www.pageassume.lease Open in urlscan Pro
2606:4700:3036::ac43:95b7  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://www.pageassume.lease/pmqew/mcokmk834463srha/7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Page URL
2. http://www.pageassume.lease/offer.php?id=226&sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Page URL
3. http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Show response www.pageassume.lease/pmqew/mcokmk834463srha/7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/	1 KB 1 KB	113ms 107ms	Document text/html	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/pmqew/mcokmk834463srha/7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.25 Resource Hash a6aca786c69377ba92fe050a2a2f3b63a82fa299155c22dfbd44828aff46487c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Fri, 19 Nov 2021 16:25:50 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive x-powered-by PHP/7.3.25 CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pD0vjRZ37J%2BfSkovC2SIZjBLCkEevOoALqaWlolyfTu69oryu0xH%2Fy6d6UFukRpi06N4CDpYboIqry0uGNYc%2B9gLSKl4LMHyKI4EfYuqZVvqDMqpJIklo6A7Xo%2FeXXGnYnlh5WoZf9Hn2phHT1MXmOnLrQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6b0acbfc6ba305f1-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	jquery-1.11.0.min.js Show response www.pageassume.lease/	94 KB 33 KB	262ms 262ms	Script application/javascript	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/jquery-1.11.0.min.js Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/pmqew/mcokmk834463srha/7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/pmqew/mcokmk834463srha/7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 19 Nov 2021 16:25:51 GMT Content-Encoding gzip CF-Cache-Status MISS last-modified Wed, 15 Jun 2016 01:14:34 GMT Server cloudflare etag W/"5760abfa-1787d" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36OFVR78fAnsqRjsXVLtfyp5QvFAHYrACagqTUP%2FB4q3kVJn40U38HocHVP1W7vuEGnDBAehYNuehkQfMK0ocnrJ%2FP4sQvXsaBboW0zOnlJUZysLJkrlicKyxn8JQV8yXbayJh8ddSk%2Fq7t%2BCWMGxSztvA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6b0acbfd3d4a05f1-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET		js www.googletagmanager.com/gtag/	0 0
GET H/1.1	200 OK	offer.php Show response www.pageassume.lease/	407 B 1 KB	101ms 100ms	Document text/html	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/offer.php?id=226&sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/pmqew/mcokmk834463srha/7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.25 Resource Hash c01b503fb4d4c099a4ac1a4aa851b80efbb689385b865d0c48ee8a64679bf371 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/pmqew/mcokmk834463srha/7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Response headers Date Fri, 19 Nov 2021 16:25:51 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive x-powered-by PHP/7.3.25 CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zP5sdrgqAEC1%2B1tz6OmeLFslD3Uzh8pUm2nmoCJE866y%2FkDLDhzWWxpvpFnnB03Cgx8VkGqqfBQgpcMFEnlL68gqZDOpDaLZIURi43a%2BXsrOYwd62PNAv9yJpCLc0j3Kcf8hK29IxRVl3teM%2FEz6A4UMAg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6b0acbfef8ed05f1-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	Primary Request ColdSleepbot.php Show response www.pageassume.lease/clicks/chapter3/	6 KB 2 KB	101ms 100ms	Document text/html	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.25 Resource Hash f663961122a4ee947c858a4444385e1d4ee79fe8c57131df20d308334363cc73 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/offer.php?id=226&sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Response headers Date Fri, 19 Nov 2021 16:25:51 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive x-powered-by PHP/7.3.25 CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtsrA7vJwJ71UjUWFS1gXPXjahjCZH5s2H9LYGOpCI5B6%2Bh8LpfROUHz5nFQJijaZsOUm655HBaCTS%2FzytyNWutodbsYMIUKK%2BpTvnG6PXapz3yxJNpDgjA9r3x3G3XfFKaF1%2FrNkDrxEuS7sUfM3NKhIg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6b0acbffba5b05f1-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	bootstrap.css