urlscan.io logo urlscan.io
SecurityTrails logo

www.crewconfidant.best Open in urlscan Pro
2606:4700:3037::6815:475f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGvi...
Effective URL: https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFs...
Submission: On September 27 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3037::6815:475f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.crewconfidant.best.
TLS certificate: Issued by WE1 on September 27th 2024. Valid for: 3 months.
This is the only time www.crewconfidant.best was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
28 5
Apex Domain
Subdomains		 Transfer
18 crewconfidant.best
www.crewconfidant.best
195 KB
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3541
16 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
77 KB
28 3
Domain Requested by
18 www.crewconfidant.best www.crewconfidant.best
4 challenges.cloudflare.com www.crewconfidant.best
challenges.cloudflare.com
1 www.googletagmanager.com www.crewconfidant.best
28 3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
crewconfidant.best
WE1		 2024-09-27 -
2024-12-26		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Frame ID: 9F0BAA9867DADED045103FF5B527501E
Requests: 22 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hlnte/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: D132691B0471A7F60B299D1186B5EF61
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/d5pt6/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: 72216F087379D7125EB5E65BB87E22CD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nur einen Moment…

Page URL History Show full URLs

  1. http://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJP... HTTP 307
    https://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJP... Page URL
  2. https://www.crewconfidant.best/offer.php?id=231&sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/b... Page URL
  3. https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3... Page URL
  4. https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

82 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

5
IPs

2
Countries

288 kB
Transfer

770 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo HTTP 307
    https://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo Page URL
  2. https://www.crewconfidant.best/offer.php?id=231&sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo Page URL
  3. https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo Page URL
  4. https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo HTTP 307
  • https://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/
Redirect Chain
  • http://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
  • https://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
1016 B
898 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23fe8175d6ff2fa539f40a75d991aef587ec6b674a2c74487b7f9fe8e208ea01

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c9eb0c66e3b5c4a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 27 Sep 2024 21:47:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hsHUse7vpLo3JiDHMhRdOhKYCL1QGiUKYKmFcz%2FjBkqZpV8Y6cSK6uzuXS85DDGNfIobg0P1FcRbhVLxsAlFz%2FuCuk1%2BDy2%2BVuor7G2CtzBS0u0%2F6dvAU1dGMmWKJNgiAQT7TyG%2BQIOW66Hwmq7K3unVuJQa"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"

Redirect headers

Location
https://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Non-Authoritative-Reason
HttpsUpgrades
speculation
www.crewconfidant.best/cdn-cgi/ 		128 B
562 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.crewconfidant.best
Referer
https://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Djf2m1F9SpMM0qK9uGyiebMjStaNReOs1iYCF4L%2BTHZP3V1O5%2FqV%2BKj24F65fUcOQjBtLddO1uqySMeslL8u%2FnWy3MeuBbRMrKtuPGOEZkd7vARKZg2x17awRfsnDh9DIIKfE32EphPgBQcVAWR6n6T7RGxu"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9eb0c82f775c4a-FRA
access-control-allow-origin
https://www.crewconfidant.best
content-length
128
date
Fri, 27 Sep 2024 21:47:09 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
jquery-1.11.0.min.js
www.crewconfidant.best/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/jquery-1.11.0.min.js
Requested by
Host: www.crewconfidant.best
URL: https://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"66c3bb8a-1787d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jwvoRlpIb9SvkM6uNzbYrnPqf9G1LHjXQ3Jl2CbHah%2FKPnbpiZzEjs1TApjE11KC4muw0W5k7vZmWdFls35LlK69fiK3DITEJrrFpUwJDnEv%2ByKUASnxfvzX5lUy739DZkidEFraLA0v%2F2qdAMHi2jCu0pqs"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9eb0c82f785c4a-FRA
date
Fri, 27 Sep 2024 21:47:09 GMT
content-type
application/javascript
last-modified
Mon, 19 Aug 2024 21:39:22 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		214 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Requested by
Host: www.crewconfidant.best
URL: https://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f13316528d6fe447aeb2b94f459d3ad8ff81ed93eedae67d940256bcb015b200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.crewconfidant.best/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Sep 2024 21:47:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 21:47:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 27 Sep 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
78472
x-xss-protection
0
server
Google Tag Manager
offer.php
www.crewconfidant.best/ 		344 B
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/offer.php?id=231&sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Requested by
Host: www.crewconfidant.best
URL: https://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
857a984fd29eb263263cb8285b79291e368a10816ebcfe49bff1dc84ac57da07

