support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol Open in urlscan Pro
104.243.38.18  Public Scan

Submitted URL: http://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Effective URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On July 26 via api from IT — Scanned from IT

Summary

This website contacted 16 IPs in 4 countries across 17 domains to perform 49 HTTP transactions. The main IP is 104.243.38.18, located in Piscataway, United States and belongs to RELIABLESITE, US. The main domain is support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol.
TLS certificate: Issued by E5 on July 26th 2024. Valid for: 3 months.
This is the only time support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 104.243.38.18 23470 (RELIABLESITE)
2 104.17.25.14 13335 (CLOUDFLAR...)
4 172.217.23.106 15169 (GOOGLE)
1 104.16.80.73 13335 (CLOUDFLAR...)
1 192.243.61.227 39572 (ADVANCEDH...)
1 216.58.206.40 15169 (GOOGLE)
7 188.114.97.3 13335 (CLOUDFLAR...)
1 18.194.180.173 16509 (AMAZON-02)
5 142.250.185.131 15169 (GOOGLE)
9 172.240.127.234 7979 (SERVERS-COM)
2 142.250.185.142 15169 (GOOGLE)
1 45.133.44.3 39572 (ADVANCEDH...)
1 45.133.44.10 39572 (ADVANCEDH...)
1 172.240.108.76 7979 (SERVERS-COM)
1 172.240.108.84 7979 (SERVERS-COM)
49 16
Apex Domain
Subdomains
Transfer
11 phantom.lol
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
197 KB
9 inscribereclaim.com
inscribereclaim.com — Cisco Umbrella Rank: 57063
45 KB
5 creative-bars1.com
cdn.creative-bars1.com — Cisco Umbrella Rank: 13609
39 KB
5 gstatic.com
fonts.gstatic.com
405 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
2 recordedthereby.com
recordedthereby.com — Cisco Umbrella Rank: 8708
55 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
138 KB
1 capaciousdrewreligion.com
capaciousdrewreligion.com — Cisco Umbrella Rank: 13820
392 B
1 hysteriaethicalsewer.com
hysteriaethicalsewer.com — Cisco Umbrella Rank: 55722
469 B
1 cloudimagesb.com
cdn.cloudimagesb.com — Cisco Umbrella Rank: 13358
16 KB
1 barscreative1.com
cdn.barscreative1.com — Cisco Umbrella Rank: 15499
695 B
1 proftrafficcounter.com
proftrafficcounter.com — Cisco Umbrella Rank: 8770
334 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
103 KB
1 highcpmgate.com
pl23231560.highcpmgate.com
13 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
0 arc.io Failed
arc.io Failed
49 17
Domain Requested by
11 support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
9 inscribereclaim.com pl23231560.highcpmgate.com
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
5 cdn.creative-bars1.com pl23231560.highcpmgate.com
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
5 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
pl23231560.highcpmgate.com
2 www.google-analytics.com www.googletagmanager.com
2 recordedthereby.com pl23231560.highcpmgate.com
inscribereclaim.com
2 cdnjs.cloudflare.com support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
cdnjs.cloudflare.com
1 capaciousdrewreligion.com inscribereclaim.com
1 hysteriaethicalsewer.com support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
1 cdn.cloudimagesb.com support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
1 cdn.barscreative1.com pl23231560.highcpmgate.com
1 proftrafficcounter.com pl23231560.highcpmgate.com
1 www.googletagmanager.com support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
1 pl23231560.highcpmgate.com support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
1 static.cloudflareinsights.com support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
0 arc.io Failed support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
49 17

This site contains no links.

Subject Issuer Validity Valid
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
E5
2024-07-26 -
2024-10-24
3 months crt.sh
cdnjs.cloudflare.com
E1
2024-06-02 -
2024-08-31
3 months crt.sh
upload.video.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
cloudflareinsights.com
WE1
2024-07-06 -
2024-10-04
3 months crt.sh
highcpmgate.com
R10
2024-06-19 -
2024-09-17
3 months crt.sh
*.google-analytics.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
recordedthereby.com
WE1
2024-07-06 -
2024-10-04
3 months crt.sh
proftrafficcounter.com
Amazon RSA 2048 M03
2023-11-21 -
2024-12-19
a year crt.sh
*.gstatic.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
inscribereclaim.com
R11
2024-06-29 -
2024-09-27
3 months crt.sh
cdn.barscreative1.com
R10
2024-07-08 -
2024-10-06
3 months crt.sh
creative-bars1.com
WE1
2024-06-13 -
2024-09-11
3 months crt.sh
cdn.cloudimagesb.com
R10
2024-07-20 -
2024-10-18
3 months crt.sh
hysteriaethicalsewer.com
R10
2024-06-29 -
2024-09-27
3 months crt.sh
capaciousdrewreligion.com
R10
2024-07-05 -
2024-10-03
3 months crt.sh

This page contains 3 frames:

Primary Page: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Frame ID: 33A326F3121785B2F252E97DD05EE49F
Requests: 39 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Frame ID: 4FC52F6D7181FF609BCB3FD50D65BDC1
Requests: 6 HTTP requests in this frame

Frame: https://inscribereclaim.com/5e/05/f0/5e05f0069e14bdb1ee01505e74a8e579.js
Frame ID: 6A54620C31217E3645F8070FCD5DD534
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

(1) New Message!

