uk.phishingtackle.com Open in urlscan Pro
2606:4700:20::ac43:44bd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://uk.phishingtackle.com/
Effective URL:
https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Submission: On February 17 via manual (February 17th 2022, 6:18:13 pm UTC) from IN — Scanned from DE

Summary HTTP 88 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 12 domains to perform 88 HTTP transactions. The main IP is 2606:4700:20::ac43:44bd, located in United States and belongs to CLOUDFLARENET, US. The main domain is uk.phishingtackle.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 24th 2021. Valid for: a year.

This is the only time uk.phishingtackle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	2606:4700:20:... 2606:4700:20::ac43:44bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2600:9000:223... 2600:9000:223e:ee00:14:603f:d780:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
10	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
12	2600:9000:236... 2600:9000:236e:5e00:18:6c16:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:74a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:915b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
5	34.107.203.234 34.107.203.234	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	52.45.223.153 52.45.223.153	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:f449	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2014	() ()
88	16

13 2606:4700:20::ac43:44bd (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

uk.phishingtackle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:223e:ee00:14:603f:d780:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.phishingtackle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:236e:5e00:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tools.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:74a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.announcekit.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:915b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.203.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.203.107.34.bc.googleusercontent.com

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-preview.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.223.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-223-153.compute-1.amazonaws.com

announcekit.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f449 (United States)

ASN13335 (CLOUDFLARENET, US)

hello.myfonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

phishingtackle.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2014 (None, )

ASN- ()

public-auth-dot-lucky-orange.appspot-preview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	phishingtackle.com 1 redirects uk.phishingtackle.com cdn.phishingtackle.com	457 KB
17	luckyorange.com tools.luckyorange.com — Cisco Umbrella Rank: 22946 settings.luckyorange.com — Cisco Umbrella Rank: 22569 api-preview.luckyorange.com — Cisco Umbrella Rank: 133407	446 KB
10	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1899 ekr.zdassets.com — Cisco Umbrella Rank: 2159	394 KB
5	announcekit.app cdn.announcekit.app — Cisco Umbrella Rank: 41689 announcekit.app — Cisco Umbrella Rank: 38911	62 KB
3	zendesk.com phishingtackle.zendesk.com	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	40 KB
3	gstatic.com fonts.gstatic.com	91 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 7546 prism.app-us1.com — Cisco Umbrella Rank: 7584	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	71 KB
1	myfonts.net hello.myfonts.net — Cisco Umbrella Rank: 4591	353 B
1	appspot-preview.com public-auth-dot-lucky-orange.appspot-preview.com Failed
88	12

	Domain	Requested by
16	cdn.phishingtackle.com	uk.phishingtackle.com
13	uk.phishingtackle.com	1 redirects uk.phishingtackle.com
12	tools.luckyorange.com	uk.phishingtackle.com tools.luckyorange.com
9	static.zdassets.com	uk.phishingtackle.com static.zdassets.com
3	phishingtackle.zendesk.com	static.zdassets.com
3	api-preview.luckyorange.com	tools.luckyorange.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	cdn.announcekit.app	uk.phishingtackle.com announcekit.app
3	fonts.googleapis.com	uk.phishingtackle.com announcekit.app
2	announcekit.app	uk.phishingtackle.com cdn.announcekit.app
2	settings.luckyorange.com	tools.luckyorange.com
2	www.googletagmanager.com	uk.phishingtackle.com announcekit.app
1	hello.myfonts.net	client
1	public-auth-dot-lucky-orange.appspot-preview.com	tools.luckyorange.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	ekr.zdassets.com	static.zdassets.com
1	diffuser-cdn.app-us1.com	uk.phishingtackle.com
88	18

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-24` - `2022-06-23`	a year	crt.sh
cdn.phishingtackle.com Amazon	`2021-10-17` - `2022-11-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
luckyorange.com Amazon	`2022-01-17` - `2023-02-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
settings.luckyorange.com R3	`2022-01-04` - `2022-04-04`	3 months	crt.sh
*.announcekit.app Amazon	`2022-01-21` - `2023-02-19`	a year	crt.sh
api-preview.luckyorange.com R3	`2022-01-04` - `2022-04-04`	3 months	crt.sh
phishingtackle.zendesk.com Cloudflare Inc ECC CA-3	`2021-07-24` - `2022-07-23`	a year	crt.sh
*.appspot-preview.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Frame ID: 1B018F58E91E942F3B1C092C6D2B4776
Requests: 47 HTTP requests in this frame

Frame: https://announcekit.app/widget/ksLEQ
Frame ID: 17C9E5FDC490D7100A686546466A0E3E
Requests: 21 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/core.js?v=36dbcdc
Frame ID: E6A331989922E20667C90938A507D072
Requests: 6 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=36dbcdc
Frame ID: 1589799FD29047B48F17C31AE35B6D08
Requests: 9 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-c89f2cabb37233fdb333.js
Frame ID: 6051439716D20669F2137DBD9BC3547C
Requests: 12 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=36dbcdc
Frame ID: 8EBBDF8DBAE40469018A0777B5CCC5FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Phishing Tackle

Page URL History Show full URLs

https://uk.phishingtackle.com/ HTTP 302
https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href="[^"]*material(?:\.[\w]+-[\w]+)?(?:\.min)?\.css

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

uikit.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

89 %
HTTPS

73 %
IPv6

12
Domains

18
Subdomains

16
IPs

3
Countries

1572 kB
Transfer

5031 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://uk.phishingtackle.com/ HTTP 302
https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://uk.phishingtackle.com/css/Account/login.css HTTP 302
https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2Ferrors%2F404

88 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Login Show response
uk.phishingtackle.com/Account/
Redirect Chain

https://uk.phishingtackle.com/
https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

390 KB
263 KB

207ms
207ms

Document
text/html

2606:4700:20::ac43:44bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab0aa2268abd81792ae7d1e29a1dab42e095ceaef15fdb5869002a8924328e18

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
pragma: no-cache,no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT,0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN SAMEORIGIN
strict-transport-security: max-age=31536000
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: strict-origin-when-cross-origin
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
x-powered-by
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQeLud4AiK%2FFZc%2FoVmGWPK0AWRyZ%2FQyv5nR%2F0W2L2s1yC2rxWcJnkUebJtv6InY0WK0VNnGoZNdzykMvGz1fGs7mmn%2Bdew6aBXUEKHP8uCfBdM1zKW4g5dFEnDJpMngl8o%2BYl4U93PZY%2FHNIPd5a%2FIK%2BCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6df1043afe0b5b74-FRA
content-encoding: br

Redirect headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-length: 0
location: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
referrer-policy: strict-origin-when-cross-origin
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
x-frame-options: SAMEORIGIN
x-powered-by
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrLC0DqpQODEdHw1%2FRwibtTRYZUgqM2ZHaGFhOfqMOPyv64p3R2AdOkNkA1F9ES4HxLTec3UvBCcc9Ayo7vNb4WVdVFNc%2B%2Btov9h8BKMGXqcwUMw%2ByBZVD1XO9jjKxyXBHZ5dSiZMBfiLZ2h4oyEvHCkoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6df104394aca5b74-FRA

GET
H2 200 jquery-3.6.0.slim.min.js Show response
cdn.phishingtackle.com/js/jquery/3.6.0/ 71 KB
24 KB 175ms
66ms Script
application/javascript 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/js/jquery/3.6.0/jquery-3.6.0.slim.min.js
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 00:45:35 GMT
content-encoding: gzip
last-modified: Sun, 19 Dec 2021 19:16:01 GMT
server: AmazonS3
age: 63154
etag: W/"1276065911521c5c22037a31365d179d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 8yYkhFRvQqeQd3QS7ntRqLM0SGHCZAx0MPn3HKO3jam6c3A6I1oAHg==

GET
H2 200 jquery-3.6.0.min.js Show response
cdn.phishingtackle.com/js/jquery/3.6.0/ 87 KB
31 KB 175ms
66ms Script
application/javascript 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/js/jquery/3.6.0/jquery-3.6.0.min.js
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 20:30:10 GMT
content-encoding: gzip
last-modified: Sun, 19 Dec 2021 19:16:01 GMT
server: AmazonS3
age: 78479
etag: W/"8fb8fee4fcc3cc86ff6c724154c49c42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: IOwI9vJQyPuMXN9C_VotmwH9N_H7V35ptfxptq-EFRUaI4qSiYaNPQ==

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 75ms
29ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,900

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa08d3a92324fea7ba638db05d140fadfbc921a468125871c871ba38f9b2ab85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://uk.phishingtackle.com/
Origin: https://uk.phishingtackle.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 18:18:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Feb 2022 18:18:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Feb 2022 18:18:08 GMT

GET
H2 200 all.css
uk.phishingtackle.com/css/Local/fontawesome/5.6.3/ 52 KB
12 KB 125ms
124ms Stylesheet
text/css 2606:4700:20::ac43:44bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uk.phishingtackle.com/css/Local/fontawesome/5.6.3/all.css

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
vary: Accept-Encoding
x-xss-protection: 1;mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 02 Aug 2020 16:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d668e946e37058"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHaWXfp%2Fjxjlntt9MybSLRIDsRD2kGUFnaDKRmXoyqYO0RDhYJOU5IqSa%2FSe7GRbK01nyrgP6Yn4F%2FU4yE9sj%2Bkv2g1bkUC4LGM7hQwlAL4vwruLTe43VBC%2F0uZoXOlFs6iaK2m2Hr17B0YzKB0kZN7P1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
content-security-policy: upgrade-insecure-requests
cf-ray: 6df1043c69f95b74-FRA
expires: 0

GET
H2 200 bootstrap-material.min.css
cdn.phishingtackle.com/vendor/ 128 KB
19 KB 152ms
44ms Stylesheet
text/css 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/vendor/bootstrap-material.min.css
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12164f634c6ad5f201e72f53630dcc31eded948c614bebf2e1e12da4e595d443

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-encoding: gzip
last-modified: Sun, 17 Oct 2021 09:17:50 GMT
server: AmazonS3
age: 30639
etag: W/"ad7a3d459a1a22521c87af53c314ff13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: Fhm3H7WBczWlZWOZlHPyDPCqzjdNlCaEJMey4eORW4H151-32ljB-Q==

