

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 kembibi.html
storage.googleapis.com/lowsss/ 112 B
693 B 160ms
7ms Document
text/html 2a00:1450:4001:813::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/lowsss/kembibi.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 2211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-length: 112
content-type: text/html
date: Thu, 31 Mar 2022 13:39:41 GMT
etag: "38ba23dc5b6b77ab96301a6860e09257"
expires: Thu, 31 Mar 2022 14:39:41 GMT
last-modified: Tue, 07 Sep 2021 17:37:32 GMT
server: UploadServer
x-goog-generation: 1631036252897537
x-goog-hash: crc32c=Vs6sCQ== md5=OLoj3Ftrd6uWMBpoYOCSVw==
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 112
x-guploader-uploadid: ADPycduSMpDPNcnSmEnzJvZknmBKb3IusQCgb2l2vmR_JrFO2F7Z7vxF81EgrLfPouramDkPr-l66mqCmuMSfNVxxoNcZmFKPw

GET
H/1.1

200
OK

830759346
cannedclips.com/0/0/0/478c9369ce3232c3f0a3b3101b6c01d6/2_369522_2563267/1567_1288607_3412616_11/
Redirect Chain

http://poweredchannel.com/anchor5ltbrnunq31d74.PMNOoQjbdKFjBvtu?fmCw4sccml7VcxpXBcdc9kcpc3sfqfCFncbbb4Q
https://cannedclips.com/0/0/0/478c9369ce3232c3f0a3b3101b6c01d6/2_369522_2563267/1567_1288607_3412616_11/830759346

147 B
439 B

896ms
454ms

Document
text/html

102.129.133.21
ASDETUK www.hefic...

General

Check archive.org

Show headers Download Go to

Full URL: https://cannedclips.com/0/0/0/478c9369ce3232c3f0a3b3101b6c01d6/2_369522_2563267/1567_1288607_3412616_11/830759346
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/lowsss/kembibi.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 102.129.133.21 Reston, United States, ASN61317 (ASDETUK www.heficed.com, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storage.googleapis.com/lowsss/kembibi.html#5ltbrnunq31d74.PMNOoQjbdKFjBvtu?fmCw4sccml7VcxpXBcdc9kcpc3sfqfCFncbbb4Q
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-length: 147
content-type: text/html; charset=UTF-8
date: Thu, 31 Mar 2022 14:16:33 GMT
server: Apache

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 31 Mar 2022 14:16:32 GMT
Location: https://cannedclips.com/0/0/0/478c9369ce3232c3f0a3b3101b6c01d6/2_369522_2563267/1567_1288607_3412616_11/830759346
Server: Apache

GET
H2

200

Primary Request / Show response
iradiumclover.com/
Redirect Chain

https://caotingdiger.com/index2.php?id=106&s1=350616&s2=695852602&s3=3311&p=de2bit5j
https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

58 KB
13 KB

236ms
157ms

Document
text/html

2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Requested by

Host: cannedclips.com
URL: https://cannedclips.com/0/0/0/478c9369ce3232c3f0a3b3101b6c01d6/2_369522_2563267/1567_1288607_3412616_11/830759346

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec3db6e34fb9bd169162e5a2e7d392162f999587de3cb6e6f20b56da2a606350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cannedclips.com/0/0/0/478c9369ce3232c3f0a3b3101b6c01d6/2_369522_2563267/1567_1288607_3412616_11/830759346
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 6f49b41c98527353-MRS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 31 Mar 2022 14:16:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iex%2FMHTImynznqkFnekgmif8CvtzJR5daqCcu1mlwl8%2BgyKMu7CFjpaPO6s4PlkqXZnes1VqTzFXhy2xq4z1%2Bn72QEENnPUQF0WqTAznRNfCRk4GdkI3styA7ZyjQnIKCrl9b09W%2BIff55C5AI1WWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 6f49b41b1f8b0fe6-MRS
content-type: text/html; charset=UTF-8
date: Thu, 31 Mar 2022 14:16:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRsUlDJhc7OtKaed2SEEThByqE5rdKGXXe0%2BHifQCFrzB6g0mOHpUIBdYd16iW040Z6%2F07JQGmKq%2B0gUtTaPaZEBOWrZ2qoC8gGxRtNnSQhwDWQfH7qZZLncKJcQUW5vQakvrZ2UO7YTBxV52Ysd"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 style.css
iradiumclover.com/master/de15/ 144 KB
22 KB 54ms
52ms Stylesheet
text/css 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iradiumclover.com/master/de15/style.css

