contafakeiq.online Open in urlscan Pro
108.179.252.169  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response contafakeiq.online/	214 KB 44 KB	1037ms 444ms	Document text/html	108.179.252.169 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://contafakeiq.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.252.169 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS br534-ip05.hostgator.com.br Software Apache / Resource Hash 0b5ac2cba821cf3c547a474d163ffe92f6fe40b8614fed107d6e804ddad7ae5c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-type text/html date Mon, 18 Nov 2024 03:56:30 GMT last-modified Mon, 16 Sep 2024 22:47:09 GMT server Apache vary Accept-Encoding,User-Agent x-generated t=1731902190119754
GET H2	200	font-awesome.css components.mywebsitebuilder.com/fonts/	30 KB 31 KB	702ms 47ms	Stylesheet text/css	35.190.14.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://components.mywebsitebuilder.com/fonts/font-awesome.css Requested by Host: contafakeiq.online URL: https://contafakeiq.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 35.14.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash bd1411968f2f8d6fac8407f679d31f30939345c45bf1df811ba149120d879fb1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://contafakeiq.online/ Response headers x-goog-metageneration 3 access-control-expose-headers Content-Type x-goog-hash crc32c=ghVUSQ==, md5=nzr3n6AFCRRskr2RRU1Orw== etag "9f3af79fa00509146c92bd91454d4eaf" age 839714 x-goog-stored-content-encoding identity expires Sat, 08 Nov 2025 10:41:17 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 30748 date Fri, 08 Nov 2024 10:41:17 GMT x-goog-custom-time 1970-01-01T00:00:00Z last-modified Fri, 18 Dec 2020 10:13:33 GMT content-type text/css x-guploader-uploadid AHmUCY2mK3XBMV0sekNdo9OA-v3jyYadu0wvzhf9Gn_Z3EQYlF1KSX0Y_Ifjq20-9CuLO2kSgYc cache-control Cache-Control:public,max-age=315360001 x-goog-meta- x-goog-storage-class STANDARD accept-ranges bytes access-control-allow-origin * x-goog-generation 1608286413516447 content-length 30748 server UploadServer
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	156 KB 53 KB	716ms 65ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4095413475204369 Requested by Host: contafakeiq.online URL: https://contafakeiq.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 5f023aacb232aacda1660a8503d9be7a91ee4b7668759c8e48f719438c517f37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://contafakeiq.online Referer https://contafakeiq.online/ Response headers content-encoding br etag 8715447178329106774 x-content-type-options nosniff expires Mon, 18 Nov 2024 03:56:31 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Mon, 18 Nov 2024 03:56:31 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 53439 x-xss-protection 0 server cafe
GET H2	200	js Show response www.googletagmanager.com/gtag/	316 KB 106 KB	613ms 86ms	Script application/javascript	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-7DKDJRT5V3 Requested by Host: contafakeiq.online URL: https://contafakeiq.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash 43b3762fdd906854b9abf4b615bffb5a8f6fc9bc4ded639dc95c9aa17641502e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://contafakeiq.online/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Mon, 18 Nov 2024 03:56:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 18 Nov 2024 03:56:32 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 107948 x-xss-protection 0 server Google Tag Manager
GET H2	200	css gfonts-proxy.wzdev.co/	4 KB 1 KB	554ms 89ms	Stylesheet text/css	66.235.200.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gfonts-proxy.wzdev.co/css?display=swap&family=Permanent+Marker:400,700|Overpass:400,700 Requested by Host: contafakeiq.online URL: https://contafakeiq.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.235.200.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS host77.ipowerweb.com Software cloudflare / Resource Hash c78b5225fe1bc0f690a53713106dc3bef931fdab07eed1bb3ed9732de9645507 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://contafakeiq.online/ Response headers content-encoding br cf-cache-status HIT age 290020 x-content-type-options nosniff expires Thu, 14 Nov 2024 19:22:50 GMT date Mon, 18 Nov 2024 03:56:31 GMT content-type text/css; charset=utf-8 last-modified Thu, 14 Nov 2024 19:22:50 GMT vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Accept-Encoding x-frame-options SAMEORIGIN strict-transport-security max-age=15552000; includeSubDomains link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin cf-ray 8e4507f599d43803-FRA access-control-allow-origin * x-xss-protection 0 server cloudflare