Page URL History Show full URLs

  1. http://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/ HTTP 307
    https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

98 %
HTTPS

0 %
IPv6

17
Domains

17
Subdomains

16
IPs

4
Countries

1023 kB
Transfer

2128 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/ HTTP 307
    https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Redirect Chain
  • http://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
  • https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
8 KB
3 KB
Document
General
Full URL
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Caddy / Express
Resource Hash
c5a7a8955262c3c2163db961b18af97c9eeac48586a52c50d8d1f80ab04f84fb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=0
content-encoding
gzip
content-length
2851
content-type
text/html; charset=UTF-8
date
Fri, 26 Jul 2024 09:36:52 GMT
etag
W/"21c1-18f4571b16c"
last-modified
Sat, 04 May 2024 21:10:29 GMT
server
Caddy
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

Location
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Non-Authoritative-Reason
HttpsUpgrades
widget.min.js
arc.io/
0
0

all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/
82 KB
15 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1349428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14850
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"619c057b-3a02"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZnuVNSGLQNshil13wV4iDixcGwXlT3V%2FxKAMdrGb722mr2RNFJpbpEISSw498jywtL8N%2BWJl3Nbh%2BcYtg98SmW3cjOe0QDfckgI32Z0mPdv9oBkJ6nyTYe%2BYseSTBue5jLiqDBJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a93686f2e6b0d6a-MXP
expires
Wed, 16 Jul 2025 09:36:53 GMT
index.css
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/CSS/
7 KB
2 KB
Stylesheet
General
Full URL
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/CSS/index.css
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Caddy / Express
Resource Hash
3b4c2dd9257f70efceebd0888ca63832fbddb6e9a4582acf07843960ae4d10f7

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:53 GMT
content-encoding
gzip
last-modified
Tue, 16 Apr 2024 22:28:37 GMT
server
Caddy
etag
W/"1d82-18ee906c02b"
x-powered-by
Express
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
alt-svc
h3=":443"; ma=2592000
content-length
1778
css2
fonts.googleapis.com/
14 KB
809 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f10.1e100.net
Software
ESF /
Resource Hash
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jul 2024 09:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jul 2024 09:17:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jul 2024 09:36:53 GMT
beacon.min.js
static.cloudflareinsights.com/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:54 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8a936875cada3751-MXP
themes.js
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/settings/js/
3 KB
849 B
Script
General
Full URL
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/settings/js/themes.js
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Caddy / Express
Resource Hash
b0bad635d8f11c85a8934bd69da460fc9d81526d477596a554b12c41d76f0763

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:53 GMT
content-encoding
gzip
last-modified
Tue, 16 Apr 2024 22:20:48 GMT
server
Caddy
etag
W/"bcb-18ee8ff966b"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
alt-svc
h3=":443"; ma=2592000
content-length
748
uv.bundle.js
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/uv/
658 KB
185 KB
Script
General
Full URL
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/uv/uv.bundle.js
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Caddy / Express
Resource Hash
b226b199ad4e04570aab93f2e964afda3936c47fec41a77aec254ce26ec1154a

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:53 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2024 11:07:26 GMT
server
Caddy
etag
W/"a472e-18f0fc9fadc"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
alt-svc
h3=":443"; ma=2592000
uv.config.js
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/uv/
298 B
347 B
Script
General
Full URL
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/uv/uv.config.js
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Caddy / Express
Resource Hash
bf83978647efcd2a3dbf8d0fa9257c5b18e3b6b4f45d233d119976a269132707

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:53 GMT
last-modified
Tue, 16 Apr 2024 22:20:48 GMT
server
Caddy
etag
W/"12a-18ee8ff9673"
x-powered-by
Express
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
298
register-sw.js
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
699 B
423 B
Script
General
Full URL
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/register-sw.js
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Caddy / Express
Resource Hash
b5fdef9f51bdb9b56e7f4e7749d77bcb6597a0301ead564c6ba9b4a016ac1a1e

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:53 GMT
content-encoding
gzip
last-modified
Tue, 16 Apr 2024 22:20:48 GMT
server
Caddy
etag
W/"2bb-18ee8ff966b"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
alt-svc
h3=":443"; ma=2592000
content-length
373
index.js
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/settings/js/
341 B
395 B
Script
General
Full URL
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/settings/js/index.js
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Caddy / Express
Resource Hash
19d6b3810c0f606b9d7d847180b245d897fcb667d3b9bfc775fa78ff9666f44e

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:53 GMT
last-modified
Tue, 16 Apr 2024 22:20:48 GMT
server
Caddy
etag
W/"155-18ee8ff966b"
x-powered-by
Express
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
341
nowgg.js
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
274 B
346 B
Script
General
Full URL
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/nowgg.js
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Caddy / Express
Resource Hash
11e19bd49b54a09934336612f203c8f6c9bc23ac7da7778c422671fe8ef9ac84

