voicelevel.top Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://poleescalator.cn/iocl4in/tb.php?jo=zf1669876272519
Effective URL:
https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Submission: On December 01 via manual (December 1st 2022, 7:05:44 am UTC) from IN — Scanned from DE

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 53 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is voicelevel.top.
TLS certificate: Issued by E1 on November 24th 2022. Valid for: 3 months.

This is the only time voicelevel.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3035::ac43:cc38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3032::ac43:977d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3030::6815:e8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	185.66.201.42 185.66.201.42	201702 (SKHOSTING-EU) (SKHOSTING-EU)
2	185.66.200.220 185.66.200.220	201702 (SKHOSTING-EU) (SKHOSTING-EU)
10	2606:4700:303... 2606:4700:3038::6815:eb4a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
8	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
53	11

3 2606:4700:3035::ac43:cc38 (United States)

ASN13335 (CLOUDFLARENET, US)

poleescalator.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

voicelevel.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3032::ac43:977d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::6815:e8e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnbun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.201.42 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: affilist.com

bonepa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.200.220 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu

uprimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3038::6815:eb4a (United States)

ASN13335 (CLOUDFLARENET, US)

263cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	263cdn.com 263cdn.com — Cisco Umbrella Rank: 218698	114 KB
8	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8474	48 KB
6	cdnbun.com cdnbun.com — Cisco Umbrella Rank: 293808	244 KB
6	jsdelivr.cc cdn.jsdelivr.cc — Cisco Umbrella Rank: 175815	103 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2610	451 B
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	378 KB
4	voicelevel.top voicelevel.top	20 KB
3	poleescalator.cn poleescalator.cn	4 KB
2	uprimp.com uprimp.com — Cisco Umbrella Rank: 165893	936 B
2	bonepa.com bonepa.com — Cisco Umbrella Rank: 201613	4 KB
2	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 9036	58 KB
53	11

	Domain	Requested by
10	263cdn.com	voicelevel.top
8	hm.baidu.com	voicelevel.top
6	cdnbun.com	voicelevel.top
6	cdn.jsdelivr.cc	voicelevel.top
5	region1.google-analytics.com	www.googletagmanager.com
5	www.googletagmanager.com	voicelevel.top www.googletagmanager.com
4	voicelevel.top	poleescalator.cn voicelevel.top cdn.jsdelivr.cc
3	poleescalator.cn	poleescalator.cn
2	uprimp.com	voicelevel.top uprimp.com
2	bonepa.com	voicelevel.top bonepa.com
2	1.bp.blogspot.com	voicelevel.top
53	11

This site contains no links.

Subject Issuer	Validity	Valid
*.voicelevel.top E1	`2022-11-24` - `2023-02-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-10` - `2023-03-10`	a year	crt.sh
*.cdnbun.com E1	`2022-11-09` - `2023-02-07`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
bonepa.com R3	`2022-11-28` - `2023-02-26`	3 months	crt.sh
uprimp.com R3	`2022-11-15` - `2023-02-13`	3 months	crt.sh
*.263cdn.com E1	`2022-10-11` - `2023-01-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Frame ID: 60874189405C1DE308315CA6905420FC
Requests: 51 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166987833797918&xtt=8090838
Frame ID: 812F645CFA52BFE5BD25C442D9B14929
Requests: 1 HTTP requests in this frame

Frame: https://bonepa.com/4fe48aebd6/4f59451604/?placementName=Flow&is_first=true&randomA=0_4533&maxw=0
Frame ID: 3B6C05FE5A58453749ABA667034D07DB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🎉⛽💵️️Kraftstoffzuschuss zum 65-jährigen Jubiläum von Indian Oil!🎁🎊

Page URL History Show full URLs

http://poleescalator.cn/iocl4in/tb.php?jo=zf1669876272519 Page URL
https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

94 %
HTTPS

73 %
IPv6

11
Domains

11
Subdomains

11
IPs

4
Countries

975 kB
Transfer

2128 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://poleescalator.cn/iocl4in/tb.php?jo=zf1669876272519 Page URL
https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK tb.php Show response
poleescalator.cn/iocl4in/ 1 KB
1 KB 88ms
69ms Document
text/html 2606:4700:3035::ac43:cc38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://poleescalator.cn/iocl4in/tb.php?jo=zf1669876272519
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:cc38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c2c3261b01f9e58f55f6cbe20fbcd6c41649e8ee04b6d3e506f285710d77910

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7729f9b339079188-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 01 Dec 2022 07:05:36 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPFETrl9nQs1PpXSVGwNnHefUQnI9eE5ZL54fwoQLcghfTek%2BFoScp%2FSSMnYJe0ZjCaEzECKjUPTqP9GL%2FmxJfOoNwh4%2FWE1JV3Ztx%2BfT504gr42FpkFkAB5jVlipDo9LLO8locYjUqEsR3JuWrc"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK og2.js Show response
poleescalator.cn/j/ 2 KB
2 KB 53ms
53ms Script
application/javascript 2606:4700:3035::ac43:cc38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://poleescalator.cn/j/og2.js?_t=1669878336798
Requested by: Host: poleescalator.cn
URL: http://poleescalator.cn/iocl4in/tb.php?jo=zf1669876272519
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:cc38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff399ce0e73811942164279fbe3a4c16b016e7a3b8098d0173e732c19c5c1d4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://poleescalator.cn/iocl4in/tb.php?jo=zf1669876272519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Thu, 01 Dec 2022 07:05:36 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 20 Oct 2022 16:09:56 GMT
Server: cloudflare
ETag: W/"635172d4-850"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BL%2FuPZ4zFE%2F3jmoQ%2BzaZAxioeVdBlfX%2FHQNKnRQDtwRAMtEHxe2JHgtIUCEroXV7vjKCJ%2Fo7Aqe6i%2Fbh%2BhwPrxkdGQzypPCGaCo90effpLwIJzQEhAXCu6hjQvLePjrep7Ue0FocKIsv%2B8ukU8Vu"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 7729f9b50d7e9188-FRA
Expires: Thu, 01 Dec 2022 19:05:36 GMT

POST
H/1.1 200
OK og2.php
poleescalator.cn/j/ 74 B
743 B 34ms
34ms XHR
application/json 2606:4700:3035::ac43:cc38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://poleescalator.cn/j/og2.php?_t=1669878336854
Requested by: Host: poleescalator.cn
URL: http://poleescalator.cn/j/og2.js?_t=1669878336798
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:cc38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://poleescalator.cn/iocl4in/tb.php?jo=zf1669876272519
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 01 Dec 2022 07:05:36 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gs1MAnmJvQWamuDIW6IrOELefyyV%2FwcttreKF0ua3NykWBXel5nQ%2BHTYYYsk0fsKUV2NJ1g7tn3nX81kjgC4hkyyc8pyjRT3lRoNWGXyrwzhTeUr1XsQGyUjAp3iVYNcDwqRBUwDX5%2Fp9B13mGzu"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json
Connection: keep-alive
CF-RAY: 7729f9b55e339188-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Primary Request / Show response
voicelevel.top/CfFPQDrS/iocl4in/ 90 KB
17 KB 81ms
49ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Requested by: Host: poleescalator.cn
URL: http://poleescalator.cn/j/og2.js?_t=1669878336798
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebbc4e879463fbbc9299fcd61a3f67c1f142cffd77c7ac1077557eefbab487d9

