7c6cf593.flc-adg.pages.dev Open in urlscan Pro
172.66.44.167  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response 7c6cf593.flc-adg.pages.dev/	44 KB 8 KB	115ms 68ms	Document text/html	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a3c66e92331e7b83c1d46b076662652722338443347efc01312618ba875426c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, must-revalidate cf-ray 89c50469aa854d4f-FRA content-encoding br content-type text/html; charset=utf-8 date Mon, 01 Jul 2024 08:27:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C9chEVNJK8CZWh738wVDFIaqWgycCcTlHh%2F2GLyDAsIRos2ACKWKIxCoYaGyP%2FG74aomvDB4j2%2FTnh9Rhv1017SD%2BJAs8p1CANG8wroAVSEkS%2Bp4VzRPnNSPkV9S8yRnFs09k0isRGb5SzM2qQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff x-robots-tag noindex
GET H3	200	tapa.css 7c6cf593.flc-adg.pages.dev/css/	18 KB 5 KB	47ms 45ms	Stylesheet text/css	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/css/tapa.css Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e429cb154e56b90ec4f5179b1402f78f6dd73dda94198e5a1fa4d5003bdf6199 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"b96a92f5d69b68c5dd0974cba0358196" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lQVxhy%2BZBUwCBZs676GDzZH98OTj19WWbjYZEggauJY6TsjrRNY1RNdYOmtuxV6tdLBE8L3RDmy1ufPmzg1QdO56TmJvtMB6aFm7hOMoSg2QNFgX%2FoxCo1AsxeAbSuE3xpAVaOmvAZ5C2BMLig%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046a3b2c4d4f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	bootstrap.min.css 7c6cf593.flc-adg.pages.dev/css/	216 KB 32 KB	46ms 44ms	Stylesheet text/css	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/css/bootstrap.min.css Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"c10215ede6a2fdc4dedb6d87f4ca36d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c2%2F9ZtCffYuRD4Yv55Ce4n7gZ0LjEoTjNu3x28SZdeLnuW0TPy7TeJRk00igUFDgGMR8tR9T05aNZ1aQjE0DxG7AUVcRyAmsPE%2B%2BE4cZGXCc3RNcs3clmiH9PI6go8k0Px%2FBAY520HCRTXusBQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046a3b2d4d4f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	jquery.min.js Show response 7c6cf593.flc-adg.pages.dev/js/	83 KB 31 KB	66ms 65ms	Script application/javascript	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/js/jquery.min.js Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 436ecc90fab5ed1034b68a4a0e924e0132d93d9e7fb59b4fe23018eb7d9242c1 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1f742c403b7bcd94e2b3ff3fb90aaf91" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANiYHPY4h%2F%2BRXpAtb7ZPR0oez1%2BtdVBjFogj1xv2L5dNK5th%2F16XuSpD02KNkM0WLHB%2Fbok%2FNPjl6uly6Y52UPnB4lcNPp6PGIGdldPoW4FDKwMQqZeCMJRa3Qz%2F2r2pHyHqg14ZnhVPCnSlSg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046a3b2e4d4f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	bootstrap.min.js Show response 7c6cf593.flc-adg.pages.dev/js/	59 KB 16 KB	69ms 68ms	Script application/javascript	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/js/bootstrap.min.js Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Origin https://7c6cf593.flc-adg.pages.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4c5defc217a778d955c27390fb3f9bd5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NvjMK3Ekmep0gjgg6SH59S%2F%2FoaugbYdPLYWWCCNqVGFzUYw06PFHCCZELRUVBqULyUG1pQ%2BNvBT3cTB4bCGZxSKjEsKQ8SS6EKzqAAYhOGAwrQRYjbhEB%2FMKKGipmKVczliYWSQIuunBfZBzEw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046a3b304d4f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	font-awesome.min.css 7c6cf593.flc-adg.pages.dev/css/	27 KB 7 KB	86ms 85ms	Stylesheet text/css	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/css/font-awesome.min.css Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce26d1b76dae2f3b5d0ccc8d0ecd88d2edb411101b8a4c5edc4d9aa7008c9b04 