www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/	118 KB 20 KB	258ms 258ms	Stylesheet text/css	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/bootstrap.css Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3e8d733d0be3d1c499c02d5494b2cc2badb0b26fedab3e31906f0c2e981e3d6 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 19 Nov 2021 16:25:51 GMT Content-Encoding gzip CF-Cache-Status MISS last-modified Thu, 04 Nov 2021 20:42:08 GMT Server cloudflare etag W/"618445a0-1d97f" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9RxwiIvLEIkZeBSL8LnZaKc0Hu8OpKCdfXbdBa1K%2B4KMe2mAPdoRL5p3SjMXRpLL1l%2B%2Fd9ja9xhguhN9suzDsCA6bb8ZYL4%2B1bT8gMRDGs1zCVacOTSgOFdK80FgId1mqbFIqBso4f17fi0Id3Km24URw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6b0acc006ba405f1-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	jquery.js Show response www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/	85 KB 30 KB	254ms 248ms	Script application/javascript	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/jquery.js Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 19 Nov 2021 16:25:51 GMT Content-Encoding gzip CF-Cache-Status MISS last-modified Thu, 04 Nov 2021 20:42:08 GMT Server cloudflare etag W/"618445a0-1538f" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1kzmVb6xxLB4NsOcmbrEm2CP4%2BAhe4dlY0nTmvoNnu6%2BWpF9Tb6g89Q4cpFOFxP%2Fo%2BamEHS0D2UD2BC59%2BJSMUlBr9I%2Bd%2F4Kw%2B3Aw6xlgNarOiarBfSikMvA11EPnUYvOdHLkFtr7qLWjuKP2vGmCEMYg%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6b0acc0068ac2c36-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	bootstrap.js Show response www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/	36 KB 10 KB	219ms 213ms	Script application/javascript	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/bootstrap.js Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 19 Nov 2021 16:25:51 GMT Content-Encoding gzip CF-Cache-Status MISS last-modified Thu, 04 Nov 2021 20:42:08 GMT Server cloudflare etag W/"618445a0-90b5" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3cG8SWI5NSkOtbGdLJKjdR6FOy7f1w8thRtLDxRFe9dSXfa0EzCZ%2FxopmSmLfNQY%2B8gpWAFtwCxxzuQKlpEITDwLKodcbjRhTmnDP0RGmdB47qUYpq5Fe0EHFoFpRo8rfSIohJPevuUITRg44%2BMXTxXqw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6b0acc006c832ba1-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	blank.html Show response www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/ Frame 6BF3	1 KB 1 KB	142ms 142ms	Document text/html	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank.html Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e275aaeeefc32c9aebbebc0a382c5b337fcd824c342c69e74a27ad08f7a98bc0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Response headers Date Fri, 19 Nov 2021 16:25:51 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive last-modified Thu, 04 Nov 2021 20:42:08 GMT CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpCJPA7fOmA5JfKsnFLBJLn1zo7jRrIIFHmunMHYfNSFhQ3SQf1esZQrNpx2lwDdmpMmzJKcoAGuNIf8FgBNWGQfK9ue0x%2BQm5vUBby75XDyLij%2BSYwwmx2AvVVd1LfeNpk%2Fys7MEpQaR4n6%2Bm9nJS%2BEwg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6b0acc02bd292c36-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	blank_002.html Show response www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/ Frame D21C	1 KB 1 KB	135ms 134ms	Document text/html	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_002.html Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f46f9d349d0ff48f0ccedad5ad17a90a16f37c5d598a860093c013605248f4dd Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Response headers Date Fri, 19 Nov 2021 16:25:51 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive last-modified Thu, 04 Nov 2021 20:42:08 GMT CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9doPO9uw2NClGTOI0ttMSystK5YsJwTj29MjXAzUMGdZYyZ0LjSpGQtDFabWs4wYkMfq2qLxtQYUJoVCChI%2Bz922DkjZWMUBUf2kAm067nfBJrYv934kFrWcavcwNMVbfV9H0URuAj57VrD7WzTNqtcwqQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6b0acc02b9d12ba1-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	blank_003.html Show