Request headers

Referer
https://www.crewconfidant.best/Ifdgr/dssdhnx9141bobp/KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c9eb0c9e8675c4a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 27 Sep 2024 21:47:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OxLKSOH92Vb1XyGTejw1ztIAgmSkeShfraYkI4vTlLIhAgCFQ7Aj44eKRya0mZiCgYbFf2oI3cfe9U%2Fl40PtxozGhwUDEBlb3iozHVDBW2BOGq1qdUJv7Q9GGdS3rQaFGij9EgcWMd5xIWucwNqplFGB5MC5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
speculation
www.crewconfidant.best/cdn-cgi/ 		128 B
567 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.crewconfidant.best
Referer
https://www.crewconfidant.best/offer.php?id=231&sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=45lX8Z5U51EQlEjy3QqBQeKHO%2F9FofK1bgLS6Dp6n%2FsAeFchTmlKhpO%2Bbzx3TQ77KINnjNf84nPRLACK2LSgsKv5H5GqXYwhJ%2BK0PGZjBE92zv21RKoVBVDs29j0%2BR5vjnx000vIW%2BLnDEy5PZO%2Fvr65itL8"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9eb0cab8d45c4a-FRA
access-control-allow-origin
https://www.crewconfidant.best
content-length
128
date
Fri, 27 Sep 2024 21:47:09 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
KetoAdvanced.php
www.crewconfidant.best/clicks/smash/ 		9 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffdeb764d5fe81967c1a8a6c2286a2f6856188eb15f3917ad08a5bb8a60f6aad
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.crewconfidant.best/offer.php?id=231&sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
UWrEl547hDIQa1crBcWQIvDPBPi1lBJ1nGKpsjQpkp0kLVaylR2nUat0MGpROmvSS7f43nxnTwnPa1ArDcuhBs5QarZtsY+W+2FS1FlGUzmYtlVFs7IEPJRk5m0iTsqXTTsEDBQdwEs+ngI9GcamVA==$S3RUBjMupF6nfRQYn1FRSw==
cf-mitigated
challenge
cf-ray
8c9eb0cad8df5c4a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 27 Sep 2024 21:47:09 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2FQDU1ptYVqORiAmf9d8k5iWbtDT9ytPh1AP5W3AzGGstLHMekj36Pa%2Bc%2BLTJilxm5%2FPk7JigG80h4LaCa0pFrQnAoUmiToBB0Ruh1SQmeV28Rrl4oagQ3V%2FU8VpIc%2BF9IzyU8TvSJ11RegD5G58TsveOioj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
favicon.ico
www.crewconfidant.best/ 		0
0
speculation
www.crewconfidant.best/cdn-cgi/ 		128 B
562 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.crewconfidant.best
Referer
https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D9fMdFxHz6VwjxkYu823CpHqY8%2Fb%2BUcopHpkXoK69MAxdVEr8B9LrK1G90Y3MHPEN3WhUv3eyTWIlmOtEOY3esgQKY8T4HNPTP5Ei%2BaQCn1WDqNDZDsLI8gZvXs4Xte5KylVtkQVU71rcGNuJL2sSiM51aDE"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9eb0cb08ef5c4a-FRA
access-control-allow-origin
https://www.crewconfidant.best
content-length
128
date
Fri, 27 Sep 2024 21:47:09 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
v1
www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		159 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c9eb0cad8df5c4a
Requested by
Host: www.crewconfidant.best
URL: https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8549848e830b5a44f6c72b7774f8c7cf02e351850d3d2c0c73e4ba74b62fe3a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo&__cf_chl_rt_tk=.hTwLprd4absO71ssI73cyY4PGhYcQsUDZjVyi3klsk-1727473629-0.0.1.1-4308