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6ababf497ab89b37ef19371fcacc5c1dbab0f5eb99fcc9c6e303a69149722e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCvbqUWui9047iyA5EEiyutI4aY5blOWtC%2BTr7%2BmEdRlbQFglmZXmF5SB9ltSM0VDMbxlGWNVo4REEN1cqgI9ie68g2w75RYz08jFjJXq4kQoZwxStNQ59c60OpXsWJSj%2Bmwo8UyZik2bUOX6xopxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6f49b41daabe7353-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ 95 KB
30 KB 61ms
25ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1876026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30360
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOujG9bLP2KIrwUNdkJOHOAvhwdB6MXeTvQQ8bpqw2XI2zGXv6a7eDieOZ9mBhjprtBa%2FyRUfsx7YRqH0gqqd1Mep%2B60RuZuEtLwhMdPuZ7KIX9reIIIshv5ux%2FuWOHc2z8kFzkK4Ao4y0RDcoepkMt6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6f49b41dda8101f0-ZRH
expires: Tue, 21 Mar 2023 14:16:34 GMT

GET
H2 200 msg.js Show response
iradiumclover.com/inc/ 941 B
729 B 44ms
44ms Script
application/javascript 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iradiumclover.com/inc/msg.js

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfb6708f8e8d5277007f904e261d1e4c7dc1c9240b04bbaccf4ddf472b3cc95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60714
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 13:35:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4Bqvpe62WC%2BgT8dn1L7rmh%2FMLYrO8b6SfRhP6Y8dOtwk3HzaqwKxOOlbFJLPNjjFNNDrBQLGUpA9o4qCtwoJoUv9rmYF32LaBLVhjM2bBKfE7Pz7mSYrV3DiJ6pD9u9AiqLt0G0qPSY9Fm63q2gQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6f49b41daac07353-MRS
expires: Wed, 06 Apr 2022 21:24:40 GMT

GET
H2 200 fbcode1.js Show response
iradiumclover.com/inc/ 2 KB
1 KB 43ms
43ms Script
application/javascript 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iradiumclover.com/inc/fbcode1.js

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60714
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Oct 2020 23:35:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RJ3usOmNgRoDDWlMmhiv1dq8teNxC%2Bq%2FxxurzxaWFBtzA%2F3iE30JQFIY0MBH9PNuWsX939scxuGrfXECZVdqKOo2WcLjI3lKUg0xXTooSQiP9o%2BMeLckNPFT6nZ6q9jmjFWoWSbWeZF8m%2B270xpxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6f49b41daac47353-MRS
expires: Wed, 06 Apr 2022 21:24:40 GMT

GET
H3 200 logo.png
iradiumclover.com/master/de15/ 6 KB
6 KB 39ms
39ms Image
image/png 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/logo.png

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abfcb1683ba86df7a394fa39d6691eb207910eba690609687009a06e671c720e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5768
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIVuWlOXQoZzlF1w%2BmEn6G7%2B%2BzIpkLsow9d5C0GS2gpA9O37LD9Ml9M2A8pxT%2FdWOMAy4Ua3d642B9fsIxXmjum8ZtOvPo%2BWeX4v2q1QzTBZSu2suqIKOrTKs3HFaPgguTXarD2SuneQ7ysbDB78wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e2e415fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 cegrc1o7f3llvodpyray.jpg
iradiumclover.com/master/de15/ 18 KB
18 KB 303ms
300ms Image
image/jpeg 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/cegrc1o7f3llvodpyray.jpg

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f462d3a1e8980262d49048bba0c93026ddb913f5d6aaf143ccc24eca599a8bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18280
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 12:59:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzQ4PB2QdUwZWUaSqi2gOYLahmzoRehV87RlhXXx6Ex7DSsgY1oZ7GzH5w3NzvgqNsiO%2BGxSC4fV2jzX9%2FlQ097bLVVOre1nxvcvossv5aiz4YoZBWqhP0vspBbk6eGsJGyb1rAq7EwDrCdP0Cf2MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e3e745fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 jgc2qdsl7f0wbpyk9nap.jpg
iradiumclover.com/master/de15/ 62 KB
63 KB 48ms
44ms Image
image/jpeg 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/jgc2qdsl7f0wbpyk9nap.jpg

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

366ad4833759e25882be6e4bda26ff2c41d2b4e7abf5407ea116db7cffadd3a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63423
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qorb1RlNxIPoh5AMxiKqTCEPSZRb23PjXXZIonYVTsbI3cAE1tfGoZYMOpvZxK52uXtA19Yx1ugmS%2ByiuiaDFzM%2FznsCKQNtBQWhCIqz8Xhdgu%2FywQUFM1pLsJiS6vAdx%2FjOQ3jNImMDPf3pxzUBFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4e825fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 jwccfgscfkwc894gdtcg.jpg
iradiumclover.com/master/de15/ 98 KB
99 KB 158ms
154ms Image
image/jpeg 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/jwccfgscfkwc894gdtcg.jpg