GET
H2 200 appwork-material.min.css
cdn.phishingtackle.com/vendor/css/ 178 KB
21 KB 164ms
56ms Stylesheet
text/css 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/vendor/css/appwork-material.min.css
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba59dd0af682e6baafff5c428c39b48307e78013c7f2ee017305eea07f6cd1fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-encoding: gzip
last-modified: Sun, 17 Oct 2021 10:43:43 GMT
server: AmazonS3
age: 30639
etag: W/"6c358853965cedf0c3f3c8b4902e533e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: y3-edqzV8t759F7e-sD1E-xxBl2zUSbYIR23H8ElXsuLtajGuAtfJg==

GET
H2 200 theme-twitlight-material.min.css
cdn.phishingtackle.com/vendor/css/ 31 KB
5 KB 152ms
45ms Stylesheet
text/css 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/vendor/css/theme-twitlight-material.min.css
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a84e8f3d0288dbe8b463df35a06c4c7e2f10dbde8a5d5c30c7c9c86dc6f6c301

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-encoding: br
last-modified: Sun, 17 Oct 2021 13:03:46 GMT
server: AmazonS3
age: 33157
etag: W/"3f4548cc257e1d360e27c01450560cf0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: Au-ApNxtBND5TkVrygp2ia2dh4cW81qahcJe8Qsz9Hl2koML7rvWrg==

GET
H2 200 colors-material.min.css
cdn.phishingtackle.com/vendor/css/ 81 KB
8 KB 145ms
37ms Stylesheet
text/css 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/vendor/css/colors-material.min.css
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 058e933eb29ed4ee0977081dcbe7fe8cbebd43473ace317ed422d5cd894106a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-encoding: gzip
last-modified: Sun, 17 Oct 2021 11:09:13 GMT
server: AmazonS3
age: 30639
etag: W/"0e68bd5342501277aad912dc122a217c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: TSaGmfPTJjTjP02ixOH3cGO_Nkl8aAlhWrbs2EFhF0Z-8o1fVONqig==

GET
H2 200 uikit.min.css
cdn.phishingtackle.com/vendor/css/ 12 KB
3 KB 159ms
52ms Stylesheet
text/css 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/vendor/css/uikit.min.css
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37582352e95551af14b373409783c26963871b25ed7f8e0caed7651870114dd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-encoding: gzip
last-modified: Sun, 17 Oct 2021 12:23:37 GMT
server: AmazonS3
age: 30639
etag: W/"99a225a09f4c9b2bb7ecceac7c8e29cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 03nu9i_uBFodzKoFHnTB3d9pBv0Gp1j09Mb84AFp5PTTp4VdjmKyvw==

GET
H2 200 layout-helpers.js Show response
cdn.phishingtackle.com/vendor/js/ 12 KB
3 KB 158ms
51ms Script
application/javascript 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/vendor/js/layout-helpers.js
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6730d89e58a054c45e43c3d1d599ccaffb7888af825cb38b9e0d99881c1be59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-encoding: gzip
last-modified: Sun, 17 Oct 2021 12:24:28 GMT
server: AmazonS3
age: 37833
etag: W/"c2e05efd1e8ecb16f2bcdd749b76ed6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: qPIjUnCER42IjB7aW3GOOzvmTa1y_ZjYtfdJkYwaba8g4Kv0fi1IPw==

GET
H2 200 perfect-scrollbar.min.css
cdn.phishingtackle.com/vendor/libs/perfect-scrollbar/ 5 KB
1 KB 132ms
25ms Stylesheet
text/css 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/vendor/libs/perfect-scrollbar/perfect-scrollbar.min.css
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e40e8e25b74aee012e7ec574146ec22260ea9b42c0d6f6a56026d57355e4a71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 20:30:10 GMT
content-encoding: br
last-modified: Sun, 17 Oct 2021 12:26:45 GMT
server: AmazonS3
age: 78479
etag: W/"ee540464516b77203affadc01c433f00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: vYbyRA7dLW7HXY78ShgDy4XgjZP9guyZ7wgCWshdb-_eZv_VuNXRjg==

GET
H2 200 site.css
uk.phishingtackle.com/css/ 2 KB
801 B 149ms
147ms Stylesheet
text/css 2606:4700:20::ac43:44bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uk.phishingtackle.com/css/site.css

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bd1de38f41701df38f9ac4ddbfdfb6d085bda7152dcc10d4a80575b5a25907d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
vary: Accept-Encoding
x-xss-protection: 1;mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 09 Sep 2020 06:34:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d686733bfff144"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BF43ceQ8Urjjfje9g7LcLqxoif2XKrc4J8w3H7RiN9wcUZAzB%2BBwEPTCCHxNjeAt%2BJLA2SZvIz59%2FwUasDxWED3Yn%2BWRJR0DmRk1%2FHWr0U%2B5R0hYC0yzYRMc4VVfHZM2Fv3mFVVQ6nuKzM8%2BqPMHWaGKpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
content-security-policy: upgrade-insecure-requests
cf-ray: 6df1043c69fe5b74-FRA
expires: 0

GET
H2 200 help-content.css
uk.phishingtackle.com/css/HelpContent/ 705 B
647 B 148ms
146ms Stylesheet
text/css 2606:4700:20::ac43:44bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uk.phishingtackle.com/css/HelpContent/help-content.css

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bba8691b5c6f6641d3bdbbcb828abef73254c70226a84b00b46e64f0473aee40

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
vary: Accept-Encoding
x-xss-protection: 1;mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Mar 2020 21:21:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d602eb4a3ba2c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LADocrVaaWA9yihnEBwkgMJ1lWK7Fvt54FmTNtGLC30W4O56uIEQU4u%2FStFwF4yU1K82LfW66hRd7zKtnDNgYm7kD6d1VYQSgQkegFuKfeA80aHG4oaTITXzwr8UOypY7K9uQDqL7bJHJL%2BL7TG%2FDLFUJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
content-security-policy: upgrade-insecure-requests
cf-ray: 6df1043c6a005b74-FRA
expires: 0

GET
H2 200 authentication.css
cdn.phishingtackle.com/vendor/css/pages/ 10 KB
3 KB 162ms
56ms Stylesheet
text/css 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/vendor/css/pages/authentication.css
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97c1b376bcc5a8505a951885266ef217526fddc85ba12838898c03686bcc11d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 06:22:38 GMT
content-encoding: br
last-modified: Wed, 20 Oct 2021 12:11:25 GMT
server: AmazonS3
age: 42931
etag: W/"f1a3fea7a61d25fe78d72e244fdec17f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 7FAp4jfHeLD4QL8N_URSMWjU0SJIvaJ0QY5IJ7hKsNzduucZsF00Ew==

GET
H2 200 theme-overide.css
uk.phishingtackle.com/css/ 19 KB
5 KB 149ms
148ms Stylesheet
text/css 2606:4700:20::ac43:44bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uk.phishingtackle.com/css/theme-overide.css

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d55b01b9481e2a0d31136c3cf03f2b3d335e426650b4bf42d7f8cd693690948

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
vary: Accept-Encoding
x-xss-protection: 1;mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 11 Jan 2022 11:48:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d806e12aa0cef3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cF0LKqyil%2B843EP2ZbX0CG1zVn%2Bc%2BOh0I7CzBlwDP4ozaI0cbyck0yvobRKkF3xk8My7ovEumzjZOTpBblzLuFamHpzLdXNReTavGD%2F2j2RFD%2FnBlsrdVzcJKaAv2JHuDysj5JSc%2FsfFZtpKhfpErNOXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
content-security-policy: upgrade-insecure-requests
cf-ray: 6df1043c6a035b74-FRA
expires: 0

GET

https://uk.phishingtackle.com/css/Account/login.css
https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2Ferrors%2F404

0
0

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 72ms
28ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 17:20:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Feb 2022 18:18:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Feb 2022 18:18:08 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 20 KB
6 KB 84ms
31ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=ffecb1e6-96f3-4120-8a85-053cb5218518

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eb3d539dd1a33f6b36a83cebe63c9bae149933824859089389bd8b24865768c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: DPR44VDXQ4C4566J
x-amz-id-2: +KNS/HHFQiZj0noM4wmz4KeG0deEcydaT0Rss12jYplEkKDFyOpFdgUk+QjD5M6yrHjtVI2U4h8=
last-modified: Sun, 09 Jan 2022 23:14:59 GMT
server: cloudflare
etag: W/"301f9083ec60c9321ec7789c905c3232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAG0jYVzG0EyhOg2qwr1GWruj%2FOwojhM3TwKjU6%2F3o6k6Q4KZS0a%2FFWQkAlrUJbSnaVOUCWFbUSkzxl994rcXrjIKXonZ1XyltnS1vu6oTB20qJLucjmK50n63AYwsNFZoLyI%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: oV93LKh3GEBdpA7a6pYv5Alew2GE593j
cf-ray: 6df1043cb9695b4a-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 179ms
44ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-127273791-4

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95ee94a3ec5efa4fc6c8f262fe42db422609ff1800a64c07d67689b94c6b9c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36133
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Feb 2022 18:18:09 GMT

GET
H2 200 lo.js Show response
tools.luckyorange.com/core/ 11 KB
4 KB 157ms
19ms Script
application/javascript 2600:9000:236e:5e00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/lo.js?site-id=178640
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5e00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cce81be4c70f826c2a61d818dbe1ee972d0d8e18566573191c15a164e219e2f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 17:46:12 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 15:45:58 GMT
server: AmazonS3
age: 1918
etag: "675d14509cd0a8547ace86c2e0224518"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 4234
x-amz-cf-id: 2uj63COoDq9efNLjQtD0RUXmkQaWvjbOdVp3ISn3TStLfvf5n2ZhUg==

GET
H2 200 widget.js Show response
cdn.announcekit.app/ 70 KB
23 KB 220ms
82ms Script
application/javascript 2606:4700:20::681a:74a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.announcekit.app/widget.js
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 499e610fe01553d12a8ab46a841c13f303c595efb2e6a75ed7d6abaf74dbffb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:09 GMT
via: 1.1 4a66fbee8ce857225d1bddf53b79420c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 157
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-encoding: br
last-modified: Fri, 21 Jan 2022 16:25:07 GMT
server: cloudflare
etag: W/"8aa3df36fe576d307b5d269bd6ffc8d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24RfR5oNzjK8auCP3KsskJbRAqAPt%2B8f1Mh9XiUqy7QSOOwkI4BjXWIC3A7kBAbD9yy1IgiRZnL989MJEVDYvlO%2F7%2BLwYSQsy8lWY6MYLViTBa6QETJwbvYUqSebuZ8E3WQfrYX%2FwFNJmpWVneiIcic%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300
x-amz-cf-pop: IAD89-P1
cf-ray: 6df1043fcaed91d7-FRA
x-amz-cf-id: 6MCx2GS6cDkG1QHh9NRBQAlBL9FfXoEuIIdgS_c1QGjSY3xkmacZ0w==

