dreamflingsxl.com Open in urlscan Pro
2606:4700:3031::681c:222  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response dreamflingsxl.com/	19 KB 5 KB	109ms 79ms	Document text/html	2606:4700:3031::681c:222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c780601fda3440c292d1d81824594bb086830e73e8c707857579d5edd762ce3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority dreamflingsxl.com :scheme https :path /?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Mon, 10 Aug 2020 13:37:40 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=da8ac1ce64f80befeaaac658378a9df961597066660; expires=Wed, 09-Sep-20 13:37:40 GMT; path=/; domain=.dreamflingsxl.com; HttpOnly; SameSite=Lax k=SFMyNTY.g3QAAAAIbQAAAARhdW5xdAAAAAFtAAAABTY0NjcybQAAAApSQVBQem9qTm1wbQAAAANoaWRtAAAAJFhPVWJzb0FNeGZFeE50YmdDZ0FRRUV4d3ZaTlZWaUdBS1NSWG0AAAACaGxkAANuaWxtAAAAAnJkdAAAAARkAApfX3N0cnVjdF9fZAAYRWxpeGlyLlRkZXguUm90YXRpb25EYXRhZAAOY2xpY2tlZF9vZmZlcnN0AAAAAGQACGxhbmRpbmdzbAAAAAFiAAACQ2pkAAtzZWVuX29mZmVyc2wAAAABYgAAcG5qbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJkAANuaWxtAAAAB3RyYWNrZXJtAAAAD3p6enp6enp6enp6enp6em0AAAADdW5xbQAAAAxEeGhPT05HWVpxZkw.ruIHBnIJGR54_-BPrTvUvyHqKMG5v_Ez_I8fIFbuZQo; path=/; expires=Tue, 10 Aug 2021 13:37:40 GMT; max-age=31536000 uord=24e33a62e9635af1a0fb45074b81c53c; path=/; expires=Wed, 10 Aug 2022 13:37:40 GMT; max-age=63072000; HttpOnly vary Accept-Encoding cache-control max-age=0, private, must-revalidate cross-origin-window-policy deny x-content-type-options nosniff x-download-options noopen x-permitted-cross-domain-policies none x-xss-protection 1; mode=block cf-cache-status DYNAMIC cf-request-id 047a30617f000005b34d34e200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5c0a1ce26a9a05b3-FRA content-encoding br
GET H2	200	animate.min.css cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/	52 KB 4 KB	29ms 15ms	Stylesheet text/css	2606:4700::6810:85e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css Requested by Host: dreamflingsxl.com URL: https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 10 Aug 2020 13:37:40 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 16003183 status 200 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 047a3061e00000bf14e7bda200000001 served-in-seconds 0.002 timing-allow-origin * last-modified Thu, 17 May 2018 09:15:36 GMT server cloudflare etag W/"5afd4838-ce35" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains content-type text/css access-control-allow-origin * cache-control public, max-age=30672000 cf-ray 5c0a1ce30939bf14-FRA expires Sat, 31 Jul 2021 13:37:40 GMT
GET H2	200	css fonts.googleapis.com/	767 B 475 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:825::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato&subset=latin-ext Requested by Host: dreamflingsxl.com URL: https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 10 Aug 2020 13:37:40 GMT server ESF date Mon, 10 Aug 2020 13:37:40 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 10 Aug 2020 13:37:40 GMT
GET H2	200	script.min.js Show response dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/	252 KB 72 KB	26ms 25ms	Script application/javascript	2606:4700:3031::681c:222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/script.min.js Requested by Host: dreamflingsxl.com URL: https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76d703389c75e3c1e9946072b1e18f6d61842f77eac3f03cfb366baba8035850 Request headers Referer https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 10 Aug 2020 13:37:40 GMT content-encoding br cf-cache-status HIT age 461 status 200 cf-request-id 047a3061d3000005b34d356200000001 last-modified Thu, 28 May 2020 10:06:25 GMT server cloudflare etag W/"5ecf8d21-3f0a5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 cf-ray 5c0a1ce2ec1305b3-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	p.js Show response dreamflingsxl.com/	415 B 526 B	1097ms 1096ms	Script application/javascript	2606:4700:3031::681c:222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dreamflingsxl.com/p.js?a=846364&cr=28603&lid=15649&mh=WE9VYnNvQU14ZkV4TnRiZ0NnQVFFRXh3dlpOVlZpR0FLU1JYLTEzNTI3&p=0&t=zzzzzzzzzzzzzzz Requested by Host: dreamflingsxl.com URL: https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f7a6a9ac1abfb0094080eacaa977fe4ce216d4247e1386280f67dd485f7dd50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 10 Aug 2020 13:37:41 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS x-permitted-cross-domain-policies none cross-origin-window-policy deny status 200 vary Accept-Encoding cf-request-id 047a3061d3000005b34d357200000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen content-type application/javascript; charset=utf-8 x-xss-protection 1; mode=block cache-control private, max-age=14400, must-revalidate cf-ray 5c0a1ce2ec1505b3-FRA