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41752456f575261890a6230c09bb11710a55f7878088cf4a6496db4982414fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100228
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 12:59:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmsXLn%2B54P2jY8Y7ODbdJ5vXZXEM%2Bh0czq1rQvFv9Pe9nz9sJuoGqIvfXbvt0euGDhvVIdvoMpB6qys2w2utKR5wje25o6wolN%2F%2FnegIP18CNSj3tCeVmlDWF30sFT6J30AVvEr%2FhjNaU93cBn5dMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4e855fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 dyxpm6j17qfnmnhj9rdc.jpg
iradiumclover.com/master/de15/ 37 KB
38 KB 125ms
121ms Image
image/jpeg 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/dyxpm6j17qfnmnhj9rdc.jpg

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83d701bcb601f5363e1fe9da6a2ed3111d4fdc42c784d14c3c1d954abafd4082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37944
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVKTPXDli7wvJybqqcS%2FMUxJ0nIPpIJaeu5dru4ntya34fU4qzkHQDcY8DPQn%2B%2BM67FjXZcGZUhHk6HBLVgVjKib4Kh500W48J9WPNNpCfDVr3rjuStyzW7eQjKzM9AyPvgWZ2OFV8L5LyyqEMMNCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4e875fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 xjfu04hzwv1fubhhu6l7.jpg
iradiumclover.com/master/de15/ 82 KB
83 KB 108ms
103ms Image
image/jpeg 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/xjfu04hzwv1fubhhu6l7.jpg

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6bd6a6b49896da68970bd62dc8c05c2de2e82b70862894950ffc937fa80793e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83860
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUSF%2F%2BTkGzQ43l5EZU7jQ%2BTHRtlJZp%2FctQjH4XilNg28z9pJuMVWOhf72QZRFxLHmR3xim2SV0Xxg1eJsNeNFIJYNWZoToGtsmSb6fBAxcgN75Q9xb1cedhIZ4A86tlMkRSqRzv0XfycfTQ5u1%2FTgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4e8a5fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 ulprhvedsgozq6r6gy8t.jpg
iradiumclover.com/master/de15/ 91 KB
92 KB 98ms
93ms Image
image/jpeg 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/ulprhvedsgozq6r6gy8t.jpg

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf5189504db2989e3793ea49c8896d16257f1c7c4e3ae1764e6b25e946c33ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 93534
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSeRGpgFELJ2chHgHi4%2FB4CZzj4kbITgj%2B%2B25yAH052bBAmTsD0QoGX0Fbg4qPshfgFgygt2QRfECVXKyuzuIz11SjVa0PlaMT0ITiFhaEhJwlCL%2F8LhMaAzAP1VFvgVukKTUIoEDHl0Ol8%2B2HA%2F5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4e8f5fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 l4tebgz5cuohroqtccyi.jpg
iradiumclover.com/master/de15/ 96 KB
97 KB 50ms
45ms Image
image/jpeg 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/l4tebgz5cuohroqtccyi.jpg

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41df49a648ccd2386a5e32c674dc5979c069ec87359fb60aaec80eabec26c614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98681
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2Bmjzy0bNg0KnMepX6xQGYhw3WCwhG4MkLFZPiRiOt2HqN2KmZhL9yMguBejLON55kXI17AeZ5jrmsEJrWOhCFdFN1IjxnSOk74ONC74hcVn4K0DufKCHklxtUxVzHew2Nc8NcqprxsWOpqio3FE4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4e945fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 BitcoinEra-DE.jpg
iradiumclover.com/master/de15/ 124 KB
125 KB 422ms
417ms Image
image/jpeg 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/BitcoinEra-DE.jpg

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd58e72e704d7dfef22936fc812aefe7e1c7984624fd516d49f15d115d563da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 127264
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lrCpWIWZ10LvLUP7ARQIVKh9sr4NaMENR8gwMX45Lw2UF97U2koWIS5Ht00%2Fte2LZ6LDupdOXgkenmtAqYnjiJOAtRR4hcjh%2BuD4s%2FlHnxQTW0xL%2FoIiqIuioGqAjKZ5Pg45X4HICEjJ9%2F%2ByHLSkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4e9a5fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 step.jpg
iradiumclover.com/master/de15/ 28 KB
29 KB 525ms
520ms Image
image/jpeg 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/step.jpg

