urlscan.io logo urlscan.io
SecurityTrails logo

medialysticos.live Open in urlscan Pro
2a06:98c1:3121::c  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ec2-18-205-241-233.compute-1.amazonaws.com/MMRB7T5sRSWa4.hsppuzcpk?gAAAAABjKcC6r6_7tmClwgjLNJgmuwfMy3zP3WwmnrdsksG9-4zStyYIJJl6SYXhbIJQzb6L...
Effective URL: https://medialysticos.live/?s1=350524&s2=815918204&s3=2275&s4=0&ow=&s10=739
Submission: On September 29 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 33 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is medialysticos.live.
TLS certificate: Issued by GTS CA 1P5 on September 14th 2022. Valid for: 3 months.
This is the only time medialysticos.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 18.205.241.233 14618 (AMAZON-AES)
1 141.98.5.229 8100 (ASN-QUADR...)
27 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
33 6
1    18.205.241.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-241-233.compute-1.amazonaws.com
ec2-18-205-241-233.compute-1.amazonaws.com
1    141.98.5.229 (Bulgaria)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
neviwings.com
27    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
medialysticos.live
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
27 medialysticos.live
medialysticos.live
5 MB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
113 KB
1 gstatic.com
fonts.gstatic.com
18 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2852
349 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
1 KB
1 neviwings.com
neviwings.com
392 B
1 amazonaws.com
ec2-18-205-241-233.compute-1.amazonaws.com
288 B
33 7
Domain Requested by
27 medialysticos.live neviwings.com
medialysticos.live
2 www.googletagmanager.com neviwings.com
www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com medialysticos.live
1 neviwings.com
1 ec2-18-205-241-233.compute-1.amazonaws.com 1 redirects
33 7

This site contains no links.

Subject Issuer Validity Valid
neviwings.com
R3		 2022-09-19 -
2022-12-18		 3 months crt.sh
*.medialysticos.live
GTS CA 1P5		 2022-09-14 -
2022-12-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://medialysticos.live/?s1=350524&s2=815918204&s3=2275&s4=0&ow=&s10=739
Frame ID: BB132A7A1073C91231B182FEBA33D74D
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Prämie ausstehend - Online Survey - Wir wollen Ihre Meinung!

Page URL History Show full URLs

  1. http://ec2-18-205-241-233.compute-1.amazonaws.com/MMRB7T5sRSWa4.hsppuzcpk?gAAAAABjKcC6r6_7tmClwgjLNJgmuwfMy3zP3WwmnrdsksG9-4zS... HTTP 302
    https://neviwings.com/0/0/0/b1fcb2ef9590755fa9e388b9ec1d9932/1_511086_2617668/2509_2286562_3697563... Page URL
  2. https://medialysticos.live/?s1=350524&s2=815918204&s3=2275&s4=0&ow=&s10=739 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

5511 kB
Transfer

6242 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ec2-18-205-241-233.compute-1.amazonaws.com/MMRB7T5sRSWa4.hsppuzcpk?gAAAAABjKcC6r6_7tmClwgjLNJgmuwfMy3zP3WwmnrdsksG9-4zStyYIJJl6SYXhbIJQzb6LSXjsScOu7OUTXVF21giA1O6BLS92RSxk6DNve_8rHI9_03knrmyFFzNsJ-z1mD3RC4Hcfw1qdkB5ER1qzJx8zZ1nSg== HTTP 302
    https://neviwings.com/0/0/0/b1fcb2ef9590755fa9e388b9ec1d9932/1_511086_2617668/2509_2286562_3697563_8/624567722_80-255-7-104 Page URL
  2. https://medialysticos.live/?s1=350524&s2=815918204&s3=2275&s4=0&ow=&s10=739 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ec2-18-205-241-233.compute-1.amazonaws.com/MMRB7T5sRSWa4.hsppuzcpk?gAAAAABjKcC6r6_7tmClwgjLNJgmuwfMy3zP3WwmnrdsksG9-4zStyYIJJl6SYXhbIJQzb6LSXjsScOu7OUTXVF21giA1O6BLS92RSxk6DNve_8rHI9_03knrmyFFzNsJ-z1mD3RC4Hcfw1qdkB5ER1qzJx8zZ1nSg== HTTP 302
  • https://neviwings.com/0/0/0/b1fcb2ef9590755fa9e388b9ec1d9932/1_511086_2617668/2509_2286562_3697563_8/624567722_80-255-7-104

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
624567722_80-255-7-104
neviwings.com/0/0/0/b1fcb2ef9590755fa9e388b9ec1d9932/1_511086_2617668/2509_2286562_3697563_8/
Redirect Chain
  • http://ec2-18-205-241-233.compute-1.amazonaws.com/MMRB7T5sRSWa4.hsppuzcpk?gAAAAABjKcC6r6_7tmClwgjLNJgmuwfMy3zP3WwmnrdsksG9-4zStyYIJJl6SYXhbIJQzb6LSXjsScOu7OUTXVF21giA1O6BLS92RSxk6DNve_8rHI9_03knrmy...