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:53 GMT
last-modified
Sat, 04 May 2024 21:13:11 GMT
server
Caddy
etag
W/"112-18f45742658"
x-powered-by
Express
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
274
css2
fonts.googleapis.com/
2 KB
686 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Comfortaa&display=swap
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f10.1e100.net
Software
ESF /
Resource Hash
dd8eb7cbd3a66f09b1e1c11e75987a9eba498c1ead3fd95f5c59d16bd526d21b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jul 2024 09:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jul 2024 08:40:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jul 2024 09:36:53 GMT
search.js
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
845 B
469 B
Script
General
Full URL
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/search.js
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Caddy / Express
Resource Hash
be2a8bf5db842bb931e40fd680631bf9efc757caaa07982ee782ce3730188c2c

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:53 GMT
content-encoding
gzip
last-modified
Sat, 04 May 2024 21:10:29 GMT
server
Caddy
etag
W/"34d-18f4571b16c"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
alt-svc
h3=":443"; ma=2592000
content-length
419
css2
fonts.googleapis.com/
696 B
877 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,500,1,0
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f10.1e100.net
Software
ESF /
Resource Hash
26d26bd1f0443b3d19c5dfd09c07ca6a22e94fc2df12eaa7e5f466201e19e499
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jul 2024 09:36:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jul 2024 09:36:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jul 2024 09:36:53 GMT
options.js
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
2 KB
763 B
Script
General
Full URL
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/options.js
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Caddy / Express
Resource Hash
562d4d5cb800629b867db8e70e5abf29e425c6649602e7508ed8eb8eab04f3c5

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:53 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2024 11:07:18 GMT
server
Caddy
etag
W/"615-18f0fc9dc39"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
alt-svc
h3=":443"; ma=2592000
content-length
690
4328e5906625dfebca3d9c34182fd950.js
pl23231560.highcpmgate.com/43/28/e5/
28 KB
13 KB
Script
General
Full URL
https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
7d6c3b7ed750fe6b65623199f0ee4c55267b85a5f28ceb0e995ee314f5d3b1be
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Jul 2024 09:36:53 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
X-Request-ID
b14e12ccdfc938d2e1901cacbecc5a3b
Expires
Thu, 01 Jan 1970 00:00:01 GMT
js
www.googletagmanager.com/gtag/
309 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NCTSG4T1B6
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2e1b4025db2fb9c6052c75f4e4be5c785336419ef4faf1cea292731d6522582a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104829
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 Jul 2024 09:36:54 GMT
tab.js
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
15 KB
4 KB
Script
General
Full URL
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/tab.js
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
Caddy / Express
Resource Hash
c5e71da3dbc647b725d8b39fa5bc993ccd311b4102c40ead2f3a764de4ed74c4

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:53 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2024 17:29:18 GMT
server
Caddy
etag
W/"3d10-18f35341a7b"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
alt-svc
h3=":443"; ma=2592000
content-length
3716
sfp.js
recordedthereby.com/
83 KB
28 KB
Script
General
Full URL
https://recordedthereby.com/sfp.js
Requested by
Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:55 GMT
strict-transport-security
max-age=0; includeSubdomains
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
x-request-id
801395f87ae59613237674ad4c3bd75e
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=taMBdkx%2BQYahx2a9q9%2F2w6l7b%2BhPlwP8fa93wTo1dLcmIZGnUAnDlCXFnL4p78XrTK4ULf%2B9LNKkbQ6tDqrchXwbnpEBGKg5b5XgKUk%2BNhEi392Kknrd5Ayww8ttZ08b3Y2fmxKt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, max-age=0, private, no-cache
cf-ray
8a936875de06526d-MXP
expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
proftrafficcounter.com/
40 B
334 B
XHR
General
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.180.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-180-173.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
c74ffdd9e455beec3a98d472d71fa380a4c124f4b9118f4440f3eee2a327a6c9