GET H2	200	inicio.6f8f26e9.js Show response contafakeiq.online/	6 KB 3 KB	151ms 151ms	Script application/javascript	108.179.252.169 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://contafakeiq.online/inicio.6f8f26e9.js Requested by Host: contafakeiq.online URL: https://contafakeiq.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 108.179.252.169 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS br534-ip05.hostgator.com.br Software Apache / Resource Hash 8f018d674b6caaf2c63e2a9574c7ae858aa66ccfdceea05b384019320a337131 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://contafakeiq.online/ Response headers content-encoding gzip accept-ranges bytes content-length 2695 date Mon, 18 Nov 2024 03:56:30 GMT x-generated t=1731902190811123 last-modified Mon, 16 Sep 2024 22:47:08 GMT vary Accept-Encoding,User-Agent server Apache content-type application/javascript
GET H2	200	m images.builderservices.io/s/cdn/v1.0/i/	74 KB 74 KB	2351ms 1817ms	Image image/png	104.17.62.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.builderservices.io/s/cdn/v1.0/i/m?url=https%3A%2F%2Fstorage.googleapis.com%2Fproduction-hostgator-brasil-v1-0-3%2F083%2F1523083%2FIJC6koNi%2F03cd37b86ac8438699936928c69143dc&methods=resize%2C500%2C5000 Requested by Host: contafakeiq.online URL: https://contafakeiq.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.62.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4789334defd40f60c1632798541168593d98bb656c6119405d51022f4f3b601f Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://contafakeiq.online/ Response headers cf-cache-status DYNAMIC etag "cf57aqzjMx6JTflFkqZdEOKVvjp3dOmfGDQLNEaFfWDQ:8b82fb09ff67a1aada35b47aa19ed0e8" cf-bgj imgq:96,h2pri cf-resized internal=ram/m q=0 n=0+37 c=1+36 v=2024.10.6 l=75416 f=false access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS x-content-type-options nosniff date Mon, 18 Nov 2024 03:56:33 GMT content-type image/png last-modified Sun, 30 Oct 2022 19:06:38 GMT vary Origin, Accept-Encoding priority u=4;i=?0,cf-chb=(37;u=2;i=?0 825;u=5;i=?0) access-control-allow-headers * content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' cache-control public, max-age=2678400 x-engine cloud access-control-allow-credentials true cf-ray 8e4507f8b938d3a2-FRA access-control-allow-origin * content-length 75416 server cloudflare
GET H2	200	m images.builderservices.io/s/cdn/v1.0/i/	97 KB 98 KB	1897ms 1364ms	Image image/jpeg	104.17.62.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.builderservices.io/s/cdn/v1.0/i/m?url=https%3A%2F%2Fstorage.googleapis.com%2Fproduction-hostgator-brasil-v1-0-3%2F083%2F1523083%2FIJC6koNi%2Fe122f95c058a4588bbafde0bc66a5e7d&methods=resize%2C1000%2C5000 Requested by Host: contafakeiq.online URL: https://contafakeiq.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.62.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77926023d0f32601ed568a7720f0d091feda8a3897abea9bb19ae7e2fad01476 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://contafakeiq.online/ Response headers cf-cache-status DYNAMIC etag "cf3PlkzcbQX7-yLY1Qva5m0sAA6uiyIMnqoK0Nlj8MDQ:865d9cb024e8f8b4d9e92d9a1289a2d0" cf-bgj imgq:85,h2pri cf-resized internal=ok/h q=0 n=5+19 c=1+17 v=2024.10.6 l=99495 f=false access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS x-content-type-options nosniff date Mon, 18 Nov 2024 03:56:32 GMT content-type image/jpeg last-modified Sun, 30 Oct 2022 20:04:52 GMT vary Origin, Accept-Encoding priority u=1;i=?0,cf-chb=(268;u=3;i=?0 13598;u=5;i=?0 57391;u=6;i=?0) access-control-allow-headers * content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' cache-control public, max-age=2678400 x-engine cloud access-control-allow-credentials true cf-ray 8e4507f8b93bd3a2-FRA access-control-allow-origin * content-length 99495 server cloudflare