Request headers

Referer: http://poleescalator.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7729f9b5c8ab9244-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 01 Dec 2022 07:05:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXtQZQ5xPhmB7hT5lCfR59FEaP5epDm5xb0M4RORCLvB7DobO2%2F%2FfUdN2r9cG42ZKKBBcOXLisoT2uVoxzpdC623LuJWPQVRcOfODPM23RixDta4XZ55wyFCTUnBhzTbumaqbCim16GcIwgB6g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/ 87 KB
32 KB 77ms
45ms Script
text/javascript 2606:4700:3032::ac43:977d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:977d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 346
x-guploader-uploadid: ADPycdvCxHltiuPjHL-zbbsBVwle0-vgYS2_pOmv1wzzQZrGSBqUE4vr5WQ_17FuwcGb_O0Ved79CT2MXZTd7QgSd4c
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
server: cloudflare
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
vary: Accept-Encoding
x-goog-generation: 1647502217775195
content-type: text/javascript
x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ng3Fi45YQ1qyx3kDsKHJyLepzl1W48l7m2NfpvcAkrjY2dC%2BzBO3UqgydXlO7gOH5xl7Ott8k03pBIymw40TYQEjEqm4bPY3CvtHxDcsUJrOzYhs1hFwM12JVmVkQWYHJ3XIN9eV%2B7yvmlAi2hk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 89501
cf-ray: 7729f9b65b58995a-FRA
expires: Thu, 01 Dec 2022 07:04:19 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/ 62 KB
16 KB 64ms
33ms Script
text/javascript 2606:4700:3032::ac43:977d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:977d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4555d8dee9f8adc976e84a97dfe87e6bf5794b579f49bb56f133fed85f7d709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 366
x-guploader-uploadid: ADPycdv0chj5F1Awc6K7Usaiie2qXL87Fxg5kp7mYqQH9s8HWV5Nuv0HuTqJ2hz1F5xUG9MGapUfK4P-pfLXRasYr-w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
server: cloudflare
etag: W/"c99230d2575380d7f95ff626606d2426"
vary: Accept-Encoding
x-goog-generation: 1647502614200576
content-type: text/javascript
x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezbXqvJ5acWOhHF5%2FMIbsyEuQaIavON8jam7fKl19GVUhYq2uPbpxYznuAVpg1lNlp1SlrtXqHmCP62vsPPr%2BXI74Np9cmysx2RrjkBNzoal3EN8LRBQMWV7Q%2BuoVejqeZ4XFtwtJutokkhbtgE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 63473
cf-ray: 7729f9b65b5a995a-FRA
expires: Thu, 01 Dec 2022 07:59:31 GMT

GET
H2 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/ 71 KB
20 KB 72ms
41ms Script
text/javascript 2606:4700:3032::ac43:977d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:977d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b7274b0b5b7f411de46416a6c9941062f7a57aaf919fdeda367b5959f4ce8ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 366
x-guploader-uploadid: ADPycds_5oPtcr3KFpC_u7Lnvdlqz8VeCGxAgHcXFP3zMljDMh6Q0ifyAwrLV7e0dbEbUBwQbF9kY0g0GrHWdqicRh8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:40:39 GMT
server: cloudflare
etag: W/"80924b62e5b3ac73aa4849776b439770"
vary: Accept-Encoding
x-goog-generation: 1647502839791727
content-type: text/javascript
x-goog-hash: crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7G7vyRKGi0dxDopDJW45azRUx4%2BSF9OcOfTHDuFkdcm42jR8nNcTqqKgnqy7FATDDrk9faY9wLlsvpwSMunraO92t1RGEOCdS7rSgC1v14w%2Bt24yoRpjaO5xXql7niUiRYwzQPDtmZmwoSOX4fc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 72765
cf-ray: 7729f9b65b5e995a-FRA
expires: Thu, 01 Dec 2022 07:59:31 GMT

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/ 5 KB
2 KB 80ms
49ms Script
text/javascript 2606:4700:3032::ac43:977d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:977d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b219e4cd8f8f9216f159285019be30d6bfe475d92ca30b3561551aaa2174751d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 366
x-guploader-uploadid: ADPycdtR3AgAIN3_QYAw_67mnc51aKbU-2aPQ-R-QSkeTj3nsSu1Jsaz2TdmBL4OvQNJlTeYbHR1kd1BX1amk8hCkho
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
server: cloudflare
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
vary: Accept-Encoding
x-goog-generation: 1647502963816044
content-type: text/javascript
x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWNgUqF%2Bm2lnLg3HtRnOHp7JFrKbqZL4nRx266IP3GlCemxRbgMTlx8jNVbr%2FJHx4SvvPT6BFKtIGTiKvQFdafulzGgRhiTuPxdPkBIPBjlCQWf7HT%2BNxt3E73cCykbiGbL5Z9I%2Bz6KLXGVXq78%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 4798
cf-ray: 7729f9b65b60995a-FRA
expires: Thu, 01 Dec 2022 07:59:31 GMT

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/ 21 KB
8 KB 73ms
42ms Script
text/javascript 2606:4700:3032::ac43:977d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:977d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e290dc4993b9ae7d34440db26be412b4bc4547a48ff635750d400164665d7fa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 349
x-guploader-uploadid: ADPycdu1_c45kD5Yfcahhyee5k60gFdhKF0DCxZU0gsZaJj5VB2X1mJ8GPzxrK27ja8jtIuK1TM4NgHxSepdplcvatU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
server: cloudflare
etag: W/"31c898c6d2ea13c30441657ff1900d81"
vary: Accept-Encoding
x-goog-generation: 1647503084523089
content-type: text/javascript
x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeMiXw0Bwz040fKdLWuRzqmd6QaVBbW2gFevzPcPwRCw3KKw8PTCB6aPxgkoGpz7tj0hOpzpU2mC1BlYxdL8RKhPYHCMgukXnE3qFofJy%2BA4HOt70UdKwsseWka4EILz9sptdS9bhdjm6X%2Bs%2FY4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 21236
cf-ray: 7729f9b65b62995a-FRA
expires: Thu, 01 Dec 2022 07:59:48 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/ 158 KB
25 KB 65ms
34ms Stylesheet
text/css 2606:4700:3032::ac43:977d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:977d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d7a9043f4bed303fe2974ac4e3ba10d6b214e70f7ae549786ba2d347de05f81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 366
x-guploader-uploadid: ADPycduCHwg6n53VPzNb_-57qJzhoPJbEBdMgpsWgTX19t4NIh3Tdte6MCXenDGQTAuiJrpSRG3G9WDZErClLNvZVXhXccOSWw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:38:12 GMT
server: cloudflare
etag: W/"feba0d0760607b9e21393156949afcd9"
vary: Accept-Encoding
x-goog-generation: 1647502692716912
content-type: text/css
x-goog-hash: crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbFk%2Fd%2BAiWt0xRiY1AhXRMJ1dKQJv62sQ1%2BgqqwiU59bT40RSajEGMxDnP8RVhv4Oj3VVT%2FM2yHKE%2FUYPK9tY%2BgCdHCRF%2FbZ%2BCZO4zB7bh3C95aPmDMih1TCRrPh7PL3SbjJ0wbFnxA2bXFPyJA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 161415
cf-ray: 7729f9b65b53995a-FRA
expires: Thu, 01 Dec 2022 07:59:31 GMT