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
date
Fri, 26 Jul 2024 09:36:54 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
vary
Origin
content-type
text/html; charset=UTF-8
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 15:14:37 GMT
x-content-type-options
nosniff
age
238937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 15:14:37 GMT
kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzazHD_dY43zj-jCxv3fzvRNU22ZXGJpEpjC_1n-q_4MrImHCIJIZrDCdHOej.woff2
fonts.gstatic.com/s/materialsymbolsoutlined/v199/
358 KB
358 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialsymbolsoutlined/v199/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzazHD_dY43zj-jCxv3fzvRNU22ZXGJpEpjC_1n-q_4MrImHCIJIZrDCdHOej.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,500,1,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
30c3ab5eecf524e96f3fc93798befe8da8364ad76b6e12f23fb370d9f99639a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 04:37:31 GMT
x-content-type-options
nosniff
age
277163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
366168
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 15:08:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 04:37:31 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/
122 KB
123 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Origin
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:54 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
140808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
125064
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"619c057b-1e888"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eVfxwO8BGC42ENDPTuVJcec9eQ2y0u0HuB5iWEOGGbrcqg7w2kPNzRnzUCbaYTAQYTV0zmTT1kYcwO6758feRSLYkTLgcnZteTGC5k08CXf%2Fne55nl3NJ4EACWjw%2BaOd69Xb3lTZ"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a936875f89c0f5e-MXP
expires
Wed, 16 Jul 2025 09:36:54 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 07:58:24 GMT
x-content-type-options
nosniff
age
265110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 07:58:24 GMT
sbar.json
inscribereclaim.com/
13 KB
10 KB
XHR
General
Full URL
https://inscribereclaim.com/sbar.json?key=4328e5906625dfebca3d9c34182fd950&psid=CF-3278_sb_1&uuid=16c3ae1a-0224-4c8b-ac7a-5dc72840c9d3%3A3%3A1
Requested by
Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
1024d952b23efe9251f6ee40767394365f433584db062328351a2689d621a3c5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 09:36:55 GMT
Custom-Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
X-Request-ID
f710ce7e30688b02256b89841d0c11e3
Pragma
no-cache
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:01 GMT
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je47o0v9138172222za200&_p=1721986613922&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=160502621.1721986615&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721986614&sct=1&seg=0&dl=https%3A%2F%2Fsupport.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol%2F&dt=Shadow%20Browser&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2544
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCTSG4T1B6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jul 2024 09:36:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1698745413.html
cdn.barscreative1.com/sb/au/1d/fb/94/1dfb9493966adf79edefa60f9dfc84d2/
1 KB
695 B
XHR
General
Full URL
https://cdn.barscreative1.com/sb/au/1d/fb/94/1dfb9493966adf79edefa60f9dfc84d2/1698745413.html
Requested by
Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
b1fdaaf0fe25a6c516cd42c5a318caaa0e87737cad13e9c096e6d5c4aa22b468

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Fri, 26 Jul 2024 10:36:56 GMT
date
Fri, 26 Jul 2024 09:36:56 GMT
content-encoding
gzip
last-modified
Tue, 31 Oct 2023 09:43:38 GMT
server
nginx/1.21.6
etag
W/"6540cc4a-4d6"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
max-age=3600
x-proxy-cache
HIT
ren.gif
inscribereclaim.com/
7 B
733 B
Image
General
Full URL
https://inscribereclaim.com/ren.gif?sid=H4sIAAAAAAAC%2F1xSy4scRRiv3vWBBxW9eFChDyoJZCf9mJ6eMYeQhxuXbHBJIlEQkuqq6tlya7qaqurpzZ6CQclx8OLj1PubbIIaRQ%2BCgorMmtOCkPG0lwX%2FBPGkJ5nN4opfHb7X7yt%2B36%2Fqg81qj0So6K64oDekUvR40gr8I2%2BF4Ql%2FWRbVur%2Fe7VzttI%2F6p8pSiSsiOy%2Fd8SROW3HHP3L%2B9csXlo%2F5Sq4J%2F5xga%2Fqof2bV6IE4HkadVjA7%2FiWaUyMPRiDLr8Ju0gp73VYnaoVRB%2Bvm%2FxVbebDUAx%2FukWch%2BfSp%2B%2FevQbIJisHXZ4Vdc7o89tqgUtRpgyG%2F%2B2axVui6wOAwzI2HvLh7gIa2DxZ%2Fgi629neCHv4LzOSUzD3xDrLizkPqyIbjGYtMQTpk%2FDnUwwmEmkDSCZi%2BCckVGMfSZRSDrSVH1fWHLTprTcljH%2F0AWU%2FJ4%2B9%2FjGLw5TmlM6r8i7pywmA9byDXJ5D9CcpqG25jDrLeBnPvQfJfSaBOzG69IBUtIPnuS2GHxVSEdCGIovZCm3WzBcpSupBwlkbddsB6PN7XRsoJZD6BEiNQO4%2FKeqikhyr3UJUeBnzX7wSUxUmQM5qmQdzL27HohG0RdTPR5bydoGKzHUZw5QhMjcDMDZTmBtbkCKb6GXa1geUerCMY8ga1IKgtQU0JaklQO4J62GxxZSPb3OHKVll44KMDHzdj7fqbdEu7vigIqBnB8Gaz3CPPzAT0rv35LdbErt%2BOo65IekGnEyU8FxmjMe%2BxuB12o5z3kgBW3juzuBBHafeqza6GkHYO1HrYkFPy6om%2FUMopeeHJCBndhlXbYHIetHoRtG5AVxtsFPf62q5SrutWIRy4blC6R%2BCue5tqjzy%2F%2F5wrGy9DsJ2T338ys0%2FBTIPSNHhX%2FkLQV7fGF3VNbl%2FUtSXfvFE6OZAb1EldXHLUifnPz4vrtTZ86awdfXaKzRqz8N5lYd0yLbgs%2BpZ8cVpyLsyiNkyQH5fsFZGtVHb1dGWKqlxeObO4NCiNsFbqYgIqH7z9KJickqf%2F%2Fn3%2F%2Bx774yakmcBUDQbVDjkwSL0NVt6ALQ%2FZW01g1CEmKz3UVTM2UXZYVJJAicOcZg3sf%2FLsMB4bOpumstm0t9A3c6DuJopBg6FpMFQNqBrBVvNjV5qdk7%2FF%2B4ZMzY0zZeZuZ8qoD%2FdFnpKVV76Dlbt%2BmvTSpB2xLIjyVLAoj1jEaRynPdFNgyiBs9N8XKT%2FAAAA%2F%2F8BAAD%2F%2FyCYzjm9BAAA
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Jul 2024 09:36:55 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/gif
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
Content-Length
7
X-Request-ID
9fce90e1292e9dd97e38e08ed20f0c59
Expires
Thu, 01 Jan 1970 00:00:01 GMT
animate.css
cdn.creative-bars1.com/sb/ssp/interstitial/social_box/1/css/
77 KB
5 KB
XHR
General
Full URL
https://cdn.creative-bars1.com/sb/ssp/interstitial/social_box/1/css/animate.css
Requested by
Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:56 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 14:19:45 GMT
server
cloudflare
etag
W/"65aa8501-13365"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lrjkzvgy2MJ4pRyLJ6yqWT2U7ds%2F5v8dfOabdbA%2FfDFJI2HHrYgrRUGAX9CfPHam%2F4foajCTFpwcoW8rUQYxBGUd5T2xi8XyFo60BMEeOZTWXAApgxo0Jf0nOCVFvD6KOYiyL5VXO2j"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
8a9368822f584c5c-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
cdn.creative-bars1.com/sb/ssp/interstitial/social_box/1/css/
2 KB
1 KB
XHR
General
Full URL
https://cdn.creative-bars1.com/sb/ssp/interstitial/social_box/1/css/style.css
Requested by
Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14ed8b8afea5648c2cc13e03aad5ddf06f5e54ac9587113fe74fb0c957a7a689