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kiCjvYzO9z0fXIfQ5kBB5AGyVQxIwAXI3AA06mTMzwyMqmhP9TayzJ0xLvbKlO1Bq3T85ePbAH%2FVf%2FG5UfomSOfbPQoDqvJqFzqoDL7LrfHs%2FKXdpEvmR30n2skyEd%2BIw1MJKSP4%2BynGoL6MFiOfFbVKkTJJ"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9eb0cb18f95c4a-FRA
date
Fri, 27 Sep 2024 21:47:09 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
6f6679a4-0b32-45c6-8611-50a59e0d7b5d
https://www.crewconfidant.best/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
Requested by
Host: www.crewconfidant.best
URL: https://www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c9eb0cad8df5c4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96bd1c81d59d6ac2ec9f8ebe4937a315e85443667c5728a7cd9053848dd8d3d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.crewconfidant.best
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8c9eb0cbfe3b3829-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 21:47:10 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 17 Sep 2024 16:06:37 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
www.crewconfidant.best/ 		1 KB
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.crewconfidant.best/favicon.ico
Requested by
Host: www.crewconfidant.best
URL: https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"66c3bb8a-57e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c6i2vxTbSkbK6bwXj21mSLUXSa9Qtkw0njCUsa0bTpSgCVnbT8toWlKSMGx8SQNL3hvyd0J6dLjhIxpWW18BukLECu1JyPEgcBvyl0n98l7hV9sE2FzuEtCH3XsviOCRjd7UbqhwQ96Gv9RJQXt%2FM4Uf7f%2BN"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9eb0cbe9bd5c4a-FRA
date
Fri, 27 Sep 2024 21:47:10 GMT
content-type
image/x-icon
last-modified
Mon, 19 Aug 2024 21:39:22 GMT
vary
Accept-Encoding
server
cloudflare
8be3987450b5b54
www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/flow/ov1/508521136:1727471639:k4ypIdU0ACfMlJMge2gRJLdyoJ6P-qeNdc6Q5nPE3bg/8c9eb0cad8df5c4a/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/flow/ov1/508521136:1727471639:k4ypIdU0ACfMlJMge2gRJLdyoJ6P-qeNdc6Q5nPE3bg/8c9eb0cad8df5c4a/8be3987450b5b54
Requested by
Host: www.crewconfidant.best
URL: https://www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c9eb0cad8df5c4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d198c2e193cdfcdb231b600ce9423d6fc0e455c82a58b5353c0768e2479f204c

Request headers

Referer
https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
8be3987450b5b54

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FxOG7YaRKWEIzPh59%2Bxazu05QXgxpvOrWbNd7b112Q4RmpY1NZGYXnFM0YYYWxq8wzUiXDlhMMqRSSlg7fPnzQR9Bx481%2BuzYfsvCFKz7are%2BnwSODehG5w3csiSRdT9DLWcaOyQifCbDlny8xbBSBqvylaU"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9eb0cc8a235c4a-FRA
date
Fri, 27 Sep 2024 21:47:10 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
LAzZyIbFFpTFSulQ539LSaWNjgBfheTu8eppD/aL/JURGL9im6qIgb+q5bMH4iuiewLhY9rF8Q==$H8wm5M22kwHyC/+f
server
cloudflare
cc367153-da7d-49af-9133-9fbffee700b7
https://www.crewconfidant.best/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hlnte/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame D132 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hlnte/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8c9eb0cd0b78d39c-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 27 Sep 2024 21:47:10 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
favicon.ico
www.crewconfidant.best/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"66c3bb8a-57e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c6i2vxTbSkbK6bwXj21mSLUXSa9Qtkw0njCUsa0bTpSgCVnbT8toWlKSMGx8SQNL3hvyd0J6dLjhIxpWW18BukLECu1JyPEgcBvyl0n98l7hV9sE2FzuEtCH3XsviOCRjd7UbqhwQ96Gv9RJQXt%2FM4Uf7f%2BN"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9eb0cbe9bd5c4a-FRA
date
Fri, 27 Sep 2024 21:47:10 GMT
content-type
image/x-icon
last-modified
Mon, 19 Aug 2024 21:39:22 GMT
vary
Accept-Encoding
server
cloudflare
8be3987450b5b54
www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/flow/ov1/508521136:1727471639:k4ypIdU0ACfMlJMge2gRJLdyoJ6P-qeNdc6Q5nPE3bg/8c9eb0cad8df5c4a/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/flow/ov1/508521136:1727471639:k4ypIdU0ACfMlJMge2gRJLdyoJ6P-qeNdc6Q5nPE3bg/8c9eb0cad8df5c4a/8be3987450b5b54
Requested by
Host: www.crewconfidant.best
URL: https://www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c9eb0cad8df5c4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319b22feccb06e6eefda95fa177a31923eca9a2c57e873ed803b79f8861be4bf

