confirm.fbonly.com Open in urlscan Pro
2a06:98c1:3121::9  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response confirm.fbonly.com/	883 B 812 B	76ms 22ms	Document text/html	2a06:98c1:3121::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://confirm.fbonly.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8cada51b0c49b21efca3684bd355af4052978bfd73f00dd3022302a6272779ab Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-ray 8680ced33dfa0ba6-AMS content-encoding br content-type text/html;charset=UTF-8 date Thu, 21 Mar 2024 20:49:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zL956oCL7wMQQLjdTH6%2BRr2h9XTP%2Fcyp%2FM02%2BhjDcE8JCQ6%2FmU4YERGX6ZGC83I0ceCbiw%2Ffml%2B6X8TGtRJde13V6Y0g71bKg%2F1phe1VoUWc3KZyiEClm2vCGvT7bpOhziPcpzeJO9vcpeT6tZqNyg0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/gh/penguasa-de/de@main/	118 KB 21 KB	55ms 27ms	Stylesheet text/css	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/penguasa-de/de@main/bootstrap.min.css Requested by Host: confirm.fbonly.com URL: https://confirm.fbonly.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4194fb4472202061ab0db48cd8908fdfc09e95ee60edd654cac0c4e5cef31806 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://confirm.fbonly.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3252 x-jsd-version main content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-etou8220065-FRA, cache-lga21923-LGA x-jsd-version-type branch server cloudflare etag W/"1d971-csHKU8+zexcbroKPl8kUrk+yAh4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7NfPIegiVCfV5yA%2FQ3U89cRhSQSCYdFHw10yQxmW8p1d8HK9tPaoxKzWz%2F3Ml4U%2F5ap389LStDbxOGNZXZwhD4jMzc0KEyvekNdnGXIcKJDYGfP%2BR9eaGpHmdQuA3eSIhhT%2BFEdrhjvd8yyCmd8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 8680ced3884d0a60-AMS
GET H2	200	/ Show response wvljukxh.penguasa.de/ Frame 7010	28 KB 7 KB	601ms 542ms	Document text/html	2606:4700:3030::ac43:b61d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wvljukxh.penguasa.de/ Requested by Host: confirm.fbonly.com URL: https://confirm.fbonly.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b61d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f8db848467eb1dc8a4e818eeb902525c472a1629c62b1063fff81d1cbb27e6b Request headers Referer https://confirm.fbonly.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8680ced419c60e37-AMS content-encoding br content-type text/html; charset=UTF-8 date Thu, 21 Mar 2024 20:49:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PFT5OBjY6I1P%2BiPARaIrKZjpdfjbfyf6jrkl9auhP0Zp8SBvQIZoIgmP4iR50GDYQSPy66YemXRFK8Nx56wW%2Ftqbsctg2bToEIE6xb%2FQWt8rmr17DjtZf%2FAu%2BXoGtyvK1uxjvgNDX4R7ab5DM6umszXaRw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	custom.css wvljukxh.penguasa.de/static/themes/ Frame 7010	13 KB 5 KB	518ms 516ms	Stylesheet text/css	2606:4700:3030::ac43:b61d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wvljukxh.penguasa.de/static/themes/custom.css Requested by Host: wvljukxh.penguasa.de URL: https://wvljukxh.penguasa.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b61d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f133b550221ff87a04989e269f558a93d44743cd1a9b4e6b63f36c4113244d0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:21 GMT content-encoding br cf-cache-status REVALIDATED cf-bgj minify last-modified Thu, 14 Mar 2024 02:26:12 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=17888 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F8c0VkAqIdKN9o2tRBqmA%2FrZkiSNfooQNkaCJcAMcaU5Ry%2Fw%2Bujsnxxzngz6d6RnYQGIx7hoW%2BWLvnN%2FckGjr1qg6zetMq6GuzOUeT%2FM2YMs4sJ8OMyP%2BpYGnBpO6fXet08DDciu5BvGemIofWt6PaKxXg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 cf-ray 8680ced78e250e37-AMS alt-svc h3=":443"; ma=86400
GET H2	200	link_custom.css wvljukxh.penguasa.de/static/themes/ Frame 7010	2 KB 1 KB	371ms 370ms	Stylesheet text/css	2606:4700:3030::ac43:b61d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wvljukxh.penguasa.de/static/themes/link_custom.css Requested by Host: wvljukxh.penguasa.de URL: https://wvljukxh.penguasa.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b61d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa3db7a1465fb9ffcefa8a02eeee95a58392fa06456077d5f12b98775b75d179 Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:20 GMT content-encoding br cf-cache-status REVALIDATED cf-bgj minify last-modified Thu, 14 Mar 2024 02:26:18 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=2716 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qrl1rApPzf%2FXKt04BW8VHJLtWaW91Y%2Ft7rxHpwk6KyVfNwRZlWCBn%2BPJ2ekowAt5S9Eix9NqQJ35Z%2BFAf%2Bh17xWRO7vWCTgBxdhybjnIUeybZFU3i3zuOmW0XvVCOjrDU%2FIQo8YjUysfMAphkhAes7CcNQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 cf-ray 8680ced78e270e37-AMS alt-svc h3=":443"; ma=86400