GET H2	200	bundle.js Show response runtime.builderservices.io/runtime-endurance-21821/	2 MB 459 KB	80ms 58ms	Script application/javascript	104.17.62.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://runtime.builderservices.io/runtime-endurance-21821/bundle.js Requested by Host: contafakeiq.online URL: https://contafakeiq.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.62.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ed3a59cac066294193aa357032564fa8ad0528ce793f787eed93a4b1ac8fbb8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://contafakeiq.online/ Response headers server cloudflare content-md5 GUpg3nC2di2GwouMfj7zzQ== cache-control "max-age=31536000" x-ms-version 2009-09-19 x-ms-lease-status unlocked cf-cache-status HIT age 1735729 content-encoding gzip x-ms-request-id e47de0e1-301e-000f-23a4-299720000000 cf-ray 8e4507f9299ed3a2-FRA date Mon, 18 Nov 2024 03:56:31 GMT content-type application/javascript last-modified Tue, 20 Aug 2024 09:39:28 GMT vary Accept-Encoding x-ms-blob-type BlockBlob
GET H2	200	m images.builderservices.io/s/cdn/v1.0/i/	759 KB 761 KB	1250ms 1247ms	Image image/png	104.17.62.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.builderservices.io/s/cdn/v1.0/i/m?url=https%3A%2F%2Fstorage.googleapis.com%2Fproduction-hostgator-brasil-v1-0-3%2F083%2F1523083%2FIJC6koNi%2F0985addbe2ee443fb47c7a20be2a8fe6&methods=resize%2C2000%2C5000 Requested by Host: contafakeiq.online URL: https://contafakeiq.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.62.111 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7dde7fa7a126fff9e387dd3401bc645177acee10ad2f1b28e2a8b093f64908cc Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://contafakeiq.online/ Response headers cf-cache-status DYNAMIC etag "cfNDbrg7PiCvy9MaCdAKLRToqJ3j--lvTFa1FxIuPGDQ:aa1f8ec518e02d3ba5a0fa2845adcc08" cf-bgj imgq:87,h2pri cf-resized internal=ok/h q=0 n=5+229 c=4+225 v=2024.10.6 l=777659 f=false access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS x-content-type-options nosniff date Mon, 18 Nov 2024 03:56:32 GMT content-type image/png last-modified Fri, 24 Feb 2023 01:49:21 GMT vary Origin, Accept-Encoding priority u=4;i=?0,cf-chb=(37;u=2;i=?0 825;u=5;i) access-control-allow-headers * content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' cache-control public, max-age=2678400 x-engine cloud access-control-allow-credentials true cf-ray 8e4507f90982d3a2-FRA access-control-allow-origin * content-length 777659 server cloudflare
GET H2	200	fontawesome-webfont.woff2 components.mywebsitebuilder.com/fonts/	75 KB 76 KB	161ms 38ms	Font application/octet-stream	35.190.14.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://components.mywebsitebuilder.com/fonts/fontawesome-webfont.woff2 Requested by Host: components.mywebsitebuilder.com URL: https://components.mywebsitebuilder.com/fonts/font-awesome.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 35.14.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://contafakeiq.online Referer https://components.mywebsitebuilder.com/fonts/font-awesome.css Response headers x-goog-metageneration 3 access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace x-goog-hash crc32c=hGsrhw==, md5=r3rlBanu1QP4uOaYIDaHPg== etag "af7ae505a9eed503f8b8e6982036873e" age 2241605 x-goog-stored-content-encoding identity expires Thu, 23 Oct 2025 05:16:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 77160 date Wed, 23 Oct 2024 05:16:26 GMT last-modified Tue, 16 Jul 2019 09:58:09 GMT content-type application/octet-stream x-guploader-uploadid AHmUCY1ZxJwNQMUFIqul0gr-0KoKUidUFTWShJOtR5PvVhHiUD3f7sIQHgixNc0qYD-Q-1196hUDzEeQgA cache-control max-age=31557600 x-goog-storage-class STANDARD accept-ranges bytes access-control-allow-origin * x-goog-generation 1563271089052469 content-length 77160 server UploadServer