GET
H2 404 ioclin..png
cdnbun.com/upload/ 0
0 231ms
198ms Image
application/xml 2606:4700:3030::6815:e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnbun.com/upload/ioclin..png
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

GET
H2 200 ioclin.heb.gif
cdnbun.com/upload/ 120 KB
120 KB 67ms
34ms Image
image/gif 2606:4700:3030::6815:e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnbun.com/upload/ioclin.heb.gif
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13b780287e71a5498375374bde62b7cc0d6e00587dc435067615d1b58a54bde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 697
x-guploader-uploadid: ADPycduDd8n6D7apgAbSWMHT_k19lkO0O2L0ZqfIdTx-P7B2mZJ7ac8INjxQ6kdFujUnhPP82sgfQKC0SlN8zkxksEm5hjplZl8X
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 122720
last-modified: Tue, 22 Nov 2022 10:10:50 GMT
server: cloudflare
etag: "07abf41ac3f73f2c7eef05543c498a76"
vary: Accept-Encoding
x-goog-generation: 1669111850276438
content-type: image/gif
x-goog-hash: crc32c=XcGnIQ==, md5=B6v0GsP3Pyx+7wVUPEmKdg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7KywI6grLyS%2BPJICDskOWaU5ctvvc9wOEu9hASfencXY%2F2yti43PevRG0a4BfEdxuAPhlruUZUPnwjjHFd8kBSkIxjgcFkHpzEsZhsDnwQ2k2GTZrPWweaXu7lv5aHXUhrS2gftcwb5"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 122720
accept-ranges: bytes
cf-ray: 7729f9b6fb8a5c92-FRA
expires: Thu, 01 Dec 2022 07:54:00 GMT

GET
H2 200 ioclin.img.jpg
cdnbun.com/upload/ 62 KB
62 KB 73ms
41ms Image
image/jpeg 2606:4700:3030::6815:e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnbun.com/upload/ioclin.img.jpg
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a673dbdc684843aa3959a6f58e4bf0f000674a8a1e2a48d5b14a05fa55ef57f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 751
x-guploader-uploadid: ADPycdtu15u3uBdib8f6OVDlDlJrEvq97zcPjCiLCOBllYdRcI2wmh7De-BSLqB0z_qDdzp9I9_lJ_Y5ZCclAVbPa2WySA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63142
last-modified: Tue, 22 Nov 2022 10:10:50 GMT
server: cloudflare
etag: "a4ecdafe8af3af4d5631f31968df1879"
vary: Accept-Encoding
x-goog-generation: 1669111850303102
content-type: image/jpeg
x-goog-hash: crc32c=UOS5WA==, md5=pOza/orzr01WMfMZaN8YeQ==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1Y9y0PL6gk134YTNpZU7bvOslUGH6fun9f1kf8rBZnRvVgnMD7MIW13t4XkOHQGn7tS2v9W%2BPdSXhI%2F4fiImcqykrOW5eCdpysc3p4AGt4vhtOETbKpium%2Bu%2Be%2BKHYTL2yxcP6w0Vry"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 63142
accept-ranges: bytes
cf-ray: 7729f9b70b8c5c92-FRA
expires: Thu, 01 Dec 2022 07:53:06 GMT

GET
H2 200 Germany_outbox.png
1.bp.blogspot.com/-mhFwYo28B2Q/YKppmIsu7ZI/AAAAAAAABgQ/c7DWa0Yxwm49LJDcNEkzDr503wyn4hLtACLcBGAsYHQ/s16000/ 44 KB
44 KB 48ms
8ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-mhFwYo28B2Q/YKppmIsu7ZI/AAAAAAAABgQ/c7DWa0Yxwm49LJDcNEkzDr503wyn4hLtACLcBGAsYHQ/s16000/Germany_outbox.png

Requested by

Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b7f1ddc36af29778df73a309d2861822456de3eb416e6921a5c44e68435a42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 04:28:39 GMT
x-content-type-options: nosniff
age: 9418
content-disposition: inline;filename="Germany_outbox.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44729
x-xss-protection: 0
server: fife
etag: "v605"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 31 Dec 2021 12:31:33 GMT

GET
H2 200 ioclin.bix1.png
cdnbun.com/upload/ 36 KB
37 KB 73ms
41ms Image
image/png 2606:4700:3030::6815:e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnbun.com/upload/ioclin.bix1.png
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0589130e2f31c00eddc807b3b8a51b8a039ab6409fcb6c1517651b2329432d7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3368
x-guploader-uploadid: ADPycdsaOcOAjOtxPbSDq3FvvPxZYiC8EhME87JCo3tRCZuobcbd62j8Yd-rG-nS53b6HK3Pfk0YFwVI-ySty6rRKF-elg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37263
last-modified: Tue, 22 Nov 2022 10:10:48 GMT
server: cloudflare
etag: "c4dba57c59c318313e2bf31adba390b8"
vary: Accept-Encoding
x-goog-generation: 1669111848369494
content-type: image/png
x-goog-hash: crc32c=9pfwgg==, md5=xNulfFnDGDE+K/Ma26OQuA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebiibJ8kH0dfCsvaIaUK5MJ0rjQYOSW5Lh3uDl%2BHvpmiF%2FJgBQoHNr32vAhp%2FdN0CMvo7I7zvK6v%2B6gp5%2BLKQKByBmeuOtpEQ1BDTcsWOpte1Fii4k7qtOqqAjpmQBOSMTDwphY1O62d"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 37263
accept-ranges: bytes
cf-ray: 7729f9b70b8e5c92-FRA
expires: Thu, 01 Dec 2022 07:09:29 GMT

GET
H2 200 ioclin.bix2.png
cdnbun.com/upload/ 8 KB
8 KB 65ms
34ms Image
image/png 2606:4700:3030::6815:e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnbun.com/upload/ioclin.bix2.png
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70a0dfd1380db7e800ecc799eb8ce0e788a4a85b6ff7dd9d5322b88c1c899b90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 742
x-guploader-uploadid: ADPycduBeAQ5hXV_2sN91IhwKDzmbOuX4nhKBM3iVGova9PkY62V-A2NE-rfifN-yt9UVAf5xK0jJoUctQv2hCMBIXfm6g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8129
last-modified: Tue, 22 Nov 2022 10:10:49 GMT
server: cloudflare
etag: "5c9f5f842200cc371d5f8dd50f936496"
vary: Accept-Encoding
x-goog-generation: 1669111849197786
content-type: image/png
x-goog-hash: crc32c=/qZ3TA==, md5=XJ9fhCIAzDcdX43VD5Nklg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYLX9oENudqFemAFqNOs47V8T1ri9h0uTavHQjC9vOhHSWXd40c0rNSBRi%2Fxth41OpQeKtgswvk%2FLZ6ip5v%2FnfkeXo1sj4sqrAk3IyyOeGO1jr5C36FAL%2BCkv9PhFwmQ0Z2CFOjnENpi"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 8129
accept-ranges: bytes
cf-ray: 7729f9b70b905c92-FRA
expires: Thu, 01 Dec 2022 06:56:33 GMT