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"9cf4906dbfb2d924f282bbd986a441d6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BpubBdsU2puaf1dElH4awpdmcLcDyhHePx4SGJaqUl5fBi16vg%2BdAhQsyEl1%2BuKxoundeKK2z8moon%2Fnh4juyl1Xpnp3NJGDdZ9PmV2gt8Vb%2BoM19tMt7lgumR0mcV4hHmjrv2cfwSmHqb%2B3g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046a3b314d4f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	emojione.min.js Show response 7c6cf593.flc-adg.pages.dev/js/	295 KB 39 KB	74ms 68ms	Script application/javascript	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/js/emojione.min.js Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"b6ce2c5ceae856dd5d383e03384c4a68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zc7RK1UrpbymAfheEXKiCeQmUY8Oc6mlbJ9ckdrwW3RFwXktwzigpE0O5IfTc2SFbQGQUVy2h5CDy%2BhZRLTvRmByGIKjF99iGUHpKonuKDHMTaKoLDco7gCBstSJsDlkzJdGKoglfpYz1nEuFQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046afc154d4f-FRA alt-svc h3=":443"; ma=86400
GET H2	200	script.js Show response cloud.umami.is/	3 KB 2 KB	69ms 23ms	Script application/javascript	76.76.21.164 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cloud.umami.is/script.js Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Vercel / Resource Hash ea5a81f5881bce2d303b820cd09d4a0a96981295b5161693e58942a1c7e59f28 Security Headers Name Value Content-Security-Policy default-src 'self'; img-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src *; frame-ancestors 'self'; Strict-Transport-Security max-age=63072000 X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self'; img-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src *; frame-ancestors 'self'; content-encoding br date Mon, 01 Jul 2024 08:27:30 GMT strict-transport-security max-age=63072000 age 827667 x-dns-prefetch-control on content-disposition inline; filename="script.js" server Vercel x-vercel-id fra1:fra1:fra1::zkdwg-1719822450438-5726e2047f50 x-matched-path /script.js etag W/"a8b809821d04e40c5935471a8fe4be9a" x-vercel-cache HIT x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate
GET H3	200	analytics.js Show response 7c6cf593.flc-adg.pages.dev/js/	438 B 724 B	90ms 89ms	Script application/javascript	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/js/analytics.js Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb48873e81d9d3a8d35b1b7a32c524d0f6e4ce291c4329536e046eb89d08874e Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"029c57fa022a05985094c3bc4caa2e57" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FcQcXmng66ienjkWcBtIHZWE5YFDC93uke5K95f0r91%2BKWl9uYk6X6ejeURn8WxN7SbGTVJQIKeF%2BYF8kNDN61EwV9mGxbBIMDtASNsmLf3UnoRX%2F3MrgtQq%2F4FIRnZ3Sugat53EP5k5dXIJQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046a3b334d4f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	script.compat.js Show response 7c6cf593.flc-adg.pages.dev/js/	1 KB 1 KB	72ms 70ms	Script application/javascript	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/js/script.compat.js Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63438ac53941d537540dd5687ab8c1f1319509a2f6c419731d5e21cd3a850796 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"0fbb46c71d768dc9d0430ba006348598" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMIpIb9aiGFCM1GAEKVdUYXxyg7mkL3D23hxh0KHyoq9zk14aEN0WiaAUi6Z9pQW3XW82M2hAiFe369gQCFKwyoSidi5jv7tGcOLDjHNNYzO9j%2FVM4KyysbCXGMnDdQDp4OssvGYxjK1AUUcfA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046afc184d4f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	f24.png 7c6cf593.flc-adg.pages.dev/images/	451 KB 452 KB	93ms 92ms	Image image/png	