GET
H2 200 chat.css
uk.phishingtackle.com/css/ 120 B
894 B 148ms
147ms Stylesheet
text/css 2606:4700:20::ac43:44bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uk.phishingtackle.com/css/chat.css

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26aa3c37c39218cc9d91b731423f199532880055e9f795502fdebdb8dc345cc7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
vary: Accept-Encoding
x-xss-protection: 1;mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Jul 2020 04:03:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d65a5cf0f3aa78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BLUNXSEM944hC%2BI5Ni8aSbmGu%2F7lUqV1AOtXdxnJBzumnJ58fpsEwJSUvP3MP46bNzHqaatYzp7KH3XS%2BFcHONECpiXRpKJxZB9kfplpUC3hWhuRTaSQGuAEfzx2ggsD0gNHDW%2BkA%2BliYlh43lrRY6ePQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
content-security-policy: upgrade-insecure-requests
cf-ray: 6df1043c6a0b5b74-FRA
expires: 0

GET
H2 200 microsoft-logo-windows-21x21.png
uk.phishingtackle.com/img/SSO/ 162 B
987 B 104ms
102ms Image
image/png 2606:4700:20::ac43:44bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uk.phishingtackle.com/img/SSO/microsoft-logo-windows-21x21.png

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecc6ec51a0ff2a2c3314e3f98f47c75beb6ca294e70569cdc457a05fe7028d8d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:09 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
vary: Accept-Encoding
content-length: 162
x-xss-protection: 1;mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Mar 2020 21:21:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1d602eb4a3ba0a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIhVT%2Fl%2BSz6BYwm5WNP02ZiY9RhmAFuf9iAts5I51Lct8D%2BwI%2FxN2fekPSXM4fW4Bqziv1AgKJkugr98aGhxD%2F%2FAf0o9ERvm01bKoxvrvhNnl5PaBdQ6ZjFDEBmYvXvk2cqhFMfOuq9uvSsW46HTyhIvAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6df1043edfcd5b74-FRA
expires: 0

GET
H2 200 google-logo-g-21x21.jpg
uk.phishingtackle.com/img/SSO/ 1 KB
2 KB 160ms
159ms Image
image/jpeg 2606:4700:20::ac43:44bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uk.phishingtackle.com/img/SSO/google-logo-g-21x21.jpg

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d341fa525dfc1bd3ef6abdaf50994c06a56d3eff6f822f62f5841e18a6b4b5be

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:09 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
vary: Accept-Encoding
content-length: 1478
x-xss-protection: 1;mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Mar 2020 21:21:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1d602eb4a3ba5c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sL%2BSZBCJAtWE1ZqiAbr5Hcjt%2FUi7uDI2b6E3%2FKnvndIDKo8nWt4NfsLD%2BiMGhUGM3cXfzBcdjvMwlOAOvzaJdnTLS0se1VUQ%2FZWoD2fwjzDQwllebtjpAX0itTot%2FkEG5nqyR%2BT0O4XcVl91LFNTaOjM7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6df1043edfcf5b74-FRA
expires: 0

GET
H2 200 jquery.unobtrusive-ajax.min.js Show response
cdn.phishingtackle.com/js/ 4 KB
2 KB 29ms
28ms Script
application/javascript 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/js/jquery.unobtrusive-ajax.min.js
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c00b4d34cae1edefc9eccc9d913b43a20ccbbfb8bccf2d19584e4f09dc03b5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 06:22:38 GMT
content-encoding: br
last-modified: Sun, 17 Oct 2021 12:30:15 GMT
server: AmazonS3
age: 42931
etag: W/"58bd7efd249f034ae23dc47595fe1e52"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: w1go7cjZkuy4l7pJ33Ylbde2DeLYfYvNoCz7s5Ey_SsfBhBO1g6wPg==

GET
H2 200 popper.js Show response
cdn.phishingtackle.com/vendor/libs/popper/ 22 KB
8 KB 22ms
22ms Script
application/javascript 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/vendor/libs/popper/popper.js
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52b16dff60dc2c4ac1b03da4dc342303a0288428c38fba5faf190949f0b8ffc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:07:05 GMT
content-encoding: br
last-modified: Sun, 17 Oct 2021 12:28:05 GMT
server: AmazonS3
age: 40264
etag: W/"830bff19e3f5e9d888d5eb9c98fb83f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 8pfAeIpZuz_l-n8ddgHFlQPUMnBOCk7h6-1b1SEvXq3EZEEaD87zGg==

GET
H2 200 bootstrap.js Show response
cdn.phishingtackle.com/vendor/js/ 60 KB
14 KB 26ms
26ms Script
application/javascript 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/vendor/js/bootstrap.js
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4a118e175cfc095472fdf8454d9e65ea707f4c741d2b4d98139fd930058a6d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-encoding: gzip
last-modified: Sun, 17 Oct 2021 11:17:57 GMT
server: AmazonS3
age: 30639
etag: W/"6f57e39a0a8aedadaa9c1336a7b0c14b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 0IZGPEGz-zr7lgDk1tO1o73oXy02YLh5Ak6O4miLXDLqP1FPcTrN6A==

GET
H2 200 sidenav.js Show response
cdn.phishingtackle.com/vendor/js/ 17 KB
5 KB 24ms
24ms Script
application/javascript 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/vendor/js/sidenav.js
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e6aca61ef7ae907707da4e2eab6e98cd4b3d80e0996adaee6b3fcb627ee5a1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:08 GMT
content-encoding: gzip
last-modified: Sun, 17 Oct 2021 12:28:54 GMT
server: AmazonS3
age: 30639
etag: W/"4f6fd1a68e42f19c22d7925741fab63e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: USbUq4ztbZeOHVp8g-68KnEUGSal6dXW9MYifhUi6p7c848kSvUcFg==

GET
H2 200 perfect-scrollbar.js Show response
cdn.phishingtackle.com/vendor/libs/perfect-scrollbar/ 19 KB
6 KB 31ms
31ms Script
application/javascript 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/vendor/libs/perfect-scrollbar/perfect-scrollbar.js
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 815efa425a02e708635eac11831434c5bf9222c8d05f1bb635ff94579b6fc3eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 22:22:04 GMT
content-encoding: br
last-modified: Sun, 17 Oct 2021 12:32:34 GMT
server: AmazonS3
age: 71766
etag: W/"f699c9c578eb25b46a500c3e2b869686"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: vrQlVhjkk-PSEnVvCYs61l8Zr7s-s5XNunG_fd5I18r66CKq9o2zAw==

GET
H2 200 site.es5.min.js Show response
uk.phishingtackle.com/js/ 442 B
603 B 114ms
114ms Script
application/javascript 2606:4700:20::ac43:44bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uk.phishingtackle.com/js/site.es5.min.js?v=42QajpZKsW3RPCzZKAOoQw4PSciXvTH1qNP0PVr7ioA

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3641a8e964ab16dd13c2cd92803a8430e0f49c897bd31f5a8d3f43d5afb8a80

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
vary: Accept-Encoding
x-xss-protection: 1;mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Mar 2020 21:21:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d602eb4a3ba1ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apO0wtZRsGxNsa0hyUht0GpxtPUQedjHIuc2ZRV6CBBaNmsl0MAiPmVvYPnBdrJ%2FR020OXZhxypgE%2FBev1kT1a326jeh5LwUnREUOG4ci3s9aHR7WCjNdZP8qo299DucSiID%2BwGY9o5TnYKqWFN7OFXWnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
content-security-policy: upgrade-insecure-requests
cf-ray: 6df1043e8ef35b74-FRA
expires: 0

GET
H2 200 help-content.js Show response
uk.phishingtackle.com/js/HelpContent/ 3 KB
1 KB 131ms
131ms Script
application/javascript 2606:4700:20::ac43:44bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uk.phishingtackle.com/js/HelpContent/help-content.js

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49206156dd8aa04aecd0b46ac28d602bca91349b17c277ddea5197294b1dd205

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
vary: Accept-Encoding
x-xss-protection: 1;mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Mar 2020 21:21:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d602eb4a3babe8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kY%2BTaLCszThMhEM3uJVEfmoW2kwjzHQXiDxvI777fL5HcnZgxDDTjW8HzI4MPS8F97objCf8kVTpDmcVC2mDEt5hW%2FB9epYsjzhFlgAjazA3QF28cMCxHzgyIuYza3v0hTcRzbXand6ehQ%2BtV%2FVvGydNFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
content-security-policy: upgrade-insecure-requests
cf-ray: 6df1043edfc05b74-FRA
expires: 0

GET
H2 200 browser.js Show response
cdn.phishingtackle.com/js/ 496 B
830 B 31ms
29ms Script
application/javascript 2600:9000:223e:ee00:14:603f:d780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.phishingtackle.com/js/browser.js
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ee00:14:603f:d780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 214597c48814bc185e0ca497c6d5fc023f6f5f1944f14b55a6679b09c2b2462d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:09 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Wed, 20 Oct 2021 12:02:04 GMT
server: AmazonS3
age: 30640
etag: "b693a45ae9e14ca0bcfbed5b5fb1acd6"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 496
x-amz-cf-id: bW_ccECIBnHiiBiwYzu3SSqssnp88OT0dZE24Lifo66OGvMQOzd9IQ==

GET
H2 200 login.js Show response
uk.phishingtackle.com/js/Account/ 2 KB
1 KB 124ms
122ms Script
application/javascript 2606:4700:20::ac43:44bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uk.phishingtackle.com/js/Account/login.js

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d05cba74be03fdb638c9e8e17f9be79d14e685e580e72016bc7ad98268d46126