response www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/ Frame BC3B	1 KB 1 KB	163ms 157ms	Document text/html	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_003.html Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ac2aee2d8bb558d7b534a2627dead6e4c158cc93e06660d82a39b56f7b07840 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Response headers Date Fri, 19 Nov 2021 16:25:51 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive last-modified Thu, 04 Nov 2021 20:42:08 GMT CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUbSirVELbZNIbuXN9CsTM0R9IsQIgohLN1ATsrNZyHSEDE%2BXcQKZS3E%2F44JXgnm0NhIr38cwsQ2YF3hMaVinkq0ZNuZGYD7%2B4sN%2F6vq9qe0RXHiQZPekBtygQgvBtUVnfb1sfIe%2BqlY1PqgNWA6QZqflw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6b0acc02c99d4e79-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	blank_004.html Show response www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/ Frame C637	1 KB 1 KB	153ms 147ms	Document text/html	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_004.html Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f8fa2d544af55ba626466547386195d4e93203e501e7e67a0801aea9bf98f20 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Response headers Date Fri, 19 Nov 2021 16:25:51 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive last-modified Thu, 04 Nov 2021 20:42:08 GMT CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPXB9WAi2p5O1ODavUam2CweqhUb2xfgLg4wttsGQ6EHe1%2F3b8mEdyiAHhPUm6bQR1xm4lgnGyKrm4uDHI%2FUoQo5LII0lCNLTbsyfjQj0Xq%2FkI0uM5dTNcXqR7oofov03VLUsFkSUqnlPZdyqE60yzTSxg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6b0acc02c8d34ebc-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	blank_005.html Show response www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/ Frame 0D3F	1 KB 1 KB	167ms 161ms	Document text/html	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_005.html Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc06d2dc98997192f2bee82e35a2aabdc01d953ab00be71290290025b6bc58f8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Response headers Date Fri, 19 Nov 2021 16:25:51 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive last-modified Thu, 04 Nov 2021 20:42:08 GMT CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjZghceA7RPBd5Uk%2FH0tTYV0MSzeHiHsTswx8U%2FsYGcZXc%2FhLSV3d9GuiT2YOeKSncYXKab2YmH5q6jI2EsV%2BYaknr6Jh0YEgBi%2F33X5izTUMX90iFdStmXTCLx3sEWPffWZ5jTCyiks4wEdK6qA3Nwatg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6b0acc02c98b4edf-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	a.html Show response www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/ Frame 2DA9	108 B 859 B	239ms 106ms	Document text/html	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/a.html Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Response headers Date Fri, 19 Nov 2021 16:25:52 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive last-modified Thu, 04 Nov 2021 20:42:08 GMT CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=At0Oxo5gSVvHRwkquRJPepYhNB68n0uAGAEcwT45kf6MN4DYAbM1FMoz1SlnvA%2B44htYwz9uVHDJBJ6pa5tSjlz%2FBaQisJFj4CFegAcztsSbk4lHXtooPn3vXRf0%2ByEXpsiUtfHjR0q3pMxlP9jodhkWqQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6b0acc039b5e2ba1-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	a_002.html Show response www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/ Frame 5A6C	108 B 863 B	237ms 97ms	Document text/html	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/a_002.html Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Response headers Date Fri, 19 Nov 2021 16:25:52 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive last-modified Thu, 04 Nov 2021 20:42:08 GMT CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkTNIqvsGGT6kAM2jQKldt5DBM3b%2FSxTuAF7034x%2FFKo3gah%2FCsICuc5CE1WdBkNOntWXEHqdqTTshklouCjljiSvjJJtX%2BGiGovzDfcPXJuDHHS%2BgBT5h7wsMcLmF6I5PfbgizIIVodP1rDB9Il6Z5PiA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6b0acc039ede2c36-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	a_003.html Show response