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://7c6cf593.flc-adg.pages.dev/images/f24.png Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6a0fc4c25e3eb50bc3c9b1c49e187922f87ef98523474655ac47f397e415065 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1517e25277c3d8f1ae3139cdfd1044fd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Of2co1dpHrv6YxL7x16Pt3BALXeIi8Ga2YBdU%2BFx5QCLJVmTuf6Q%2FAHIx4RMwhSeg31SBfp%2FibN2KPQV%2FDOwJ0uFVXc5plUugRLnhhh1v10oWzlLCm6Eu5dL6lWXycKWhOUn8apPcqsONMderg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046a3b354d4f-FRA content-length 462248 alt-svc h3=":443"; ma=86400
GET H3	200	mnc.png 7c6cf593.flc-adg.pages.dev/images/	187 B 688 B	142ms 141ms	Image image/png	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://7c6cf593.flc-adg.pages.dev/images/mnc.png Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "653967a2ac91034b61d1ad76540b8eb4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DnwF4142GtgEgHNsIHMpsNMkDyV6gLfUIHAMTohElgYm6sAD1vGdnraINfkZUmPoc4NzNkJCylMPR9og4INvkIaUUBPC%2FDRyeI0bl7uM2fIn6yeDsFyPvHUaltAphzZPXt4TgqQOfXN7FdtQeg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046a3b364d4f-FRA content-length 187 alt-svc h3=":443"; ma=86400
GET H3	200	msmm.png 7c6cf593.flc-adg.pages.dev/images/	168 B 676 B	78ms 71ms	Image image/png	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://7c6cf593.flc-adg.pages.dev/images/msmm.png Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "8ca71578100459238fb030f8dd97e8bb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cvwe0%2FnqrNDk3pYbVJidVazRtFgsLbFO3Udj012N5Zm6UZwI98s%2Bl%2BCa0xgVxssOGQU3xU%2BTJzocRivBrXPf7I8ojQxKr07CRaOQYMmEAz4exDJYSZ13L%2B%2B43IXpnWOkQGVB5Gs7jEofaVZt1w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046afc0a4d4f-FRA content-length 168 alt-svc h3=":443"; ma=86400
GET H3	200	set.png 7c6cf593.flc-adg.pages.dev/images/	364 B 875 B	74ms 67ms	Image image/png	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://7c6cf593.flc-adg.pages.dev/images/set.png Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "ee63d8b934f54cf7e606ebae2b4bfcf6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbzJZtJ2nQz6Txbz7hXGHXpTIEq15jFj%2Fj1tk317DMo0Iv7cgtxJhA7jrPFNmvXLGbEUEYNv%2Biwe%2FcRRdyBQldRd1vXFiwM%2FIu0Z9RX07PkU4l4%2Bp7z38OdHfadEm5O%2BDw%2FFPPq1JvofWnfULQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046afc0f4d4f-FRA content-length 364 alt-svc h3=":443"; ma=86400
GET H3	200	vsc.png 7c6cf593.flc-adg.pages.dev/images/	722 B 1 KB	71ms 64ms	Image image/png	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://7c6cf593.flc-adg.pages.dev/images/vsc.png Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "da27b6888c7cff8c20811d9d856d5f9d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J21a2bxBchzOCvkGvO0MzbufDcHpnaBXS7TJIow%2F3KHXbfnzE6oGoI%2BaWpMc4fnRkzW61TA1C0gVXcnuIuIndILoaqA5e8h5A6VF6ZaELATvFzAlrNbM8oO0G4PvuaSXRqVl1Ul1LwXiDAGndA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046afc124d4f-FRA content-length 722 alt-svc h3=":443"; ma=86400
GET H3	200	bel.png 7c6cf593.flc-adg.pages.dev/images/	276 B 782 B	71ms 69ms	Image image/png	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://7c6cf593.flc-adg.pages.dev/images/bel.png Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "f4e0dc23fa0c9a87dc8527d52bd80a1e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y2o%2FDxWjgbaYQF7HLWT1%2BtI4E1O8TUd8fgpysdnMUyOXyZOj%2BBFfnu1l21C8CJH5lGAr1KwJ2KRbHeOKtubuu52Z%2FMSGqsObQZUySiTQy1E0rVSdUjKLVjT1fE6CXQu0J4F1%2Fpl4QiyyT10fuA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046afc1c4d4f-FRA content-length 276 alt-svc h3=":443"; ma=86400