GET
H2 200 Germany_inbox.png
1.bp.blogspot.com/-rJwuzcnw3VI/YKppmA0KHEI/AAAAAAAABgM/g534cHj8oxsuYau_w-e69RyO0APgsmLlwCLcBGAsYHQ/s16000/ 14 KB
14 KB 56ms
16ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-rJwuzcnw3VI/YKppmA0KHEI/AAAAAAAABgM/g534cHj8oxsuYau_w-e69RyO0APgsmLlwCLcBGAsYHQ/s16000/Germany_inbox.png

Requested by

Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

32bc695a4583118b2adca0fe87d1f4844905692f48f5f2a0eece23f205536e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 04:57:58 GMT
x-content-type-options: nosniff
age: 7659
content-disposition: inline;filename="Germany_inbox.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14208
x-xss-protection: 0
server: fife
etag: "v605"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 13 Nov 2022 16:20:49 GMT

GET
H2 200 ioclin.bix3.png
cdnbun.com/upload/ 15 KB
16 KB 62ms
31ms Image
image/png 2606:4700:3030::6815:e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnbun.com/upload/ioclin.bix3.png
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b960a42f95d97e4f2b240bc0696b3d637fc876e2f40efbe71dcf355e8d6e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 742
x-guploader-uploadid: ADPycdtsuS7gvBkwLBJITz8fmZBzDPji8BPhNx7nHRNlJZYay8eK9tCF-NQs0cgt2xLRg1zGzzXu6pv7lv0yTj97WY9p1g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15540
last-modified: Tue, 22 Nov 2022 10:10:49 GMT
server: cloudflare
etag: "2e36b47f4685b546d43cd5af147ea671"
vary: Accept-Encoding
x-goog-generation: 1669111849122722
content-type: image/png
x-goog-hash: crc32c=TJ7I2Q==, md5=Lja0f0aFtUbUPNWvFH6mcQ==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBGcraj1Gl85u26xlSWe%2BTQGjoExrfibM2Sodu6K6Tb3vv7l9xwppLc9ti6qL5%2B%2Bkzy4Tr0FPrCPQb2qVCVXcNADHvKHEaOJ2Fe6Z1qKqkn3wmksEBX2HWqEvl2sJ%2F%2BnheGzWCO7enqm"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 15540
accept-ranges: bytes
cf-ray: 7729f9b70b915c92-FRA
expires: Thu, 01 Dec 2022 06:58:44 GMT

GET
H2 200 responsive.js Show response
bonepa.com/js/ 4 KB
1 KB 83ms
19ms Script
application/javascript 185.66.201.42
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bonepa.com/js/responsive.js
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.42 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: affilist.com
Software: nginx /
Resource Hash: 542ff7234f3f326b5697cee7a2254b234ece203ab4bf30a468432ee2bacce8fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
server: nginx
etag: W/"63627627-e32"
content-type: application/javascript

GET
H2 200 bnr.php Show response
uprimp.com/ 427 B
681 B 57ms
15ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 8915aa78d6039d76d1d269545c8f45c3e6879da899db66697d6ec30e0adaf029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 07:05:37 GMT
last-modified: Thu, 01 Dec 2022 07:05:37 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Thu, 01 Dec 2022 07:05:37 GMT

GET
H2 200 yinin1.jpg
263cdn.com/upload/ 10 KB
11 KB 81ms
28ms Image
image/jpeg 2606:4700:3038::6815:eb4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://263cdn.com/upload/yinin1.jpg
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: babd75ed88bcf9a7c7d6a4cb955550fb76c4e0e314138b1f78137a0b013aba71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2144
x-guploader-uploadid: ADPycdsfXCc0EIhCeDn8SgAq4OPmreMzr3feC0wc2BHvtbwvnEw_kea2FHmU0d_62jFXgJIDJMQodmAaqb9S9uzRNn7qg7zZ75w_
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9989
last-modified: Sun, 21 Aug 2022 22:47:12 GMT
server: cloudflare
etag: "9f839127e951e6cba423df87e5cf07ec"
vary: Accept-Encoding
x-goog-generation: 1661122032089592
content-type: image/jpeg
x-goog-hash: crc32c=l82UJA==, md5=n4ORJ+lR5sukI9+H5c8H7A==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaV1Px5WY0Py6rieQ9l2TUBpmtwCUk1DkkKpUNFk1FPaRzW10zPfZC8FXaoWeZOCQwSJP1tw1To9wNRANXmZkv6i0XdnsDMbFFcfqHTuS0%2B9ioV693EEVAJyPdJxpQu%2FZt45On5BIBiL"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 9989
accept-ranges: bytes
cf-ray: 7729f9b77b47769e-LHR
expires: Thu, 01 Dec 2022 07:11:26 GMT

GET
H2 200 yhyindu2.jpg
263cdn.com/upload/ 12 KB
13 KB 99ms
46ms Image
image/jpeg 2606:4700:3038::6815:eb4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://263cdn.com/upload/yhyindu2.jpg
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f275d532ec2a4da265aa8bc2e0d2c3cd336324c88809b41d1e6b4e3864dc08aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3560
x-guploader-uploadid: ADPycdvZy3ZVURcGR9aPZDFdZSEnP_L7tt_vMJW1IKB5c8yXsbvYiM4an8G5seGEdxq5AQDszsqoQeODpZygerrqLR7VqA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12136
last-modified: Sat, 16 Jul 2022 22:59:48 GMT
server: cloudflare
etag: "5b0b1a5debe90a3d277d36f50e6ae672"
vary: Accept-Encoding
x-goog-generation: 1658012388751359
content-type: image/jpeg
x-goog-hash: crc32c=jJQeAg==, md5=WwsaXevpCj0nfTb1Dmrmcg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8YzI2x53G5bgDo4jULmvOi5LcfBDwuWYX%2F8YdBLqeDjYS9QCtrot8iqRWKjjnFeTn5qKl98sIGyYwThVSgopvyKTikcMgg%2Fnzv6iaTWXfbDp9ZR287MS8d1r8aOdGk%2FMOHgn2kH%2Fgbd"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12136
accept-ranges: bytes
cf-ray: 7729f9b77b48769e-LHR
expires: Thu, 01 Dec 2022 06:08:02 GMT

GET
H2 200 yhyindu1.jpg
263cdn.com/upload/ 10 KB
11 KB 87ms
34ms Image
image/jpeg 2606:4700:3038::6815:eb4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://263cdn.com/upload/yhyindu1.jpg
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5907414ee9a6a851c34c17dcb6640481cd65d99526319d2fc665981c38079c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2400
x-guploader-uploadid: ADPycdtuXPaWu9uPnTy2Zeg6DD_NfaSsn-dkBb_bC6zYowwNxxhAzml-hrOIS10Lx18bMh6jx-QSDyF8B_59sw0VxOx28A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10511
last-modified: Sat, 16 Jul 2022 22:59:48 GMT
server: cloudflare
etag: "7b24fb4d55463daaf498ae99f434d535"
vary: Accept-Encoding
x-goog-generation: 1658012388645640
content-type: image/jpeg
x-goog-hash: crc32c=RCqyxQ==, md5=eyT7TVVGPar0mK6Z9DTVNQ==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzVl6MaEmM1xEXEQQwb5%2BZBRMAHBkmc%2Boxr9pY3IqVOjcziDtH8l6YI9eF%2FaxBjuPtbJAGHW8hBmGff%2FaOWd2TNe0tEi46UN0yB16bm2xBuS%2FcvvvYRmZyYZYlI5V7HyyKE9liChbQzq"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 10511
accept-ranges: bytes
cf-ray: 7729f9b77b49769e-LHR
expires: Thu, 01 Dec 2022 07:11:43 GMT