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83294d9755b784dcdd40202480359f828eacac3a0edd11647c26761ab56575a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29049
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1v1Wlwe8tqMNB7WwoDmdQ7f5noVK6dH6kkcuCJoifs7UJ14EnVAIo5smq%2Faf6XfWsD254aoXkle1AMO8uo6aPJDrN8Lsd7vzNdDsyf767%2Fllc9yHKv%2BWxBScaXhQOHWMBirwt2E4OaPnN3O87bpvzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4eaa5fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 step3.jpg
iradiumclover.com/master/de15/ 34 KB
35 KB 528ms
524ms Image
image/jpeg 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/step3.jpg

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7080960827e86452ae31d6c3f46184c38114ab3e2c620b1548b368faec027faa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35090
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7%2F99kAPaQRpbD2BEKBp3btQnJ%2F5aAPqbaRffcW4RcKbwZm5xm54oR28Ywjiy4UTQNY8lcFz%2BDrgzMA3GVdmAboiEyc8Lb7RlsvoR5Vqwsf9HZGdKRkCjPzh1U9bbzzNCO7b09Lfziwgyu47qq5v3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4eb15fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 l7kp6sagzvgjamrhi0w8.png
iradiumclover.com/master/de15/ 14 KB
15 KB 562ms
557ms Image
image/png 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/l7kp6sagzvgjamrhi0w8.png

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34e9721b7dd959abbcf2550c0e7466b1b4b574b6a192e7104dc61fd151e9778a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14719
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJvm7oYryW797UMbf57IWLp2vZIY%2BqlARX48CDBmFNYmzFfAK1tjgqn3Qio9YQ%2FvnrMrw1qdZGqjKqJjYTjCOXA%2FAopEDbOXqIiYMs0xUJZglFnWeI8lSY1FCjCZtVWZMy0vw75pDDeB8QVNHkH1bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4eb35fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 ainicniusbw2nyx3hlfi.png
iradiumclover.com/master/de15/ 110 KB
111 KB 571ms
567ms Image
image/png 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/ainicniusbw2nyx3hlfi.png

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a45f19b688a0004e406f8d2d2b6333ea0ed2aca5e2d8f0e230356932ebcf124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 112597
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 12:59:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24ACZm12PKNRZuXvwWNt47r1UKdSQpjbWAZrP1k1rAUgqRBVtjid1dcU2lWFQ5U2P7VN1P3cqKBpgH5Y9QWRNMMXSJRC4Ct9pb3L9ogdIylsNWP3W1FiKx0ZRkw5mGvfJ9C1X6P3vkub%2Bgy2O96yVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4eb55fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 xo0rgoorgbynpgw4kyqp.png
iradiumclover.com/master/de15/ 33 KB
34 KB 634ms
630ms Image
image/png 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/xo0rgoorgbynpgw4kyqp.png

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

960dd53b6f1e87e621300a289985b2a40b4b0b2ab59a5ea15a46619b7c75f298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33692
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzSaPvnxu3fdGDBfsS3MfKoJwHrbErJSUiOqdrdVq0X%2BVrfaf9ZAewSvcgipy%2FF8xJ7NUv4%2B%2BJHR8EWGAVHtMbRVx6cM%2B5yTTxEyLwsCXD0G68fcCDATVlOriC%2BnCg6okLjxZTqcppfu%2Fov1vRmeMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4eb65fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 ooo3goob2pv5nlmdwwas.png
iradiumclover.com/master/de15/ 28 KB
28 KB 663ms
658ms Image
image/png 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/ooo3goob2pv5nlmdwwas.png

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bce535ef3c40a99c5e9bc7e701ac62332e089c1205f18e95a6ef0f88a149f921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28409
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tf6V5Put6cTQ9WRNsE2Lj%2FQ9H2fagJzlX5UWFx5EHGOHal4QaNUDPIq48O6QqGXYxn3TH5xHvf0ArluylPXPrCRvtx1TFUaavYrCDgdk%2F4G7u4d5SK7LTqDUjyi51vXfAwdGbrQRT%2BSm8d3Ajrb0IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4eb75fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 jfn5vt9dszilcurtwjlo.png
iradiumclover.com/master/de15/ 37 KB
38 KB 687ms
683ms Image
image/png 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/jfn5vt9dszilcurtwjlo.png

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad7ac574660d64cfe9ae8b3f42ff972e2fcf949923887f5cbb50b118be31321b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37777
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwV47wtO1S5Y3drscI%2BnILXzdOXnjUGtBu%2F6LoRZp5kGXmT1PCgPZhlXCTDmN0tdd9b1yxCZecljzo%2FNi4hNWq3DFug8tLIJEsB4iDhFmG3HZHVG3FeouXCqxsbrcP3yfoO%2F%2FKolTlro9pvTf1Masg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4ebb5fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 wy3fkittrrlvgut3odp2.png
iradiumclover.com/master/de15/ 29 KB
30 KB 696ms
692ms Image
image/png 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/wy3fkittrrlvgut3odp2.png