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
vary: Accept-Encoding
x-xss-protection: 1;mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 20 Jan 2022 08:23:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d80dd7104c5643"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtvHu%2FW1OynLHiP7iQcIFW85GkPu1VbbffR4YiG7aRhKiD0cHo8MRS0EKjKBxR5bkx6HSHrOGkYyXKWa%2FT71Ca7RIBKRmud25MMDicZtTRDeEsz3xfxKkqSj7pZgaoojLKOz%2BYax0kzgRjyeogd65lK6LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
content-security-policy: upgrade-insecure-requests
cf-ray: 6df1043edfca5b74-FRA
expires: 0

GET
H2 200 sweetalert2@8.js Show response
uk.phishingtackle.com/js/local/sweetalert/ 62 KB
17 KB 125ms
123ms Script
application/javascript 2606:4700:20::ac43:44bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uk.phishingtackle.com/js/local/sweetalert/sweetalert2@8.js

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fb5bdf552db295a96ea4b5c90679159db62417fb69fe0b57792e57daf79cfd9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
vary: Accept-Encoding
x-xss-protection: 1;mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 02 Aug 2020 17:11:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1d668effcb117a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAg%2B3gugB1wZd9nq4lJTr3k7jfDwYXuMQnVIPWcVwvphmw%2BFKfOYMt8HieWPl37xkl6Ht1XMHW0XmAsxav0fOQOVltbvzCCSIcMGjvWglfjFJ3T2W82eqoAJSqLhA9afoDQXl0A1C57r%2FwQfrVK3uPyy2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
content-security-policy: upgrade-insecure-requests
cf-ray: 6df1043edfcc5b74-FRA
expires: 0

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 169ms
31ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:09 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
server: cloudflare
etag: W/"4d482a43613d3966f353ec9d97452e0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: JFK51-C1
cf-ray: 6df1043fb96291e7-FRA
x-amz-cf-id: oZhFo9j89p1leJG4OQolJWZydpb_GAlM_8gSjNWGBnsgqasZ6WidiQ==

GET
DATA 200
OK truncated
/ 219 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc1715101028dac45e4e89f8beed853a7c18bc1ac18fb15c36001856c4289667

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 39 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09739bc894421fa1aab6c9aa1aed5eaffc891f8bcf9afc520471b37ed0732bc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 16 KB
16 KB 158ms
42ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uk.phishingtackle.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 170301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 18:59:48 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 133ms
18ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uk.phishingtackle.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:14:34 GMT
x-content-type-options: nosniff
age: 151415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 00:14:34 GMT

GET
H2 200 ffecb1e6-96f3-4120-8a85-053cb5218518 Show response
ekr.zdassets.com/compose/ 493 B
1 KB 1207ms
1118ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/ffecb1e6-96f3-4120-8a85-053cb5218518

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ffecb1e6-96f3-4120-8a85-053cb5218518

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaf18e515d1f77042b8aa4de9ad94cde2cd48ac04b16b09199f1be935840675f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:10 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-request-id: 98728a7a-f4f1-42e3-a597-1b9976d2455a
x-runtime: 0.002382
server: cloudflare
etag: W/"aaf18e515d1f77042b8aa4de9ad94cde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTQPyUx2uz9SvR5%2FhwIRTCNlktcSII%2ByprlhROt8j2AIdoX4cv%2F6cKVHQSJ39tEZD4ORaRSSEezZWuCsjk%2FquRICVNpsCU4TnTlEEv3rU3DgYvFMoDNy7gOLOdXtNWf8CNY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6df1043fbde49164-FRA

GET
H3 200 178640 Show response
settings.luckyorange.com/ 6 KB
2 KB 151ms
125ms Fetch
application/json 34.107.203.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/178640
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=178640
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 039e6f9ddc5dbdaa381e513914c9a19dec100158b66627de60163251838bd939

Request headers

Referer: https://uk.phishingtackle.com/
Accept-Language: de-DE,de;q=0.9
x-lucky-uid: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:09 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://uk.phishingtackle.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

OPTIONS
H2 200 178640
settings.luckyorange.com/ Frame 0
0 290ms
129ms Preflight 34.107.203.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/178640
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lucky-uid
Origin: https://uk.phishingtackle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://uk.phishingtackle.com
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id
access-control-max-age: 86400
date: Thu, 17 Feb 2022 18:18:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
prism.app-us1.com/ 0
214 B 240ms
229ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=223916723&u=https%3A%2F%2Fuk.phishingtackle.com%2FAccount%2FLogin%3FReturnUrl%3D%252F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.27
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 90
cf-ray: 6df104402ab191e7-FRA
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
17ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127273791-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 797
date: Thu, 17 Feb 2022 18:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 17 Feb 2022 20:04:52 GMT

POST
H/1.1 200
OK ksLEQ Show response
announcekit.app/widget/ Frame 17C9 48 KB
9 KB 489ms
109ms Document
text/html 52.45.223.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://announcekit.app/widget/ksLEQ

Requested by

Host: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.223.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-223-153.compute-1.amazonaws.com

Software

Resource Hash

727e27ebc8e4331236036637ca5336407f2e6fcf80485cd208abb8b1f521897e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://uk.phishingtackle.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 17 Feb 2022 18:18:09 GMT
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
transfer-encoding: chunked
Connection: keep-alive

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 25ms
25ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1184868177&t=pageview&_s=1&dl=https%3A%2F%2Fuk.phishingtackle.com%2FAccount%2FLogin%3FReturnUrl%3D%252F&ul=en-us&de=UTF-8&dt=Phishing%20Tackle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=62802701&gjid=1441915937&cid=590912427.1645121889&tid=UA-127273791-4&_gid=1294851216.1645121889&_r=1&gtm=2ou290&z=438770734

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://uk.phishingtackle.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Feb 2022 18:18:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uk.phishingtackle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core.js Show response
tools.luckyorange.com/core/ Frame E6A3 202 KB
61 KB 88ms
33ms Script
application/javascript 2600:9000:236e:5e00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/core.js?v=36dbcdc
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=178640
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5e00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83ed189d053a298d2232a3101176adfafa9005ddbe4c3a644824f8c71b348caa

Request headers

Referer
Origin: https://uk.phishingtackle.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 16:22:53 GMT
content-encoding: gzip
age: 93317
x-cache: Hit from cloudfront
content-length: 61554
access-control-allow-origin: *
last-modified: Wed, 16 Feb 2022 15:45:59 GMT
server: AmazonS3
etag: "1ebc90d46f933d39602b205b882faad8"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: EDHz5EK1VJJ-E5REH8oIOLGpBhHztxJY_tW4yalDMp5eD8NTrp9uSg==

GET
H2 200 bootstrap.js Show response
tools.luckyorange.com/messenger/ 4 KB
2 KB 27ms
27ms Script
application/javascript 2600:9000:236e:5e00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/messenger/bootstrap.js
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=36dbcdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5e00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d3208cfa5ef112cb02b5c9b160f3f40a75961b113c5de6017416704eadc88999

Request headers

Referer: https://uk.phishingtackle.com/
Origin: https://uk.phishingtackle.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:11:09 GMT
content-encoding: gzip
age: 421
x-cache: Hit from cloudfront
content-length: 1680
access-control-allow-origin: *
last-modified: Thu, 17 Feb 2022 16:43:30 GMT
server: AmazonS3
etag: "08c1a9cf97473b31623a245f9848b9f9"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: YjiuyaffL6a4ehf8jJmm7jL1MIB0vNGDdYFmgUWJbU0FM-hj5WhKGA==

GET frame.js
tools.luckyorange.com/core/ Frame 17C9 0
0

GET
H3 200 css
fonts.googleapis.com/ Frame 17C9 4 KB
480 B 59ms
32ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,500,600,700&subset=latin-ext,cyrillic,cyrillic-ext&display=swap

Requested by

Host: announcekit.app
URL: https://announcekit.app/widget/ksLEQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32edc7e7194ff0136884fe7ffbfb71364ea9d13bcde6e14a4c6ac0acdb1153b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://announcekit.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 18:18:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Feb 2022 18:18:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Feb 2022 18:18:10 GMT

GET
H2 200 bfd6426d106ea6c52c9b.css
cdn.announcekit.app/ Frame 17C9 44 KB
8 KB 48ms
48ms Stylesheet
text/css 2606:4700:20::681a:74a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.announcekit.app/bfd6426d106ea6c52c9b.css
Requested by: Host: announcekit.app
URL: https://announcekit.app/widget/ksLEQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44385dda102c332f572f463df6a9b61f0367e3d24a16986ea113b94ccce046de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://announcekit.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:10 GMT
via: 1.1 aa6e16f47d6a0519f52b8dcfca2d841a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2018364
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-encoding: br
last-modified: Fri, 21 Jan 2022 16:26:03 GMT
server: cloudflare
etag: W/"9ebef7d54e325d52afc0edd0026f7449"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5VB75edhpfaEtJL0aTewttI%2BXt%2BAkK9V6SMqFOkYsZfq9v62PiSxfY1u4oblFu5Td2y36lWYPWfdeT3%2BMHlhg0lTX3h9V9XowydHA%2B9ZoWDnEvbDyE4GJHzJ127J8DbuGWTjNm%2B%2FEfFoNg%2FekQclXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-pop: IAD89-P1
cf-ray: 6df104445c6391d7-FRA
x-amz-cf-id: UY0LKr-TL_H6OfSSz-_u9mLy1tWki1yPauSTQ1Jv0HuUUI5QVKJJDA==

GET
H2 200 bfd6426d106ea6c52c9b.js Show response
cdn.announcekit.app/ Frame 17C9 61 KB
22 KB 47ms
47ms Script
application/javascript 2606:4700:20::681a:74a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.announcekit.app/bfd6426d106ea6c52c9b.js
Requested by: Host: announcekit.app
URL: https://announcekit.app/widget/ksLEQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:74a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13846fe607c38d2780c681a6c13eceaea42896ccbce30c2d4d180a369dcf4dd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://announcekit.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:09 GMT
via: 1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2018364
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-encoding: br
last-modified: Fri, 21 Jan 2022 16:26:03 GMT
server: cloudflare
etag: W/"0ac292254476cd77191b7e13b2a5b425"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xglPaP3k8rtPlkhR%2FceUfmJARGpL8IpZ64yf2kD0skYiz3rLzj40nyrQAm7nrWUswL4L4CLvkzT0scIJe9Rw30%2BHDEeblXnOdl2QmF4Mm9kA31RotfFlobB5rzgRMF7gGzmxOw%2FLbpT42fKmIGCN%2FLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-pop: IAD89-P1
cf-ray: 6df104445c6691d7-FRA
x-amz-cf-id: NfefJsCPV3sydki0zTvH88FYup9z_ILD-Xux2wJo54tzcer6SNo21g==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 17C9 90 KB
35 KB 53ms
28ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-127273791-4