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:56 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 14:19:45 GMT
server
cloudflare
etag
W/"65aa8501-996"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lrbfar7V3ZYYF59OhmWs0zeYoh0qs%2BJzoPkkDtcDq%2FDVC%2FpLwnP3DUGd13OCbKwj2Q6lHZK%2BG6xSbdERNPim%2F3MvVEk5cti6rH38GAL3E0ugV8UDBk9wK3Zjv0lT%2BeQC4F2oXGZT7bHg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
8a9368822f534c5c-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
sbls
inscribereclaim.com/pixel/
0
469 B
Image
General
Full URL
https://inscribereclaim.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F1d%2Ffb%2F94%2F1dfb9493966adf79edefa60f9dfc84d2%2F1698745413.html&l=1238&fd=697.3000030517578
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 09:36:56 GMT
Server
nginx/1.21.6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
css
fonts.googleapis.com/ Frame 4FC5
7 KB
843 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Requested by
Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f10.1e100.net
Software
ESF /
Resource Hash
40992eb57d95a0165a6d56399cd9afd60cc2cac6f06579b8d87079ccaab91e29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jul 2024 09:36:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jul 2024 09:01:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jul 2024 09:36:56 GMT
close.svg
cdn.creative-bars1.com/sb/ssp/interstitial/social_box/1/img/ Frame 4FC5
2 KB
2 KB
Image
General
Full URL
https://cdn.creative-bars1.com/sb/ssp/interstitial/social_box/1/img/close.svg
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d6367626004a96e47e82fddaf52a5ee39c7ec20e34d493d6e01c275bb9e3772

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3333972
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 14:19:45 GMT
server
cloudflare
etag
W/"65aa8501-9c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PTNwJAZ96iJ53Vo4th0zWP28wIuCLAo9r4Rh1%2FybpdvHcYHat%2FeVaJsvgTHP6U7vDT7Gqk8Urf31W9qSHmmAz9on%2Bm1Z3z%2FFeSRAuqRj9G1jUwSmtwekgpn7A6tOJS4VklhgcTIBmY%2Bj"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
8a9368859f7a4be9-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
1713896316.png
cdn.cloudimagesb.com/si/30/75/50/307550fbcec52a8b899059e69e67db55/ Frame 4FC5
16 KB
16 KB
Image
General
Full URL
https://cdn.cloudimagesb.com/si/30/75/50/307550fbcec52a8b899059e69e67db55/1713896316.png
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.10 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
159c0ed8f25cce83ac8f0bb9cb5677a0616c495c737d746707000b22d8b5c7ae