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a1521dd1aa24a81cd8d81de20b0cf93ac00256a93d3229fe842e4bc97ff1f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29596
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOitsIV%2BiB2tlndpZSAXDqxnT87y6ah2qwUvRFhMCtOFZbvQnyQsia6Oq9rpGv14SDQGrIbrra46U3sI%2FWoldyP32BUkreIkx9E35sF8PQ3dG%2FUKYyYLZ4DaZqdZGzrtqCbMVlvre8E3re6Jk4gsAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4ebd5fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 kdsy10yyahownwemccbo.png
iradiumclover.com/master/de15/ 27 KB
28 KB 717ms
713ms Image
image/png 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/kdsy10yyahownwemccbo.png

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a8860ba398e1cf4ad7bfe6c4fb757d3a35e672133ec0f04974afaeed954e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27562
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlBMmiaBw4jK6J9fcBrqC6Jrz3dW%2B%2Fl6Jiro5sOrczK8DWYzfQ93rxKdmpKJLIBzndQlXJmAXi3q29XJwTg65iBSv76fmczvoG%2BlQ5nGamDwBFCwgcFe%2FPHHg0%2B8p2UaPT9%2Fn%2BHGFV6EG7H0swQY7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4ebf5fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 checkmark.png
iradiumclover.com/master/de15/ 341 B
962 B 748ms
744ms Image
image/png 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/checkmark.png

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 341
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 12:59:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FX8qM0wJcO7lrKq95eBPjEftG4gkCxU89cw%2Fc4dNPY%2F2bTvkLqefqyuKm3fgReOUdTU3am3cLo2WbNrUvqEgxFwhngyZhQpti5RiKzYeg5UlvvM7WHg7Vq4FKA%2F5sL3Idtnwy5qsnfKb4kwZ5TswnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4ec25fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 n4donflljypzf0jwaysp.png
iradiumclover.com/master/de15/ 58 KB
59 KB 748ms
745ms Image
image/png 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/n4donflljypzf0jwaysp.png

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f675499ffaf054f11a5d788a7e34ef48d5cd103582d9a31dd1fe313585aa89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59335
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 13:00:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGDPuwBP4ASz1%2BMT3UncvGOUobdi3wst9hind7NXzZhx%2BepsxIJ3j1XQd8TETfpcDWWn6FPpuYTMx%2FtooXHrMa2PS3%2BxtT4BW3KYy3aZmRR68tFMofEMgf%2Bi4RHKeJsh0U8VpbYUUt3d6FZolu2xsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4ec55fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H3 200 hiqtte24snwgkglyozuw.jpg
iradiumclover.com/master/de15/ 26 KB
26 KB 779ms
776ms Image
image/jpeg 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iradiumclover.com/master/de15/hiqtte24snwgkglyozuw.jpg

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c6d97f1438bf8a9b440a190d26505b91c0848becdcf86f348757b72602baeb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26162
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 12:59:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXMbhVJP7rduMAgqxP4u3sTg4nyIqD03lc5fdDRGeY8BBTOCwyMJequiKgYOSSt0q1xeONFxo48OAvzHF5wpfDT0maFbb%2FiUJtXd8UI7pD0FFK%2BeKJFPMNescnh68xk7130%2BpvKBoAZEjW25Psrc2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6f49b41e4ec95fac-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H2 200 jquery.css
iradiumclover.com/master/de15/ 736 B
594 B 32ms
32ms Stylesheet
text/css 2606:4700:3031::ac43:9a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iradiumclover.com/master/de15/jquery.css

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:9a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12e27f26a533841c770aac2ca7bb005fd114483d25bc54a736fe02419d3b4f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 12:59:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GX34IIQqI20jACnApWC3bVKCzxxiiDfqwdr9Vo0N1Ks99WTr%2F0oZK0xS9LaOjA8syFPgkdweb%2B5ZSsBfvwfEJDWmmnrnfBxxJfifMtF7ZU1xuuA7rccxBzxmuj%2FAdi2wvX0PxZq%2FSt1TVgcBborYKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 6f49b41dfb757353-MRS
expires: Thu, 07 Apr 2022 14:14:42 GMT

GET
H2 200 v9e118mez8 Show response
trk-tempore.com/scripts/push/ 7 KB
3 KB 291ms
228ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-tempore.com/scripts/push/v9e118mez8

