square-smoke-4c62.4tjwj7mx.workers.dev Open in urlscan Pro
172.67.203.244  Malicious Activity! Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request aboutonlinedating Show response square-smoke-4c62.4tjwj7mx.workers.dev/v3/	1 MB 584 KB	156ms 98ms	Document text/html	172.67.203.244 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.203.244 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc10d818a637f41c2289284ddcf4888a86b74f1298d6bd585ada640b6b304203 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-ray 8bcdcba4edb63686-FRA content-encoding br content-type text/html date Mon, 02 Sep 2024 13:20:05 GMT link </test.css>; rel=preload; as=style nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mZoTBJ4NVXumYhDJ422RPZ%2FG62mpYnhnu9Cq2uMPIH2%2FaQXSZH7iostmA%2FQB5sff0K%2BztcKSQTN%2BZ04dSU337SBGzqG5tDb%2BLbYff9K91tdoBJ4G7CjoKA884SHwfnqxl0q4inYpGiC6b9PEbY%2BXRHXTRVVpUjrt%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	test.css square-smoke-4c62.4tjwj7mx.workers.dev/	20 B 425 B	232ms 232ms	Stylesheet text/css	172.67.203.244 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://square-smoke-4c62.4tjwj7mx.workers.dev/test.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.203.244 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5de625c36355cce7c1d5408826a0b21abfb49fb6c0e1f16c945a6f2aef38200c Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 02 Sep 2024 13:20:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JoyOhcyuMkz3bUzYb8hLRSwtfoYv2CblXBnLWYfZbO4rxzJny3YycV%2BgOo4AE%2FDFJDUmNrBDBii%2F8MsNK65ofFlHdxZB7YDhb9FFeKWLgrp0GhrqBipSUcFP2UTrtGwH6ALfwLwsrymCaVyd4nUJc%2BBoRK0ofwttXQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cf-ray 8bcdcba58e653686-FRA alt-svc h3=":443"; ma=86400 content-length 20
GET H3	200	otSDKStub.js Show response api.rename-service0.workers.dev/	19 KB 7 KB	123ms 63ms	Script application/javascript	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/otSDKStub.js Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 115079 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"otSDKStub.3b2ba3d591.js" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FLUB28gGjPzCdv1o6jPkG24khvZ%2BgavxR0mkz6yLCBZsUIc54MQDN8%2BMHqKFe35FRie1JlvZfDoiYN%2BfJlTPLt8njRvJv%2F1vFOAGYziqZhMJKIq2m6Ak6SfmQX0lfHUYIsIDXfl8nm8COKa8Z1mFkMVT"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fbfd288-FRA
GET H3	200	js Show response api.rename-service0.workers.dev/	94 KB 37 KB	234ms 183ms	Script application/javascript	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/js?id=UA-1817027-45 Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cfb61c5b4464a49bf1a1867ab3c06ad790468ab0d6b3dec415a5929b20dac85 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 115079 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"js.28fa744248" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TXn9Fj6RuAo26dfzV7NhvSaDRSNxyeODFNIgbsb2cfEtaFOeTTWQSo59DU7ip0Jt9TJF7aNhf0TPkf4C5rnKCG7QPPcFdeHq0SXAHatMFVvynzTl4OJ4ixuY7bTER5m%2FjBexOYdwK7iLzD%2FmpSFlC64e"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fced288-FRA
GET H3	200	css api.rename-service0.workers.dev/	7 KB 1 KB	267ms 216ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/css?family=PT+Sans:400 Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb39af57479f04518b464a917a20921f9f25739ec733cba0e5f1d5b7315a4a57 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11094 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"css.1da7928062" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBtbJ8v2qldUcYvShyrCJ1GmJN%2Bb9I5HNQWU1EnglASjQJPzVYOEiYpCSf7NrslM2FNktxN1kfarnDOVaTn0Oy8opfT1ox45uWnzCWD71i1hUhUTq%2Bv0KZcpFvjSC%2Blv%2BibdMYJhhEc19SxUd8wiweLM"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fd2d288-FRA
GET H3	200	css api.rename-service0.workers.dev/	7 KB 1 KB	113ms 63ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/css?family=PT+Sans:700 Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb39af57479f04518b464a917a20921f9f25739ec733cba0e5f1d5b7315a4a57 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11094 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"css.1da7928062" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DSMhf6OQhy6%2F59xTXY5DGnCSGNImg0kNu5lzfdbPth4SGxDIiwdbIZMykj%2FNt2hVGziuo7KjR%2BeDCGQXyAPUk0c96IZ4uPpAuaplDoLD3R16HrynvNLhq8IRhioxJweh2CIBISwe%2FP0K2KYa%2FfzcKDPM"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fc3d288-FRA