GET H3	200	dm.png 7c6cf593.flc-adg.pages.dev/images/	35 KB 35 KB	92ms 90ms	Image image/png	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://7c6cf593.flc-adg.pages.dev/images/dm.png Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 426eec34428ca37958c3697503680648f7d9658ae0fe6300e80ddc17797ceb85 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "610e50a97ed65b5b127c3b7685d8b3b7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9fLhC4LdiB2HT2bvkv09SxnavvBQD3tjntIlzA8pZ4uCyZNSi%2B0EqS2KatCNc7q1pQKNmvKb%2FM1hS7PaIEs3ZjuMI%2FEQw00p7ap9XL65Idkpef%2FF496bV2uXmsdxv7knRzqRb5jhyrEG5afquA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046afc1e4d4f-FRA content-length 35689 alt-svc h3=":443"; ma=86400
GET H3	200	re.gif 7c6cf593.flc-adg.pages.dev/images/	14 KB 15 KB	73ms 70ms	Image image/gif	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://7c6cf593.flc-adg.pages.dev/images/re.gif Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "100a9924b8b50ce024e2fa5b31934d7f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IY4ge49UpuLLMdt2cv20%2BYzOeUOmg%2B0MsbqKSgZDT2XSYUYNp8S%2FJI3T4WYCtBg7cULEm5tKj56svrv%2BBp4L8TQpgxNVr%2FerbJ6TR1Tz%2BPSxl5b6ZUkdam8Y8irWKdR2nMz2XhXki%2BHigCz4Wg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046afc224d4f-FRA content-length 14751 alt-svc h3=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	223 KB 82 KB	212ms 72ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-XXXXXXXXX-X Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/js/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6288a0cb00e38661a7b14d04dcbedc5eada34ed5d23a04db50e7b86f14dfbe7d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 83525 x-xss-protection 0 last-modified Mon, 01 Jul 2024 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 01 Jul 2024 08:27:30 GMT
GET H2	200	gosquared.js Show response d1l6p2sc9645hc.cloudfront.net/	10 KB 5 KB	49ms 9ms	Script text/javascript	2600:9000:2490:e400:f:fd8f:b000:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1l6p2sc9645hc.cloudfront.net/gosquared.js Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:e400:f:fd8f:b000:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6d31f56a187f8eb110311203d9bea6694b2efe0aa5a868c72f13f388619d3de8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 06:08:27 GMT content-encoding br via 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront) last-modified Mon, 08 Apr 2024 10:07:50 GMT server AmazonS3 x-amz-cf-pop FRA56-P6 age 8344 x-amz-server-side-encryption AES256 etag W/"55ddb5289c73831f2a6cf0a8e1c30549" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript; charset=UTF-8 cache-control max-age=43200, public alt-svc h3=":443"; ma=86400 x-amz-cf-id cF82pWekMf1AokazSHCjsT9Kq57XYPGoDFfJ3niv5GPRp3d6tvw67Q==
GET DATA	200 OK	truncated /	349 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H3	200	beep.mp3 7c6cf593.flc-adg.pages.dev/media/	8 KB 9 KB	61ms 61ms	Media audio/mpeg	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/media/beep.mp3 Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Referer https://7c6cf593.flc-adg.pages.dev/ Range bytes=0- sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "0825ebad9a641a19e1944426ffe4916e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xhVuN9WKn5SIcJFoqPRmwBUgXIV%2FrAvKbyV2Zi3i46wBlgQerQkLaWiHTyLz%2BCRflnI69bOuqIeitpnQgMRLW6PkBA0sbMYTIovkXbEy5YfoBRTjbuMIZhpXS4SexCC5MhT4s%2BXpBzCyLEHhyQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg access-control-allow-origin * x-robots-tag noindex cf-ray 89c5046b2c484d4f-FRA content-length 8405 alt-svc h3=":443"; ma=86400