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/inc/msg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa4b74cc94b96ff49ac4462f2a335fcaf85777e2a8857b805d08da763d8647ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCV33eGVgUuy4Nn8q6OzjRfYYQEkSvJ4IjyLfBprP4Sa4ZzNaIBxgiUlq2PpbWnEr7ijQtqOXsO0HJD%2F0xhyHsitEXdPBeVA6NT2QGdhq1WGQXGR4CBiziITBgxZHpjgw6QaTT0jvzF5%2BFZfVyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray: 6f49b41e9e90102f-MRS
expires: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 26ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/inc/fbcode1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: wlhzZQf9qHXPnaJGYVKk2kme0C78SyztVE5nR1skymLfqQT4hOeOjPERm6qfNwJ+/unE9g1VcrIcYlXrlKuwlw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 31 Mar 2022 14:16:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 17 KB
7 KB 57ms
26ms Script
application/javascript 108.157.5.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: iradiumclover.com
URL: https://iradiumclover.com/inc/fbcode1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-251.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: f2f087eac841d5433c3c3fa9ea481b474ff8370b9d9eec1ace18f0300a76ffd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: DUS51-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6336
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
x-amz-cf-id: On_NCNE1wZPjPYllELxFITKuFVU7EbPcKX6oyV8lxMNPyCObii66eA==

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 15 KB
5 KB 164ms
112ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1648736194259
Requested by: Host: iradiumclover.com
URL: https://iradiumclover.com/inc/fbcode1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 606b7e1c-fb44-401a-bc2b-875b81b49244
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 6f49b41e8d6c999f-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare

GET
H3 200 399694290689525 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 271ms
263ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/399694290689525?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc91b0986a320ec9eb4673ab29cb08ed6aeb32e643db95401fa8f1acee8f1a56

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Gi+q1rB2+/LU3Zma0GauycG10dszWgaiy+zWXww34l2Jp15UnQc1x+IJgcKM5fnpwH4xrYFP/oEBPkVXmlF8kw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 31 Mar 2022 14:16:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 46 B
313 B 46ms
22ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=cc25c7df-1e44-4f51-8ff1-8c175d6334c1

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

6ca85050a0100ca28b3ab77cb0e059dafe18082b35e45ac2d9fc77aca5857775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame B76D 0
241 B 37ms
21ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 31 Mar 2022 14:16:34 GMT
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

POST
H2 200 p Show response
tr.snapchat.com/ Frame BDBC 0
207 B 25ms
24ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://iradiumclover.com
Referer: https://iradiumclover.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Thu, 31 Mar 2022 14:16:34 GMT
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

POST
H2 200 p Show response
tr.snapchat.com/ Frame 29D6 0
188 B 26ms
25ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://iradiumclover.com
Referer: https://iradiumclover.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Thu, 31 Mar 2022 14:16:34 GMT
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
273 B 147ms
124ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=507061&type=c&tg=&r=https%3A%2F%2Firadiumclover.com%2F%3Fc7005af1397b0e74e287f49b2167f5a7&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1648736194440
Requested by: Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 6f49b41f7ef399fa-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET service-worker.js
iradiumclover.com/ Frame 0
0

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 24ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=PageView&dl=https%3A%2F%2Firadiumclover.com%2F%3Fc7005af1397b0e74e287f49b2167f5a7&rl=https%3A%2F%2Fcannedclips.com%2F&if=false&ts=1648736194644&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648736194643.2108795774&it=1648736194332&coo=false&rqm=GET

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 31 Mar 2022 14:16:34 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 24ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=ViewContent&dl=https%3A%2F%2Firadiumclover.com%2F%3Fc7005af1397b0e74e287f49b2167f5a7&rl=https%3A%2F%2Fcannedclips.com%2F&if=false&ts=1648736194646&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1648736194643.2108795774&it=1648736194332&coo=false&rqm=GET

Requested by

Host: iradiumclover.com
URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 31 Mar 2022 14:16:34 GMT

POST
H2 200 v9e118mez8
event.trk-tempore.com/register/event_log/ 0
0 439ms
138ms Fetch 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-tempore.com/register/event_log/v9e118mez8

Requested by

Host: trk-tempore.com
URL: https://trk-tempore.com/scripts/push/v9e118mez8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iradiumclover.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 31 Mar 2022 14:16:36 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3A1XpRvoFeFNjxn08grXi%2Bu2dIl%2BvS5VKDX%2Bz47OxMB74MiTVZb086wHRFxerJQzhw7aUZBNWcR5zN8FWgLOCrWb2cIjRO%2FgGAjavGyBYq7E0vnG5sqxxfaEYwi8sWOIF1ay8ozPGHNZLmIIz3J2lKRrKw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://iradiumclover.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 6f49b429a9f81012-MRS
x-pushplatformapp-params