GET H3	200	css api.rename-service0.workers.dev/	7 KB 1 KB	233ms 183ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/css?family=PT+Sans:400italic Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb39af57479f04518b464a917a20921f9f25739ec733cba0e5f1d5b7315a4a57 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11094 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"css.1da7928062" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gm%2BkWv1mOY6KGguNWgvaj9INoI0EWbJEjV3wnqPPWdURoyLGh3LX6PUuIA8TDpDiNdnOv7iTDG5Bcp3t8lir%2FnYf%2FRMyZ9Q64uyY8gpWedXez5Ospbp6Sc0grwG5D42RC%2FAPjMyUCWiD%2FB7n7HHFFZTB"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fcbd288-FRA
GET H3	200	css api.rename-service0.workers.dev/	7 KB 1 KB	116ms 65ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/css?family=PT+Sans:700italic Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb39af57479f04518b464a917a20921f9f25739ec733cba0e5f1d5b7315a4a57 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11094 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"css.1da7928062" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdflTEsuwnJLmM9OrUvlIXllioJco32WiCsIoinKfE4QKjJ1QLfi1rHTymOWFuyElXLdnpcCHdtI%2BFifAgNRl5PGfI4JRrAugoG1dT%2BvAa77DitrKm452NJvyTHv022IIWzRJFjZd%2FpvQ2W1DP4dlh8F"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fc2d288-FRA
GET H3	200	font-1.2.css api.rename-service0.workers.dev/	2 KB 812 B	112ms 61ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/font-1.2.css Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cdc08c78d317a7163dcdd852e85319c477d5272897a250d28e562f699f9d6e4 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 94526 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"font-1.2.c193dd3ef6.css" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Np58bmmmpnUDpKAWspP%2BjDZziUvmerYv0KgjAN4zdnXRymjpkWfN4%2FFIpfC5kMY%2FsFCEeGCyEGzwu33ocBNNNClmnh4MkpMxKL4OI%2Bf4m8kfWCLB0GBCXK41rjqWN7AgKcmFayIvxWA%2BFWCcmnRrxj7h"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fc6d288-FRA
GET H3	200	redesign_fonts.css api.rename-service0.workers.dev/	5 KB 941 B	235ms 184ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/redesign_fonts.css Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc15754d44e7ee5a41927be3ef6b902cae28014d57ae6f591eb576f221bd237c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 94526 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"redesign_fonts.ab1e65f9f5.css" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tovb8CuRyR4ZuZWJS4TvRkyJtq2F8VklD0G%2By7wiwPs%2FDjRv9S%2BnMQ%2FZ1nF6v3YDYNLT%2FHf55VLQqBf%2BVD6KyVOBFsTiqy7udRb1HwJRz%2FIBovwmQvrRruuUT7cs7FXIUUs9kAuZz8TRxf8XfGG9Izyr"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fccd288-FRA
GET H3	200	base_external.css api.rename-service0.workers.dev/	30 KB 6 KB	151ms 101ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/base_external.css Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 891410621746b2ff6d1e4830eb0d819521c9b01e9e213257fcd4d2f554ff1a61 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 94526 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"base_external.4e102eeb51.css" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qHJHa8xqIFsXKE2RAGszmTiSgDqt5%2FwIZ%2FmQT92irGDAPJ32tECcfUJVALvLVz3AInbPPMaDvDR6lkRAlU8SbqN0v%2BxFZ679ifV6vcO%2BnFZ8VuZf0RTFOBAB2fjZlelcZCYirExZgK3TtslPE%2FJmnS51"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fabd288-FRA
GET H3	200	166.css api.rename-service0.workers.dev/	428 B 729 B	157ms 107ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/166.css Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c98d3a9b8c08a5813b773e49994d1ada4cb43a72f655c71b8efa33dbacc3f60 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 94526 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"166.32916c6d57.css" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vcCJVjGge5NW8sD9HBUgNoW5Pjh2MbnVwesqvCDKDKD%2FTVpSPrrww0gz21POQtV%2BsdAPL54NOG6Qjdb2RrPfbysvpizq4lEqYvLXcBJiduLGl2ZpitMmhmeMptIUQ17JuoLYDujTOVXo2USjDwOGQOHo"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fb3d288-FRA