Requested by

Host: announcekit.app
URL: https://announcekit.app/widget/ksLEQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95ee94a3ec5efa4fc6c8f262fe42db422609ff1800a64c07d67689b94c6b9c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://announcekit.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36133
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Feb 2022 18:18:10 GMT

GET
H2 200 index.html Show response
tools.luckyorange.com/messenger/ 1 KB
885 B 48ms
48ms Fetch
text/html 2600:9000:236e:5e00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/messenger/index.html
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5e00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b031aa7b5053cd268ef6c49258289fe930d13e86fb7ecb0c2da0e58ceac12f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 16:45:30 GMT
content-encoding: gzip
last-modified: Thu, 17 Feb 2022 16:43:26 GMT
server: AmazonS3
age: 5560
etag: W/"700ca13ab184014a8492da8acda3b16e"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/html
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 35X1jlzN1lTmAmUNZUfqiIWQ6Cr7bSBkMmJ96GTC4wQ5iWljdkzDDA==
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)

GET
DATA 200
OK truncated
/ Frame 17C9 116 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d594ebdd45c31f37e21ee7164815ca56e2146d2fc76ce4775f06cbbc7651d43c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 17C9 118 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bcebbf86d5b8d8c3a89b7424f325b569f3cf31dfbaf91d572ee4082a1cb86d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 17C9 116 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f72acfcc66ffd0fb53bb226a3f63d79f6d48203144e47bfb645b1349bf650dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 17C9 116 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef0ce5747cac2048906e0e18ca286a98e876ba40e540d603e3ffc405fa874a5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 17C9 116 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c87fdb248b9add429ba22d51b827dc77828eefcf44c7f043076ffc6f81f1b290

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 17C9 116 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2782139065cd3b47ea6e65a342353c333cc7c3a63d242f0e6f45447387ea890

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 17C9 116 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b84c497fe6a4ee0b6fecbcf7149644ccde18f18647ceaeb24e37f7ae6e45e765

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 17C9 118 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecd886ac9c2867aa3f582fa6e1ac3b7b751d181bcb214b173b0f78f8c1172f32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 17C9 118 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 127642a52440a2fa1b0dba78acdddfa3518625529e99f9260f64f99e1dc46bdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 17C9 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4be0b4980d1b17b006441d50825b8f2bb09c1a14bace512f6fc6b384f0a47056

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 17C9 120 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0f6263b2f553f08bd9eaad2cbb321be3c54c47e0999ec73832ebb5f61487a8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 17C9 116 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2d771f042068b9a71ad3ec6514bee89676e852c026c1c4c83e2aea8251b9d89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 1589 55 KB
18 KB 40ms
40ms Script
application/javascript 2600:9000:236e:5e00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=36dbcdc
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=36dbcdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5e00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7218e5652bc0ac45f61f9cbef3f1c7fa69b72bbd6163310289248767d6c73f25

Request headers

Referer
Origin: https://uk.phishingtackle.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 17:31:03 GMT
content-encoding: gzip
age: 2827
x-cache: Hit from cloudfront
content-length: 17961
access-control-allow-origin: *
last-modified: Wed, 16 Feb 2022 15:45:58 GMT
server: AmazonS3
etag: "3b48508d22ceabb387c51d52f32c10db"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: iOUaNUhbLqFVUyJwexgoAhvrdrPelFQw8LG1Qf5wD9gMr7gvb3YDQQ==

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v26/ Frame 17C9 31 KB
31 KB 41ms
17ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v26/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,500,600,700&subset=latin-ext,cyrillic,cyrillic-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://announcekit.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:20:52 GMT
x-content-type-options: nosniff
age: 97038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31248
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:37:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 15:20:52 GMT

GET
H2 200 app.51149f0e.css
tools.luckyorange.com/messenger/css/ Frame 1589 6 KB
2 KB 19ms
18ms Stylesheet
text/css 2600:9000:236e:5e00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/messenger/css/app.51149f0e.css
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5e00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87365b52e61ce1f1e536bc9d68df10c54806618a91165bfec69a25c2e65ddacd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 16:43:45 GMT
content-encoding: gzip
last-modified: Thu, 17 Feb 2022 16:43:30 GMT
server: AmazonS3
age: 5666
etag: "2eec34d69660ac29976523d6c79d37ef"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 1478
x-amz-cf-id: 2SfvuCxjjzSz8D05wWASMFRtD6sK6HEk43uCQrY6iSoY2aL94hX3oA==

GET
H2 200 chunk-vendors.f7467ed3.css
tools.luckyorange.com/messenger/css/ Frame 1589 497 B
591 B 19ms
19ms Stylesheet
text/css 2600:9000:236e:5e00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/messenger/css/chunk-vendors.f7467ed3.css
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5e00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac9859cce1a917e02aed963bf1351b847bd893cab6229204f03af99d71713048

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 16:43:45 GMT
content-encoding: gzip
last-modified: Thu, 17 Feb 2022 16:43:30 GMT
server: AmazonS3
age: 5666
etag: "33cc0e352cc89ef8f4b327f30fb0d595"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 236
x-amz-cf-id: W92ZfPnqoDaedKk_irPwHlhEh-qtCDcRLYWZf_y_hxRTNNe0srKHYw==

GET
H2 200 app.42178609.js Show response
tools.luckyorange.com/messenger/js/ Frame 1589 123 KB
28 KB 24ms
24ms Script
application/javascript 2600:9000:236e:5e00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/messenger/js/app.42178609.js
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5e00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ce6bec373e347d185f14c2bded5d32a7db1ccea2a99de56eee0e08aa991c015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 16:43:43 GMT
content-encoding: gzip
last-modified: Thu, 17 Feb 2022 16:43:30 GMT
server: AmazonS3
age: 5667
etag: "ccda4d313957c5dad571081ed828a441"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 28592
x-amz-cf-id: SYtBI9QSecGzzVt2__NsxZ2E7biS9E8mUOVH7OYnKdCDUBmj9RTZhA==

GET
H2 200 chunk-vendors.bf0111d3.js Show response
tools.luckyorange.com/messenger/js/ Frame 1589 927 KB
289 KB 40ms
39ms Script
application/javascript 2600:9000:236e:5e00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/messenger/js/chunk-vendors.bf0111d3.js
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5e00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba9aae6907c90869c00ccfcac544368f2fbb39a2603e6c1e81d92803ff0132a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 16:43:45 GMT
content-encoding: gzip
last-modified: Thu, 17 Feb 2022 16:43:30 GMT
server: AmazonS3
age: 5666
etag: "4b565aeed2106e2bb4324e8b87c771ec"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 295693
x-amz-cf-id: NokrssHN_nAGDupIlKmsW7C1N5dRGq3c4jzBbctuTmJqwRhzegtUEw==

POST
H/1.1 200
OK NDAyMnwxNTU0fExPQUQ=
announcekit.app/s/ Frame 17C9 2 B
293 B 107ms
107ms Ping
text/plain 52.45.223.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://announcekit.app/s/NDAyMnwxNTU0fExPQUQ=

Requested by

Host: cdn.announcekit.app
URL: https://cdn.announcekit.app/bfd6426d106ea6c52c9b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.223.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-223-153.compute-1.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://announcekit.app/widget/ksLEQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 17 Feb 2022 18:18:10 GMT
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
Content-Type: text/plain; charset=utf-8
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2
X-Content-Type-Options: nosniff

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 17C9 49 KB
20 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127273791-4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://announcekit.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 798
date: Thu, 17 Feb 2022 18:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 17 Feb 2022 20:04:52 GMT

GET /
public-auth-dot-lucky-orange.appspot-preview.com/ Frame E6A3 0
0

OPTIONS /
public-auth-dot-lucky-orange.appspot-preview.com/ Frame 0
0

GET /
public-auth-dot-lucky-orange.appspot-preview.com/ Frame E6A3 0
0

OPTIONS /
public-auth-dot-lucky-orange.appspot-preview.com/ Frame 0
0

GET
H2 200 36f1f3
hello.myfonts.net/count/ Frame 1589 0
353 B 193ms
64ms Stylesheet
text/css 2606:4700::6811:f449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/36f1f3
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:10 GMT
server: cloudflare
age: 1
expect-ct: null
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6df104474a125c50-FRA
content-length: 0
expires: Fri, 17 Feb 2023 18:18:10 GMT

GET
BLOB 200
OK 63174f78-b561-4eda-94dc-831944d335cb
https://uk.phishingtackle.com/ Frame E6A3 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://uk.phishingtackle.com/63174f78-b561-4eda-94dc-831944d335cb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 0

GET
BLOB 200
OK a09c0656-0545-484a-b65a-43da843921ad
https://uk.phishingtackle.com/ Frame E6A3 22 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://uk.phishingtackle.com/a09c0656-0545-484a-b65a-43da843921ad
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa08c6950c457a969f6339da91c3228b327d7e20089ffe4d10ed9427b953f3a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 22873

POST
H3 200 search Show response
api-preview.luckyorange.com/conversations/threads/ Frame 1589 21 B
37 B 155ms
134ms XHR
application/json 34.107.203.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-preview.luckyorange.com/conversations/threads/search
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/js/chunk-vendors.bf0111d3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 89d6f64fc4b6b092d092522cfbfcdcb2c6df75832018868995c3b3422ee1c68e

Request headers

Accept: application/json, text/plain, */*
Referer: https://uk.phishingtackle.com/
X-Lucky-Site-Id: 178640
Accept-Language: de-DE,de;q=0.9
X-Lucky-Uid: 178640-1645121889631-1fbc6e03d45e79dc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Feb 2022 18:18:10 GMT
via: 1.1 google
server: envoy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21

GET
H2 200 web-widget-framework-c89f2cabb37233fdb333.js Show response
static.zdassets.com/web_widget/latest/ Frame 6051 213 KB
72 KB 47ms
46ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-c89f2cabb37233fdb333.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ffecb1e6-96f3-4120-8a85-053cb5218518

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c3528d7c3fc1dcf0ffb18f9bad12de877334a9143a98ca4edfe4c384868ef81