OPTIONS
H2 200 v9e118mez8
event.trk-tempore.com/register/event_log/ Frame 0
0 296ms
234ms Preflight 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-tempore.com/register/event_log/v9e118mez8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://iradiumclover.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://iradiumclover.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6f49b4264c881012-MRS
content-length: 0
date: Thu, 31 Mar 2022 14:16:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9TWWyT%2B3VVKbBRnGI27AD%2FbvZsuuaXOpTcry790wW4N%2FwCPCIvSEkkkYYb66dDRcDPGKfzNoErLncKn9hidp9Z1fEwMZT2HRgDEHYW0vjGdgbMW8f0xoOZHl4YLO4Ipmu2bgQ8bY1a0PnVcRHms1jxQGiQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H2 200 v9e118mez8
event.trk-tempore.com/register/event_log/ 0
0 439ms
138ms Fetch 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-tempore.com/register/event_log/v9e118mez8

Requested by

Host: trk-tempore.com
URL: https://trk-tempore.com/scripts/push/v9e118mez8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iradiumclover.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 31 Mar 2022 14:16:36 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLadZRohMmwdvMrFL9yMMCyW5RPg0BFpnZNUAEXnmFxpo0MDBT7Dm2EXS6FthDHeJQ2vRM42SWULUCmwiirjcHHh9bVGAK%2B9G7r4MT%2FBmuw4SAStJ4VvWtkMRMNR0wvBFWSWr2ymKmL3uhytcySk9L%2FiR5s%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://iradiumclover.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 6f49b429ba161012-MRS
x-pushplatformapp-params

OPTIONS
H2 200 v9e118mez8
event.trk-tempore.com/register/event_log/ Frame 0
0 307ms
245ms Preflight 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-tempore.com/register/event_log/v9e118mez8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://iradiumclover.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://iradiumclover.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6f49b4265c8e1012-MRS
content-length: 0
date: Thu, 31 Mar 2022 14:16:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRgZYPFqhNtUITonQQ%2FRGgwGc0n1y2M3gkCgGfmFAUxHe2z14M55ZkOzkuA7Sgez59ar9sA0Esoq1i9pXvtcFzIB5e8KsdS800J5F4NN%2BPgNPo20D4xiK3MnHsdmiDUXo7GHTDFP%2Bl7GtIueJUOC7%2FoVNDo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=Microdata&dl=https%3A%2F%2Firadiumclover.com%2F%3Fc7005af1397b0e74e287f49b2167f5a7&rl=https%3A%2F%2Fcannedclips.com%2F&if=false&ts=1648736196147&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22ZDFmediathek%20-%20Die%20j%C3%BCngste%20Investition%20von%20Lena%20hat%20Experten%20beunruhigt%20und%20gro%C3%9Fe%20Banken%20zittern%20lassen%22%2C%22meta%3Akeywords%22%3A%22Lena%2C%20Banken%2C%20Investition%20%22%2C%22meta%3Adescription%22%3A%22Bundesb%C3%BCrger%20verdienen%20durch%20diese%20%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=2&o=30&fbp=fb.1.1648736194643.2108795774&it=1648736194332&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://iradiumclover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:16:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 31 Mar 2022 14:16:36 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: iradiumclover.com
URL: https://iradiumclover.com/service-worker.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online)