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Sun, 28 Jul 2024 09:36:56 GMT
date
Fri, 26 Jul 2024 09:36:56 GMT
last-modified
Tue, 23 Apr 2024 18:18:46 GMT
server
nginx/1.21.6
etag
"6627fb86-4085"
content-type
image/png
cache-control
max-age=172800
accept-ranges
bytes
content-length
16517
x-proxy-cache
HIT
jquery.min.js
cdn.creative-bars1.com/sb/ssp/interstitial/social_box/1/js/ Frame 4FC5
82 KB
30 KB
Script
General
Full URL
https://cdn.creative-bars1.com/sb/ssp/interstitial/social_box/1/js/jquery.min.js
Requested by
Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3338768
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 14:19:45 GMT
server
cloudflare
etag
W/"65aa8501-149a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j9PxKisyzSQ%2B%2BiW%2FhbnGvBfTZzoli5XZKw6I7Imep%2FhlSv1zGbbrXq3Eb5HDRyxfIxztv0IDaqYfjZKLS%2F11fH9NlvTaCZ%2FH35Ig5Xn3LRneIJ%2Fj8LRL5OK8Ag2xeuxvCZaOAVU%2B4beY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
8a9368859f7d4be9-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
sbls
inscribereclaim.com/pixel/
0
469 B
Image
General
Full URL
https://inscribereclaim.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fsocial_box%2F1%2Fcss%2Fstyle.css&l=2454&fd=994.8000030517578
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 09:36:57 GMT
Server
nginx/1.21.6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sbls
inscribereclaim.com/pixel/
0
469 B
Image
General
Full URL
https://inscribereclaim.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fsocial_box%2F1%2Fcss%2Fanimate.css&l=78693&fd=1000
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 09:36:57 GMT
Server
nginx/1.21.6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
5e05f0069e14bdb1ee01505e74a8e579.js
inscribereclaim.com/5e/05/f0/ Frame 6A54
82 KB
31 KB
Script
General
Full URL
https://inscribereclaim.com/5e/05/f0/5e05f0069e14bdb1ee01505e74a8e579.js
Requested by
Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
23099627cfb6abc3ab2b19b8ef5768354c494900e90e2002705fde8e8c083940
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Jul 2024 09:36:57 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
X-Request-ID
90976eb223754f0c836f51a698e3fdf4
Expires
Thu, 01 Jan 1970 00:00:01 GMT
script.js
cdn.creative-bars1.com/sb/ssp/interstitial/social_box/1/js/
975 B
682 B
XHR
General
Full URL
https://cdn.creative-bars1.com/sb/ssp/interstitial/social_box/1/js/script.js
Requested by
Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b53d941e5ec9ce3482ce722008c8dfdae35f630aa4a7cb7c4bdd0e7342fc63fb