  • https://neviwings.com/0/0/0/b1fcb2ef9590755fa9e388b9ec1d9932/1_511086_2617668/2509_2286562_3697563_8/624567722_80-255-7-104
138 B
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://neviwings.com/0/0/0/b1fcb2ef9590755fa9e388b9ec1d9932/1_511086_2617668/2509_2286562_3697563_8/624567722_80-255-7-104
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.98.5.229 , Bulgaria, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
138
content-type
text/html; charset=UTF-8
date
Thu, 29 Sep 2022 14:37:03 GMT
server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Sep 2022 14:37:01 GMT
Location
https://neviwings.com/0/0/0/b1fcb2ef9590755fa9e388b9ec1d9932/1_511086_2617668/2509_2286562_3697563_8/624567722_80-255-7-104
Server
Apache
Primary Request /
medialysticos.live/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/?s1=350524&s2=815918204&s3=2275&s4=0&ow=&s10=739
Requested by
Host: neviwings.com
URL: https://neviwings.com/0/0/0/b1fcb2ef9590755fa9e388b9ec1d9932/1_511086_2617668/2509_2286562_3697563_8/624567722_80-255-7-104
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ffa573838c907308f814503c6e07b9c9e2a37ad2a0d58cfb09bf14f02149d07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://neviwings.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
75257461adcd8fe0-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Sep 2022 14:37:03 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRMJCmCJ%2Fzlhth9Pt7qZoao1BtUmZ4JmvETGfPn4TKS7AaTDrpTvGjZ1W%2B%2F0uBe930Qo1raq%2FmSrXl4SectgM8vZ%2BNRmZumdf%2FVQ97W75V4SglfreQOx4Kiyvz11YgCsxE%2BTF99IoXwdA2OHyBBE4Nw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
6c418369dbe6a7c9e15b9f072512ca85
medialysticos.live/ 		239 KB
54 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85?_ax=w
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350524&s2=815918204&s3=2275&s4=0&ow=&s10=739
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c664105704c5c66b85fb299173c8c8f66d13d439845eeb5018602d43d933147f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhtuxi6FKhq9kdxI2WScBcKamXCV%2BTW63D93pafYIvt75RO%2FBG7O%2FhPFeynbZ2PHTN1zC0%2FgD0Gq9u2Hr07ksmAcGbslYxfflTXRVelb9%2BzwLbsSXipKzoZ5lrSBk07TpBSoxEB5%2Fs7Sdl%2F%2BjnOu7%2Fc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
752574650c048fe0-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
bootstrap.min.css
medialysticos.live/assets/js/vendor/bootstrap/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/js/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350524&s2=815918204&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1L0dNThuFJZRLOdCeBJo9a0wY8C%2FtjQDUUknQBvi4%2FOYUfsVRt0pypKBib6q81qvYfzqmx3X38BgMJbEjlEXPmVAUykNid7i0bckwONLQojOMSkuNSgI%2BsxAr7IxY1hmIVx8Y1p4Ix4w1e8KGaE5%2B8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75257469bb189134-FRA
expires
Tue, 04 Oct 2022 15:08:55 GMT
all.css
medialysticos.live/assets/vendors/fontawesome/css/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/vendors/fontawesome/css/all.css
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350524&s2=815918204&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNwTQZWqvXUAr%2FCFBKklbyFm%2BPKuu3ZkJQ8RqGEDvu6JNpzi%2BBsAVoaWsO%2BQ7KG7zeFFbtz5dYsaQjTlN%2F3lU3X%2FY%2BYKJfEMjYd1GjpqQxe9Ae0C5kutZaRdHHnuj4LAN7NGl9JrZR77roYCaRpV%2B88%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75257469bb1c9134-FRA
expires
Tue, 04 Oct 2022 15:08:55 GMT
common-hybrid.css
medialysticos.live/assets/css/legacy/dist/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/css/legacy/dist/common-hybrid.css?v=997a90d7b6846a029114e507d6119288
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350524&s2=815918204&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