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2029700
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 9CFJ829A33SZJGZZ
x-amz-id-2: kFxTmxKyG3Bicg0JemiuuUQqGsf2NFBhZyscqMwAlO+Tc2vRPwySn0hmyB3NiS4CWpLIuXLV5WY=
last-modified: Tue, 25 Jan 2022 04:20:33 GMT
server: cloudflare
etag: W/"07f736414b4afbaf946155a83d61d028"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7dcNJL9%2BTDbbFJ%2FJsw%2FF%2BaFl1mKbEX6bTclZMxolBw59IOTXBVolzMIaMMpW5vToDM%2BtNtaw%2F71DHH1uF%2Faz8N%2Ff%2FtXw85zke9wv2aQJAM8k42ekqGV1eG8fCTNPbgxaWCzywo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: dywnCC8TpUq2b0hlNLQJnewfpKCUrY76
cf-ray: 6df10446cc655b4a-FRA
expires: Wed, 25 Jan 2023 04:20:32 GMT

GET
H2 200 web-widget-chat-sdk-58987df92c8073e96c0f.js Show response
static.zdassets.com/web_widget/latest/ Frame 6051 203 KB
52 KB 63ms
63ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-58987df92c8073e96c0f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ffecb1e6-96f3-4120-8a85-053cb5218518

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6cd361fc4dd2ddf8db6c3ea7d3e8e62d38832bd9336e595aafa4abcd024b1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9129795
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: SRPDF78JQN9K987N
x-amz-id-2: PEl9lKzd3xQBnF8++H9gRI2BXBi3HU1KY8BrDImkmUw4yzZkDZUtI7aewa61A51qimgCchW7/2w=
last-modified: Wed, 03 Nov 2021 23:49:38 GMT
server: cloudflare
etag: W/"f4e9b6a21f729895e00473e7f3947ed7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qY6CEC7E6PXhrnB7WYmCw2xl06UzJRwILSBNAzP2PcjLFwqMPz85Ss9oG5zgeqyUFxa6q5yoxx160Uz0MjEJDS9lMGGUZnDymaYEzoULsx%2BAoF2FDabDtbQLfXlWfdphVIF4n7E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: VCxuCJi40dVya7RnPTXVZ9S02BueApP5
cf-ray: 6df10446cc745b4a-FRA
expires: Thu, 03 Nov 2022 23:49:37 GMT

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 6051 55 KB
18 KB 24ms
24ms Script
application/javascript 2600:9000:236e:5e00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=36dbcdc
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=36dbcdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5e00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7218e5652bc0ac45f61f9cbef3f1c7fa69b72bbd6163310289248767d6c73f25

Request headers

Referer
Origin: https://uk.phishingtackle.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 17:31:03 GMT
content-encoding: gzip
age: 2828
x-cache: Hit from cloudfront
content-length: 17961
access-control-allow-origin: *
last-modified: Wed, 16 Feb 2022 15:45:58 GMT
server: AmazonS3
etag: "3b48508d22ceabb387c51d52f32c10db"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: b9NHFfDtWmOv8MhKYb0jMbe8EDjVHTeHUb7RYbWd8uPGHPXfTH4BsA==

OPTIONS
H2 204 search
api-preview.luckyorange.com/conversations/threads/ Frame 0
0 249ms
136ms Preflight 34.107.203.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-preview.luckyorange.com/conversations/threads/search
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-lucky-site-id,x-lucky-uid
Origin: https://uk.phishingtackle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id
access-control-max-age: 86400
date: Thu, 17 Feb 2022 18:18:10 GMT
x-envoy-upstream-service-time: 1
server: envoy
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 config Show response
phishingtackle.zendesk.com/embeddable/ Frame 6051 807 B
1 KB 240ms
191ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phishingtackle.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c89f2cabb37233fdb333.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcd498093ce849e2f54e14bf4d498b056c13fe4d50d4bc1302d6c7607b3a3054

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:10 GMT
x-envoy-decorator-operation: embeddable.embeddable.svc.cluster.local:80/*
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-5d78c4f5b8-c76h4
x-envoy-upstream-service-time: 3
zendesk-api-version: 2022-01-01
access-control-allow-methods: GET
content-encoding: br
vary: Origin, Accept-Encoding
x-cached: MISS
x-request-id: 6df10447c9f492a8-FRA
x-runtime: 0.001771
last-modified: Thu, 17 Feb 2022 14:40:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXva0fEng82Ej8QwA%2FhyTm6VSSzCfk5uIp5G8fJ95eDcfNc2a6IAVa1kAG1TetQUDucS4fCkv8PKWfHNWLQcEcoiL7I3fX2HErokMWj6kedE2DI5rnsx%2FvJ3EpoZBdVtNK9N4ZmGPZUkOH3y"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6df10447c9f492a8-FRA

GET
H2 200 web-widget-39900-bad8471d2b7add37a93f.js Show response
static.zdassets.com/web_widget/latest/ Frame 6051 372 KB
114 KB 80ms
80ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-39900-bad8471d2b7add37a93f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c89f2cabb37233fdb333.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96591385347da42e5d589f3b5c307dbdca2da4cd12a78b46d01126526258ac81

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2052192
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: P7AN881A56HPF5NJ
x-amz-id-2: bYNrt8B0ncTBlG11rIJSKckCCpOR1h+Dz3FiWGLrz9LpYXnt1CkAwoyzp5SbeApSVLhDsf8P6RM=
last-modified: Mon, 24 Jan 2022 04:12:32 GMT
server: cloudflare
etag: W/"f529f07bc9a9b52c28c54dfb5ac3d537"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRx%2BhqqBzpUkID7JcsCTRQiNHTqb1q4pc1OIOgFfh0EWIFJc9s1b8VlH6egEUMMiGbVl3rW6rCO6YnEW045YbiC2r8yLGp6dppqn87jsn9AE92kJOaVHFdE%2BRSgHMGvjUVFa9SI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: U.U8t2om1Wk2j0FJhlB2GZVi9MjPm65A
cf-ray: 6df10449087a5b4a-FRA
expires: Tue, 24 Jan 2023 04:12:31 GMT

GET
H2 200 web-widget-82496-589058dacc8ab84d7796.js Show response
static.zdassets.com/web_widget/latest/ Frame 6051 85 KB
23 KB 43ms
43ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-82496-589058dacc8ab84d7796.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c89f2cabb37233fdb333.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a80319212460370537c57e56631f448aff106ecf74ee7a92f15391fcd48def00

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2078408
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: DJ8RPVSRX6SG1B1Y
x-amz-id-2: VXZijwL4wmG2CLNbohFjUffCeKKLmC1UMJkb6wXATJJbiQrzW/4UTp3b0lr0ToAY+6TAPnmhXTY=
last-modified: Mon, 24 Jan 2022 04:12:32 GMT
server: cloudflare
etag: W/"a578a65dad91fe91cb0130ffd39b46ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMJEyZEwPUVFrVrUO8KWdsH42RX2sNFcX45mTu%2FeOQn%2BU%2BGoO28GTY55rjRTLu2XqVGXy%2FK1M9e16pwCb5BOKIgLWPftRN9N%2BjyeTA5rPChYRhTcjanAQSOXrXt9A047HuecECI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: TtqqJ9lt1MGbEAE088_sTpY9l1HeJnB.
cf-ray: 6df10449087c5b4a-FRA
expires: Tue, 24 Jan 2023 04:12:31 GMT

GET
H2 200 web_widget-24755e48c6465f6effb4.js Show response
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame 6051 443 KB
98 KB 46ms
46ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-24755e48c6465f6effb4.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c89f2cabb37233fdb333.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99321bf34bd251b2f1a9305fafa1fae90d79c0f5b6382db1895dd07539e09f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2029699
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: NJM6RYHKFXQKNVZQ
x-amz-id-2: /2VC6c3zy8p/qo9kk8QZIEv2W9FVtHW2fOv/U28YOLuXxYS7JbBfZLUK5eItrR3uLMLsG6436xI=
last-modified: Tue, 25 Jan 2022 04:17:15 GMT
server: cloudflare
etag: W/"f4dd62c995679447c24373adce772b94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ck7oko6LG1D%2B6qf5WmLXari9HgeberRrwdmJi7HWNose%2BLSh0jl254jZs85737X7z1oKu%2FSQ676RRbQC4DBSsCt7%2BtRoz123JvoOfv3m1Gjp94qks5i%2FZrdHBuswZ53d7SI%2BA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: PHB9QHX8JgMh7_7HoKvB5bAtqfqG_cZT
cf-ray: 6df10449087d5b4a-FRA
expires: Wed, 25 Jan 2023 04:17:14 GMT

OPTIONS
H3 204 178640-1645121889631-1fbc6e03d45e79dc
api-preview.luckyorange.com/visitors/ Frame 0
0 127ms
127ms Preflight 34.107.203.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-preview.luckyorange.com/visitors/178640-1645121889631-1fbc6e03d45e79dc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lucky-site-id,x-lucky-uid
Origin: https://uk.phishingtackle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate
access-control-max-age: 86400
date: Thu, 17 Feb 2022 18:18:10 GMT
x-envoy-upstream-service-time: 1
server: envoy
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET 178640-1645121889631-1fbc6e03d45e79dc
api-preview.luckyorange.com/visitors/ Frame 1589 0
0

GET
H2 200 embeddable_blip Show response
phishingtackle.zendesk.com/ Frame 6051 0
376 B 150ms
149ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phishingtackle.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTguMC40NzU4LjgwIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiJhYzMzZDdmNzViNGU0ZGVmYmJjMDI3ODM4MjBhNTg5MyIsInN1aWQiOiIzMmZlNGRjMzg1Zjk0ZjUyOWU0YzIyYWEzNTIxMjhjNSIsInZlcnNpb24iOiIzMWU0MWNiIiwidGltZXN0YW1wIjoiMjAyMi0wMi0xN1QxODoxODoxMC44NThaIiwidXJsIjoiaHR0cHM6Ly91ay5waGlzaGluZ3RhY2tsZS5jb20vQWNjb3VudC9Mb2dpbj9SZXR1cm5Vcmw9JTJGIn0%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c89f2cabb37233fdb333.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:10 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: e4b9965d1a484a75571709e5f24f11c6
last-modified: Thu, 17 Feb 2022 18:18:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aR5k8XoapoIYzx0SUDVqePXpK5V%2F%2BnTzr%2F%2FmKA6JoRLpneQ6SAL0EQT3P57nL22IykUuMvstP8qwC3ZtiEBE2jomsiSHZVpgzfT1g3DQp9Wqzo4H6l47k251RJf0OBYMsw8Ml%2FGVvypGbOd6"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://uk.phishingtackle.com
accept-ranges: bytes
cf-ray: 6df10449eead92a8-FRA