GET H2	200	f.js Show response dreamflingsxl.com/assets/	1 KB 973 B	13ms 12ms	Script application/javascript	2606:4700:3031::681c:222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dreamflingsxl.com/assets/f.js Requested by Host: dreamflingsxl.com URL: https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 803090f7e96cb1c802bea76fbde208bc8647912ffe428db74e18a45cb13b1972 Request headers Referer https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 10 Aug 2020 13:37:40 GMT content-encoding br cf-cache-status HIT age 5702 status 200 cf-request-id 047a3061d3000005b34d358200000001 last-modified Thu, 25 Jun 2020 13:11:23 GMT server cloudflare etag W/"5ef4a27b-5f5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 cf-ray 5c0a1ce2ec1605b3-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	no.png dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/images/	3 KB 3 KB	12ms 10ms	Image image/png	2606:4700:3031::681c:222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/images/no.png Requested by Host: dreamflingsxl.com URL: https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fedd7527d1cceee3052bf4bb62e76d56e8200a115d8a2affae23a125578b7ad1 Request headers Referer https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 10 Aug 2020 13:37:40 GMT cf-cache-status HIT age 461 status 200 content-length 3134 cf-request-id 047a3061f5000005b34d35d200000001 last-modified Thu, 28 May 2020 10:07:17 GMT server cloudflare etag "5ecf8d55-c3e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 accept-ranges bytes cf-ray 5c0a1ce32cb605b3-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	yes.png dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/images/	3 KB 4 KB	13ms 11ms	Image image/png	2606:4700:3031::681c:222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/images/yes.png Requested by Host: dreamflingsxl.com URL: https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6bfdecff876226c1e233f71e7b0b1a6e0eb238281a52156c39f051691dd88a43 Request headers Referer https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 10 Aug 2020 13:37:40 GMT cf-cache-status HIT age 461 status 200 content-length 3480 cf-request-id 047a3061f5000005b34d35e200000001 last-modified Thu, 28 May 2020 10:07:17 GMT server cloudflare etag "5ecf8d55-d98" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 accept-ranges bytes cf-ray 5c0a1ce32cb705b3-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	1.jpg dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/images/	69 KB 69 KB	14ms 12ms	Image image/jpeg	2606:4700:3031::681c:222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/images/1.jpg Requested by Host: dreamflingsxl.com URL: https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6a568673e262b16e029a8c139208bf5a9b2a4b0a6b4ff330fd99c140b23c5d7 Request headers Referer https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 10 Aug 2020 13:37:40 GMT cf-cache-status HIT age 461 status 200 content-length 70422 cf-request-id 047a3061f6000005b34d35f200000001 last-modified Thu, 28 May 2020 10:07:19 GMT server cloudflare etag "5ecf8d57-11316" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 accept-ranges bytes cf-ray 5c0a1ce32cb905b3-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	pattern.png dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/images/	3 KB 3 KB	13ms 11ms	Image image/png	2606:4700:3031::681c:222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/images/pattern.png Requested by Host: dreamflingsxl.com URL: https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5cbc28ef1cf07ab8956014b581aa2b96baac861237975813702e63c886b0c004 Request headers Referer https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 10 Aug 2020 13:37:40 GMT cf-cache-status HIT age 5492 status 200 content-length 2801 cf-request-id 047a3061f6000005b34d360200000001 last-modified Thu, 28 May 2020 10:07:19 GMT server cloudflare etag "5ecf8d57-af1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 accept-ranges bytes cf-ray 5c0a1ce32cbb05b3-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	2.jpg dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/images/	124 KB 124 KB	20ms 18ms	Image image/jpeg	2606:4700:3031::681c:222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/images/2.jpg Requested by Host: dreamflingsxl.com URL: https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac605628b9e58ae57eec4d819816b2770d2d251a5e39ee58cdc0a91c5417f55b Request headers Referer https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 10 Aug 2020 13:37:40 GMT cf-cache-status HIT age 461 status 200 content-length 126665 cf-request-id 047a3061f6000005b34d361200000001 last-modified Thu, 28 May 2020 10:07:19 GMT server cloudflare etag "5ecf8d57-1eec9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 accept-ranges bytes cf-ray 5c0a1ce32cbe05b3-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	3.jpg dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/images/	134 KB 134 KB	23ms 22ms	Image image/jpeg	2606:4700:3031::681c:222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/images/3.jpg Requested by Host: dreamflingsxl.com URL: https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a326ebd0e110d93afd48d08ff863c639f7d4beaa1c5d89323ffa04b4d27333c0 Request headers Referer https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 10 Aug 2020 13:37:40 GMT cf-cache-status HIT age 461 status 200 content-length 137061 cf-request-id 047a3061f6000005b34d362200000001 last-modified Thu, 28 May 2020 10:07:19 GMT server cloudflare etag "5ecf8d57-21765" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 accept-ranges bytes cf-ray 5c0a1ce32cc005b3-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	4.jpg dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/images/	76 KB 77 KB	15ms 14ms	Image image/jpeg	2606:4700:3031::681c:222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dreamflingsxl.com/assets/fe34f301a6b361176b14fca0d07d0ee9/images/4.jpg Requested by Host: dreamflingsxl.com URL: https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8ab029ce43e45ed9b9f568ed1a2247fc096947cae1829ac816e938146cf8ac7 Request headers Referer https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 10 Aug 2020 13:37:40 GMT cf-cache-status HIT age 461 status 200 content-length 78128 cf-request-id 047a3061f6000005b34d363200000001 last-modified Thu, 28 May 2020 10:07:19 GMT server cloudflare etag "5ecf8d57-13130" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=14400 accept-ranges bytes cf-ray 5c0a1ce32cc105b3-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: dreamflingsxl.com URL: https://dreamflingsxl.com/?utm_source=9KAC1bDu3ZjFz&utm_campaign=zzzzzzzzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3Azzzzzzzzz&sa=D&sntz=1&usg=AFQjCNEqYhs3CRGQX2dHi4wqW4FSHhrI3A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Lato&subset=latin-ext Origin https://dreamflingsxl.com Response headers date Wed, 15 Jul 2020 20:02:30 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:55 GMT server sffe age 2223310 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14044 x-xss-protection 0 expires Thu, 15 Jul 2021 20:02:30 GMT
POST H2	200	featrepl Show response dreamflingsxl.com/	2 B 108 B	22ms 22ms	XHR text/plain	2606:4700:3031::681c:222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dreamflingsxl.com/featrepl?a=846364&cr=28603&lid=15649&mh=WE9VYnNvQU14ZkV4TnRiZ0NnQVFFRXh3dlpOVlZpR0FLU1JYLTEzNTI3&p=0&t=zzzzzzzzzzzzzzz Requested by Host: dreamflingsxl.com URL: https://dreamflingsxl.com/assets/f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681c:222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://dreamflingsxl.com/DE/c03e9f488f07f5bf560f52e19e49b6d5/?a=846364&cr=28603&lid=15649&mh=WE9VYnNvQU14ZkV4TnRiZ0NnQVFFRXh3dlpOVlZpR0FLU1JYLTEzNTI3&p=0&t=zzzzzzzzzzzzzzz User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Mon, 10 Aug 2020 13:37:41 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type text/plain; charset=utf-8 status 200 cf-ray 5c0a1ce9cff405b3-FRA content-length 2 cf-request-id 047a30661f000005b34d3c8200000001

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| u object| probes object| pr string| fh object| xhr

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dreamflingsxl.com/	1970-01-20 05:08:58	Name: uord Value: 24e33a62e9635af1a0fb45074b81c53c
			dreamflingsxl.com/	1970-01-19 20:23:22	Name: k Value: SFMyNTY.g3QAAAAIbQAAAARhdW5xdAAAAAFtAAAABTY0NjcybQAAAApSQVBQem9qTm1wbQAAAANoaWRtAAAAJFhPVWJzb0FNeGZFeE50YmdDZ0FRRUV4d3ZaTlZWaUdBS1NSWG0AAAACaGxkAANuaWxtAAAAAnJkdAAAAARkAApfX3N0cnVjdF9fZAAYRWxpeGlyLlRkZXguUm90YXRpb25EYXRhZAAOY2xpY2tlZF9vZmZlcnN0AAAAAGQACGxhbmRpbmdzbAAAAAFiAAACQ2pkAAtzZWVuX29mZmVyc2wAAAABYgAAcG5qbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJkAANuaWxtAAAAB3RyYWNrZXJtAAAAD3p6enp6enp6enp6enp6em0AAAADdW5xbQAAAAxEeGhPT05HWVpxZkw.ruIHBnIJGR54_-BPrTvUvyHqKMG5v_Ez_I8fIFbuZQo
			.dreamflingsxl.com/	1970-01-19 12:20:58	Name: __cfduid Value: da8ac1ce64f80befeaaac658378a9df961597066660

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
dreamflingsxl.com
fonts.googleapis.com
fonts.gstatic.com
2606:4700:3031::681c:222
2606:4700::6810:85e5
2a00:1450:4001:80b::2003
2a00:1450:4001:825::200a
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
1c780601fda3440c292d1d81824594bb086830e73e8c707857579d5edd762ce3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3f7a6a9ac1abfb0094080eacaa977fe4ce216d4247e1386280f67dd485f7dd50
5cbc28ef1cf07ab8956014b581aa2b96baac861237975813702e63c886b0c004
6bfdecff876226c1e233f71e7b0b1a6e0eb238281a52156c39f051691dd88a43
76d703389c75e3c1e9946072b1e18f6d61842f77eac3f03cfb366baba8035850
803090f7e96cb1c802bea76fbde208bc8647912ffe428db74e18a45cb13b1972
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
a326ebd0e110d93afd48d08ff863c639f7d4beaa1c5d89323ffa04b4d27333c0
ac605628b9e58ae57eec4d819816b2770d2d251a5e39ee58cdc0a91c5417f55b
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
b6a568673e262b16e029a8c139208bf5a9b2a4b0a6b4ff330fd99c140b23c5d7
c8ab029ce43e45ed9b9f568ed1a2247fc096947cae1829ac816e938146cf8ac7
fedd7527d1cceee3052bf4bb62e76d56e8200a115d8a2affae23a125578b7ad1