GET
H2 200 yhyindu3.jpg
263cdn.com/upload/ 10 KB
11 KB 84ms
31ms Image
image/jpeg 2606:4700:3038::6815:eb4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://263cdn.com/upload/yhyindu3.jpg
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d798e5fb6086e8ea192e3c7c242dd067fd56b9f2b26fc2a54820db57a07a7c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3560
x-guploader-uploadid: ADPycdtCGEkBDrYx9HFHMeDfE0mgdDpvCcRscQR0j9is_zn_n5k7z_bwAkML5NU_Q08VVteqMGUIBmkM68DfTqP9UyVUjQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10484
last-modified: Sat, 16 Jul 2022 22:59:48 GMT
server: cloudflare
etag: "390c5e6fc8954a86a99bab6ecbd6f568"
vary: Accept-Encoding
x-goog-generation: 1658012388724948
content-type: image/jpeg
x-goog-hash: crc32c=7xTvOg==, md5=OQxeb8iVSoapm6tuy9b1aA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FaDG%2FiKPmpvB1%2BOzncuIXfiWsGWKYERm%2Bavq21qj7PcnoVwgpHC72fkj4g90KUKQrjfABDe%2BWWjpilXFa87xrk2dYIMsKUCxfbthWfjmOgFaqK9DNKd8aPKHSvfpS61%2B%2Fq50STGLztZU"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 10484
accept-ranges: bytes
cf-ray: 7729f9b77b4a769e-LHR
expires: Thu, 01 Dec 2022 06:59:29 GMT

GET
H2 200 yhyindu5.jpg
263cdn.com/upload/ 16 KB
16 KB 93ms
48ms Image
image/jpeg 2606:4700:3038::6815:eb4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://263cdn.com/upload/yhyindu5.jpg
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95db2af0008e286058d56bdb942e95f0345d39254aec4363de0d3699bdc68658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3560
x-guploader-uploadid: ADPycdtuuq6B9rI0Cw1E_CbWiS4kBzwy0ue8ZqywuBFW7g6yDlT5vxecsdwA-Bt_Cruf-QSmF-27kLe9GTB-OLKyQZYaoVQWDRiC
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15908
last-modified: Sat, 16 Jul 2022 22:59:49 GMT
server: cloudflare
etag: "f0e55666582522445bbd6489c6bb2734"
vary: Accept-Encoding
x-goog-generation: 1658012389858068
content-type: image/jpeg
x-goog-hash: crc32c=qkrYYA==, md5=8OVWZlglIkRbvWSJxrsnNA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTHdWTJU9E9y%2FqaKfvUpB9rWFs%2BYvnMINk3u5rjdlMod9MmT4zEKjEFKRgLn9vnHIvVOqEqI0rBD0mFlOgxIVYaX%2FURuCoSzh%2B%2FWdGzC4rI3i6UZHi4c8xEOVfPwchWv90NYREOAAn2Y"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 15908
accept-ranges: bytes
cf-ray: 7729f9b77b4c769e-LHR
expires: Thu, 01 Dec 2022 06:52:37 GMT

GET
H2 200 yinin6.jpg
263cdn.com/upload/ 8 KB
8 KB 71ms
30ms Image
image/jpeg 2606:4700:3038::6815:eb4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://263cdn.com/upload/yinin6.jpg
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32988077ca75419c484ea3f154136fb61dc4983d5efb4178031d05ec210dbe45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 231
x-guploader-uploadid: ADPycdthsxCjtZOrmiRFp-rCCjdYeZoB0eddNnQHSfnpWILqrvUMb9FfsNZnWokAwb0vbItEVQAIUlYU3wS9XpZUMNVWSQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7772
last-modified: Sun, 21 Aug 2022 22:47:09 GMT
server: cloudflare
etag: "04c35687c4695f37e1a5f4658d356f23"
vary: Accept-Encoding
x-goog-generation: 1661122029689954
content-type: image/jpeg
x-goog-hash: crc32c=en2NPg==, md5=BMNWh8RpXzfhpfRljTVvIw==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JCIhZzDci9mdBMHtbyQtu8XmvJVzGzLhYRKAjsq9skkjWBTP%2FZdKQbjVuKH6FSBhyv4r%2B3iaLFlIjpo3AjlWAizG5Z31lvesvfR6N5Zg76PZ20XnM8qrv5P05%2Bthlpji5u5WwxDoTHz"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 7772
accept-ranges: bytes
cf-ray: 7729f9b77b4d769e-LHR
expires: Thu, 01 Dec 2022 07:59:31 GMT

GET
H2 200 yinin7.jpg
263cdn.com/upload/ 9 KB
10 KB 27ms
26ms Image
image/jpeg 2606:4700:3038::6815:eb4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://263cdn.com/upload/yinin7.jpg
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27fc0ee79674e43ea6c89bee0b5f685e6a954dbd9b8279e93cff26e24b6224cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543
x-guploader-uploadid: ADPycdvg1mRQemNPin__5lv1KFwZKHvwZJ4tChXrDhJ8vogKWvD3OCGnfDJb4hI5ovpXHtDxlY6f4SuC8EjpQghosSh4LvhVRoAh
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9701
last-modified: Sun, 21 Aug 2022 22:47:10 GMT
server: cloudflare
etag: "98bf547229428fd89db85cf7eaee3f5c"
vary: Accept-Encoding
x-goog-generation: 1661122030852213
content-type: image/jpeg
x-goog-hash: crc32c=N23pRQ==, md5=mL9UcilCj9iduFz36u4/XA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkJOOcyET8byWctafvj7kLpkD%2BisBXoia8RHNAR6zVSoxmjF77YYrYrVVo6hoSLYOEDTZdLmgw4UIwaxeXnS4PTtKLjqxEB1NSuo8tveZbop%2FpZ6anoGMu3mXnunhhGpZZk25Jnsagg7"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 9701
accept-ranges: bytes
cf-ray: 7729f9b79b69769e-LHR
expires: Thu, 01 Dec 2022 07:49:17 GMT

GET
H2 200 yinin8.jpg
263cdn.com/upload/ 9 KB
10 KB 30ms
30ms Image
image/jpeg 2606:4700:3038::6815:eb4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://263cdn.com/upload/yinin8.jpg
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e575c73e80a1cf7134b629c99a5727a0f108c739ce21c8f06f11903276b6f0db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3385
x-guploader-uploadid: ADPycduKQTA0L5apGgRSmeE6OZ3_s2kZ9A43pSMx-UuSyE8z6gXaVRHPV9S7IJ45rxbUU3B4IrguBhlSBpPESLyRNSqKlg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9470
last-modified: Sun, 21 Aug 2022 22:47:10 GMT
server: cloudflare
etag: "9438fdd580f94c978f69035105e13cd3"
vary: Accept-Encoding
x-goog-generation: 1661122030922846
content-type: image/jpeg
x-goog-hash: crc32c=PSDQww==, md5=lDj91YD5TJePaQNRBeE80w==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Do4kRzNWOZccf04%2BxhRqbtiNwTpOgdqsbmsSQeCEQn7BA0h5W3qGNiq6KPftm2k1Q2SJ%2FZ%2BKDMtSeqwq%2FeOfLCoCD0IrpxWMzsVzWkBnypfoPgkGzB4jlJRvuVxHyK9CjCnnmOYH%2BbFH"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 9470
accept-ranges: bytes
cf-ray: 7729f9b79b6b769e-LHR
expires: Thu, 01 Dec 2022 06:27:52 GMT