Request headers

Referer
https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
8be3987450b5b54

Response headers

cf-chl-out
TwtzK5tuqTuROK87rfwzkeToY5w0qj+tiAXWF4r1hTCedPKe2h02DE34SbH5ZpK2GccPQzL83Ox6/uPMPXr/QWw9HxTna7MmbgXNqEQLaU8dD9xzmtGucw==$Op3jmpfBdPrgUA+2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2dh8bfbN8yzJsoZbVHHNcv9cqGY48hoZunxr%2F%2BH33Vg8VpzMA4kCqKu%2Bp7I2x8%2Fhb%2FG6Rholp2018scmwji8Ph6fjwH2FFX3SIoOgmRFJI%2BnQok%2FoXniLd8Dnd3BqxnwDuCRLMsEbNUa1QzONZr95lPb6zgY"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9eb0d30df55c4a-FRA
cf-chl-out-s
RvzjGlTjgqeEv8/KwCTG3tqk0KonKInfuYcj4j8D3tz+EBp2lZCVcUSoIb4qEY9uCiGCeWLDJCgS8QNYcNWDS1g3tc6dHDuHFk5aQcmp5qlryPRb3WqQU0ScY1KDcx7vZwxIWBHx4oMZSOrXEX5I3oRJwv9S4sx5ibukdoUnriaA0+amsUS1eqKZvV0sZ32zOARsrpJdbtDtZlwxnuA/lFMcQl10GRvtYAgftQITIfYNZKm/Wp32YQBeNdE1Fxm7l6o97whBGbZ8wCRtsLAxgcUEP7nlAXRlKMW1RotZF6lu+24jvxO3jKbz9FCsAWldR9Bya9kG9Ks2FPFRlygQgXWiRR1g5XLpxVWs08DX1tENe7ldDqjweeN7LYyyNTOJD6lfJS4QDTojje8DkWCkkpiiKJQONwPCcjumfYMJZDjyTpY6VkrhnZiwLlL+NJDc4ppxile0VoQgysFqU5NI80FVT7ZR2UO5rs2Q5gecRzJSsRWRY9v39Lh7Fmn3GiO+VCt687QXmQqFPP7ZpBy36Ti/FhhTbd+eaNWnOxf/Q7kiUoOMCOwRLMcOrHvMAd88/62Or0/rdTm8MCgg6Ttk9AXoftOQmPl0fRNVXi6hhhNZBSX02ywhd/1CRFkoUbf24ce353gZOkoW9gEdhqIF2F5woNKkxemYZRekS/tUz7MI4Jf6ULNQMMWOk4+5dUfl+nag3irp4CWlJRY/cfL/Sih776D9vfy9ZQW6TPo7rhFjL0Extob6AGV/C0sDs8LWoA==$e8anSjonSOdZcXne
date
Fri, 27 Sep 2024 21:47:11 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
Primary Request KetoAdvanced.php
www.crewconfidant.best/clicks/smash/ 		9 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Requested by
Host: www.crewconfidant.best
URL: https://www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c9eb0cad8df5c4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfa0b5450d7947c2a556476ca857190219ad49bcabad07986520f56e56d5c1d9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
Di8hwZT/UeAWR9Rty/dFeYXD80EarcWHVBLPTbAnixRkLyjpps30yZpto59lCqqSIAniYKFKSb1Hwduf/hi5YV9tSSHrGmuSsXebrngkkzRt38+Qsz9o1gYX0Huw4rIVRFhNPKUE4gCri0GqJsx0hg==$krImFogsRnrxVS6pDeTNMA==
cf-mitigated
challenge
cf-ray
8c9eb0dfcd965c4a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 27 Sep 2024 21:47:13 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VyBOZ4R0tTCtDKmRCGiqal%2B14hahgoe6c8dKdnE4erA%2BjvEXFC4A7TJigoHBTRBlJz8dq%2F2ojSIDlaGZwTSSeklgLQHX40GsTjn2r0F3Ql5bq8eEYeYeBDfadfy5kyryjgyUrI1wto3rpwXTyQumqTXg0nUb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
speculation
www.crewconfidant.best/cdn-cgi/ 		128 B
561 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.crewconfidant.best
Referer
https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ow2ozXc7mUK56xx0%2FgRV5YDJDH0bYVNrijRq%2Bh6gvBseoWmqqCsDJW9EmLPaM%2FGeHTS6b7V6sLsazrGJNZn0qn6gOy8xyM80QNAEmTJ%2BEAowHu222vYzy1rZ8m3Yp0NON0n7t9eOtZNrM7vK9uoo4tfoD4sh"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9eb0dfeda95c4a-FRA
access-control-allow-origin
https://www.crewconfidant.best
content-length
128
date
Fri, 27 Sep 2024 21:47:13 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
v1
www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		151 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c9eb0dfcd965c4a
Requested by
Host: www.crewconfidant.best
URL: https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db29eef0858722fabdb75eab3fde6ddd503e4e5829198d8365495e5bf6baf60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo&__cf_chl_rt_tk=2Z2.LPthsrXJ0_qX_9GakpAC6SvyDxy9g61oRCQuOmM-1727473633-0.0.1.1-4372