GET H3	200	theme.css api.rename-service0.workers.dev/	37 KB 8 KB	156ms 107ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/theme.css Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92023afd6feb8f5fe2ab0b2622ddae9e26d5027996df15fe0b33714c7f3dba37 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11094 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"theme.5cf2c65f5e.css" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IAyJXnPW3Q0Ns6oNKk8EoU8a6UjrN0t6KXOKU7DMShXSMG5NoguFOrw4jFf3JoUpRmMWj3vAJSlu1EC33ONXsJ0xFh9%2BQeKcrHFHPNm2ibLNE6QqIyPrBm1BnUfKgf2VjxmnuG0rz92BCze%2FYyIUrgRu"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fbad288-FRA
GET H3	200	jquery-3.5.1.min.js Show response api.rename-service0.workers.dev/	87 KB 32 KB	189ms 139ms	Script application/javascript	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/jquery-3.5.1.min.js Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 115079 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"jquery-3.5.1.min.76bb118f46.js" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wam6NQQICMBdWspFcEbGe%2BtFOhipCQmwu61MKxCEj8uXWXQ6FQFfJN5eMjtLC391X4psz9uXHXoob3JCzQuonVUJwrMAWh49hZOplgxPzeYZ0A5Th%2B60qch3Dm4GqJgf%2FlpPM2ulazl7MsOG9jgsMrW%2B"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fbdd288-FRA
GET H3	200	jquery-migrate-3.3.1.min.js Show response api.rename-service0.workers.dev/	11 KB 5 KB	128ms 78ms	Script application/javascript	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/jquery-migrate-3.3.1.min.js Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90a8d6a27a26f746b4b263102f4fe120e956d99e3789325aafc7d6b7ca0ff0e4 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 115079 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"jquery-migrate-3.3.1.min.4a9b3d1a73.js" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HYSIk3ZrUHwxd5lXt6szmYmP468ETqNHJR8C8MeNDlcLrijadYfXfo05KjZTqWXNAEAje2zjcG4HF3ZdGkwNTsImOx%2B9%2FBMB7gbyhE%2BOQ7Rz5qTVHUYwcnhmLWay5sLsSRAXe%2BIKuaXJtNi35p0Hvthz"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29f9ed288-FRA
GET H3	200	moment.min.js Show response api.rename-service0.workers.dev/	18 KB 7 KB	116ms 66ms	Script application/javascript	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/moment.min.js Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a52005e60e92f39a0744fe733d45496ad3769634edbbbc74df1267f9639f522 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 115078 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"moment.min.7f22d534a7.js" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hR%2F18zE1pL4IL587rdRM7HZBuhwsfHqcCKCWpd9OAOGCK8RPLUS07Qubm5laPBgu1WVDvTDb8tK81aDV4%2BF5bYjgCqdOn5miasHtAOF8eIPeU89TjGpdpxcHWNE%2BYR7tXSfoRgNrj9yu3S15wcWT0iPw"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fb8d288-FRA
GET H3	200	polyfill.js Show response api.rename-service0.workers.dev/	463 B 806 B	151ms 101ms	Script application/javascript	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/polyfill.js Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb914e7633fd51b038e6c95387bc17049a9ae895d212d96268d446289f760792 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 115078 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"polyfill.40ba72c090.js" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YotVcTXG3A2Yy8ohQNRIiq3DL2g8lvw0JOyNDxDqb1aZNOxn7lMnANUF0Cs4N1RpUsfT%2FjWIBYNVfc719HMsV0zt5l1n48ROXBP7COgFOp8lLiBCtqTAjOCox07XDsZMP1PLdl05bQC5khVBnq0kwe4W"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fa6d288-FRA
GET H3	200	url-search-params-polyfill.js Show response api.rename-service0.workers.dev/	3 KB 2 KB	151ms 101ms	Script application/javascript	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/url-search-params-polyfill.js Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9472d39218e91315437ed9cd40f68d2b5fc5013e7916ecb3867325410a8b5c54 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 115078 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"url-search-params-polyfill.7be843fc3f.js" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rpuGCKIVybSGbD8fAE1Jd9vIT4lsL%2B29NAPpo1OQB1eOwvi6ZJ4BH1X%2Fret8lnDUuQ0OSsJkr07kqLTM3w24MIE%2Bws8%2BHu%2BXZMPlRRZLlPnoUyy%2FdLmmCFXAWbHXJMNA581OnO9EW0yD1TNQ2N%2Fcq2Mj"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fafd288-FRA