442e63845d930f59ce5bd67f92ea462f769931cae5f53f290bfeda0d9965218e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 26 Sep 2022 20:48:44 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXpyap%2BR0QQAwOkTx35UTSzQGTWnxnaOBb9AgdIjgwp8u1AwcXqqfhS7vIb5%2BGKwxWfeDalNYPgeQOf56igCj9ui2Ac0weiOHh5lTyOxapu%2BA0tqYcyQxAfj83pDD5MeAX0%2BA91kBRNp4HPqVRUltTw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75257469cb239134-FRA
expires
Thu, 06 Oct 2022 14:37:05 GMT
1.3-hybrid.css
medialysticos.live/assets/css/legacy/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/css/legacy/1.3-hybrid.css?v=997a90d7b6846a029114e507d6119288
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350524&s2=815918204&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8f312054de522489129b95a3630cf1ad4fe7314e3d0a01a43e51a6b42405042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 30 Aug 2022 16:56:50 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18Dnd31sxoOdhDCLB2FqRjyjmbu1f%2Ff%2FbvYmT5ZpICezUj5I922XsBAZTV5TTYDBoni0EsxKLLqWTdf49Q8JlaRCT1lctHg5bNXfT1Ua0KQww%2BdYcIIxQjpY0zZR0RENb9HumRzZYgZ78M0%2BGiQ4G3o%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75257469cb2b9134-FRA
expires
Thu, 06 Oct 2022 14:37:05 GMT
jquery-3.4.1.min.js
medialysticos.live/assets/js/vendor/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/js/vendor/jquery-3.4.1.min.js
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350524&s2=815918204&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4DlwfWPtyZ%2BZRKnz4q6TEolasL64OI2%2FLebfcuKXbgOqTVdqsuDpXtPJcd%2F6fOvIedCp%2F%2B8ZBtOMAPX2HoB%2Fc52ER52ool6FFn8IQrHys4REv%2FTHTOmc%2BQAVB%2BgiPFaIgelSwpjnikcKna2QxCV1No%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75257469cb2d9134-FRA
expires
Tue, 04 Oct 2022 15:08:55 GMT
bootstrap.min.js
medialysticos.live/assets/js/vendor/bootstrap/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/js/vendor/bootstrap/js/bootstrap.min.js
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350524&s2=815918204&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQnR70sqs8m4N1qyxsEoCo%2BhHioXPYNquw7N4DeWNszgiLY5dnCuub32shkklTaNKpnuAozq5S631LCdjjfnOdCKJBqUtOleWGmG8HQxr9Oe2L%2Fy0UIFbZq4Bicg3eZsLBRGS0PlIlXrShszNfJGzb8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75257469cb2f9134-FRA
expires
Tue, 04 Oct 2022 15:08:55 GMT
functions.js
medialysticos.live/assets/js/ 		495 B
755 B 		Script
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/js/functions.js?v=997a90d7b6846a029114e507d6119288
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350524&s2=815918204&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1889b6974dcdd299f94f8fbf28ac3b73ec7fc5be2dc1686bca0eef1aa0716eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 26 Sep 2022 20:48:44 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMo3s6Tj4xWob6HOhjCluP0Ae00KomZ8VsZ87Me7ppc8mN2gyTdMDqYpIr1nJURDtghT8uandy32l8QL2ij9UXvo1JQdIH0wt6jvyeQ%2FNysyX8xKcGOq9SNVzFjpcVkrCIxfu9XO2cxbcYnrOGOH9KI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75257469cb319134-FRA
expires
Thu, 06 Oct 2022 14:37:05 GMT
common-hybrid.js
medialysticos.live/assets/js/legacy/dist/ 		91 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/js/legacy/dist/common-hybrid.js?v=997a90d7b6846a029114e507d6119288
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350524&s2=815918204&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29f24c3d2069cc3551aa1c3f1eaabbe01cf96e051c283cf09e72dce334e9a80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 15:09:21 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkP7S6ojCXTmx4NzGcGFSktVeLeLgtMAX3FvQmGrLdjPbGNUVBy9JgnJQCErbRPuvvnpRr5hUG9srmAG%2FYY1s9P%2F9zuHsU5a8yvKocInRyAzyC6ckNGvhaXSOvKbNFjm4pdblxU8HwJZcXsbrxHTBYA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
