1.4thbackupdomain.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 1.4thbackupdomain.com/api2/app/6898/	3 KB 2 KB	211ms 140ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1.4thbackupdomain.com/api2/app/6898/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash edbe1b5a90f8b62d31a797173f4dfb8110f1716cd745206badab3152e83e7284 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control public, max-age=0 cf-cache-status DYNAMIC cf-ray 774f9666bf02b8ca-AMS content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 05 Dec 2022 20:38:48 GMT last-modified Tue, 25 Oct 2022 18:26:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3Q%2Fz6rTZAgc6iuzqXOJLxJH43zOsaHEbB30mk7%2BoJgnYdEKkONJBgAnGBfLxUqrEbLoRb7zHx9%2F4WwGnZMENpczDlSoZZunbv2GZoFK4V34yDbazU1cRrK2YYwC73hAlYQhVo6cbZHUQTUT5NcpN2Y%2BTXU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by Express
GET H2	200	weglot.min.js Show response cdn.weglot.com/	78 KB 27 KB	132ms 37ms	Script application/javascript	2600:9000:20eb:7200:1:28b3:b280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/weglot.min.js Requested by Host: 1.4thbackupdomain.com URL: https://1.4thbackupdomain.com/api2/app/6898/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:7200:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c43274601636695fe0b034e2597c92dbd2dbaee1a80f35ce9d9d5cb43b365e4e Request headers accept-language nl-NL,nl;q=0.9 Referer https://1.4thbackupdomain.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-amz-version-id null content-encoding gzip via 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront) date Mon, 05 Dec 2022 20:12:05 GMT last-modified Wed, 30 Nov 2022 11:39:09 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 age 1604 etag W/"6ffd4e4fa3add9a543740238410d021c" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control max-age=1800 x-amz-cf-id _RlSiXJyMKFxp4SPywJH6iEQbK0-RDQjqDIwfGFY39Zb8GjrZ11wxQ==
GET H2	200	main.209947dc.chunk.css 1.4thbackupdomain.com/api2/app/6898/static/css/	1 KB 907 B	242ms 240ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1.4thbackupdomain.com/api2/app/6898/static/css/main.209947dc.chunk.css Requested by Host: 1.4thbackupdomain.com URL: https://1.4thbackupdomain.com/api2/app/6898/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash ac03cffc63e3a38abe03e0435cfcb2f0886fda99ddb0f994c82b2e5b3f49122a Request headers accept-language nl-NL,nl;q=0.9 Referer https://1.4thbackupdomain.com/api2/app/6898/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 20:38:48 GMT content-encoding gzip cf-cache-status EXPIRED last-modified Tue, 25 Oct 2022 18:26:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"452-18410650c62" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IF2zwrT1tCnS9RsWAiiVIaaoprrDi9WiPUqczgFIxzmxwca0SWMe%2FxnCUlajjE0fDeBetXNo8UN1nrZXIZ6ck6DO4fcKxWagdXfVKP0ESZLn1U2KTKuRPwK4J94RQjFEFXM%2FfvQ%2FBOHw7nB%2B0t%2Bjuqi258Y%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 cf-ray 774f9667a8cfb8ca-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	109 KB 43 KB	116ms 44ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-111584968-2 Requested by Host: 1.4thbackupdomain.com URL: https://1.4thbackupdomain.com/api2/app/6898/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a10653768e6100bd85d12de54586c6bc595817112e9d496cfa39e1cf70bd283f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://1.4thbackupdomain.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 20:38:48 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43642 x-xss-protection 0 last-modified Mon, 05 Dec 2022 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 05 Dec 2022 20:38:48 GMT