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8YpQ%2F6rfvjMVESZiIzMrOw4cW7L9jGQ4SfMMA2zDArXGZD%2Byvr1r0OxO4%2BQMtA%2BKHdoqfHt2ueEVqcBL4hVvQ6%2FlhkaOtAhTMqOGHDZ0klQLu%2BZoOnllrwiMSvyQPoOOPQ87FSxwjm7mqwxcZruMvvxaihYS"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9eb0dffdb45c4a-FRA
date
Fri, 27 Sep 2024 21:47:13 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
cd60d3af-c04d-4910-87b1-f89176564fdb
https://www.crewconfidant.best/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/ 		46 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
Requested by
Host: www.crewconfidant.best
URL: https://www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c9eb0dfcd965c4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96bd1c81d59d6ac2ec9f8ebe4937a315e85443667c5728a7cd9053848dd8d3d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.crewconfidant.best
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8c9eb0cbfe3b3829-FRA
access-control-allow-origin
*
date
Fri, 27 Sep 2024 21:47:10 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 17 Sep 2024 16:06:37 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
www.crewconfidant.best/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.crewconfidant.best/favicon.ico
Requested by
Host: www.crewconfidant.best
URL: https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"66c3bb8a-57e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c6i2vxTbSkbK6bwXj21mSLUXSa9Qtkw0njCUsa0bTpSgCVnbT8toWlKSMGx8SQNL3hvyd0J6dLjhIxpWW18BukLECu1JyPEgcBvyl0n98l7hV9sE2FzuEtCH3XsviOCRjd7UbqhwQ96Gv9RJQXt%2FM4Uf7f%2BN"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9eb0cbe9bd5c4a-FRA
date
Fri, 27 Sep 2024 21:47:10 GMT
content-type
image/x-icon
last-modified
Mon, 19 Aug 2024 21:39:22 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
www.crewconfidant.best/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"66c3bb8a-57e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c6i2vxTbSkbK6bwXj21mSLUXSa9Qtkw0njCUsa0bTpSgCVnbT8toWlKSMGx8SQNL3hvyd0J6dLjhIxpWW18BukLECu1JyPEgcBvyl0n98l7hV9sE2FzuEtCH3XsviOCRjd7UbqhwQ96Gv9RJQXt%2FM4Uf7f%2BN"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9eb0cbe9bd5c4a-FRA
date
Fri, 27 Sep 2024 21:47:10 GMT
content-type
image/x-icon
last-modified
Mon, 19 Aug 2024 21:39:22 GMT
vary
Accept-Encoding
server
cloudflare
4b0094add8a1f7a
www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/flow/ov1/1224377684:1727471597:-GlZC5Wt-IQJccSz-JX-IEy6sVciKUBAMqMSV_wKmpg/8c9eb0dfcd965c4a/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/flow/ov1/1224377684:1727471597:-GlZC5Wt-IQJccSz-JX-IEy6sVciKUBAMqMSV_wKmpg/8c9eb0dfcd965c4a/4b0094add8a1f7a
Requested by
Host: www.crewconfidant.best
URL: https://www.crewconfidant.best/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c9eb0dfcd965c4a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:475f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40c8db29e076b5f3738a12a98d17dc38f068ebcb60e75e227eca16a3e025e9b