75257469cb339134-FRA
expires
Thu, 06 Oct 2022 14:37:05 GMT
gtm.js
www.googletagmanager.com/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Requested by
Host: neviwings.com
URL: https://neviwings.com/0/0/0/b1fcb2ef9590755fa9e388b9ec1d9932/1_511086_2617668/2509_2286562_3697563_8/624567722_80-255-7-104
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
01c281bd16c02ed02d26626a673f0a64718fd39854a01fee7c9c6af26292897a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40468
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Sep 2022 14:37:05 GMT
js
www.googletagmanager.com/gtag/ 		208 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b3313447c079f30cce385782b9d6e90ea97210ed2be4b66a0d5b8670f87899d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74907
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 29 Sep 2022 14:37:05 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/assets/css/legacy/dist/common-hybrid.css?v=997a90d7b6846a029114e507d6119288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f2de36054525c7a25f6b4ca1447f762169a97d0f11593cf0f8f254880f4c2bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Sep 2022 14:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 14:37:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Sep 2022 14:37:05 GMT
collect
region1.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DKB9VH2QW4&gtm=2oe9q0&_p=1321330882&cid=1393017748.1664462225&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664462225&sct=1&seg=0&dl=https%3A%2F%2Fmedialysticos.live%2F6c418369dbe6a7c9e15b9f072512ca85&dr=https%3A%2F%2Fneviwings.com%2F&dt=%5B1%5D%20Pr%C3%A4mie%20ausstehend%20-%20Online%20Survey%20-%20Wir%20wollen%20Ihre%20Meinung!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 14:37:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medialysticos.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
de6f13f81bb4b25eab953f18ea2f63c0.png
medialysticos.live/fim/739-DE/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/de6f13f81bb4b25eab953f18ea2f63c0.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1870
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41556
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 14:01:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OH7oSxc0fjerwTVhu3VyBM%2Ff5u%2Bj8zOPFhuV%2B7Akt5MnyRcEd8xHvDV2UDkvTB5CaKOnKPBlVfCy8KDZi%2FqKW3kbd4B71CdJwnUiBt5SH7nCu0XSwQ0B%2Fm9iFONWjH5hcyf%2BGs9v%2FOlwJ5uV3AG9R4E%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e7d6a9134-FRA
expires
Thu, 06 Oct 2022 14:05:54 GMT
78c7ec6b67449966a4ca209b8687ad2b.png
medialysticos.live/fim/739-DE/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/78c7ec6b67449966a4ca209b8687ad2b.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
329f79c0441a8516e75e17ea8a736903a739d32f97b35af8b5f6ed72a76173d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1871
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7881
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 14:01:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olW73PbzYUesix70YNFo%2B2aqCZ%2FgGXkVHg7ZRCuQ5JV06tSloqYNK8V151tAZeG4VqJYWXR9kCdxX6QlbsWInpFHIhGjLYbdrl0qd1KhXJ6UOD7Y1LYnQ%2B83AFDH2w3ihZSuDNodSfLJ3cEtBdYcOA0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e7d6d9134-FRA
expires
Thu, 06 Oct 2022 14:05:54 GMT
294895cc0781373b7f0192de2c604eb1.gif
medialysticos.live/fim/739-DE/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/294895cc0781373b7f0192de2c604eb1.gif
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1870