GET H2	200	animate.css wvljukxh.penguasa.de/static/themes/ Frame 7010	70 KB 6 KB	371ms 370ms	Stylesheet text/css	2606:4700:3030::ac43:b61d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wvljukxh.penguasa.de/static/themes/animate.css Requested by Host: wvljukxh.penguasa.de URL: https://wvljukxh.penguasa.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b61d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa897318135ee938a06280c829163c89d3695dc3e22ee2f0c6193ddb65a5bd50 Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:20 GMT content-encoding br cf-cache-status REVALIDATED cf-bgj minify last-modified Thu, 14 Mar 2024 02:26:28 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=100689 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AcsXFU7FgfPUeE%2Fuje3p%2Fmj3RY%2BIH%2Fn4xAPTVXO2fM6PG4j3hoRyIhXzWtq1gctXaROmqSlUtzms2JZ7Nml7A8ATEC7pGWJnPqLq6F0oYv6x2XyRgA9MBGpqcGs2GOI4AHL82swheDj7STwLLL3Lr2%2FKXQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 cf-ray 8680ced78e290e37-AMS alt-svc h3=":443"; ma=86400
GET H2	200	app.cad2193a277eb5a4ec97d5295f5120bd.css wvljukxh.penguasa.de/static/css/ Frame 7010	201 KB 31 KB	411ms 410ms	Stylesheet text/css	2606:4700:3030::ac43:b61d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wvljukxh.penguasa.de/static/css/app.cad2193a277eb5a4ec97d5295f5120bd.css Requested by Host: wvljukxh.penguasa.de URL: https://wvljukxh.penguasa.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b61d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46276202df60baa9c360fbf4cc63630bd6c8919976494900aac08e95d9c68a53 Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:20 GMT content-encoding br cf-cache-status REVALIDATED cf-bgj minify last-modified Thu, 14 Mar 2024 02:26:36 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=261453 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L5FgkImFwUo44e7EXIwF2YOo4HpOA9Jprob6SOm3sQhJblS9g%2BzvE9046SQQYt2%2BP8nKvtbOuvGr%2BdYB%2FJhVqsQVh%2BmZfZuumBz93zJcvPWRqTIrhM4BQUaTXF6j294q9oB87vMq46Gua7R%2BJg9vnveCFQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 cf-ray 8680ced78e2b0e37-AMS alt-svc h3=":443"; ma=86400
GET H2	200	index-ZU7tKWJA.css wvljukxh.penguasa.de/assets/ Frame 7010	33 KB 7 KB	509ms 508ms	Stylesheet text/css	2606:4700:3030::ac43:b61d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wvljukxh.penguasa.de/assets/index-ZU7tKWJA.css Requested by Host: wvljukxh.penguasa.de URL: https://wvljukxh.penguasa.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b61d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c758533251f67d9e8b23d81dce10577b8b929636078968c1c46ca992703b209 Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:21 GMT content-encoding br cf-cache-status REVALIDATED cf-bgj minify last-modified Thu, 14 Mar 2024 02:26:48 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=43038 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=reMFlpgnhbtOhqHzReO9BUQ2RK2boFXSbvsAPSxGLW8zCU4Pmm4bm7uSqx1%2B3JJ53%2BW3c9M5TBU2FVh60XVEvf0M2JatLc%2FxqVAU1mQ%2BfgP3pDmfqQ0ewRs4MRCbl%2BXVuZ%2FxA%2Fjj43W3wrPJWTeng%2FwXSw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 cf-ray 8680ced78e2c0e37-AMS alt-svc h3=":443"; ma=86400
GET H2	200	jquery-3.6.4.min.js Show response code.jquery.com/ Frame 7010	88 KB 31 KB	142ms 45ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.4.min.js Requested by Host: wvljukxh.penguasa.de URL: https://wvljukxh.penguasa.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:20 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 16253553 x-cache HIT, HIT content-length 31011 x-served-by cache-lga21953-LGA, cache-mad2200102-MAD last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1711054161.677014,VS0,VE0 etag W/"28feccc0-15ec3" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 129, 8901
GET H2	200	f_locked.png wvljukxh.penguasa.de/static/images/ Frame 7010	162 KB 163 KB	354ms 354ms	Image image/png	2606:4700:3030::ac43:b61d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wvljukxh.penguasa.de/static/images/f_locked.png Requested by Host: wvljukxh.penguasa.de URL: https://wvljukxh.penguasa.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b61d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7de33b8253d72fb345a70c77dce2f1885ad41a2388519a608692558dcdf92ad7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:20 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 02:27:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MjrlT%2FDACBKT3Fdd4jIELv0JCtDkxbTLO6pRcFscj9YdMO0wIVrO8ohZRsYXUUs%2BFLxprQtR0oBbVKCg6MZlyhmZ%2F8ASPNAeLoJauYcfLJ98us%2B7Xged2MEmLUx8a6v7ikpWhWToBcpM8ls5k3mt9u22SQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8680ced78e2e0e37-AMS alt-svc h3=":443"; ma=86400 content-length 166042