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 02:00:22	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
cannedclips.com/	1970-01-20 02:42:08	Name: uid3311 Value: 695852602-20220331101633-aa12661f6ba9e8b4eb0bd011b35ea212-
caotingdiger.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 310115fd2ad18c961bfcb7a7641aa824
iradiumclover.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3ef7ae2503f3093dc56481ee744e0fd2
.iradiumclover.com/	1970-01-20 11:28:42	Name: _scid Value: 9144369f-91df-49fd-b5a9-f037c0cd485f
.snapchat.com/	1970-01-20 11:20:32	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIQgEsIlIOOUPGEfDMwXD294NA/WX1vrEEFeiOoUZXqvDj3EGtPBNpI0+E08fTTIAAAA=
.mgid.com/	1970-01-20 01:58:57	Name: __cf_bm Value: 2544931f41eb1c6f352bb19647cd1bd71fcd29cc-1648736194-0-AQZr3eP+qzhsDPqOjzZV4HVDpeFrWaYZiFeQcUzjhSLDbZLVay0vWTJ8RPX0cnEVLu/3X774J4wnEGYQFl1h4PQ=
iradiumclover.com/	1970-01-20 04:08:32	Name: MgidSensorNVis Value: 1
iradiumclover.com/	1970-01-20 04:08:32	Name: MgidSensorHref Value: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7
.iradiumclover.com/	1970-01-20 04:08:32	Name: _fbp Value: fb.1.1648736194643.2108795774
.facebook.com/	1970-01-20 04:08:32	Name: fr Value: 0gfrjieQb9FbR6t7j..BiRbfC...1.0.BiRbfC.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://iradiumclover.com/?c7005af1397b0e74e287f49b2167f5a7 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
cannedclips.com
caotingdiger.com
cdnjs.cloudflare.com
connect.facebook.net
event.trk-tempore.com
iradiumclover.com
poweredchannel.com
sc-static.net
storage.googleapis.com
tr.snapchat.com
trk-tempore.com
www.facebook.com
iradiumclover.com
102.129.133.21
104.19.136.78
108.157.5.251
2606:4700:3031::ac43:9a85
2606:4700::6810:125e
2a00:1450:4001:813::2010
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3120::7
2a06:98c1:3121::7
35.186.226.184
45.158.10.66
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
34e9721b7dd959abbcf2550c0e7466b1b4b574b6a192e7104dc61fd151e9778a
366ad4833759e25882be6e4bda26ff2c41d2b4e7abf5407ea116db7cffadd3a4
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
3f675499ffaf054f11a5d788a7e34ef48d5cd103582d9a31dd1fe313585aa89d
41752456f575261890a6230c09bb11710a55f7878088cf4a6496db4982414fd0
41df49a648ccd2386a5e32c674dc5979c069ec87359fb60aaec80eabec26c614
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340
62a8860ba398e1cf4ad7bfe6c4fb757d3a35e672133ec0f04974afaeed954e9f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6ca85050a0100ca28b3ab77cb0e059dafe18082b35e45ac2d9fc77aca5857775
7080960827e86452ae31d6c3f46184c38114ab3e2c620b1548b368faec027faa
7a1521dd1aa24a81cd8d81de20b0cf93ac00256a93d3229fe842e4bc97ff1f50
83294d9755b784dcdd40202480359f828eacac3a0edd11647c26761ab56575a2
83d701bcb601f5363e1fe9da6a2ed3111d4fdc42c784d14c3c1d954abafd4082
8a45f19b688a0004e406f8d2d2b6333ea0ed2aca5e2d8f0e230356932ebcf124
960dd53b6f1e87e621300a289985b2a40b4b0b2ab59a5ea15a46619b7c75f298
9c6d97f1438bf8a9b440a190d26505b91c0848becdcf86f348757b72602baeb9
a12e27f26a533841c770aac2ca7bb005fd114483d25bc54a736fe02419d3b4f0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4b74cc94b96ff49ac4462f2a335fcaf85777e2a8857b805d08da763d8647ff
abfcb1683ba86df7a394fa39d6691eb207910eba690609687009a06e671c720e
ad7ac574660d64cfe9ae8b3f42ff972e2fcf949923887f5cbb50b118be31321b
bce535ef3c40a99c5e9bc7e701ac62332e089c1205f18e95a6ef0f88a149f921
bf5189504db2989e3793ea49c8896d16257f1c7c4e3ae1764e6b25e946c33ea2
cfb6708f8e8d5277007f904e261d1e4c7dc1c9240b04bbaccf4ddf472b3cc95a
d6ababf497ab89b37ef19371fcacc5c1dbab0f5eb99fcc9c6e303a69149722e5
dc91b0986a320ec9eb4673ab29cb08ed6aeb32e643db95401fa8f1acee8f1a56
dd58e72e704d7dfef22936fc812aefe7e1c7984624fd516d49f15d115d563da7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8098c6938d10947bf06e59e59b684daf1ef70c1e520bd7e6d4d85e28ee94f00
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8
ec3db6e34fb9bd169162e5a2e7d392162f999587de3cb6e6f20b56da2a606350
f2f087eac841d5433c3c3fa9ea481b474ff8370b9d9eec1ace18f0300a76ffd8
f462d3a1e8980262d49048bba0c93026ddb913f5d6aaf143ccc24eca599a8bb9
f6bd6a6b49896da68970bd62dc8c05c2de2e82b70862894950ffc937fa80793e

iradiumclover.com Open in urlscan Pro 2606:4700:3031::ac43:9a85 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

98 %HTTPS

58 %IPv6

12 Domains

13 Subdomains

12 IPs

3 Countries

1252 kBTransfer

1784 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

iradiumclover.com Open in urlscan Pro
2606:4700:3031::ac43:9a85 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

58 %
IPv6

12
Domains

13
Subdomains

12
IPs

3
Countries

1252 kB
Transfer

1784 kB
Size

11
Cookies

47 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!