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15537
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 14:01:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/gif
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCjyEIkPNtlm2bR9BPogDwkvQg7v36Blgtbo5gfOC2wQCTYRmyhAQv5ABfA8S%2BicoTKmduVAfYBvrvmEsEz5Kft7es3C%2Bb6wLnErm%2BCejHLWavfE4W0GxBemaR1Y%2Fjxpk7aFa2hCJgM0PYswPXVCJKE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e7d709134-FRA
expires
Thu, 06 Oct 2022 14:05:54 GMT
3919c5c1b14edd991b82a7b34bc76dea.png
medialysticos.live/fim/739-DE/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/3919c5c1b14edd991b82a7b34bc76dea.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1871
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1714
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 14:01:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgGEwgSVIH5Y5EGwuOPL7q5BBSKE2ubGDYT17qw9LSG7L5mEb7kqFJqKa43SjMNIS1%2BDb%2FsQnwxkpoOXfR0OLqFYdEBlsZ3M6rB2oWnTp8SCO9%2FiqTWbyghA4%2F7ZfIDbpX9XLEBwjYsb95H2TVnMWoI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e7d719134-FRA
expires
Thu, 06 Oct 2022 14:05:54 GMT
980b274bb6d49653f04712b15f46e43b.png
medialysticos.live/fim/739-DE/ 		569 KB
569 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/980b274bb6d49653f04712b15f46e43b.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83f11d0273ff41fabc4c3cc6a78c3df3a666ba0d06055858c1d496bbab669bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
582286
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 14:37:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDIjLsxshA8%2FXhAbZmIrDH3zfuV%2FPHmK4TT0PDUOfN2mY93EaPR%2F1AJgJXc1h1j7c5vR5FgGsTvSkwvtGBF35KEgOSfA%2B9981jgEVrJ2W%2FlxMuA1Ly3Pb8K7esO%2FXFEwTirwhbA54%2FUy8Rk9Wy9SA5k%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e7d789134-FRA
expires
Thu, 06 Oct 2022 14:37:05 GMT
50fd130f2148e78dd5fd8e270b6a6e92.png
medialysticos.live/fim/739-DE/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/50fd130f2148e78dd5fd8e270b6a6e92.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1871
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8047
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 14:01:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGR1VwhrazFLjtGhBHREVlXY7Nhk%2F%2BhTGIRYHhCfMD%2Bk8O3iyyhfwrY9P8TK2%2BfQ8%2Bbjyf5jwZVPxwibQocmc4cEaTVuDoezuQrtfjnHI2k%2FFQDXBBGafwCa%2FrNr1qaH1gxZNri%2BrJ4SJfJmHk3bpek%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e7d7a9134-FRA
expires
Thu, 06 Oct 2022 14:05:54 GMT
c20c361b381cec0b1d061c3af275216b.png
medialysticos.live/fim/739-DE/ 		822 KB
822 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/c20c361b381cec0b1d061c3af275216b.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c59a8e9d701d301a763bc11ad489cc34870a63ad3d41e6b6347b5b4050517bb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
841551
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 14:37:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMuHUhwn%2BZ3HbC54%2FTRy0ZbXv5O9k21Y5H3%2Fe3WpwzSVug4VRoH6mYGRrlRJq0b%2Bh2tYZu8VDmwek5QsE5nYN3BZMHvV3IjIS7r%2F%2Fwga2SeAyWJqUMUAJkYzaFwjSZIN1fVlH55LV5yh62xcxi5naOE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e7d7e9134-FRA
expires
Thu, 06 Oct 2022 14:37:05 GMT
4df0a34a450e19a651d61844cc1e27d0.png
medialysticos.live/fim/739-DE/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/4df0a34a450e19a651d61844cc1e27d0.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad0615765bf17bdb85ae307eb8f9eee2e1fb0b600117bdd991a1efe9c834078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1385