Request headers

Referer
https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
4b0094add8a1f7a

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wr80QfTT90o7caxMNz6J6PnoCBAl4ew90AToC%2F2lyF8CEdrqLr7%2BbtcdhshreuviS6GjoOKK7Qb1LoSJdB7Hxa6HydOPHuGALT6hqAd%2FRBgyenI2LHMsdC8ryCAULbdrHtkgYrL5Uhak0IkC5uoRxGORJ6za"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9eb0e0de3a5c4a-FRA
date
Fri, 27 Sep 2024 21:47:13 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
vq/4uscDTeh9uxPGbND1sonXr2ymMLXeSfVhBxbUtPZfX4f5JPNr1oICsbXEkh3KxiDYzXp/bg==$6XJ/RwLRWppPpuOw
server
cloudflare
5611f805-e128-43e3-8f12-f4d70b62899a
https://www.crewconfidant.best/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/d5pt6/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame 7221 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/d5pt6/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8c9eb0e12d5ad39c-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 27 Sep 2024 21:47:13 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.crewconfidant.best
URL
https://www.crewconfidant.best/favicon.ico
Domain
www.crewconfidant.best
URL
blob:https://www.crewconfidant.best/6f6679a4-0b32-45c6-8611-50a59e0d7b5d
Domain
www.crewconfidant.best
URL
blob:https://www.crewconfidant.best/cc367153-da7d-49af-9133-9fbffee700b7
Domain
www.crewconfidant.best
URL
blob:https://www.crewconfidant.best/cd60d3af-c04d-4910-87b1-f89176564fdb
Domain
www.crewconfidant.best
URL
blob:https://www.crewconfidant.best/5611f805-e128-43e3-8f12-f4d70b62899a

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| TMMx5 function| mpUaL2 function| FxOnr3 object| eXDlL4 object| YvPd6 function| Jeuhg1 function| KUjIx3 function| Vguy6 function| Hvmr3 object| iHwxM3 object| angular object| ohry1 object| turnstile boolean| FrNBi5 string| HcTEI3 boolean| aFyRe6

1 Cookies

Domain/Path Name / Value
www.crewconfidant.best/ Name: cf_chl_rc_ni
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.crewconfidant.best/clicks/smash/KetoAdvanced.php?sid=1040141&h=KG0zB5AnspRVAK2inSY7uDp_Yloqwbo3ZDXQKhKMrCY/bYfksHFsJPmcsjovxAmBrdTmEdEGviT2B9wSCZqyRTo
Message:
Failed to load resource: the server responded with a status of 403 ()