GET
H2 200 de-de-json-0e7b9ae3b696a34b6d22.js Show response
static.zdassets.com/web_widget/latest/web-widget-locales/classic/ Frame 6051 28 KB
7 KB 51ms
51ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-locales/classic/de-de-json-0e7b9ae3b696a34b6d22.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c89f2cabb37233fdb333.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

718e063364ba1c53900110e423987619a8227e1c877c360913658aa88c451c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2244546
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: DGZX0HG1GF2TX6XE
x-amz-id-2: xRH0yzn24MRLX4O4LI/+qBei7hHkYzn461O1xII6j42IRpyCRdyJoSd7qWKta7xQGeMDZY75INE=
last-modified: Fri, 21 Jan 2022 07:16:21 GMT
server: cloudflare
etag: W/"8fc7b388e5d1886d801f856533dc1ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2B3iWfSvbJ5DjwQCVT6kf9sTrvke9S9%2FMmyQS3o2QpilDu0IJpjIQUpdCIbyLduoEOXP3OCV3PBbXaz2NOxqZohkd7XKoFVhfDzHKhVWXcZC0lrKnx%2BY2GSpssgMz%2BY07%2B2erqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: hHFIbGqAWyrZsUfWlp2vgfJZV4diU5Ks
cf-ray: 6df10449fa195b4a-FRA
expires: Sat, 21 Jan 2023 07:16:20 GMT

GET
H2 200 lo-symbol.f1058a7b.svg
tools.luckyorange.com/messenger/img/ Frame 1589 955 B
1 KB 18ms
18ms Image
image/svg+xml 2600:9000:236e:5e00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tools.luckyorange.com/messenger/img/lo-symbol.f1058a7b.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5e00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91be5e51e61355ad3d0437321595ef56d38ffb0ecd30fdc1482ecb071d18c1c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uk.phishingtackle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 16:43:47 GMT
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
last-modified: Thu, 17 Feb 2022 16:43:31 GMT
server: AmazonS3
age: 5664
etag: "f1058a7b7f925134ff12e90f30b6927b"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 955
x-amz-cf-id: qcgvxU6PLN_bTCZgYQgXVuApHMLZS-L19KqJ4ysIuOJBUgILlkZlFQ==

GET
H2 200 embeddable_blip Show response
phishingtackle.zendesk.com/ Frame 6051 0
436 B 161ms
160ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://phishingtackle.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly91ay5waGlzaGluZ3RhY2tsZS5jb20vQWNjb3VudC9Mb2dpbj9SZXR1cm5Vcmw9JTJGIiwidGltZSI6OTUsImxvYWRUaW1lIjo2My4zOTk5OTk2MTg1MzAyNywibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IlBoaXNoaW5nIFRhY2tsZSIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MS4wLCB1c2VyLXNjYWxhYmxlPW5vLCBtaW5pbXVtLXNjYWxlPTEuMCwgbWF4aW11bS1zY2FsZT0xLjAiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6ImFjMzNkN2Y3NWI0ZTRkZWZiYmMwMjc4MzgyMGE1ODkzIiwic3VpZCI6IjMyZmU0ZGMzODVmOTRmNTI5ZTRjMjJhYTM1MjEyOGM1IiwidmVyc2lvbiI6IjMxZTQxY2IiLCJ0aW1lc3RhbXAiOiIyMDIyLTAyLTE3VDE4OjE4OjEwLjk1M1oiLCJ1cmwiOiJodHRwczovL3VrLnBoaXNoaW5ndGFja2xlLmNvbS9BY2NvdW50L0xvZ2luP1JldHVyblVybD0lMkYifQ%3D%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c89f2cabb37233fdb333.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: 85d262c704e86c145b3bd57bf6d4490d
last-modified: Thu, 17 Feb 2022 18:18:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UTcoyJxwjCv9wchZKS8NSZtLSzcqZ%2FRoQsRua%2FkNOCPFnBjv9mAndTlilkxP1MJmNtNo0rewZQ6uP8qfiNMQwgHdfxH35xZl6ihxJegNKyLy1xpo%2B7MXJAfv2UsirudQRXc%2FxAzWm6dHkAL"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://uk.phishingtackle.com
accept-ranges: bytes
cf-ray: 6df1044a7ffd92a8-FRA

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 8EBB 55 KB
18 KB 25ms
25ms Script
application/javascript 2600:9000:236e:5e00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=36dbcdc
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=36dbcdc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5e00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7218e5652bc0ac45f61f9cbef3f1c7fa69b72bbd6163310289248767d6c73f25

Request headers

Referer
Origin: https://uk.phishingtackle.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 17:31:03 GMT
content-encoding: gzip
age: 2828
x-cache: Hit from cloudfront
content-length: 17961
access-control-allow-origin: *
last-modified: Wed, 16 Feb 2022 15:45:58 GMT
server: AmazonS3
etag: "3b48508d22ceabb387c51d52f32c10db"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: hH3zDSwk6U5fQwmzjMG_qQO3f60xmZJTPFSCl_MwBaApXmxpcC2m-g==

GET
H2 200 web-widget-chat-incoming-message-notification-abe0508c4615c51b9efb.js Show response
static.zdassets.com/web_widget/latest/ Frame 6051 337 B
730 B 63ms
62ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-chat-incoming-message-notification-abe0508c4615c51b9efb.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c89f2cabb37233fdb333.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

835b428abb7dc757393b5c89290221036dcace94b53de6d0e8e990b44cc633a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2316713
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: FPSWDN5ECX86NZDE
x-amz-id-2: FKaMYeUt7gnNITQN2iPxGpvWyBM/Bc2gLIjAnUe9Vw3bsiLdo+3+jDtmaTsJqOIzdDW1Lc9Uup0=
last-modified: Fri, 21 Jan 2022 07:18:47 GMT
server: cloudflare
etag: W/"a7069caa3d0c66a01d617c556d15afe7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkxRpkNNs%2BhVwEFy4P9lD3DnPCxqSYPjWh0%2Bpm2FzZgQOvUUsUM5niaMSqaoGckv%2Bxr81HvDoBgL4wSLvhtAO%2BUdMlx1kmr14KswWTo0KK3PRABK%2FiCVIvjtl0c6lme5Qgx5Gmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 3WTVap3d_MdSW8gW5EXQD5z6__HrzQfU
cf-ray: 6df1044c9f2e5b4a-FRA
expires: Sat, 21 Jan 2023 07:18:45 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/ Frame 6051 19 KB
20 KB 35ms
35ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 17 Feb 2022 18:18:11 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2050711
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
x-amz-request-id: 7YCCNF5Z25VZ2DX5
x-amz-id-2: iNg87tjTEmp/itf4oBWqd+52h65S/kZnGB0dsSxvZvqpdw2lYTBRIFYCnWOpfxZ9S350htOj1V8=
last-modified: Mon, 24 Jan 2022 04:14:01 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKnimNzSWKzRhrOX3obtaKTRKaCR2djrYEznB%2BkeJYgnwJWH9869T9xjhzA8mm17naD7kfw3vBr14DEnUTlatZo%2FqsLTsj8D7JHfchP36lVogQazgWaOkEgI2zT7%2FNtAAFcyj%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: cWnOUGGslMeh.ZN.Z1HsEv7BhopxinZr
Content-Length: 19698
cf-ray: 6df1044d0fcb5b4a-FRA
expires: Tue, 24 Jan 2023 04:14:00 GMT

GET /
public-auth-dot-lucky-orange.appspot-preview.com/ Frame E6A3 0
0

OPTIONS
H2 502 /
public-auth-dot-lucky-orange.appspot-preview.com/ Frame 0
0 18ms
18ms Preflight
text/html 2a00:1450:4001:810::2014

General

Check archive.org

Show headers Download Go to

Full URL: https://public-auth-dot-lucky-orange.appspot-preview.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2014 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://uk.phishingtackle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 332
date: Thu, 17 Feb 2022 18:18:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: uk.phishingtackle.com
URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2Ferrors%2F404

Domain: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/frame.js?v=36dbcdc

Domain: public-auth-dot-lucky-orange.appspot-preview.com
URL: https://public-auth-dot-lucky-orange.appspot-preview.com/

Domain: public-auth-dot-lucky-orange.appspot-preview.com
URL: https://public-auth-dot-lucky-orange.appspot-preview.com/

Domain: public-auth-dot-lucky-orange.appspot-preview.com
URL: https://public-auth-dot-lucky-orange.appspot-preview.com/

Domain: public-auth-dot-lucky-orange.appspot-preview.com
URL: https://public-auth-dot-lucky-orange.appspot-preview.com/

Domain: api-preview.luckyorange.com
URL: https://api-preview.luckyorange.com/visitors/178640-1645121889631-1fbc6e03d45e79dc

Domain: public-auth-dot-lucky-orange.appspot-preview.com
URL: https://public-auth-dot-lucky-orange.appspot-preview.com/

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
uk.phishingtackle.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.EsQdNaD2jrA Value: CfDJ8M-3qgOBhX5Pni5JSGzLFZKe7IpO7FEig-7Zq67Lso6sKagTojc0irQ8DCMjJc5ycfPzLqwuTj2KSRA_J5YeiO_wMsrxGmSmgSxsPrqNqqNtZX4C1zEyDxoqcvmc57_0v2NYPbd-Ss0ESUCuP2NrVBQ
.phishingtackle.com/	1970-01-20 18:29:53	Name: _ga Value: GA1.2.590912427.1645121889
.phishingtackle.com/	1970-01-20 01:00:08	Name: _gid Value: GA1.2.1294851216.1645121889
.phishingtackle.com/	1970-01-20 00:58:41	Name: _gat_gtag_UA_127273791_4 Value: 1
prism.app-us1.com/	1970-01-20 01:41:53	Name: prism_223916723 Value: 60f813ae-0759-44e4-9041-292d6ea3fab1
.phishingtackle.com/	1970-01-20 18:29:53	Name: lo-uid Value: 178640-1645121889631-1fbc6e03d45e79dc
.phishingtackle.com/	1970-01-20 18:29:53	Name: lo-visits Value: 1
.myfonts.net/	1970-01-20 00:58:43	Name: __cf_bm Value: zUzq2rEckjGtuWzlLEYtFVOAWBdqc3tETkmQed685ps-1645121890-0-AVIcigk24fd4U1MDqch+qKJk54FYeee70ZZUF3K1+Pkv+Wo9RdblIqk0ZVYVtVh6t7xe7BPRCjoUrex4hMDGV+k=
widget-mediator.zopim.com/	1970-01-20 01:08:46	Name: AWSALBCORS Value: f5pVmtxk4Pgryh9ru1GXqybLAjTUsh2sfjVhxG9IBPYbHHBLTlfhfwdA5y5IwvvbSqhxkb44CEbQk2CXG09I/NldM6h31dqqSTv7wpPAxNeHwuejFhDqK9Zqp2O7
.phishingtackle.com/	1970-01-20 09:44:17	Name: __zlcmid Value: 18akiKQ05v45ZuF