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:57 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 14:19:45 GMT
server
cloudflare
etag
W/"65aa8501-3cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMKlNbdizOhVFfnMfR9LsYh7KfFFQp6dfzHpNQRohgH7thAg7Sz5%2FROYdfrZv6lbjt8B7D47mA5mZsvtAHTIE%2FcUbk3Xih42s5ykLqWM%2BMpujdlu%2FCGv%2BVoHdWUQ5tIBaKp8K%2BHBpKEt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
8a936886ae084c5c-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
sbls
inscribereclaim.com/pixel/
0
469 B
Image
General
Full URL
https://inscribereclaim.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Finterstitial%2Fsocial_box%2F1%2Fjs%2Fscript.js&l=975&fd=275.3000030517578
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 09:36:57 GMT
Server
nginx/1.21.6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
impr.gif
inscribereclaim.com/
7 B
733 B
Image
General
Full URL
https://inscribereclaim.com/impr.gif?sid=H4sIAAAAAAAC%2F1xSTYscRRiu3vUDDyp68aBCH1QSyE6mu2e6e80h5MONSza4JJEoCEl1VfVsuTVdTVX19GZPwaDkOHjx49T7TDZBjaIHQUFFZs1pQch42suCP0E86UlmszjiW4f363mL532qPtiq9kmIiu6JC3pTKkWPd1tt%2F8hbQXDCX5FFteFvpPHVuHPUP1WWSlwR2XnpjnejpBXF%2FpHzr1%2B%2BsHLMV3Jd%2BOcEW9dH%2FTNrRvfF8SCMW%2B3p8S%2FRnBp5OAJZfhWk3VawmLbisBWEMTbM%2Fyu28mCpBz7YJ89C8slT9%2B9fg2RjFP2vzwq77nR57LV%2BpajTBgN%2B981ivdB1gf4szI2HvLh7iIa2D5Z%2Bgi62D3aCHvwLzOSEzD3xDrLizkPqyAajKYtMQTpk%2FDnUgzGEGkPSMZi%2BCckVGMfyZRT97WVH1fWHLTptTchjH%2F0AWU%2FI4%2B9%2FjKL%2F5TmlM6r8i7pywmAjbyA3xpC9McpqB25zDrLeAXPvQfJfSVudmN56QSpaQPK9l4KYRVQEdKEdhp2FDkuzBcoSutDlLAnTTpst8uhAGynHkPkYSgxB7Twq66GSHqrcQ1V66PM9P25TFnXbOaNJ0o4W804k4qAjwjQTKeedLio23WEIVw7B1BDM3EBpbmBdDmGqn2HXGljuwTqCAW9QC4LaEtSUoJYEtSOoB802Vza0zR2ubJUFhz489FEz0q63Rbe164mCgJohDG%2B2yn3yzFRA79qf32Jd7PmdKExFd7Edx2GX5yJjNOKLLOoEaZjzxW4bVt47s7QQhUl61WZXA0g7B2o9bMoJefXEXyjlhLzwZIiM7sCqHTA5D1q9CFo3oGsNNot7PW3XKNd1qxAOXDco3SNw170ttU%2BeP3jO1c2XIdjuye8%2FmdqnYKZBaRq8K38h6Klbo4u6Jrcv6tqSb94onezLTeqkLi456sT85%2BfF9VobvnzWDj87xaaNaXjvsrBuhRZcFj1LvjgtORdmSRsmyI%2FL9orIViu7droyRVWurJ5ZWu6XRlgrdTEGlQ%2FefhRMTsjTf%2F9%2B8H2P%2FXET0oxhqgb9apccGqTeAStvwJYz9lYTGDXDZKWHumpGJsxmRSUJlJjlNGtg%2F5Nns3hk6HSaymbL3kLPzIG6myj6DQamwUA1oGoIW82PXGl2T%2F4WHRgyNTfKlJm7nSmjPjwQeUJWX%2FkOVu75ScQSFiZJO02TKORZJ6KiK9KcirwT55GAs5N8VCT%2FAAAA%2F%2F8BAAD%2F%2Fw0c57C9BAAA
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Jul 2024 09:36:57 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/gif
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
Content-Length
7
X-Request-ID
369d163516129dae57a409d60166e070
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sbs
inscribereclaim.com/pixel/
0
469 B
Image
General
Full URL
https://inscribereclaim.com/pixel/sbs?c=1
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 09:36:57 GMT
Server
nginx/1.21.6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4FC5
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 15:01:56 GMT
x-content-type-options
nosniff
age
239701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 15:01:56 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4FC5
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 11:48:58 GMT
x-content-type-options
nosniff
age
251279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 11:48:58 GMT
sfp.js
recordedthereby.com/ Frame 6A54
83 KB
27 KB
Script
General
Full URL
https://recordedthereby.com/sfp.js
Requested by
Host: inscribereclaim.com
URL: https://inscribereclaim.com/5e/05/f0/5e05f0069e14bdb1ee01505e74a8e579.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 09:36:57 GMT
strict-transport-security
max-age=0; includeSubdomains
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
x-request-id
2caa8a8c558b8f6dfea815c3287a06fe
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZyrdKOBqdkHjdK5kOydw38TgC7cqF4GDSPpHHbfSCqYqi638bT7DTCvBPKQFU3pf7JNVMs1sOWGbreHP3WMMkuZDVHt%2FkNUDbI2WhwqTLe7Ywsy7lz8N4J7rpdo94%2BjuWO4hNaeC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, max-age=0, private, no-cache
cf-ray
8a9368898fde526d-MXP
expires
Thu, 01 Jan 1970 00:00:01 GMT
purst
hysteriaethicalsewer.com/pixel/ Frame 6A54
0
469 B
Image
General
Full URL
https://hysteriaethicalsewer.com/pixel/purst?dl=0&th=0&sc=0&rs=507.9000015258789&rd=507.9000015258789&fd=501.1999969482422&bv=24.5.8221&tmpl=136
Requested by
Host: support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
URL: https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 09:36:59 GMT
Server
nginx/1.21.6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
advertisers.js
capaciousdrewreligion.com/ Frame 6A54
0
392 B
Script
General
Full URL
https://capaciousdrewreligion.com/advertisers.js
Requested by
Host: inscribereclaim.com
URL: https://inscribereclaim.com/5e/05/f0/5e05f0069e14bdb1ee01505e74a8e579.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Jul 2024 09:36:59 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Content-Type
application/javascript
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
be6eeee048b91aa2a4d5815b625477ec
Expires
Thu, 01 Jan 1970 00:00:01 GMT
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je47o0v9138172222za200&_p=1721986613922&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=160502621.1721986615&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1721986614&sct=1&seg=0&dl=https%3A%2F%2Fsupport.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol%2F&dt=Shadow%20Browser&en=scroll&epn.percent_scrolled=90&_et=21&tfd=7575
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCTSG4T1B6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jul 2024 09:37:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
arc.io
URL
https://arc.io/widget.min.js

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| changetheme object| tabData function| nowgg function| a0X function| a0U object| sbslms function| gtag object| dataLayer function| switchTab function| addTab function| showTab function| closeTab function| saveInputs function| updateTabTitleFromIframe function| resizeTabs function| initTabs function| isOverflowing function| addBookmarkToLocalStorage function| addBookmark function| showContextMenu function| deleteBookmark function| showBookmarkPopup function| handleBookmarkConfirm function| handleBookmarkCancel function| createBookmarks function| updatefaviconagain function| calculateServerPing function| changeTabSrc string| searchEngineValue object| __cfBeacon function| Ultraviolet object| __uv$config function| isLocalhost function| registerSW function| search function| abtblanknew function| devtooltoggle object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| _0x43e5 function| _0x4625 object| LieDetector