www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/ Frame D2B8	108 B 863 B	266ms 115ms	Document text/html	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/a_003.html Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Response headers Date Fri, 19 Nov 2021 16:25:52 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive last-modified Thu, 04 Nov 2021 20:42:08 GMT CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgAiqJxRgPeZ5%2FxFKWZD5Fh%2FDRHr12huM3AVZ9WySAd5melUEn%2FLfpm1f%2BIFE0ArqvDC78fde6cuzQzb8nN2frYw5L8lqAODWclBz67n5LQJXSnVDdAIJg18KdipWkyyyx8qJaaZjmOEgyo%2BV14Sg9wQxQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6b0acc03bab54ebc-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	a_004.html Show response www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/ Frame AF9D	108 B 863 B	260ms 101ms	Document text/html	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/a_004.html Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Response headers Date Fri, 19 Nov 2021 16:25:52 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive last-modified Thu, 04 Nov 2021 20:42:08 GMT CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJEdEZJXDYRSlNY4fvgvCcRDBMtLWaA0oDtq5H9YcPLE%2BHmH3QD4qTX%2B5pOu877Se5Q7wQhlO%2FP%2Bzg6zstKY1g17mxLKbnutQ8yV4Fkup5xoXXJMXX%2F1t2u984RZesbmvwYIcYHnMJLaoLNtUZVs26DeEg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6b0acc03cbd34e79-FRA Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	ColdSleepbot_files.PNG www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/	425 KB 425 KB	211ms 211ms	Image image/png	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/ColdSleepbot_files.PNG Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8980c7a19b25435c3b11e20ee02c7f62671518fc75c83067c2dafff2230cc1ec Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot.php?sid=933623&h=7RCN0Iz1-nAM7T_YfIdIrEiwk7Y3QMSBpPJthIxZ40s/Nr0Ioj93Kh9JdWt0BZZzN-tnP0MyS5l-6Di0KBQ7oTfN-VZB3TVWZ5GiPLN8--G3GmXP1P1rZRaiU8R8aopoMIY9OmLLtQndFt-46Pwo4Sw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 19 Nov 2021 16:25:51 GMT CF-Cache-Status MISS last-modified Thu, 04 Nov 2021 20:42:08 GMT Server cloudflare etag "618445a0-6a2cf" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDfbuIdPDrBZmIZDCUiamtVG4G73jSce%2BUA%2FEF%2FpKi0OadfLfasI9nQuHWeh7aVaTQ7X1xHtBKSNepHH0LZfkN0zduZoWvGM%2FbWTp5BrC5jIU%2BfI0ZtSNPU1T2YmiZ2JJvindiA98lBLmsToz%2F%2FrdXQJrw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6b0acc022f2c05f1-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 434895
GET H/1.1	200 OK	inject.css www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_002_data/ Frame D21C	4 KB 2 KB	116ms 89ms	Stylesheet text/css	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_002_data/inject.css Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_002.html Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_002.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 19 Nov 2021 16:25:52 GMT Content-Encoding gzip CF-Cache-Status MISS last-modified Thu, 04 Nov 2021 20:42:08 GMT Server cloudflare etag W/"618445a0-f28" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BD0UjNMYX9VHActI0xGj%2BuA5Swng110GHP2aPIjvunNauJ50z3XUxRJtDgk10kwIcQxMSbRscKMxI6p%2BWqJZZDmFOVVuOOv%2BMW0qJNcUd2uA5iRkMiZsdBDtZJCsbojVdMDjzqKPG0kN7ay%2Bj37tYEKDw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6b0acc03cb5d4edf-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	inject.css www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_data/ Frame 6BF3	4 KB 2 KB	186ms 95ms	Stylesheet text/css	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_data/inject.css Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank.html Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 19 Nov 2021 16:25:52 GMT Content-Encoding gzip CF-Cache-Status MISS last-modified Thu, 04 Nov 2021 20:42:08 GMT Server cloudflare etag W/"618445a0-f28" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0y0eWISeIJlej8yBhddiJhWB5WPOuZGN1dgjCUnA3A7Jd0giGh2oXjt%2F9%2B4eSxCqJMmTEDivK2G1KoeyO6z3GDOMEjTpcbkbg%2FAxfV1vqXBRQAO65VjDI1GnnR7DtecYykXgyeBdSggNYJS8VSV1GVmog%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6b0acc043ff02c36-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	inject.css www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_004_data/ Frame C637	4 KB 2 KB	183ms 105ms	Stylesheet text/css	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_004_data/inject.css Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_004.html Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_004.