GET
H2 200 yinin9.jpg
263cdn.com/upload/ 11 KB
12 KB 28ms
28ms Image
image/jpeg 2606:4700:3038::6815:eb4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://263cdn.com/upload/yinin9.jpg
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a07c5e915cbecd3802cb30dab35e08c084a11736b7bc7b54084b4a6bcae828b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2525
x-guploader-uploadid: ADPycdu1BPKDcUnV5wI39RzOQiGQWjlcR4EveEAOlFsCLksqib6cd0iQl1n30ag__HfvMW0_9gJJZl_uNBiYWgjH5iPTlq44snP1
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11423
last-modified: Sun, 21 Aug 2022 22:47:10 GMT
server: cloudflare
etag: "d89c2aa67625f8e96a26ad58b1e305ce"
vary: Accept-Encoding
x-goog-generation: 1661122030898080
content-type: image/jpeg
x-goog-hash: crc32c=2FXwkQ==, md5=2JwqpnYl+OlqJq1YseMFzg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bp4dJN6sftJ%2BVww7XMt%2FDV9li3rFf3%2F%2FpBnpDReeFOetliiJ7v%2FwfNI9u7c0zELrAD7ZRQCtgIUoAQGLYv0%2ByK7KnGhRAAoI9%2BWTi8x7eNXkm5IpwamI0bYOnsLdMaVyTZHni0bwiM0H"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 11423
accept-ranges: bytes
cf-ray: 7729f9b79b6c769e-LHR
expires: Thu, 01 Dec 2022 06:49:49 GMT

GET
H2 200 yinin10.jpg
263cdn.com/upload/ 13 KB
14 KB 31ms
31ms Image
image/jpeg 2606:4700:3038::6815:eb4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://263cdn.com/upload/yinin10.jpg
Requested by: Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e06c2ce9f625b4fe7242a681f4f304295c919d2d60d1c686308aa8b937d19687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2989
x-guploader-uploadid: ADPycdsg_LxHp6I1SbV3szo7Hhqxqb0Wdew9Ne_jOCl4DQfoiML8z3xU8PIe5Y5WD-HhyDTFHbl08LXdf_OAcEZZE0CLI-JtTNPr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13584
last-modified: Sun, 21 Aug 2022 22:47:11 GMT
server: cloudflare
etag: "e4d604720788156badba6c24a3ae2f18"
vary: Accept-Encoding
x-goog-generation: 1661122031937437
content-type: image/jpeg
x-goog-hash: crc32c=W2VoYQ==, md5=5NYEcgeIFWutumwko64vGA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NybF2OuEMCsIr7WlqgqNqDEtU%2Fyl6Wf8IPjI9OjAj3j%2Fo53kn1Fbnr39W1NHuvVcTAa2PN%2FIqQH%2Fr15WRtdxl3GMfAu45xlhkVZ8b16Uvlr7NFnINxWGVq58HJC2iF3EEzSZmYQsOSN7"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 13584
accept-ranges: bytes
cf-ray: 7729f9b79b6d769e-LHR
expires: Thu, 01 Dec 2022 07:07:53 GMT

GET
H2 200 email-decode.min.js Show response
voicelevel.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 11ms
10ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://voicelevel.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Nov 2022 15:39:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6384d627-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFsQnNelcofO5KSUDzWKJR8k8laykrhQo6Ho2W7BLOiqgjMIMJ06ixXMGpudG75i0COZjBK2v%2BJH3vMy6dZHH3CiCpVEGxtx5xCOoTJEQX9Z8V7g0y6FB717aJ5NMmS8LdfGFPBl3qm04uRpMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7729f9b6b9b59244-FRA
expires: Sat, 03 Dec 2022 07:05:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
77 KB 57ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2T6GB3S68P

Requested by

Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9a0323fdc1ca557a61c9dae008ec3991e9c93c2053182a3aec0414227a83d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78834
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Dec 2022 07:05:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 37ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN

Requested by

Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

deda44190c8bd0f4734787893722dcb06640d2880e7841dcaa08b0bc0c6696da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Dec 2022 07:05:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 26ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G

Requested by

Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c574abecf706417f5b029c3fc5f74d8c06c68722e172b0440a8c93ec4136bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76328
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Dec 2022 07:05:37 GMT

GET
H2 200 bnr_xload.php Show response
uprimp.com/ Frame 812F 0
255 B 26ms
25ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166987833797918&xtt=8090838
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://voicelevel.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Thu, 01 Dec 2022 07:05:37 GMT
expires: Thu, 01 Dec 2022 07:05:37 GMT
last-modified: Thu, 01 Dec 2022 07:05:37 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H3 200 yuming.js Show response
voicelevel.top/CfFPQDrS/iocl4in/ 268 B
706 B 37ms
37ms XHR
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://voicelevel.top/CfFPQDrS/iocl4in/yuming.js?1669878337139&_=1669878337073
Requested by: Host: cdn.jsdelivr.cc
URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bda45e4d33945806bf64cd6897f2a01c0d4587a6634905f0762925f8666765d

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 10:24:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637ca37b-10c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJx6QD1t7iBuky7m7i1LKjlkSn4HIba%2BtNzWSAcKeaLiuYF5AKUGzW9J7e3nosUmvA4K51gRXrOogowFci765tCQFSDK5wcXUjpTLBybFf6GLnw9SngV0IUVLzwjfjjHPVf7GMRGc8FJ7cYgxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7729f9b72a24921f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Dec 2022 19:05:37 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 834ms
328ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?bbb3e86814c9ceef66d180a6c15fa17d

Requested by

Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

b19379fdd66144c323e46bdf3061bd192407be75707058d454e57532f5a98af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Thu, 01 Dec 2022 07:05:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 1629d5e17330478fd73f7713722e3029
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11303

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 867ms
345ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?50b38c97288c83155c79630a45512f4e

Requested by

Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

ccad8ff95984a888e58eef3bec8229642350992ce0c5eedd86f72b07173ec64e

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Thu, 01 Dec 2022 07:05:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 9791b6491b8dc5e83467a161c0987a65
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11300

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 880ms
358ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8

Requested by

Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

14d42e534b60562aab84310ba3507fdd796df90b18642e4cf1108c4ade66e3bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Thu, 01 Dec 2022 07:05:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 19db538561f71a81553b62884a4f2a1b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11258

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 869ms
347ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?e8430a361305901aaf21019d086a2e3f

Requested by

Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

5d2d76b12600cbe418545ac32dc920aeb04fa082667fa41312ef0b4b0fedca6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Thu, 01 Dec 2022 07:05:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 895407c581df98f6316a8ba3ef655b18
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11265

GET
H3 200 tb2.php Show response
voicelevel.top/CfFPQDrS/j/ 748 B
792 B 34ms
33ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://voicelevel.top/CfFPQDrS/j/tb2.php?c=iocl4in&np=taoluming&_=1669878337074
Requested by: Host: cdn.jsdelivr.cc
URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1600475dcaaacd651c9bda739647f7b9be79aa1814b7e091908e0f6b7a63706b