15 Cookies

Domain/Path Name / Value
pl23231560.highcpmgate.com/43/28/e5 Name: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3278_sb
Value: 1
proftrafficcounter.com/ Name: uid_id2
Value: 16c3ae1a-0224-4c8b-ac7a-5dc72840c9d3:3:1
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 16c3ae1a-0224-4c8b-ac7a-5dc72840c9d3%3A3%3A1
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/ Name: sb_page_4328e5906625dfebca3d9c34182fd950
Value: 1
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/ Name: sb_main_4328e5906625dfebca3d9c34182fd950
Value: 1
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/ Name: sb_count_4328e5906625dfebca3d9c34182fd950
Value: 1
.phantom.lol/ Name: _ga
Value: GA1.1.160502621.1721986615
.phantom.lol/ Name: _ga_NCTSG4T1B6
Value: GS1.1.1721986614.1.0.1721986614.0.0.0
inscribereclaim.com/ Name: u_pl
Value: 23131061
inscribereclaim.com/ Name: uid_id2
Value: 16c3ae1a-0224-4c8b-ac7a-5dc72840c9d3:3:1
inscribereclaim.com/ Name: pdhtkv
Value: true
inscribereclaim.com/ Name: uncs
Value: 1
inscribereclaim.com/ Name: pdhtkv29
Value: true
inscribereclaim.com/ Name: uncs29
Value: 1
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol/ Name: pbpr0tpuw4isk85t8yg3jb2lj5vqf
Value: inscribereclaim.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arc.io
capaciousdrewreligion.com
cdn.barscreative1.com
cdn.cloudimagesb.com
cdn.creative-bars1.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
hysteriaethicalsewer.com
inscribereclaim.com
pl23231560.highcpmgate.com
proftrafficcounter.com
recordedthereby.com
static.cloudflareinsights.com
support.support.en.cdn.ns1.login.secure.vpnnayuwfb.phantom.lol
www.google-analytics.com
www.googletagmanager.com
arc.io
104.16.80.73
104.17.25.14
104.243.38.18
142.250.185.131
142.250.185.142
172.217.23.106
172.240.108.76
172.240.108.84
172.240.127.234
18.194.180.173
188.114.97.3
192.243.61.227
216.58.206.40
45.133.44.10
45.133.44.3
1024d952b23efe9251f6ee40767394365f433584db062328351a2689d621a3c5
11e19bd49b54a09934336612f203c8f6c9bc23ac7da7778c422671fe8ef9ac84
14ed8b8afea5648c2cc13e03aad5ddf06f5e54ac9587113fe74fb0c957a7a689
159c0ed8f25cce83ac8f0bb9cb5677a0616c495c737d746707000b22d8b5c7ae
19d6b3810c0f606b9d7d847180b245d897fcb667d3b9bfc775fa78ff9666f44e
23099627cfb6abc3ab2b19b8ef5768354c494900e90e2002705fde8e8c083940
26d26bd1f0443b3d19c5dfd09c07ca6a22e94fc2df12eaa7e5f466201e19e499
2e1b4025db2fb9c6052c75f4e4be5c785336419ef4faf1cea292731d6522582a
30c3ab5eecf524e96f3fc93798befe8da8364ad76b6e12f23fb370d9f99639a7
3b4c2dd9257f70efceebd0888ca63832fbddb6e9a4582acf07843960ae4d10f7
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
40992eb57d95a0165a6d56399cd9afd60cc2cac6f06579b8d87079ccaab91e29
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b
4d6367626004a96e47e82fddaf52a5ee39c7ec20e34d493d6e01c275bb9e3772
4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4
562d4d5cb800629b867db8e70e5abf29e425c6649602e7508ed8eb8eab04f3c5
7d6c3b7ed750fe6b65623199f0ee4c55267b85a5f28ceb0e995ee314f5d3b1be
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
b0bad635d8f11c85a8934bd69da460fc9d81526d477596a554b12c41d76f0763
b1fdaaf0fe25a6c516cd42c5a318caaa0e87737cad13e9c096e6d5c4aa22b468
b226b199ad4e04570aab93f2e964afda3936c47fec41a77aec254ce26ec1154a
b53d941e5ec9ce3482ce722008c8dfdae35f630aa4a7cb7c4bdd0e7342fc63fb
b5fdef9f51bdb9b56e7f4e7749d77bcb6597a0301ead564c6ba9b4a016ac1a1e
be2a8bf5db842bb931e40fd680631bf9efc757caaa07982ee782ce3730188c2c
bf83978647efcd2a3dbf8d0fa9257c5b18e3b6b4f45d233d119976a269132707
c5a7a8955262c3c2163db961b18af97c9eeac48586a52c50d8d1f80ab04f84fb
c5e71da3dbc647b725d8b39fa5bc993ccd311b4102c40ead2f3a764de4ed74c4
c74ffdd9e455beec3a98d472d71fa380a4c124f4b9118f4440f3eee2a327a6c9
dd8eb7cbd3a66f09b1e1c11e75987a9eba498c1ead3fd95f5c59d16bd526d21b
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615