GET H2	200	2.697adae4.chunk.js Show response 1.4thbackupdomain.com/api2/app/6898/static/js/	130 KB 42 KB	589ms 588ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1.4thbackupdomain.com/api2/app/6898/static/js/2.697adae4.chunk.js Requested by Host: 1.4thbackupdomain.com URL: https://1.4thbackupdomain.com/api2/app/6898/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 64acfc5f4b84e54d8a2334a15ad4568728138a07a25b18af67d0f923486265fb Request headers accept-language nl-NL,nl;q=0.9 Referer https://1.4thbackupdomain.com/api2/app/6898/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 20:38:48 GMT content-encoding gzip cf-cache-status EXPIRED last-modified Tue, 25 Oct 2022 18:26:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"20800-18410650c62" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQ%2BSeD5PDAV2BSFTSeD7zzbb9FlRflE15MXG27U0IVDe19QcYzsZi0RM4A%2FANadWMhiSnYEA0ccE%2B9JZ0WTM2Q%2Fdub7Adn7ykKcE9V2ZVn65QL70bPqIyf437pRA2N6cZ3HYvH62MtQxI6ICzv%2B9HBF61uk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 cf-ray 774f9667a8d2b8ca-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	main.fb63a0a5.chunk.js Show response 1.4thbackupdomain.com/api2/app/6898/static/js/	2 KB 1 KB	240ms 239ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1.4thbackupdomain.com/api2/app/6898/static/js/main.fb63a0a5.chunk.js Requested by Host: 1.4thbackupdomain.com URL: https://1.4thbackupdomain.com/api2/app/6898/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash a72c941aa5ad11bced4995c96e1568fea7aac05918016a218971d24e803b3086 Request headers accept-language nl-NL,nl;q=0.9 Referer https://1.4thbackupdomain.com/api2/app/6898/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 20:38:48 GMT content-encoding gzip cf-cache-status EXPIRED last-modified Tue, 25 Oct 2022 18:26:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"8a8-18410650c62" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Frc%2FHynHxsc63D0zTrgwjGGRv472c%2BJRaDTKJDYdXFZDiEh48MFQyVFVc4aomKIDCo2455%2ByEA5SUfxcy3Leb5VhDiXlY%2FdJ1o%2BRqRTuh1aD1nYNDdQYLjD0DbSF8r9KY8S2Bu8e3OQltlMYCzQdHqn7GIA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 cf-ray 774f9667a8d4b8ca-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	c5745bb283a86a92d25d47b557c3ef6d3.json Show response cdn.weglot.com/projects-settings/	729 B 1 KB	102ms 33ms	Fetch application/json	2600:9000:20eb:7200:1:28b3:b280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/projects-settings/c5745bb283a86a92d25d47b557c3ef6d3.json Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:7200:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash eed088ff935946541e93c0e3015f81011011b2144c00f4cbeef91fcd58f724dc Request headers accept-language nl-NL,nl;q=0.9 Referer https://1.4thbackupdomain.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 30 Nov 2022 11:42:40 GMT x-amz-version-id null via 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront) last-modified Wed, 17 Aug 2022 10:27:55 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 age 464169 etag "a5bfd991cb8c648b01662854da4982b4" vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/json access-control-allow-origin * x-cache Hit from cloudfront content-length 729 x-amz-cf-id jHU4Q-TeS7XSr00wcU2CjBCUzSrW87bHqrhd5C_NWF5Vqb_MI7WEvQ==
GET H2	200	weglot.min.css cdn.weglot.com/	28 KB 5 KB	32ms 32ms	Stylesheet text/css	2600:9000:20eb:7200:1:28b3:b280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.weglot.com/weglot.min.css?v=4 Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:7200:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8eb91a0802b9e79aef3e47554a25b80de2f8ef73d3053b28c81820734179f4e9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://1.4thbackupdomain.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 01 Dec 2022 11:52:42 GMT content-encoding gzip via 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront) x-amz-version-id null last-modified Wed, 30 Nov 2022 11:42:00 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 age 377167 etag W/"b72cdd8118949f04803d561712cf0c5e" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css; charset=utf-8 cache-control max-age=2592000 x-amz-cf-id zvZSL_yQGDe0GgZ_1A7ry1FErAuHQ_c5LDVUq2ARO9DdHUnxLoMFRQ==