GET H2	200	facebook.png wvljukxh.penguasa.de/static/uploads/ Frame 7010	39 KB 39 KB	399ms 399ms	Image image/png	2606:4700:3030::ac43:b61d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wvljukxh.penguasa.de/static/uploads/facebook.png Requested by Host: wvljukxh.penguasa.de URL: https://wvljukxh.penguasa.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:b61d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f0500eb244f873f52aa984dea9f4993dfaa505425b555b80265de6b526353057 Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:20 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 02:30:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7%2FzOjSFlM%2BuAqWVvdvUBS6Nof5fQv%2FhJOYTf36auQs9%2FuthnZK3G3EfdV9UluGj9MdFuzxDNeQsh6%2F9dzNLcg3pW0cs1%2FPM0WqtUfxq9cU1YMaDNgJm4HIwO97ATSpOlx6jUccf%2BhWPoOwqL0QIprI60Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8680ced78e2f0e37-AMS alt-svc h3=":443"; ma=86400 content-length 39740
GET H3	200	2fa.gif wvljukxh.penguasa.de/static/uploads/ Frame 7010	310 KB 310 KB	1003ms 1003ms	Image image/gif	2606:4700:3030::ac43:b61d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wvljukxh.penguasa.de/static/uploads/2fa.gif Requested by Host: wvljukxh.penguasa.de URL: https://wvljukxh.penguasa.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b61d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 789aa06863722ce89e99d0e830c699040f9b105795bc2ab8f6f9dc27e011549e Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:21 GMT cf-cache-status MISS last-modified Thu, 14 Mar 2024 03:38:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQART7YsObSINPj%2F8FbMfJAlCMghzW8gtj6LrH%2Bn41W4dbiik1CXlR1WiCuEyi0S1CKfI%2FSsL6H1xykYJvmgta2XNmC3fRP3Pd%2BMfNLnJ3M8ZQKfPPhK3kuxWierJe1z5e6kpdXovUH3FMo9NRz1V4AMpg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=31536000 accept-ranges bytes cf-ray 8680ced9e82d655c-AMS alt-svc h3=":443"; ma=86400 content-length 316966
GET H2	200	1hj9aakr7 Show response embed.tawk.to/65962e6a8d261e1b5f4f0a15/ Frame 7010	2 KB 923 B	501ms 463ms	Script application/x-javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/65962e6a8d261e1b5f4f0a15/1hj9aakr7 Requested by Host: wvljukxh.penguasa.de URL: https://wvljukxh.penguasa.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec983d999ed9f97155f238a0a3d91e83344a9fb8e7927ab935e230e108cdbabd Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://wvljukxh.penguasa.de/ Origin https://wvljukxh.penguasa.de accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:21 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br server cloudflare etag W/"stable-v4-65fa40e2e4e" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=7200, s-maxage=3600 cf-ray 8680cedb085566c4-AMS alt-svc h3=":443"; ma=86400
GET H2	200	twk-main.js Show response embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 7010	121 B 286 B	133ms 132ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-main.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/65962e6a8d261e1b5f4f0a15/1hj9aakr7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://wvljukxh.penguasa.de/ Origin https://wvljukxh.penguasa.de accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:22 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare content-encoding br etag W/"da5bb1dc647470204df0e49f5afac2de" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee36ad666c4-AMS alt-svc h3=":443"; ma=86400
GET H2	200	twk-vendor.js Show response embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 7010	81 KB 29 KB	250ms 249ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-vendor.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/65962e6a8d261e1b5f4f0a15/1hj9aakr7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://wvljukxh.penguasa.de/ Origin https://wvljukxh.penguasa.de accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:22 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare content-encoding br etag W/"3b341e35b39f6195793ecaf5db7c1d63" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee36ad966c4-AMS alt-svc h3=":443"; ma=86400
GET H2	200	twk-chunk-vendors.js Show response embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 7010	212 KB 62 KB	358ms 357ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-vendors.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/65962e6a8d261e1b5f4f0a15/1hj9aakr7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 972de8c5257c5c31f0ae45016595089022e4f82e766cec78fb40c997bfbac75f Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://wvljukxh.penguasa.de/ Origin https://wvljukxh.penguasa.de accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:22 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare content-encoding br etag W/"1c73b4eb89bbe24ecf154b671ddbcafc" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee36ada66c4-AMS alt-svc h3=":443"; ma=86400