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 19 Nov 2021 16:25:52 GMT Content-Encoding gzip CF-Cache-Status MISS last-modified Thu, 04 Nov 2021 20:42:08 GMT Server cloudflare etag W/"618445a0-f28" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LChEGrSxolvMeJU2lr1ZzKm38ptJUUA2jd63iS0kbPSZIorVB0EQ7p%2FH8BgELs8HnJkYr8BJGoF0sZgdigW8XiPDZAPw39elU6DjJo3uevMhIaKT5OU8gf%2FTPYEprjOJdXq9sAc6EIaT7bZwqSv5HbvNGA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6b0acc043cb32ba1-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	inject.css www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_003_data/ Frame BC3B	4 KB 2 KB	179ms 96ms	Stylesheet text/css	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_003_data/inject.css Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_003.html Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_003.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 19 Nov 2021 16:25:52 GMT Content-Encoding gzip CF-Cache-Status MISS last-modified Thu, 04 Nov 2021 20:42:08 GMT Server cloudflare etag W/"618445a0-f28" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfSYPFKzpmb0QJlmVySCG%2BgqwVmHmR9YrxEBMEqqcEdyudkNgGuNDowAbZkrBp77uxNBTAKLnePM4kuKbX0mYPzVSPdAI0ZgT9xasq2Ihv%2BKCNjjSF7sUZu%2FacHBcISuM4F%2BbMdXurKg8dR0beIYMFrPHQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6b0acc045c5a4edf-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	inject.css www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_005_data/ Frame 0D3F	4 KB 2 KB	192ms 103ms	Stylesheet text/css	2606:4700:3036::ac43:95b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_005_data/inject.css Requested by Host: www.pageassume.lease URL: http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_005.html Protocol HTTP/1.1 Server 2606:4700:3036::ac43:95b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.pageassume.lease/clicks/chapter3/ColdSleepbot_files/blank_005.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Fri, 19 Nov 2021 16:25:52 GMT Content-Encoding gzip CF-Cache-Status MISS last-modified Thu, 04 Nov 2021 20:42:08 GMT Server cloudflare etag W/"618445a0-f28" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pe3274H2nhg%2FEVTExa0B7wMASbtRDp0X6vL7cO%2Bjxl99Mg%2BjBxK%2BenIy%2BDGZ8eD2pCM%2BV3BY66HjXH9zsqDpThjZcqIKoin%2BMitFKwWMF9w%2F%2F7OpUmdkOFmca73DMmabLEo%2FLt7Swj0TInmPZNnhpDn8Jw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 6b0acc046d094e79-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.googletagmanager.com

URL

https://www.googletagmanager.com/gtag/js?id=UA-22484186-3

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.googletagmanager.com
www.pageassume.lease
www.googletagmanager.com
2606:4700:3036::ac43:95b7
0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2f8fa2d544af55ba626466547386195d4e93203e501e7e67a0801aea9bf98f20
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5ac2aee2d8bb558d7b534a2627dead6e4c158cc93e06660d82a39b56f7b07840
8980c7a19b25435c3b11e20ee02c7f62671518fc75c83067c2dafff2230cc1ec
a6aca786c69377ba92fe050a2a2f3b63a82fa299155c22dfbd44828aff46487c
ad3cc24a66bae714bcb1536ba2be070d636f61bbdfedf1e66de4d2a610a4f9e1
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c01b503fb4d4c099a4ac1a4aa851b80efbb689385b865d0c48ee8a64679bf371
d3e8d733d0be3d1c499c02d5494b2cc2badb0b26fedab3e31906f0c2e981e3d6
e275aaeeefc32c9aebbebc0a382c5b337fcd824c342c69e74a27ad08f7a98bc0
f46f9d349d0ff48f0ccedad5ad17a90a16f37c5d598a860093c013605248f4dd
f663961122a4ee947c858a4444385e1d4ee79fe8c57131df20d308334363cc73
fc06d2dc98997192f2bee82e35a2aabdc01d953ab00be71290290025b6bc58f8