GET H3	200	peoplemedia.js Show response api.rename-service0.workers.dev/	81 KB 20 KB	156ms 106ms	Script application/javascript	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/peoplemedia.js Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87516298ac370a2f6a78d186a041a5c619163681386709ba009634244dc97f74 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 115078 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"peoplemedia.1b2176ec4d.js" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0694g4s2fIkpzkzYJXlxUTzpQu7g4mDzGd6%2FO3k%2FEsn47qa0S5Gyq%2FLzT%2FpEUA76K75qNCPwMsXlp5%2FW8MPMQsKYpUnfrS5j0zJufWDlorTfaCQtcoD8g1LAPiFN08BfQCgsBwpN3spn59c0HNGJbwy"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fb5d288-FRA
GET H3	200	menu.js Show response api.rename-service0.workers.dev/	3 KB 1 KB	266ms 216ms	Script application/javascript	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/menu.js Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9d7d8d050d62818c532f2229d1d5a807c5d33ffa949918b6d9452578d117e32 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 115078 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"menu.4a62090702.js" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2FlmVBVstkKWFiu%2BzxPOlVqwIr6IG4HxFtBE3yS7tBDgzP6kS0aJNZoOIG%2BpJkt1M4YLpq1IzZmXmk7DvrLjDDzqzS9odbnyi35iGmvBPrENgmo1nX%2Fr6UCqvgooGznB98w72F3qQymMXBPfVpjJjkZO"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fd6d288-FRA
GET H3	200	loggerv2.js Show response api.rename-service0.workers.dev/	9 KB 2 KB	266ms 216ms	Script application/javascript	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/loggerv2.js Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58597e3384d340cc06c55b25a5f2e997fd023e54ef38d1821c260a6e66114435 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 115078 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"loggerv2.11e5fbedca.js" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VS7lu%2FY0cnFA6u84ObCPml4EIuDIct%2Fyz%2BRaZ%2BQZiUlFy31EnTf5FpmQNHBJwTZih3ZH%2BNAkVrf8oUWvVui8f8j%2BOM05FRAGJeuXCRWHDAR%2FO8z%2F3wYzZHIFmMz8FRvHgyt3QNvlJv%2BO0YwQKkZHFUP6"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fdad288-FRA
GET H3	200	stacktrace-min-0.3.js Show response api.rename-service0.workers.dev/	4 KB 2 KB	267ms 218ms	Script application/javascript	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/stacktrace-min-0.3.js Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f40c7802fed53bf864c2bb1ed8ae01f70866eb8ec379dbac518053427d904fd0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 115078 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"stacktrace-min-0.3.6e619c868c.js" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oulb8KVES6kbkiGh%2BiyXjTLAGkf8QO0fNVXVVaUcx9CeJM4Q6nd%2FTL992BVwZS1x4OGi7D7ZOlszau9KcUPmfRQEVR%2Ft3Aj7OcjlkoWvVPlFTFYMQPK7fSWA8ctvYRWVDMpaY8xa47cPcEI2fadIK5rc"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fdcd288-FRA
GET H3	200	consent.js Show response api.rename-service0.workers.dev/	4 KB 2 KB	267ms 218ms	Script application/javascript	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/consent.js Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a87b735aa054867f4e2126e93228d82a22bde1123914ad2133e83c23e1bbc059 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 02 Sep 2024 13:20:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 115078 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"consent.cb730c5f71.js" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bFVnbeZEZfDd7t7sDJ3B2gndRwpDkPlAwQAwHxWgbSxRHgj0EIapUGKNivZqmkTHNVx0t0MxKgIL1smFgN8ke%2BejaDJnnPv89iwFslIRlU1pH1n2KPLAJIDrBuj10xNfEA5vY2YL0lRIyMQrLR6VlvZe"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8bcdcbc29fdfd288-FRA
GET H3	404	-login-form.js api.rename-service0.workers.dev/	0 0	356ms 307ms	Script text/html	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/-login-form.js Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 02 Sep 2024 13:20:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H0clol4tdaTG%2BypwjIgFHelRVqCAEVekCcq6qt9zoWjy3hevQIusPjrqh3bcsVrxxNXIJ6wxz0ZlIKfZsoEXJgmSL9M%2B92zoYHeSTvZXRr5llb4%2ByTH3ifbWK9%2BxmKJjsq9i88XDmnPNx2wfaquNEPCe"}],"group":"cf-nel","max_age":604800} cf-ray 8bcdcbc29fe0d288-FRA alt-svc h3=":443"; ma=86400 content-length 1228