GET H3	200	eng.mp3 7c6cf593.flc-adg.pages.dev/media/	108 KB 0	68ms 68ms	Media audio/mpeg	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/media/eng.mp3 Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Referer https://7c6cf593.flc-adg.pages.dev/ Range bytes=0- sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "a4a0395ec212726eb0304bf5561d6db9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ruB4YILZGTCOh5hlOVUIpCPkaBMGkEkosVb1HMtwn2lHmooNPmbt7UZ2MH9zL2tjaH3V9HF3X4mNERUopOkUWvxmqi56sasWJoJAV%2BUjmJ2PJ8o2hcIwdmIfbSgbWERhMx85XiBMvLkqRfdpxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg access-control-allow-origin * x-robots-tag noindex cf-ray 89c5046b2c4e4d4f-FRA content-length 110229 alt-svc h3=":443"; ma=86400
POST H3	405	event Show response 7c6cf593.flc-adg.pages.dev/api/	0 426 B	22ms 21ms	XHR text/plain	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/api/event Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/js/script.compat.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Mon, 01 Jul 2024 08:27:30 GMT referrer-policy strict-origin-when-cross-origin nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MFYbDvxdTBQtC7wRlvtI7unpYDj23NGn%2Fh%2BJgffXK524LjBb9Jh5NjAa3baO6L1gA9%2F8xcei6JcmcuYpPQvd3dEobGHI46Py9fsIBqbo2kA7kWjHrn%2FJd8b1FK5HeX8%2Biacx7CUpX48OKQbfcw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 89c5046bed024d4f-FRA alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	pv Show response data2.gosquared.com/	8 B 77 B	394ms 120ms	Script text/javascript	34.234.8.4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://data2.gosquared.com/pv?cs=UTF-8&cd=24&la=de-DE&sw=1600&sh=1200&dp=1&tp=0&pu=https%3A%2F%2F7c6cf593.flc-adg.pages.dev%2F&pt=Security%20center&ri=0&ru=-&re=0&vi=1&pv=1&lv=0&vw=1600&vh=1200&dw=1600&dh=3398&st=0&sl=0&aip=1&tz=-120&rc=1&cb=0&a=GSN-761844-V&id=efad439df43c951fb67841e6b78b3dfa&tv=6.7.1941 Requested by Host: d1l6p2sc9645hc.cloudfront.net URL: https://d1l6p2sc9645hc.cloudfront.net/gosquared.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.234.8.4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-234-8-4.compute-1.amazonaws.com Software / Resource Hash c24a65ac901ef285ee99d016d2eaebcdbadf171639d8857dd7ff6a9458ab2b6c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:30 GMT content-length 8 content-type text/javascript
POST H2	204	collect region1.google-analytics.com/g/	0 0	177ms 30ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-XXXXXXXXX-X&gtm=45je46q0za200&_p=1719822450380&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=799504190.1719822451&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719822450&sct=1&seg=0&dl=https%3A%2F%2F7c6cf593.flc-adg.pages.dev%2F&dt=Security%20center&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=585&_z=fetch Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XXXXXXXXX-X Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 01 Jul 2024 08:27:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://7c6cf593.flc-adg.pages.dev cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	send Show response api-gateway.umami.dev/api/	564 B 1 KB	526ms 526ms	Fetch text/plain	172.67.171.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-gateway.umami.dev/api/send Requested by Host: cloud.umami.is URL: https://cloud.umami.is/script.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9225f49635ead956a8c84989820662ae58471c6bd56c38a34b4f6bfd92f3fa72 Security Headers Name Value Content-Security-Policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Response headers date Mon, 01 Jul 2024 08:27:31 GMT content-security-policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br x-dns-prefetch-control on alt-svc h3=":443"; ma=86400 cf-placement remote-EWR x-xss-protection 1; mode=block referrer-policy same-origin server cloudflare etag W/"10jsnkw2j5sfo" expect-ct max-age=86400, enforce vary Accept-Encoding access-control-allow-methods POST, OPTIONS content-type text/plain access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BFLUz36idJ0985R27kBCPAcxIoBqVn1s5%2Fm168P4puyob%2FBruSF%2BmaR6k8VU9BiZECMqw2gW5nqVuN6nPN4hu3xVwYIGbN2qskX7kothOC0XwFXPFAae5XN8FcxCHQeov1bG7kcMs54%3D"}],"group":"cf-nel","max_age":604800} access-control-max-age 86400 x-frame-options SAMEORIGIN cf-ray 89c5046fc96165e0-FRA access-control-allow-headers *