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2F Message: Refused to apply style from 'https://uk.phishingtackle.com/Account/Login?ReturnUrl=%2Ferrors%2F404' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
javascript	error	URL: about:blank Message: Access to fetch at 'https://public-auth-dot-lucky-orange.appspot-preview.com/' from origin 'https://uk.phishingtackle.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://public-auth-dot-lucky-orange.appspot-preview.com/ Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

announcekit.app
api-preview.luckyorange.com
cdn.announcekit.app
cdn.phishingtackle.com
diffuser-cdn.app-us1.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
hello.myfonts.net
phishingtackle.zendesk.com
prism.app-us1.com
public-auth-dot-lucky-orange.appspot-preview.com
settings.luckyorange.com
static.zdassets.com
tools.luckyorange.com
uk.phishingtackle.com
www.google-analytics.com
www.googletagmanager.com
api-preview.luckyorange.com
public-auth-dot-lucky-orange.appspot-preview.com
tools.luckyorange.com
uk.phishingtackle.com
104.16.53.111
104.18.72.113
2600:9000:223e:ee00:14:603f:d780:93a1
2600:9000:236e:5e00:18:6c16:27c0:93a1
2606:4700:20::681a:74a
2606:4700:20::ac43:44bd
2606:4700::6811:915b
2606:4700::6811:f449
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::2014
2a00:1450:4001:813::2008
2a00:1450:4001:830::200a
34.107.203.234
52.45.223.153
039e6f9ddc5dbdaa381e513914c9a19dec100158b66627de60163251838bd939
058e933eb29ed4ee0977081dcbe7fe8cbebd43473ace317ed422d5cd894106a0
09739bc894421fa1aab6c9aa1aed5eaffc891f8bcf9afc520471b37ed0732bc8
0e40e8e25b74aee012e7ec574146ec22260ea9b42c0d6f6a56026d57355e4a71
12164f634c6ad5f201e72f53630dcc31eded948c614bebf2e1e12da4e595d443
127642a52440a2fa1b0dba78acdddfa3518625529e99f9260f64f99e1dc46bdd
13846fe607c38d2780c681a6c13eceaea42896ccbce30c2d4d180a369dcf4dd5
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
1bd1de38f41701df38f9ac4ddbfdfb6d085bda7152dcc10d4a80575b5a25907d
1fb5bdf552db295a96ea4b5c90679159db62417fb69fe0b57792e57daf79cfd9
214597c48814bc185e0ca497c6d5fc023f6f5f1944f14b55a6679b09c2b2462d
26aa3c37c39218cc9d91b731423f199532880055e9f795502fdebdb8dc345cc7
2bcebbf86d5b8d8c3a89b7424f325b569f3cf31dfbaf91d572ee4082a1cb86d5
32edc7e7194ff0136884fe7ffbfb71364ea9d13bcde6e14a4c6ac0acdb1153b1
37582352e95551af14b373409783c26963871b25ed7f8e0caed7651870114dd9
3c00b4d34cae1edefc9eccc9d913b43a20ccbbfb8bccf2d19584e4f09dc03b5d
3ce6bec373e347d185f14c2bded5d32a7db1ccea2a99de56eee0e08aa991c015
44385dda102c332f572f463df6a9b61f0367e3d24a16986ea113b94ccce046de
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
49206156dd8aa04aecd0b46ac28d602bca91349b17c277ddea5197294b1dd205
499e610fe01553d12a8ab46a841c13f303c595efb2e6a75ed7d6abaf74dbffb3
4be0b4980d1b17b006441d50825b8f2bb09c1a14bace512f6fc6b384f0a47056
4c3528d7c3fc1dcf0ffb18f9bad12de877334a9143a98ca4edfe4c384868ef81
4eb3d539dd1a33f6b36a83cebe63c9bae149933824859089389bd8b24865768c
52b16dff60dc2c4ac1b03da4dc342303a0288428c38fba5faf190949f0b8ffc0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f72acfcc66ffd0fb53bb226a3f63d79f6d48203144e47bfb645b1349bf650dd
718e063364ba1c53900110e423987619a8227e1c877c360913658aa88c451c4d
7218e5652bc0ac45f61f9cbef3f1c7fa69b72bbd6163310289248767d6c73f25
727e27ebc8e4331236036637ca5336407f2e6fcf80485cd208abb8b1f521897e
815efa425a02e708635eac11831434c5bf9222c8d05f1bb635ff94579b6fc3eb
835b428abb7dc757393b5c89290221036dcace94b53de6d0e8e990b44cc633a5
83ed189d053a298d2232a3101176adfafa9005ddbe4c3a644824f8c71b348caa
87365b52e61ce1f1e536bc9d68df10c54806618a91165bfec69a25c2e65ddacd
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89d6f64fc4b6b092d092522cfbfcdcb2c6df75832018868995c3b3422ee1c68e
8e6aca61ef7ae907707da4e2eab6e98cd4b3d80e0996adaee6b3fcb627ee5a1f
91be5e51e61355ad3d0437321595ef56d38ffb0ecd30fdc1482ecb071d18c1c0
95ee94a3ec5efa4fc6c8f262fe42db422609ff1800a64c07d67689b94c6b9c24
96591385347da42e5d589f3b5c307dbdca2da4cd12a78b46d01126526258ac81
97c1b376bcc5a8505a951885266ef217526fddc85ba12838898c03686bcc11d9
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
99321bf34bd251b2f1a9305fafa1fae90d79c0f5b6382db1895dd07539e09f45
9b031aa7b5053cd268ef6c49258289fe930d13e86fb7ecb0c2da0e58ceac12f8
9d55b01b9481e2a0d31136c3cf03f2b3d335e426650b4bf42d7f8cd693690948
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6cd361fc4dd2ddf8db6c3ea7d3e8e62d38832bd9336e595aafa4abcd024b1ce
a80319212460370537c57e56631f448aff106ecf74ee7a92f15391fcd48def00
a84e8f3d0288dbe8b463df35a06c4c7e2f10dbde8a5d5c30c7c9c86dc6f6c301
aa08c6950c457a969f6339da91c3228b327d7e20089ffe4d10ed9427b953f3a3
aaf18e515d1f77042b8aa4de9ad94cde2cd48ac04b16b09199f1be935840675f
ab0aa2268abd81792ae7d1e29a1dab42e095ceaef15fdb5869002a8924328e18
ac9859cce1a917e02aed963bf1351b847bd893cab6229204f03af99d71713048
b2782139065cd3b47ea6e65a342353c333cc7c3a63d242f0e6f45447387ea890
b6730d89e58a054c45e43c3d1d599ccaffb7888af825cb38b9e0d99881c1be59
b84c497fe6a4ee0b6fecbcf7149644ccde18f18647ceaeb24e37f7ae6e45e765
ba59dd0af682e6baafff5c428c39b48307e78013c7f2ee017305eea07f6cd1fd
ba9aae6907c90869c00ccfcac544368f2fbb39a2603e6c1e81d92803ff0132a9
bba8691b5c6f6641d3bdbbcb828abef73254c70226a84b00b46e64f0473aee40
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
c0f6263b2f553f08bd9eaad2cbb321be3c54c47e0999ec73832ebb5f61487a8c
c87fdb248b9add429ba22d51b827dc77828eefcf44c7f043076ffc6f81f1b290
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
cc1715101028dac45e4e89f8beed853a7c18bc1ac18fb15c36001856c4289667
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cce81be4c70f826c2a61d818dbe1ee972d0d8e18566573191c15a164e219e2f5
d05cba74be03fdb638c9e8e17f9be79d14e685e580e72016bc7ad98268d46126
d3208cfa5ef112cb02b5c9b160f3f40a75961b113c5de6017416704eadc88999
d341fa525dfc1bd3ef6abdaf50994c06a56d3eff6f822f62f5841e18a6b4b5be
d594ebdd45c31f37e21ee7164815ca56e2146d2fc76ce4775f06cbbc7651d43c
dcd498093ce849e2f54e14bf4d498b056c13fe4d50d4bc1302d6c7607b3a3054
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
e3641a8e964ab16dd13c2cd92803a8430e0f49c897bd31f5a8d3f43d5afb8a80
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc6ec51a0ff2a2c3314e3f98f47c75beb6ca294e70569cdc457a05fe7028d8d
ecd886ac9c2867aa3f582fa6e1ac3b7b751d181bcb214b173b0f78f8c1172f32
ef0ce5747cac2048906e0e18ca286a98e876ba40e540d603e3ffc405fa874a5f
f2d771f042068b9a71ad3ec6514bee89676e852c026c1c4c83e2aea8251b9d89
f4a118e175cfc095472fdf8454d9e65ea707f4c741d2b4d98139fd930058a6d4
fa08d3a92324fea7ba638db05d140fadfbc921a468125871c871ba38f9b2ab85
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

uk.phishingtackle.com Open in urlscan Pro 2606:4700:20::ac43:44bd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

89 %HTTPS

73 %IPv6

12 Domains

18 Subdomains

16 IPs

3 Countries

1572 kBTransfer

5031 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

uk.phishingtackle.com Open in urlscan Pro
2606:4700:20::ac43:44bd Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

89 %
HTTPS

73 %
IPv6

12
Domains

18
Subdomains

16
IPs

3
Countries

1572 kB
Transfer

5031 kB
Size

10
Cookies

88 HTTP transactions
14 data transactions