GET H2	200	twk-chunk-common.js Show response embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 7010	220 KB 44 KB	361ms 360ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-common.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/65962e6a8d261e1b5f4f0a15/1hj9aakr7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7d2b31126e5ee8f2848c200f6ad4ff31aba960570d81e1855abbbaa381db267f Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://wvljukxh.penguasa.de/ Origin https://wvljukxh.penguasa.de accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:22 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare content-encoding br etag W/"dd05e16ccd67642bbf9f50e843fc7a9e" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee36adc66c4-AMS alt-svc h3=":443"; ma=86400
GET H2	200	twk-runtime.js Show response embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 7010	2 KB 1 KB	137ms 137ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-runtime.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/65962e6a8d261e1b5f4f0a15/1hj9aakr7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07fda090fab71f38c18a9046d8211a532cea02a7ac3ee18749e95a9a179dd1ba Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://wvljukxh.penguasa.de/ Origin https://wvljukxh.penguasa.de accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:22 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare content-encoding br etag W/"dd7354a75e9750bb1a380c0ff54e43d9" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee36add66c4-AMS alt-svc h3=":443"; ma=86400
GET H2	200	twk-app.js Show response embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 7010	151 B 206 B	136ms 136ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-app.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/65962e6a8d261e1b5f4f0a15/1hj9aakr7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://wvljukxh.penguasa.de/ Origin https://wvljukxh.penguasa.de accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:22 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare content-encoding br etag W/"e736e189edb5d0d9d5b8e7f23dd9114a" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee36ade66c4-AMS alt-svc h3=":443"; ma=86400
GET H2	200	widget-settings Show response va.tawk.to/v1/ Frame 7010	3 KB 1 KB	475ms 465ms	Fetch application/json	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/v1/widget-settings?propertyId=65962e6a8d261e1b5f4f0a15&widgetId=1hj9aakr7&sv=null Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7435b2abbe2a277d46378819f42429f1a2b202d4d6cfbbbefebf4c8f6f72fefd Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:23 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br alt-svc h3=":443"; ma=86400 x-served-by visitor-application-preemptive-5lmv server cloudflare etag W/"2-24-0" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/json access-control-allow-origin * cache-control public, max-age=7200, s-maxage=1800 cf-ray 8680cee5feba66c4-AMS access-control-allow-headers content-type,x-tawk-token
POST H3	200	start Show response va.tawk.to/v1/session/ Frame 7010	104 B 380 B	159ms 142ms	Fetch application/json	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/v1/session/start Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-common.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38b6c07f77b660220115077b70ae4b320e7b9d95bf4456549e6e69a67dd07784 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://wvljukxh.penguasa.de/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/json; charset=utf-8 Response headers date Thu, 21 Mar 2024 20:49:23 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br server cloudflare vary Accept-Encoding access-control-allow-methods POST,OPTIONS content-type application/json access-control-allow-origin https://wvljukxh.penguasa.de access-control-allow-credentials true cf-ray 8680cee7191b4c19-AMS access-control-allow-headers content-type,x-tawk-token alt-svc h3=":443"; ma=86400 x-served-by visitor-application-preemptive-j73d
OPTIONS H2	200	start va.tawk.to/v1/session/ Frame	0 0	144ms 143ms	Preflight	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/v1/session/start Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://wvljukxh.penguasa.de Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-tawk-token access-control-allow-methods POST,OPTIONS access-control-allow-origin https://wvljukxh.penguasa.de alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8680cee61f0666c4-AMS date Thu, 21 Mar 2024 20:49:23 GMT server cloudflare strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff x-served-by visitor-application-preemptive-3gpx