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emE5U5ZOwRE%2FiSmR60NejZcd5ViwFGdXED8fAFijOBxvfH93z%2Fi1iiBVAnnypbkq31%2FTkD9%2F30yesWc%2FW%2FMYrM%2Fsac21yLYMUb%2Fgt3lW0W89%2FNGJ2mchBuKOeFqrl6iON24FSDWQzRCaufqEHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7729f9b76a7e921f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
77 KB 41ms
24ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2T6GB3S68P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

837b547a2de183f6ca1e22212d59930c0c44bf9fcca0c573d961fb5457987ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78836
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Dec 2022 07:05:37 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 37ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN&gtm=2oebs0&_p=2102268678&cid=731668189.1669878337&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669878337&sct=1&seg=0&dl=https%3A%2F%2Fvoicelevel.top%2FCfFPQDrS%2Fiocl4in%2F%3F_t%3D1669878336890&dr=http%3A%2F%2Fpoleescalator.cn%2F&dt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FKraftstoffzuschuss%20zum%2065-j%C3%A4hrigen%20Jubil%C3%A4um%20von%20Indian%20Oil!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 07:05:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://voicelevel.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 399ms
387ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

690a17d2395fb05eb514031e4da2c1dd1435eb47e76e4ecee0ce4129b2be0f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 07:05:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 01 Dec 2022 07:05:37 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G&gtm=2oebu0&_p=2102268678&cid=731668189.1669878337&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669878337&sct=1&seg=0&dl=https%3A%2F%2Fvoicelevel.top%2FCfFPQDrS%2Fiocl4in%2F%3F_t%3D1669878336890&dr=http%3A%2F%2Fpoleescalator.cn%2F&dt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FKraftstoffzuschuss%20zum%2065-j%C3%A4hrigen%20Jubil%C3%A4um%20von%20Indian%20Oil!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 07:05:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://voicelevel.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 36ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2T6GB3S68P&gtm=2oebs0&_p=2102268678&cid=731668189.1669878337&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669878337&sct=1&seg=0&dl=https%3A%2F%2Fvoicelevel.top%2FCfFPQDrS%2Fiocl4in%2F%3F_t%3D1669878336890&dr=http%3A%2F%2Fpoleescalator.cn%2F&dt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FKraftstoffzuschuss%20zum%2065-j%C3%A4hrigen%20Jubil%C3%A4um%20von%20Indian%20Oil!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2T6GB3S68P
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 07:05:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://voicelevel.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 346ms
345ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1596289278&si=50b38c97288c83155c79630a45512f4e&su=http%3A%2F%2Fpoleescalator.cn%2F&v=1.3.0&lv=1&sn=46538&r=0&ww=1600&u=https%3A%2F%2Fvoicelevel.top%2FCfFPQDrS%2Fiocl4in%2F%3F_t%3D1669878336890%231669878337643&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FKraftstoffzuschuss%20zum%2065-j%C3%A4hrigen%20Jubil%C3%A4um%20von%20Indian%20Oil!%F0%9F%8E%81%F0%9F%8E%8A

Requested by

Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Dec 2022 07:05:38 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 330ms
329ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1924023516&si=bbb3e86814c9ceef66d180a6c15fa17d&su=http%3A%2F%2Fpoleescalator.cn%2F&v=1.3.0&lv=1&sn=46538&r=0&ww=1600&u=https%3A%2F%2Fvoicelevel.top%2FCfFPQDrS%2Fiocl4in%2F%3F_t%3D1669878336890%231669878337643&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FKraftstoffzuschuss%20zum%2065-j%C3%A4hrigen%20Jubil%C3%A4um%20von%20Indian%20Oil!%F0%9F%8E%81%F0%9F%8E%8A

Requested by

Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Dec 2022 07:05:38 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 335ms
334ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1725268654&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fpoleescalator.cn%2F&v=1.3.0&lv=1&sn=46539&r=0&ww=1600&u=https%3A%2F%2Fvoicelevel.top%2FCfFPQDrS%2Fiocl4in%2F%3F_t%3D1669878336890%231669878337643&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FKraftstoffzuschuss%20zum%2065-j%C3%A4hrigen%20Jubil%C3%A4um%20von%20Indian%20Oil!%F0%9F%8E%81%F0%9F%8E%8A

Requested by

Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Dec 2022 07:05:38 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 351ms
351ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1053871274&si=e8430a361305901aaf21019d086a2e3f&su=http%3A%2F%2Fpoleescalator.cn%2F&v=1.3.0&lv=1&sn=46539&r=0&ww=1600&u=https%3A%2F%2Fvoicelevel.top%2FCfFPQDrS%2Fiocl4in%2F%3F_t%3D1669878336890%231669878337643&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FKraftstoffzuschuss%20zum%2065-j%C3%A4hrigen%20Jubil%C3%A4um%20von%20Indian%20Oil!%F0%9F%8E%81%F0%9F%8E%8A

Requested by

Host: voicelevel.top
URL: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Dec 2022 07:05:38 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 / Show response
bonepa.com/4fe48aebd6/4f59451604/ Frame 3B6C 16 KB
3 KB 65ms
64ms Document
text/html 185.66.201.42
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bonepa.com/4fe48aebd6/4f59451604/?placementName=Flow&is_first=true&randomA=0_4533&maxw=0
Requested by: Host: bonepa.com
URL: https://bonepa.com/js/responsive.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.42 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: affilist.com
Software: nginx /
Resource Hash: 003d76b3bfe5875e8ae4f5ba18add74ae384a0b41cb98f7858b6f126483c94ba

Request headers

Referer: https://voicelevel.top/CfFPQDrS/iocl4in/?_t=1669878336890
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 01 Dec 2022 07:05:38 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex,nofollow