GET H2	200	datadog-logs-v4.js Show response www.datadoghq-browser-agent.com/	42 KB 14 KB	110ms 36ms	Script application/javascript	13.225.85.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.datadoghq-browser-agent.com/datadog-logs-v4.js Requested by Host: cdn.weglot.com URL: https://cdn.weglot.com/weglot.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.85.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-85-121.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 7900bdf8889a1bd9dd89e27c8f4a964f313101a3aa33bfd62f3a532c6dc3c42f Request headers accept-language nl-NL,nl;q=0.9 Referer https://1.4thbackupdomain.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 20:38:46 GMT content-encoding br via 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront) last-modified Tue, 22 Nov 2022 11:17:57 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 7 etag W/"039ee34f466506a157fdbfc5d2a3a956" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=14400, s-maxage=60 timing-allow-origin * x-amz-cf-id SjEMVJp86fQdP58pLiJ5PL78FaFp7P56Nly4D4q-BEBLlsRTuS0caA==
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	104ms 32ms	Script text/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-111584968-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://1.4thbackupdomain.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 05 Dec 2022 19:15:46 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 4982 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Mon, 05 Dec 2022 21:15:46 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	109ms 42ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=676285038&t=pageview&_s=1&dl=https%3A%2F%2F1.4thbackupdomain.com%2Fapi2%2Fapp%2F6898%2F&ul=en-us&de=UTF-8&dt=Hoxx.com%20Welcome%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1796337557&gjid=1213553430&cid=480098276.1670272729&tid=UA-111584968-2&_gid=59379111.1670272729&_r=1&gtm=2oubu0&z=819109400 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://1.4thbackupdomain.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 05 Dec 2022 20:38:48 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://1.4thbackupdomain.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	logo.png 1.4thbackupdomain.com/api2/app/6898/	6 KB 6 KB	236ms 235ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1.4thbackupdomain.com/api2/app/6898/logo.png Requested by Host: 1.4thbackupdomain.com URL: https://1.4thbackupdomain.com/api2/app/6898/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d46d96c75dcb42b472bd428de27a9118ac14573575ded44a6d2664efe599d999 Request headers accept-language nl-NL,nl;q=0.9 Referer https://1.4thbackupdomain.com/api2/app/6898/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 20:38:49 GMT cf-cache-status EXPIRED last-modified Tue, 25 Oct 2022 18:26:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"16e8-18410650c5e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBJHQvV1Ly3op1mEaES0h3rnwuLBQUVfgD%2FH5WKp%2BFB07lPnuXHLgEZDM%2BXSN%2BbLVd5kbtZ63iMgPFXl1zIVYkCSow33EtfpO0rq1bXk2SAq2Keh3I7qtbwOOHZqUTUx%2BgZE63NhfDFwyymr49rzxb4uyGM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 774f966b7fd70ea8-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5864
GET H3	200	poster-register.jpg 1.4thbackupdomain.com/api2/app/6898/	123 KB 124 KB	485ms 485ms	Image image/jpeg	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1.4thbackupdomain.com/api2/app/6898/poster-register.jpg Requested by Host: 1.4thbackupdomain.com URL: https://1.4thbackupdomain.com/api2/app/6898/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 12a4ecd05612776d738ff0246475b80b78c0bd0829c13574841285f3d44b8070 Request headers accept-language nl-NL,nl;q=0.9 Referer https://1.4thbackupdomain.com/api2/app/6898/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 20:38:49 GMT cf-cache-status EXPIRED last-modified Tue, 25 Oct 2022 18:26:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"1ec7d-18410650c62" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpSdzJ5Klx3i0kdH0dKEDPrRzbog%2F%2FK7EUqWgveNWfz6NTtrcfcT4SlH3LBskLefrb5XcV2LXU0a258GZ%2FzThtCZ4Isc9OURDAZ1Pv7Sc1Ga%2Fl8Wk9JJxyjpZVZOKDLTFLf1IEc5pjBaGhWETdOn%2FvHZifc%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=14400 accept-ranges bytes cf-ray 774f966b7fdd0ea8-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 126077