GET H3	200	heagregauwe.png api.rename-service0.workers.dev/	2 KB 2 KB	157ms 156ms	Image image/png	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://api.rename-service0.workers.dev/heagregauwe.png Requested by Host: square-smoke-4c62.4tjwj7mx.workers.dev URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7248b8c4a08b8a45d4add928a459a98f12d61c02f5a7886f14bec7084e8ffdcb Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 02 Sep 2024 13:20:10 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 94526 alt-svc h3=":443"; ma=86400 content-length 1737 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag "heagregauwe.b2def557d4.png" vary Accept-Encoding x-frame-options DENY content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0HDOSC8Cd%2FQ2njelJK4D7%2FJm59IrFDp8OzsIxNSNoJnZqWUygq3AwGGRyDNrBJTMm6WOZydFsgZMgqNllafrIxJVDfaye%2F%2FKNXvzbKBibQcFR9E2cQmNyuZPP4C%2FaMIGNoxQYNtCJgtnw4vIu0DdKLF8"}],"group":"cf-nel","max_age":604800} feature-policy none accept-ranges bytes cf-ray 8bcdcbc2f8fed288-FRA
GET		.json api.rename-service0.workers.dev/otSDKStub.js/consent//	0 0
GET		gilroy-regular.otf api.rename-service0.workers.dev/gilroy/	0 0
GET H/1.1	200 OK	lottie_5.7.12.min.js Show response pmi.peoplemedia.com/pmicontent/scripts/	261 KB 65 KB	181ms 44ms	Script application/javascript	2.19.126.203 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://pmi.peoplemedia.com/pmicontent/scripts/lottie_5.7.12.min.js Requested by Host: api.rename-service0.workers.dev URL: https://api.rename-service0.workers.dev/peoplemedia.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.126.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-126-203.deploy.static.akamaitechnologies.com Software / ASP.NET Resource Hash 4a05e858c919465ee86c06519bce8a74705055c7f6c81d6fb614e35c717c7627 Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Mon, 02 Sep 2024 13:20:11 GMT Content-Encoding gzip Last-Modified Fri, 28 Jun 2024 23:15:39 GMT ETag "805fd016b1c9da1:0" X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 66695
GET H3	200	Loader.json Show response square-smoke-4c62.4tjwj7mx.workers.dev/content/animations/purple/	1 MB 584 KB	50ms 50ms	XHR text/html	172.67.203.244 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://square-smoke-4c62.4tjwj7mx.workers.dev/content/animations/purple/Loader.json Requested by Host: api.rename-service0.workers.dev URL: https://api.rename-service0.workers.dev/jquery-3.5.1.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.203.244 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc10d818a637f41c2289284ddcf4888a86b74f1298d6bd585ada640b6b304203 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 02 Sep 2024 13:20:11 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0TQ%2FVf232VP9%2BNHxnEPgfC%2F8e%2BRiuwD90VPjKYSVdJXA7NiSa768TEqm4uqORdRldvUMwf3%2FW8g6h0lZ%2FSUvUfz%2BKTXNK6fxnTXwTlBku9shwcryNtWucoKeLbalBCKianymMjD51jKgLMNv376IeGyseIzMAwoefA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 8bcdcbc608a23686-FRA link </test.css>; rel=preload; as=style alt-svc h3=":443"; ma=86400
GET H3	200	favicon.ico square-smoke-4c62.4tjwj7mx.workers.dev/	1 MB 584 KB	52ms 52ms	Other text/html	172.67.203.244 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://square-smoke-4c62.4tjwj7mx.workers.dev/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.203.244 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc10d818a637f41c2289284ddcf4888a86b74f1298d6bd585ada640b6b304203 Request headers Referer https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 02 Sep 2024 13:20:11 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFSHycra3j9baT94YdkpdH28iVrdIdSM5LWWTfxI75Y7n1TguS8tlcqNvDJ4SX6yTeDAd%2BadjKSlURM5HQBHc3HWjOg8yxcK%2BgyXRYjb%2BMOyHbFawZXxiypKISLiw7htlqQt0ca6nIFOesQUypKhzusQIEh8V8oeZQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 8bcdcbc608a93686-FRA link </test.css>; rel=preload; as=style alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

api.rename-service0.workers.dev

URL

https://api.rename-service0.workers.dev/otSDKStub.js/consent//.json

Domain

api.rename-service0.workers.dev

URL