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN&gtm=2oebs0&_p=2102268678&cid=731668189.1669878337&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1669878337&sct=1&seg=0&dl=https%3A%2F%2Fvoicelevel.top%2FCfFPQDrS%2Fiocl4in%2F%3F_t%3D1669878336890&dr=http%3A%2F%2Fpoleescalator.cn%2F&dt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FKraftstoffzuschuss%20zum%2065-j%C3%A4hrigen%20Jubil%C3%A4um%20von%20Indian%20Oil!%F0%9F%8E%81%F0%9F%8E%8A&en=scroll&epn.percent_scrolled=90&_et=28
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 07:05:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://voicelevel.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G&gtm=2oebu0&_p=2102268678&cid=731668189.1669878337&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1669878337&sct=1&seg=0&dl=https%3A%2F%2Fvoicelevel.top%2FCfFPQDrS%2Fiocl4in%2F%3F_t%3D1669878336890&dr=http%3A%2F%2Fpoleescalator.cn%2F&dt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FKraftstoffzuschuss%20zum%2065-j%C3%A4hrigen%20Jubil%C3%A4um%20von%20Indian%20Oil!%F0%9F%8E%81%F0%9F%8E%8A&en=scroll&epn.percent_scrolled=90&_et=11
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://voicelevel.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Dec 2022 07:05:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://voicelevel.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bonepa.com/4fe48aebd6/4f59451604	1970-01-20 07:52:44	Name: shown1 Value: 0
bonepa.com/4fe48aebd6/4f59451604	1970-01-20 07:52:37	Name: total_impressions Value: 1
.voicelevel.top/	1970-01-20 17:27:18	Name: _ga_LW7434MYMN Value: GS1.1.1669878337.1.0.1669878337.0.0.0
.voicelevel.top/	1970-01-20 17:27:18	Name: _ga Value: GA1.1.731668189.1669878337
.voicelevel.top/	1970-01-20 17:27:18	Name: _ga_0C230YDF7G Value: GS1.1.1669878337.1.0.1669878337.0.0.0
.voicelevel.top/	1970-01-20 17:27:18	Name: _ga_2T6GB3S68P Value: GS1.1.1669878337.1.0.1669878337.0.0.0
.hm.baidu.com/	1970-01-20 17:27:18	Name: HMACCOUNT_BFESS Value: B99263CCCA92E334
.voicelevel.top/	1970-01-20 16:36:54	Name: Hm_lvt_50b38c97288c83155c79630a45512f4e Value: 1669878338
.voicelevel.top/	1969-12-31 23:59:59	Name: Hm_lpvt_50b38c97288c83155c79630a45512f4e Value: 1669878338
.voicelevel.top/	1970-01-20 16:36:54	Name: Hm_lvt_bbb3e86814c9ceef66d180a6c15fa17d Value: 1669878338
.voicelevel.top/	1969-12-31 23:59:59	Name: Hm_lpvt_bbb3e86814c9ceef66d180a6c15fa17d Value: 1669878338
.voicelevel.top/	1970-01-20 16:36:54	Name: Hm_lvt_8b68846a3ac1709b0ec7199084ee5ea8 Value: 1669878339
.voicelevel.top/	1969-12-31 23:59:59	Name: Hm_lpvt_8b68846a3ac1709b0ec7199084ee5ea8 Value: 1669878339
.voicelevel.top/	1970-01-20 16:36:54	Name: Hm_lvt_e8430a361305901aaf21019d086a2e3f Value: 1669878339
.voicelevel.top/	1969-12-31 23:59:59	Name: Hm_lpvt_e8430a361305901aaf21019d086a2e3f Value: 1669878339
bonepa.com/	1970-01-20 07:52:37	Name: used_ad2706639 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdnbun.com/upload/ioclin..png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
263cdn.com
bonepa.com
cdn.jsdelivr.cc
cdnbun.com
hm.baidu.com
poleescalator.cn
region1.google-analytics.com
uprimp.com
voicelevel.top
www.googletagmanager.com
103.235.46.191
185.66.200.220
185.66.201.42
2001:4860:4802:34::36
2606:4700:3030::6815:e8e
2606:4700:3032::ac43:977d
2606:4700:3035::ac43:cc38
2606:4700:3038::6815:eb4a
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2001
2a06:98c1:3120::3
003d76b3bfe5875e8ae4f5ba18add74ae384a0b41cb98f7858b6f126483c94ba
0589130e2f31c00eddc807b3b8a51b8a039ab6409fcb6c1517651b2329432d7f
0b7274b0b5b7f411de46416a6c9941062f7a57aaf919fdeda367b5959f4ce8ef
14d42e534b60562aab84310ba3507fdd796df90b18642e4cf1108c4ade66e3bd
1600475dcaaacd651c9bda739647f7b9be79aa1814b7e091908e0f6b7a63706b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27fc0ee79674e43ea6c89bee0b5f685e6a954dbd9b8279e93cff26e24b6224cb
32988077ca75419c484ea3f154136fb61dc4983d5efb4178031d05ec210dbe45
32bc695a4583118b2adca0fe87d1f4844905692f48f5f2a0eece23f205536e60
3c574abecf706417f5b029c3fc5f74d8c06c68722e172b0440a8c93ec4136bd7
4d798e5fb6086e8ea192e3c7c242dd067fd56b9f2b26fc2a54820db57a07a7c0
542ff7234f3f326b5697cee7a2254b234ece203ab4bf30a468432ee2bacce8fb
58b960a42f95d97e4f2b240bc0696b3d637fc876e2f40efbe71dcf355e8d6e94
5907414ee9a6a851c34c17dcb6640481cd65d99526319d2fc665981c38079c16
5bda45e4d33945806bf64cd6897f2a01c0d4587a6634905f0762925f8666765d
5d2d76b12600cbe418545ac32dc920aeb04fa082667fa41312ef0b4b0fedca6a
690a17d2395fb05eb514031e4da2c1dd1435eb47e76e4ecee0ce4129b2be0f42
6a07c5e915cbecd3802cb30dab35e08c084a11736b7bc7b54084b4a6bcae828b
70a0dfd1380db7e800ecc799eb8ce0e788a4a85b6ff7dd9d5322b88c1c899b90
7c2c3261b01f9e58f55f6cbe20fbcd6c41649e8ee04b6d3e506f285710d77910
7d7a9043f4bed303fe2974ac4e3ba10d6b214e70f7ae549786ba2d347de05f81
837b547a2de183f6ca1e22212d59930c0c44bf9fcca0c573d961fb5457987ad3
8915aa78d6039d76d1d269545c8f45c3e6879da899db66697d6ec30e0adaf029
95db2af0008e286058d56bdb942e95f0345d39254aec4363de0d3699bdc68658
9b7f1ddc36af29778df73a309d2861822456de3eb416e6921a5c44e68435a42f
a4555d8dee9f8adc976e84a97dfe87e6bf5794b579f49bb56f133fed85f7d709
a673dbdc684843aa3959a6f58e4bf0f000674a8a1e2a48d5b14a05fa55ef57f6
b19379fdd66144c323e46bdf3061bd192407be75707058d454e57532f5a98af5
b219e4cd8f8f9216f159285019be30d6bfe475d92ca30b3561551aaa2174751d
babd75ed88bcf9a7c7d6a4cb955550fb76c4e0e314138b1f78137a0b013aba71
ccad8ff95984a888e58eef3bec8229642350992ce0c5eedd86f72b07173ec64e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d13b780287e71a5498375374bde62b7cc0d6e00587dc435067615d1b58a54bde
d9a0323fdc1ca557a61c9dae008ec3991e9c93c2053182a3aec0414227a83d74
deda44190c8bd0f4734787893722dcb06640d2880e7841dcaa08b0bc0c6696da
e06c2ce9f625b4fe7242a681f4f304295c919d2d60d1c686308aa8b937d19687
e290dc4993b9ae7d34440db26be412b4bc4547a48ff635750d400164665d7fa6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e575c73e80a1cf7134b629c99a5727a0f108c739ce21c8f06f11903276b6f0db
ebbc4e879463fbbc9299fcd61a3f67c1f142cffd77c7ac1077557eefbab487d9
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f275d532ec2a4da265aa8bc2e0d2c3cd336324c88809b41d1e6b4e3864dc08aa
ff399ce0e73811942164279fbe3a4c16b016e7a3b8098d0173e732c19c5c1d4c

voicelevel.top Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

94 %HTTPS

73 %IPv6

11 Domains

11 Subdomains

11 IPs

4 Countries

975 kBTransfer

2128 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

voicelevel.top Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

94 %
HTTPS

73 %
IPv6

11
Domains

11
Subdomains

11
IPs

4
Countries

975 kB
Transfer

2128 kB
Size

16
Cookies

53 HTTP transactions
0 data transactions