OPTIONS H3	200	send api-gateway.umami.dev/api/	0 0	152ms 116ms	Preflight	172.67.171.116 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-gateway.umami.dev/api/send Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.116 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://7c6cf593.flc-adg.pages.dev Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-methods POST, OPTIONS access-control-allow-origin * access-control-max-age 86400 alt-svc h3=":443"; ma=86400 cf-placement remote-EWR cf-ray 89c5046f086265e0-FRA content-length 0 date Mon, 01 Jul 2024 08:27:31 GMT expect-ct max-age=86400, enforce nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QhdCaBayx2S7LmncRRJnYj3JP4FK5fNNM%2FgNEPEQWNQasYWVxZ5UW6eiL8J1EX2rW2Ewyqd6PcSGo%2BAQ2bn3No6oceis%2FhQv0Be0%2BGK8NCS5iw%2Fw02qV%2B5sI9J2sA%2B4sa%2Bxe9Uh8lTo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H3	200	w3 7c6cf593.flc-adg.pages.dev/	0 522 B	119ms 118ms	Other application/octet-stream	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/w3 Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:31 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "af1349b9f5f9a1a6a0404dea36dcc949" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FcIo2ABBj8PS%2Bn4xB%2BX7TJuhw%2BbFDThuBiJ%2BGFG%2FSQHCPx5no1Z1aBjK1mfM765ul%2B8tgG2tQ2M6aaZq3W8UOQm68rhcEE4wNikFoA%2FBQTj3OyShLSN8yRnZ3CCFUzKbFoJge%2FIoiyyIa%2FR2gA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5046f08ef4d4f-FRA content-length 0 alt-svc h3=":443"; ma=86400
GET H3	200	script.js Show response userstatics.com/get/	133 B 663 B	155ms 106ms	Script text/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://userstatics.com/get/script.js?referrer=https://7c6cf593.flc-adg.pages.dev/ Requested by Host: 7c6cf593.flc-adg.pages.dev URL: https://7c6cf593.flc-adg.pages.dev/js/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.1 Resource Hash df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:31 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.1 vary Accept-Encoding access-control-allow-methods GET, POST content-type text/javascript; charset=utf-8 access-control-allow-origin https://7c6cf593.flc-adg.pages.dev report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dlbz2nLnIGybdLyQVx8bw8KXuYvrpBxicUBFuM5XHBorH9EADlKCbs%2FVNJd1XKra0R%2F2iLe4%2Fpquyn0yyIfVK62TgPVXf9G9q7vRILjGX6Ll7orlQSw1kRockO2pYnbaGFo%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 89c504719dd64d31-FRA access-control-allow-headers X-Requested-With,content-type alt-svc h3=":443"; ma=86400
GET H3	200	w3.html 7c6cf593.flc-adg.pages.dev/	44 KB 8 KB	57ms 57ms	Other text/html	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/w3.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a3c66e92331e7b83c1d46b076662652722338443347efc01312618ba875426c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:31 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TglrsSBkCyGBJ6gTrEnD9HLr0Pj9Z7JqwAB9J8qF1eglZvuulCUSMCmmuh3p6owFHrwb49ITCz4Bs0eJDKlwmkukmqWd0FEcpauz%2Fm9VyMBmJ9Mr0csE5GN9fcH3dI9QJ6BqJ0Ej3V7ilip5uQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c504715bbf4d4f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	w1.html 7c6cf593.flc-adg.pages.dev/	44 KB 8 KB	59ms 58ms	Other text/html	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/w1.