GET H2	200	Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2 gfonts-proxy.wzdev.co/font/s/permanentmarker/v16/	29 KB 29 KB	771ms 242ms	Font font/woff2	66.235.200.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gfonts-proxy.wzdev.co/font/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2 Requested by Host: gfonts-proxy.wzdev.co URL: https://gfonts-proxy.wzdev.co/css?display=swap&family=Permanent+Marker:400,700|Overpass:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.235.200.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS host77.ipowerweb.com Software cloudflare / Resource Hash 4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://contafakeiq.online Referer https://gfonts-proxy.wzdev.co/css?display=swap&family=Permanent+Marker:400,700|Overpass:400,700 Response headers cf-cache-status HIT age 2178147 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 22 Oct 2025 01:08:48 GMT date Mon, 18 Nov 2024 03:56:32 GMT content-type font/woff2 last-modified Tue, 19 Apr 2022 17:55:57 GMT vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cf-ray 8e4507fc7b789b25-FRA accept-ranges bytes access-control-allow-origin * content-length 29564 x-xss-protection 0 server cloudflare
GET H2	200	qFdH35WCmI96Ajtm81GlU9s.woff2 gfonts-proxy.wzdev.co/font/s/overpass/v16/	38 KB 39 KB	645ms 117ms	Font font/woff2	66.235.200.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gfonts-proxy.wzdev.co/font/s/overpass/v16/qFdH35WCmI96Ajtm81GlU9s.woff2 Requested by Host: gfonts-proxy.wzdev.co URL: https://gfonts-proxy.wzdev.co/css?display=swap&family=Permanent+Marker:400,700|Overpass:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.235.200.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS host77.ipowerweb.com Software cloudflare / Resource Hash 29217ef8adef5f6c059feb461bdb029348205fc233dc9b6ca8604b0d068ac086 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://contafakeiq.online Referer https://gfonts-proxy.wzdev.co/css?display=swap&family=Permanent+Marker:400,700|Overpass:400,700 Response headers cf-cache-status HIT age 1678869 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 29 Oct 2025 16:30:23 GMT date Mon, 18 Nov 2024 03:56:32 GMT content-type font/woff2 last-modified Thu, 26 Sep 2024 23:20:24 GMT vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cf-ray 8e4507fc7b799b25-FRA accept-ranges bytes access-control-allow-origin * content-length 39380 x-xss-protection 0 server cloudflare
GET H2	200	css gfonts-proxy.wzdev.co/	4 KB 716 B	65ms 55ms	Other text/css	66.235.200.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gfonts-proxy.wzdev.co/css?display=swap&family=Permanent+Marker:400,700|Overpass:400,700 Requested by Host: contafakeiq.online URL: https://contafakeiq.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.235.200.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS host77.ipowerweb.com Software cloudflare / Resource Hash c78b5225fe1bc0f690a53713106dc3bef931fdab07eed1bb3ed9732de9645507 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://contafakeiq.online/ Response headers content-encoding br cf-cache-status HIT age 290021 x-content-type-options nosniff expires Thu, 14 Nov 2024 19:22:50 GMT date Mon, 18 Nov 2024 03:56:31 GMT content-type text/css; charset=utf-8 last-modified Thu, 14 Nov 2024 19:22:50 GMT vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Accept-Encoding x-frame-options SAMEORIGIN strict-transport-security max-age=15552000; includeSubDomains link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin cf-ray 8e4507f91b513803-FRA access-control-allow-origin * x-xss-protection 0 server cloudflare
GET H2	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/	434 KB 144 KB	701ms 118ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4095413475204369 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 0118dbc8f08abe28719c2c90924a10ab4805fed55379f4a6893c8fa52761ec64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://contafakeiq.online/ Response headers content-encoding br etag 1360546322503448471 x-content-type-options nosniff expires Mon, 18 Nov 2024 03:56:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Mon, 18 Nov 2024 03:56:32 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" cache-control private, max-age=1209600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 147371 x-xss-protection 0 server cafe