GET H3	200	en.js Show response embed.tawk.to/_s/v4/app/65fa40e2e4e/languages/ Frame 7010	17 KB 4 KB	24ms 24ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/languages/en.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-common.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:23 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 148059 x-cache-status MISS alt-svc h3=":443"; ma=86400 last-modified Wed, 20 Mar 2024 01:51:00 GMT server cloudflare etag W/"7f37a030886ec7fce1d065ec482789ee" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee8dafa4c19-AMS
GET H3	200	twk-chunk-2c776523.js Show response embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 7010	10 KB 3 KB	23ms 22ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-2c776523.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:23 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 148059 x-cache-status MISS alt-svc h3=":443"; ma=86400 last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare etag W/"70aec2dd89cac4933594c25b71d61f46" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee90b174c19-AMS
GET H3	200	twk-chunk-9294da6c.js Show response embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 7010	18 KB 5 KB	26ms 26ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-9294da6c.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4761d3b65c30d99cb69327e462fc21aa237f6679ccfacf3c8031e3768f09b36 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:23 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 141299 x-cache-status HIT alt-svc h3=":443"; ma=86400 last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare etag W/"ae84ae47205d2eef67695661d5b62e3f" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee90b184c19-AMS
GET H3	200	twk-chunk-2d0b383d.js Show response embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 7010	699 B 676 B	35ms 34ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-2d0b383d.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:23 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 148059 x-cache-status HIT alt-svc h3=":443"; ma=86400 last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare etag W/"838903127a65ec440893b4945c40ca4a" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee90b1a4c19-AMS
GET H3	200	twk-chunk-48f3b594.js Show response embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 7010	19 KB 6 KB	23ms 23ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-48f3b594.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb8b640fb5078ef7277e6efa08fee2fcab2de947707db5393515212127101ea7 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:23 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 148059 x-cache-status MISS alt-svc h3=":443"; ma=86400 last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare etag W/"83dad1132ff987e76156b4b6d5364259" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee90b1c4c19-AMS
GET H3	200	twk-chunk-4fe9d5dd.js Show response embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 7010	906 B 662 B	24ms 24ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-4fe9d5dd.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:23 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 148059 x-cache-status HIT alt-svc h3=":443"; ma=86400 last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare etag W/"1c5ecf371149feca23bd895ba9dfec4d" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee90b1d4c19-AMS
GET H3	200	twk-chunk-2d0b9454.js Show response embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 7010	535 B 575 B	35ms 35ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-2d0b9454.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:23 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 148059 x-cache-status MISS alt-svc h3=":443"; ma=86400 last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare etag W/"c506281367048d4a134c9affbc68c8c6" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee90b1e4c19-AMS
GET H3	200	twk-chunk-24d8db78.js Show response embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 7010	110 KB 24 KB	36ms 36ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-24d8db78.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f862aa6541bf88d5a867f5c208b07c0f821cf9bd7d6166746049cf9b53c16c9d Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:23 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 148059 x-cache-status HIT alt-svc h3=":443"; ma=86400 last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare etag W/"6f9e3558b6781da78d607f6ffbc61997" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee90b1f4c19-AMS
GET H3	200	min-widget.css embed.tawk.to/_s/v4/app/65fa40e2e4e/css/ Frame C828	24 KB 5 KB	25ms 24ms	Stylesheet text/css	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/css/min-widget.css Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-2c776523.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:23 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 148058 cf-polished origSize=24831 x-cache-status HIT alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare etag W/"5742a34aaab2a5983c7c11cdeef1c0ee" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee95b4a4c19-AMS