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a3c66e92331e7b83c1d46b076662652722338443347efc01312618ba875426c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:32 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1kwlHclPtoVTZzwLpzg1fDHYv%2FhMzXtl8PFdtQr4BSd6g9KhU%2F%2FJ9BKJGl4XuHbthJJmTncksjciLGzoMXmEM2%2B2vId%2BusGkBm4qTIATvpngAIf25B6A0jb9avn2NVhd0wXtpcCgzydhqlnh7g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c504776b774d4f-FRA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	181 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7fd467d27ef40cdaed73685e3d55006dd24a34223c2183d8d805f94f17b3aa1d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	w3.html 7c6cf593.flc-adg.pages.dev/	44 KB 8 KB	84ms 84ms	Other text/html	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/w3.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a3c66e92331e7b83c1d46b076662652722338443347efc01312618ba875426c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:33 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTFjTIL4h3DByWEg8qyR7XOEk2D8A9WN5LcCFcrks2dKFVZKX5o5PAPBhPF3geRC%2FvyCXmybnX9VQEnP1sM6hZz8DcYx8aAg5ac8le4RioPf81mRv8OtU%2BpOWJzYCvNT6lv5cJgPSWfqx8r2ng%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5047dbaff4d4f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	w1.html 7c6cf593.flc-adg.pages.dev/	44 KB 8 KB	77ms 76ms	Other text/html	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/w1.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a3c66e92331e7b83c1d46b076662652722338443347efc01312618ba875426c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:34 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gmUn0R79nV1nZPHjG%2Fh85SBo9dZfF8p3AfXdTN123PZR3N3Hw0ydKvXV1ornHzsDwOQ%2B30GWUvEiywcIH3ZxrEee3enPedoz44P6%2ByBWWklPRxiO9BHsfkikQYwyXzO3vLbx%2FNHAVag1We6Gag%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c504840a704d4f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	w3.html 7c6cf593.flc-adg.pages.dev/	44 KB 8 KB	94ms 93ms	Other text/html	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/w3.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a3c66e92331e7b83c1d46b076662652722338443347efc01312618ba875426c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:35 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N3jjlPkVB2XsTTQfQXLCiRGG0SEm3Ax1Z8e3nJ2GbOJh0%2BvcnXN64s8dzQZ1%2Be%2FCnwu%2FX%2F97T4WOAKS%2FtQHL9jYuyWuUNd55CSay7taoQEQ4sX6NEUoibuICcP%2BP489rMzGKRQ1iESW3Ch%2FhQQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c5048a6a434d4f-FRA alt-svc h3=":443"; ma=86400
GET H2	200	ping Show response data2.gosquared.com/	6 B 74 B	110ms 110ms	Script text/javascript	34.234.8.4 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://data2.gosquared.com/ping?vw=1600&vh=1200&dw=1600&dh=3398&st=0&sl=0&i=0&et=5397&cb=1&a=GSN-761844-V&id=efad439df43c951fb67841e6b78b3dfa&tv=6.7.1941 Requested by Host: d1l6p2sc9645hc.cloudfront.net URL: https://d1l6p2sc9645hc.cloudfront.net/gosquared.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.234.8.4 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-234-8-4.compute-1.amazonaws.com Software / Resource Hash eb2ad463e0fd390d63acc0e4e0c064cd787cab3ee5711fc9e6e203ad1429d4c0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:36 GMT content-length 6 content-type text/javascript