OPTIONS H2	204	51617934 hostingapi.mywebsitebuilder.com/v1.0/runtime/appmarket/render/142/ Frame	0 0	910ms 273ms	Preflight	104.16.41.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hostingapi.mywebsitebuilder.com/v1.0/runtime/appmarket/render/142/51617934 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.41.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://contafakeiq.online Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://contafakeiq.online access-control-max-age 3600 cf-cache-status DYNAMIC cf-ray 8e4507ffb8cadcad-FRA date Mon, 18 Nov 2024 03:56:32 GMT server cloudflare strict-transport-security max-age=2592000 vary Origin x-builder-tracking-id 3d381b50-7d9a-4381-a844-9034607fc025 3d381b50-7d9a-4381-a844-9034607fc025 x-builder-tracking-span-id e721f315e17a492c944506f86f2d1793 x-nf-tracking-id 0HN879ITFUCFM:00000001
GET H2	200	51617934 Show response hostingapi.mywebsitebuilder.com/v1.0/runtime/appmarket/render/142/	799 B 979 B	1071ms 545ms	Fetch application/json	104.16.41.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hostingapi.mywebsitebuilder.com/v1.0/runtime/appmarket/render/142/51617934 Requested by Host: runtime.builderservices.io URL: https://runtime.builderservices.io/runtime-endurance-21821/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.41.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0fbb1ad0ddaa562681bb82b8c3783cfb787ca4f9f517af0534c977fdc6f4d65 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://contafakeiq.online/ Accept-Language en-us User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=2592000 content-encoding gzip cf-cache-status DYNAMIC access-control-allow-credentials true cf-ray 8e4508049ec837f5-FRA x-builder-tracking-span-id cc2e0b05e4ed45b5bff3b325259949ec access-control-allow-origin https://contafakeiq.online date Mon, 18 Nov 2024 03:56:33 GMT content-type application/json; charset=utf-8 vary Origin x-nf-tracking-id 0HN879R7GGTBC:00000001 server cloudflare x-builder-tracking-id 6b3ca9b4-2601-4993-8f17-8fddd6e16ab6, 6b3ca9b4-2601-4993-8f17-8fddd6e16ab6
POST H2	204	collect www.google-analytics.com/g/	0 0	597ms 42ms	Fetch text/plain	142.250.184.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-7DKDJRT5V3&gtm=45je4bc0v896039597za200&_p=1731902191489&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855&cid=310645550.1731902192&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731902192&sct=1&seg=0&dl=https%3A%2F%2Fcontafakeiq.online%2F&dt=IQ%20Option%20conta%20fake%20IQ%20Option%20e%20Quotex%2C%20Blaze%20-%20IQ%20Marketing&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2910 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-7DKDJRT5V3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f14.1e100.net Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://contafakeiq.online/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://contafakeiq.online cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 18 Nov 2024 03:56:32 GMT content-type text/plain server Golfe2
GET H2	200	zrt_lookup_fy2021.html googleads.g.doubleclick.net/pagead/html/r20241112/r20190131/ Frame 5880	0 0	527ms 32ms	Document text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20241112/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://contafakeiq.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers age 41911 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4134 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 17 Nov 2024 16:18:01 GMT etag 4475648825157136472 expires Sun, 01 Dec 2024 16:18:01 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads googleads.g.doubleclick.net/pagead/ Frame 07AB	0 0	468ms 67ms	Document text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4095413475204369&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1726526829&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fcontafakeiq.online%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731902191529&bpp=6&bdt=1047&idt=859&shv=r20241112&mjsv=m202411120101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4847104401547&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533203%2C95330276%2C95332926%2C95343682%2C95344189%2C95335245%2C95337195%2C95345966&oid=2&pvsid=3912513687431588&tmod=673119780&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=889 