GET H3	200	message-preview.css embed.tawk.to/_s/v4/app/65fa40e2e4e/css/ Frame C45A	40 KB 8 KB	25ms 25ms	Stylesheet text/css	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/css/message-preview.css Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-2c776523.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26c00c91aa26f8a81dc41fe7ca0db1dfd849180200596138437f2ca57357dd0f Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:23 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 54527 cf-polished origSize=40905 x-cache-status HIT alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare etag W/"7060c2e317491c949f29253a1286dad2" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee96b5f4c19-AMS
GET H3	200	max-widget.css embed.tawk.to/_s/v4/app/65fa40e2e4e/css/ Frame 3D33	76 KB 15 KB	23ms 23ms	Stylesheet text/css	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/65fa40e2e4e/css/max-widget.css Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-2c776523.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5285275760ce24f97fc85a2aa7a705e2bfcdebe875a6028441382d2ca36b3f1c Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:23 GMT strict-transport-security max-age=0; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 148058 cf-polished origSize=78232 x-cache-status MISS alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 20 Mar 2024 01:50:59 GMT server cloudflare etag W/"05d886069cda40a8e20243d226b04764" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=2592000, immutable cf-ray 8680cee98b734c19-AMS
GET H2	200	emojione.min.js Show response cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 7010	295 KB 39 KB	28ms 28ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-vendors.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://wvljukxh.penguasa.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 20:49:23 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 696496 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230136-FRA, cache-lga21957-LGA server cloudflare etag W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j50IdvlMFzW%2FBXWtJAgoBUERG8Y53mG4TDStxXJHIr2vUKtLLY4ckeIka1OVAm78FK%2Bl5r0z70OzhAEPtHDJMgYA1LDxzLNgUGDARUuP9k8%2BuEEr8yhZnJwOBbMu4e601uD7MaCdS09cCi4y8uU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 8680cee9a9470a60-AMS

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
confirm.fbonly.com
embed.tawk.to
va.tawk.to
wvljukxh.penguasa.de
2606:4700:10::6816:1983
2606:4700:3030::ac43:b61d
2606:4700::6810:5914
2a04:4e42:400::649
2a06:98c1:3121::9
07fda090fab71f38c18a9046d8211a532cea02a7ac3ee18749e95a9a179dd1ba
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
26c00c91aa26f8a81dc41fe7ca0db1dfd849180200596138437f2ca57357dd0f
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
38b6c07f77b660220115077b70ae4b320e7b9d95bf4456549e6e69a67dd07784
4194fb4472202061ab0db48cd8908fdfc09e95ee60edd654cac0c4e5cef31806
46276202df60baa9c360fbf4cc63630bd6c8919976494900aac08e95d9c68a53
4f8db848467eb1dc8a4e818eeb902525c472a1629c62b1063fff81d1cbb27e6b
5285275760ce24f97fc85a2aa7a705e2bfcdebe875a6028441382d2ca36b3f1c
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7435b2abbe2a277d46378819f42429f1a2b202d4d6cfbbbefebf4c8f6f72fefd
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
789aa06863722ce89e99d0e830c699040f9b105795bc2ab8f6f9dc27e011549e
7d2b31126e5ee8f2848c200f6ad4ff31aba960570d81e1855abbbaa381db267f
7de33b8253d72fb345a70c77dce2f1885ad41a2388519a608692558dcdf92ad7
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
7f133b550221ff87a04989e269f558a93d44743cd1a9b4e6b63f36c4113244d0
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
8cada51b0c49b21efca3684bd355af4052978bfd73f00dd3022302a6272779ab
972de8c5257c5c31f0ae45016595089022e4f82e766cec78fb40c997bfbac75f
9c758533251f67d9e8b23d81dce10577b8b929636078968c1c46ca992703b209
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
aa3db7a1465fb9ffcefa8a02eeee95a58392fa06456077d5f12b98775b75d179
bb8b640fb5078ef7277e6efa08fee2fcab2de947707db5393515212127101ea7
cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd
e4761d3b65c30d99cb69327e462fc21aa237f6679ccfacf3c8031e3768f09b36
ec983d999ed9f97155f238a0a3d91e83344a9fb8e7927ab935e230e108cdbabd
f0500eb244f873f52aa984dea9f4993dfaa505425b555b80265de6b526353057
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f862aa6541bf88d5a867f5c208b07c0f821cf9bd7d6166746049cf9b53c16c9d
fa897318135ee938a06280c829163c89d3695dc3e22ee2f0c6193ddb65a5bd50
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84