GET H3	200	w1.html 7c6cf593.flc-adg.pages.dev/	44 KB 8 KB	92ms 92ms	Other text/html	172.66.44.167 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://7c6cf593.flc-adg.pages.dev/w1.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.167 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a3c66e92331e7b83c1d46b076662652722338443347efc01312618ba875426c Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://7c6cf593.flc-adg.pages.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:27:36 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SrBuE3%2BFXYFXAsLklRa9hQ6ezfy8de6%2FO5t1ag9nFzqUAcnWyw7O3qTzDhT2osZgyCBZPOIeajoLT33aMunVOE87Bo3PN8baW%2F24p5r7pKfLayrtzXf67sDd7R9U0m4MJ0GUriGZdkXz%2BPTbxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate x-robots-tag noindex cf-ray 89c504909b2f4d4f-FRA alt-svc h3=":443"; ma=86400

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery object| bootstrap function| gtag object| dataLayer function| getVariableFromURL function| chat function| _gs function| showd2 object| modal object| btn undefined| span function| beep1 number| e number| isNS function| mischandler function| mousehandler function| win_onkeydown_handler function| addEvent object| umami function| plausible object| emojione object| google_tag_manager object| google_tag_data object| gaGlobal

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			7c6cf593.flc-adg.pages.dev/	1970-01-20 21:44:22	Name: PHPREFS Value: full
			7c6cf593.flc-adg.pages.dev/	1970-01-21 07:19:42	Name: gs_v_GSN-761844-V Value:
			7c6cf593.flc-adg.pages.dev/	1970-01-21 07:19:42	Name: gs_u_GSN-761844-V Value: efad439df43c951fb67841e6b78b3dfa:2567:5000:1719822450612
			.flc-adg.pages.dev/	1970-01-21 07:19:42	Name: _ga_XXXXXXXXX-X Value: GS1.1.1719822450.1.0.1719822450.0.0.0
			.flc-adg.pages.dev/	1970-01-21 07:19:42	Name: _ga Value: GA1.1.799504190.1719822451

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://7c6cf593.flc-adg.pages.dev/api/event Message: Failed to load resource: the server responded with a status of 405 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7c6cf593.flc-adg.pages.dev
api-gateway.umami.dev
cloud.umami.is
d1l6p2sc9645hc.cloudfront.net
data2.gosquared.com
region1.google-analytics.com
userstatics.com
www.googletagmanager.com
172.66.44.167
172.67.171.116
188.114.97.3
2001:4860:4802:32::36
2600:9000:2490:e400:f:fd8f:b000:93a1
2a00:1450:4001:827::2008
34.234.8.4
76.76.21.164
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115
31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd
426eec34428ca37958c3697503680648f7d9658ae0fe6300e80ddc17797ceb85
436ecc90fab5ed1034b68a4a0e924e0132d93d9e7fb59b4fe23018eb7d9242c1
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
4a3c66e92331e7b83c1d46b076662652722338443347efc01312618ba875426c
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977
6288a0cb00e38661a7b14d04dcbedc5eada34ed5d23a04db50e7b86f14dfbe7d
63438ac53941d537540dd5687ab8c1f1319509a2f6c419731d5e21cd3a850796
6d31f56a187f8eb110311203d9bea6694b2efe0aa5a868c72f13f388619d3de8
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7fd467d27ef40cdaed73685e3d55006dd24a34223c2183d8d805f94f17b3aa1d
9225f49635ead956a8c84989820662ae58471c6bd56c38a34b4f6bfd92f3fa72
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
a6a0fc4c25e3eb50bc3c9b1c49e187922f87ef98523474655ac47f397e415065
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
c24a65ac901ef285ee99d016d2eaebcdbadf171639d8857dd7ff6a9458ab2b6c
c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41
ce26d1b76dae2f3b5d0ccc8d0ecd88d2edb411101b8a4c5edc4d9aa7008c9b04
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e429cb154e56b90ec4f5179b1402f78f6dd73dda94198e5a1fa4d5003bdf6199
ea5a81f5881bce2d303b820cd09d4a0a96981295b5161693e58942a1c7e59f28
eb2ad463e0fd390d63acc0e4e0c064cd787cab3ee5711fc9e6e203ad1429d4c0
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fb48873e81d9d3a8d35b1b7a32c524d0f6e4ce291c4329536e046eb89d08874e