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://contafakeiq.online/ Sec-Browsing-Topics ();p=P0000000000000000000000000000000 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 18 Nov 2024 03:56:32 GMT expires Mon, 18 Nov 2024 03:56:32 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar Show response ep1.adtrafficquality.google/getconfig/	17 KB 13 KB	535ms 52ms	XHR application/json	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241112&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 962fa8afcdf6eb427d8919f4b0cfef6a61a801ebbbef000cb2b3559b91e20d7f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://contafakeiq.online/ Response headers timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 13063 date Mon, 18 Nov 2024 03:56:33 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	03cd37b86ac8438699936928c69143dc storage.googleapis.com/production-hostgator-brasil-v1-0-3/083/1523083/IJC6koNi/	294 KB 294 KB	810ms 261ms	Other image/png	172.217.23.123 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/production-hostgator-brasil-v1-0-3/083/1523083/IJC6koNi/03cd37b86ac8438699936928c69143dc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.123 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f27.1e100.net Software UploadServer / Resource Hash ceb0cce42bfb1ae2d5fdcbbbf7e4a84f287be5bff0da2068e3b1138ab7802f83 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://contafakeiq.online/ Response headers x-goog-metageneration 1 access-control-expose-headers Content-Type, Content-Length, x-goog-meta-x-builder-filename, x-goog-resumable x-goog-hash crc32c=Mz05dg==, md5=i4L7Cf9noaraNbR6oZ7Q6A== etag "8b82fb09ff67a1aada35b47aa19ed0e8" x-goog-stored-content-encoding identity expires Mon, 18 Nov 2024 04:56:33 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 300642 date Mon, 18 Nov 2024 03:56:33 GMT last-modified Sun, 30 Oct 2022 19:06:38 GMT content-type image/png x-guploader-uploadid AHmUCY2fx3r-F1QWJXEgkLX7OWV4QoRIDI5igBAjnhhtpoBrxlUnoO6lGof41wuQsNiZUvg2b0M cache-control public, max-age=3600 x-goog-storage-class STANDARD accept-ranges bytes access-control-allow-origin * x-goog-generation 1667156798059511 content-length 300642 server UploadServer
GET H2	200	sodar2.js Show response ep2.adtrafficquality.google/sodar/	18 KB 7 KB	577ms 75ms	Script text/javascript	142.250.184.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411120101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f1.1e100.net Software sffe / Resource Hash ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://contafakeiq.online/ Response headers content-encoding gzip etag "1727224258380615" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} x-content-type-options nosniff expires Mon, 18 Nov 2024 03:56:34 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 18 Nov 2024 03:56:34 GMT content-type text/javascript vary Accept-Encoding cache-control private, max-age=3000 cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin accept-ranges bytes content-length 6445 x-xss-protection 0 server sffe
GET H2	200	sdk-insights-tracker Show response in-app.mywebsitebuilder.com/	20 KB 9 KB	383ms 370ms	Script application/javascript	104.16.41.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://in-app.mywebsitebuilder.com/sdk-insights-tracker?appMarketEnv=prod&debug=true&instanceJwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbnN0YW5jZUlkIjoiNzE4MWZiYjZmMjM5NDYxODg2Y2U5MTc2YjA1OTZkNjAiLCJicmFuZCI6Imhvc3RnYXRvcl9icmFzaWwiLCJleHAiOjE3MzE5ODg1OTN9.3hl_bqkDZr0OIXeKbZIQPmw9M6Bj-3wOR_iMYfxEFyQ Requested by Host: runtime.builderservices.io URL: https://runtime.builderservices.io/runtime-endurance-21821/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.41.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18bbbb6e89767bd99d685bf61375c1ab0546c0d0d7a7887b272eaca19d6ed8de Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://contafakeiq.online/ Response headers content-encoding gzip cf-cache-status DYNAMIC etag 0x8D7592F1FA5BFFC cf-ray 8e450808086137f5-FRA x-builder-tracking-span-id dc40dc202d8e40f6baf73f8f3c342ad5 date Mon, 18 Nov 2024 03:56:34 GMT content-type application/javascript last-modified Fri, 25 Oct 2019 09:38:44 GMT vary Accept-Encoding server cloudflare x-builder-tracking-id dc40dc202d8e40f6baf73f8f3c342ad5