GET H3	200	poster-get-started.jpg 1.4thbackupdomain.com/api2/app/6898/	109 KB 109 KB	511ms 510ms	Image image/jpeg	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1.4thbackupdomain.com/api2/app/6898/poster-get-started.jpg Requested by Host: 1.4thbackupdomain.com URL: https://1.4thbackupdomain.com/api2/app/6898/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 9831d7e90f1a1443ff3ee955453bea6c98947b389f8017db47d9d8586f22299b Request headers accept-language nl-NL,nl;q=0.9 Referer https://1.4thbackupdomain.com/api2/app/6898/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 20:38:49 GMT cf-cache-status EXPIRED last-modified Tue, 25 Oct 2022 18:26:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"1b28a-18410650c62" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAo7%2FqEEstTg4I3svS36X8%2FA5pSJ6kWaPiwYu2FZ3txa36ncD8aiQMMlQmanvRmajwWROPelcoTUyZ1AOiqFxGACoX6EEq4Q9eLBGa7ZHaHfUMisdJaOBRcd8VzJtjIe7dMQg4JqW4ZwcaL7gwb1QNaL1TM%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=14400 accept-ranges bytes cf-ray 774f966b7fe10ea8-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 111242
GET H3	200	poster-close-account1.jpg 1.4thbackupdomain.com/api2/app/6898/	443 KB 444 KB	536ms 535ms	Image image/jpeg	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1.4thbackupdomain.com/api2/app/6898/poster-close-account1.jpg Requested by Host: 1.4thbackupdomain.com URL: https://1.4thbackupdomain.com/api2/app/6898/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 8f385655d9e31f345ae54436a52a6296a67165e9f828b5d6e85bf833b9ee7ecf Request headers accept-language nl-NL,nl;q=0.9 Referer https://1.4thbackupdomain.com/api2/app/6898/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Mon, 05 Dec 2022 20:38:49 GMT cf-cache-status EXPIRED last-modified Tue, 25 Oct 2022 18:26:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"6ed0d-18410650c62" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znADKjiKprh%2Fcxv6Hd3loCfhmIN54U2J00cCWtc79qd%2FwD%2BqML9QWUGLDKqnUIeKkPs2YZvdH7BVBWzrkES0nBoKmJjRtkpkyhBVrXweSJO%2F%2FG5HMp9zMTSY0kAOwRWVI4RD%2FDK2av9FK46Pt0U55qRyvYQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=14400 accept-ranges bytes cf-ray 774f966b7fe50ea8-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 453901
GET DATA	200 OK	truncated /	715 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	380 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	547 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	177 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	351 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	242 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Content-Type image/svg+xml

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| Weglot function| gtag object| dataLayer object| webpackJsonphx object| DD_LOGS object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.4thbackupdomain.com/	1970-01-20 17:33:52	Name: _ga Value: GA1.2.480098276.1670272729
			.4thbackupdomain.com/	1970-01-20 07:59:19	Name: _gid Value: GA1.2.59379111.1670272729
			.4thbackupdomain.com/	1970-01-20 07:57:52	Name: _gat_gtag_UA_111584968_2 Value: 1
			1.4thbackupdomain.com/	1970-01-20 07:57:53	Name: _dd_s Value: logs=1&id=c73cd252-1dee-435a-acae-415b8d53f358&created=1670272728617&expire=1670273628617

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.4thbackupdomain.com
cdn.weglot.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.googletagmanager.com
13.225.85.121
2600:9000:20eb:7200:1:28b3:b280:93a1
2a00:1450:4001:829::2008
2a00:1450:4001:829::200e
2a06:98c1:3120::3
12a4ecd05612776d738ff0246475b80b78c0bd0829c13574841285f3d44b8070
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
64acfc5f4b84e54d8a2334a15ad4568728138a07a25b18af67d0f923486265fb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7900bdf8889a1bd9dd89e27c8f4a964f313101a3aa33bfd62f3a532c6dc3c42f
8eb91a0802b9e79aef3e47554a25b80de2f8ef73d3053b28c81820734179f4e9
8f385655d9e31f345ae54436a52a6296a67165e9f828b5d6e85bf833b9ee7ecf
9831d7e90f1a1443ff3ee955453bea6c98947b389f8017db47d9d8586f22299b
a10653768e6100bd85d12de54586c6bc595817112e9d496cfa39e1cf70bd283f
a72c941aa5ad11bced4995c96e1568fea7aac05918016a218971d24e803b3086
ac03cffc63e3a38abe03e0435cfcb2f0886fda99ddb0f994c82b2e5b3f49122a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c43274601636695fe0b034e2597c92dbd2dbaee1a80f35ce9d9d5cb43b365e4e
d46d96c75dcb42b472bd428de27a9118ac14573575ded44a6d2664efe599d999
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
edbe1b5a90f8b62d31a797173f4dfb8110f1716cd745206badab3152e83e7284
eed088ff935946541e93c0e3015f81011011b2144c00f4cbeef91fcd58f724dc