https://api.rename-service0.workers.dev/gilroy/gilroy-regular.otf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ourtime.com (Online)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| a0_0x962e function| a0_0x31e722 object| a0_0x2c4f function| a0_0x2103 function| a0_0x46fd4d function| a0_0x2276 function| a0_0x3cd2c8 function| a0_0x354a08 function| a0_0x5df3d3 function| a0_0x383f42 function| _0x45a450 object| a0_0x1b21 function| a0_0x81a9 function| a0_0x41fc69 function| _0x4920d2 object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper object| _gaq object| google_tag_manager function| jQuery function| $jq function| moment object| PeopleMediaConfig object| PeopleMedia function| uaMatch object| matched object| browser object| PeopleMediaMenu function| printStackTrace object| lottie object| bodymovin object| gy object| ft

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/otSDKStub.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/otSDKStub.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/js?id=UA-1817027-45, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/jquery-3.5.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/jquery-migrate-3.3.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/moment.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/polyfill.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/url-search-params-polyfill.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/peoplemedia.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/menu.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/loggerv2.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/stacktrace-min-0.3.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/consent.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/-login-form.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://api.rename-service0.workers.dev/-login-form.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Message: Access to font at 'https://api.rename-service0.workers.dev/gilroy/gilroy-regular.otf' from origin 'https://square-smoke-4c62.4tjwj7mx.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rename-service0.workers.dev/gilroy/gilroy-regular.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Message: Access to XMLHttpRequest at 'https://api.rename-service0.workers.dev/otSDKStub.js/consent//.json' from origin 'https://square-smoke-4c62.4tjwj7mx.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rename-service0.workers.dev/otSDKStub.js/consent//.json Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://square-smoke-4c62.4tjwj7mx.workers.dev/v3/aboutonlinedating Message: The resource https://square-smoke-4c62.4tjwj7mx.workers.dev/test.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.rename-service0.workers.dev
pmi.peoplemedia.com
square-smoke-4c62.4tjwj7mx.workers.dev
api.rename-service0.workers.dev
172.67.203.244
172.67.209.83
2.19.126.203
0c98d3a9b8c08a5813b773e49994d1ada4cb43a72f655c71b8efa33dbacc3f60
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
2cdc08c78d317a7163dcdd852e85319c477d5272897a250d28e562f699f9d6e4
2cfb61c5b4464a49bf1a1867ab3c06ad790468ab0d6b3dec415a5929b20dac85
4a05e858c919465ee86c06519bce8a74705055c7f6c81d6fb614e35c717c7627
58597e3384d340cc06c55b25a5f2e997fd023e54ef38d1821c260a6e66114435
5a52005e60e92f39a0744fe733d45496ad3769634edbbbc74df1267f9639f522
5de625c36355cce7c1d5408826a0b21abfb49fb6c0e1f16c945a6f2aef38200c
7248b8c4a08b8a45d4add928a459a98f12d61c02f5a7886f14bec7084e8ffdcb
87516298ac370a2f6a78d186a041a5c619163681386709ba009634244dc97f74
891410621746b2ff6d1e4830eb0d819521c9b01e9e213257fcd4d2f554ff1a61
90a8d6a27a26f746b4b263102f4fe120e956d99e3789325aafc7d6b7ca0ff0e4
92023afd6feb8f5fe2ab0b2622ddae9e26d5027996df15fe0b33714c7f3dba37
9472d39218e91315437ed9cd40f68d2b5fc5013e7916ecb3867325410a8b5c54
a87b735aa054867f4e2126e93228d82a22bde1123914ad2133e83c23e1bbc059
b9d7d8d050d62818c532f2229d1d5a807c5d33ffa949918b6d9452578d117e32
cb914e7633fd51b038e6c95387bc17049a9ae895d212d96268d446289f760792
cc15754d44e7ee5a41927be3ef6b902cae28014d57ae6f591eb576f221bd237c
dc10d818a637f41c2289284ddcf4888a86b74f1298d6bd585ada640b6b304203
eb39af57479f04518b464a917a20921f9f25739ec733cba0e5f1d5b7315a4a57
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f40c7802fed53bf864c2bb1ed8ae01f70866eb8ec379dbac518053427d904fd0