GET H2	200	runner.html ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 0678	0 0	509ms 56ms	Document text/html	142.250.184.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f1.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://contafakeiq.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 454 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000 content-encoding gzip content-length 5005 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 18 Nov 2024 03:49:00 GMT expires Mon, 18 Nov 2024 04:39:00 GMT last-modified Mon, 23 Sep 2024 18:12:21 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe www.google.com/recaptcha/api2/ Frame 2808	0 0	505ms 56ms	Document text/html	142.250.184.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f4.1e100.net Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-I2YOQtqi_g7atLg6uuZnmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://contafakeiq.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-I2YOQtqi_g7atLg6uuZnmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Mon, 18 Nov 2024 03:56:34 GMT expires Mon, 18 Nov 2024 03:56:34 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
OPTIONS H/1.1	200 OK	/ in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/ Frame	0 0	626ms 144ms	Preflight	172.191.248.91 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/?timeout=10 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 172.191.248.91 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://contafakeiq.online Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers authorization,content-type Access-Control-Allow-Methods POST Access-Control-Allow-Origin https://contafakeiq.online Access-Control-Max-Age 3600 Content-Length 0 Date Mon, 18 Nov 2024 03:56:34 GMT Server Microsoft-HTTPAPI/2.0 Strict-Transport-Security max-age=31536000
POST H/1.1	201 Created	/ Show response in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/	0 313 B	124ms 121ms	XHR application/xml	172.191.248.91 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/?timeout=10 Requested by Host: in-app.mywebsitebuilder.com URL: https://in-app.mywebsitebuilder.com/sdk-insights-tracker?appMarketEnv=prod&debug=true&instanceJwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbnN0YW5jZUlkIjoiNzE4MWZiYjZmMjM5NDYxODg2Y2U5MTc2YjA1OTZkNjAiLCJicmFuZCI6Imhvc3RnYXRvcl9icmFzaWwiLCJleHAiOjE3MzE5ODg1OTN9.3hl_bqkDZr0OIXeKbZIQPmw9M6Bj-3wOR_iMYfxEFyQ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 172.191.248.91 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Authorization SharedAccessSignature sr=http%3A%2F%2Fin-us-east-event-hubs.servicebus.windows.net%2Fin-us-east-event-hub-a1&sig=wMrCcCaSAhh58bHNptfLSx7PnoFTJ5qalMIzr5mXPfU%3D&se=1731905794.298&skn=Send Referer https://contafakeiq.online/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type application/json Response headers Transfer-Encoding chunked Strict-Transport-Security max-age=31536000 Access-Control-Allow-Origin https://contafakeiq.online Date Mon, 18 Nov 2024 03:56:34 GMT Content-Type application/xml; charset=utf-8 Server Microsoft-HTTPAPI/2.0 Access-Control-Allow-Credentials true
GET		sodar ep1.adtrafficquality.google/pagead/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ep1.adtrafficquality.google

URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241112&jk=3912513687431588&bg=!mpmlmdbNAAY7_TBtG_07ADQBe5WfOKkoB4vKG5VatsUEMZEE-5UBvFPvLZEk3eSYCuQJYCgCk77FUcKGA1VpdBwXQ-tkAgAAACtSAAAAAmgBB34ANuJQCQB4QBitEk1cMgRfhb3t9auFqIzXwOdQzfdd0HbD1bkz2gULWOej_d-rX-weDJHNk4kmdZkCoxwmKiTomlvjEjhtfEI-tr-o5tk1XclOCKM1OYVx2HoadWXZ6X1gjH4WdItq-IA-dxTKx55LFtLaz8O3jgBBrVUMXX7UcidbV_aIb-O3enQs0pgIq_Zb-GuejropwVOtLvh7gvXnwNyxepFg4SmzOskUwAyujYwibD7aVM9WPEgFFajl46ba_xHlapO32VG53HtgXr7NtIjsG4rfCxCQjxIfP2Jcxp7O6QLCWmOACpNAKf8mA4FUd6_CLMBTm9mavpa2dHaQE_d__UB9SN5qrdy5spiGUYgutDM1VrZmKg3Pwcvqsmy53mIm07SQGMVwN8TTDAGdHamEgPOX1L0cJeXK5NdT8mK3D5Mp67AykMT-GvFOa7N7bm1Pl5OIsTMw2fTja2RS8rkOzVgobrT0GuJw0Jd0QlbYDEYUYamIVGVhd3x6QwoA5xa_enyQ5avWSYaF8cQ5H2Q6GGvKN2LlFZQ6iqmq3qqmtcDvy2Ubxz7zqfPKExLbaH2u5y7bScwyff2-7xx1x3-oovneK2bUcgSarJe5DE_MO1KYKrqEF75REDO0lwqoiBToWK89XzOOkb1pOedOhFhH4YLUrOr_V0Mugy31Q8DyeRKXHNhLgx2htNEei2tET0XnL4nhNpaCg-9tU4RiLjiZbHaJ4GIWU9ABBNIGbAYTZzE_H3wWkf1NPdo00kFKOz2lh4M2BfJF7VyEgDc-AkpLZDTjX_3E5N88q-XzNNt7Ew9bPqwVMycc6DcinUlQkDNXMAtT3RHgH7YXeQriVP6RNriE0thsGPJC7UiM9Ifw3hB60ESoAQDcF0RjQzi-GrES4nO0jsczKwOO1WXhlmTX7qDUkbxWo2le9hqbxpNokaIOURAb38HBz3fz_C0ZI9tUGAH0DwmSLAxYug

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer object| __features object| _featureSettings object| _page object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| _WP_JSONP object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb function| Velocity object| _GoogleMapsApi boolean| _isPublished object| _site function| __bi__ object| _feature_events function| showModal object| _zoomUpdateEvents object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| EventHubHistory object| google_image_requests

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.wzdev.co/	1970-01-21 01:05:03	Name: __cf_bm Value: wgzniPmwhhZYqaFMull6Pq0CAh4ABecM3x6BIs6YxJ4-1731902191-1.0.1.1-nGsqoRWkMS8IT4VzfEBnwKINGs8XbhqhX2eVVkseWdCr1iPnYq6drrkVoJ6s1CC8wMSSYy0rRZ__arq1NOb8.w
			.contafakeiq.online/	1970-01-21 10:41:02	Name: _ga_7DKDJRT5V3 Value: GS1.1.1731902192.1.0.1731902192.0.0.0
			.contafakeiq.online/	1970-01-21 10:41:02	Name: _ga Value: GA1.1.310645550.1731902192
			.doubleclick.net/	1970-01-21 01:05:03	Name: test_cookie Value: CheckForPermission
			.builderservices.io/	1970-01-21 01:05:03	Name: __cf_bm Value: mLILBaQYSVTxVB5BibYYXDfycEKlbJyb9W2zVbRWsuw-1731902193-1.0.1.1-urxI.ybNXZpGvxoh1vgLv77jTInUc8nVnlh3KMTqatGpX2N7Z7SMG4l6ZmG1XrOmNWpr6ZISM5QYVqsuOIYMZw
			.builderservices.io/	1969-12-31 23:59:59	Name: _cfuvid Value: 103rBJZuOxDkYLDkZOVpMiSWvNa7q_zjnAWepSQod6Q-1731902193072-0.0.1.1-604800000
			.mywebsitebuilder.com/	1970-01-21 01:05:03	Name: __cf_bm Value: msRVl1X7X1PrdgKbpjM4wQ8FvGjHJxaH0FfIecTj7mo-1731902193-1.0.1.1-TFUrBNcC92KusPTKVxbQNGdQ3mJlklM6VMxcTXifSHVK10vt518JfTy.hQ67rCFAXkibPuv5ewOFjmQupBOzrw
			contafakeiq.online/	1969-12-31 23:59:59	Name: app_key Value: 09AE4D7E-43C8-6DFE-5D9F-801AFDFB087E/1731902194297
			contafakeiq.online/	1970-01-21 01:05:03	Name: app_ses_key Value: 96EA7D5E-0D5F-4CF3-4C8F-79E3782FFC87%3A1731902194298%3A%25/none

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

components.mywebsitebuilder.com
contafakeiq.online
ep1.adtrafficquality.google
ep2.adtrafficquality.google
gfonts-proxy.wzdev.co
googleads.g.doubleclick.net
hostingapi.mywebsitebuilder.com
images.builderservices.io
in-app.mywebsitebuilder.com
in-us-east-event-hubs.servicebus.windows.net
pagead2.googlesyndication.com
runtime.builderservices.io
storage.googleapis.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
ep1.adtrafficquality.google
104.16.41.109
104.17.62.111
108.179.252.169
142.250.181.226
142.250.184.196
142.250.184.225
142.250.184.238
142.250.185.226
142.250.186.34
142.250.186.40
172.191.248.91
172.217.23.123
35.190.14.35
66.235.200.14
0118dbc8f08abe28719c2c90924a10ab4805fed55379f4a6893c8fa52761ec64
0b5ac2cba821cf3c547a474d163ffe92f6fe40b8614fed107d6e804ddad7ae5c
18bbbb6e89767bd99d685bf61375c1ab0546c0d0d7a7887b272eaca19d6ed8de
29217ef8adef5f6c059feb461bdb029348205fc233dc9b6ca8604b0d068ac086
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
43b3762fdd906854b9abf4b615bffb5a8f6fc9bc4ded639dc95c9aa17641502e
4789334defd40f60c1632798541168593d98bb656c6119405d51022f4f3b601f
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
5ed3a59cac066294193aa357032564fa8ad0528ce793f787eed93a4b1ac8fbb8
5f023aacb232aacda1660a8503d9be7a91ee4b7668759c8e48f719438c517f37
77926023d0f32601ed568a7720f0d091feda8a3897abea9bb19ae7e2fad01476
7dde7fa7a126fff9e387dd3401bc645177acee10ad2f1b28e2a8b093f64908cc
8f018d674b6caaf2c63e2a9574c7ae858aa66ccfdceea05b384019320a337131
962fa8afcdf6eb427d8919f4b0cfef6a61a801ebbbef000cb2b3559b91e20d7f
a0fbb1ad0ddaa562681bb82b8c3783cfb787ca4f9f517af0534c977fdc6f4d65
bd1411968f2f8d6fac8407f679d31f30939345c45bf1df811ba149120d879fb1
c78b5225fe1bc0f690a53713106dc3bef931fdab07eed1bb3ed9732de9645507
ceb0cce42bfb1ae2d5fdcbbbf7e4a84f287be5bff0da2068e3b1138ab7802f83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99