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 14:37:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNYQdp6YDZkBzEtgWKZtzUw5XrBwkytUKT5%2FbkQxbCp5zfDNyltz0WpkClfqxLOSL30lxAWNoqTLZC%2BKLayncOpQwIcVunaaxSmsfB04nxfGxid2t9cL2Lm6AB3YdZ7iuMhG1RCMeuka3LayCnCR8Xk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e7d7f9134-FRA
expires
Thu, 06 Oct 2022 14:37:05 GMT
376b3eb5761259264b3104b305ed9664.png
medialysticos.live/fim/739-DE/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/376b3eb5761259264b3104b305ed9664.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74f321011aa03e4baee8be824cf5556cf7c9831fb66f1e8a08e5d76cfae74ba6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
932
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1770569
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 14:01:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2W7h69R3nfW5l6%2FhWGYXc349%2B9yVxIHJUwT%2FB15nZfqN8AZDJ%2BXIhv%2BgVyA7yiHHaPhasU9dVlnUUOdSRibSz%2BGSiqq1I2ccBE0bVuMnHs8xdJ32wWzdCjXfWOJxEYU%2FgVNJnaoMGR3FI2QTefs8mQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e7d829134-FRA
expires
Thu, 06 Oct 2022 14:21:33 GMT
f2fe172098eb3c7d48f0399fb7588d60.png
medialysticos.live/fim/739-DE/ 		404 KB
405 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/f2fe172098eb3c7d48f0399fb7588d60.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba98eecff8a45afcc8b229c02fa6eefff2f42f467c65298a1816a0e16318c2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
414206
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 14:37:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJvnHu8kQ3fRUKuLt%2BIxBc7UdKjrLDOmqyQU%2FSgqdYzS6ECE4%2Fzq6ESRUK06bDM9Cy%2F38sP9S1kipGKxRyDY%2FYDkDzZ%2Fy39d9eLiJ1cg96bZsLokO6igR%2BaGemQLHcya8Rhetot2v3qFWWp15RoE1CA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e7d859134-FRA
expires
Thu, 06 Oct 2022 14:37:05 GMT
8a32dcee2ff5a098bb0a7ead94a1b004.png
medialysticos.live/fim/739-DE/ 		624 KB
625 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/8a32dcee2ff5a098bb0a7ead94a1b004.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
585662abad2714da115fbc951be87c788694b9d07f8e189f91cf2e256d4f0eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
639034
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 14:37:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nNjj31X8%2FIgrEtV7WRxGN3wUNUZ2AlkRtLIhy0I60PC1lD3E0VvlHp3IOVapUjH4PaWIZedQrul58%2F99LDs6p3BCdcXPawDn6BNbcq1lpVUsgNlggTThMF%2FFHZlqxooXdQxIRJ%2BQ%2Bkb5Fxb2HHBBSk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e7d869134-FRA
expires
Thu, 06 Oct 2022 14:37:05 GMT
63c0656d240397fe26fbcd2deaacdd44.png
medialysticos.live/fim/739-DE/ 		882 KB
883 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/63c0656d240397fe26fbcd2deaacdd44.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a87b493459cac48add828b9ea2772c3cef6998ee1f5ce7bcc8ec2f53e7729e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
903310
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 14:37:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYnVf4RHyFkGZe%2FrHV%2BYJ4NdtCHHn8kTdK9Zj43iSK8vDKId18dFBMRgjgElmBupjLqxLceBSOoGp6ABETvDFq9sFpjh350EeyL9j507K76FA%2BcpnJtuI0fpCHnFH3ERF0EDtQIzogF32embQTKKogc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e7d8b9134-FRA
expires
Thu, 06 Oct 2022 14:37:05 GMT
a556f287d5fde0c97847c68adb59a18f.png
medialysticos.live/fim/739-DE/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/a556f287d5fde0c97847c68adb59a18f.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4604e524a2131ee561e13c9fe760267a0bbc64ca91027ab92fd355ff4dc1514d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1120
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 14:37:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKt1ymUFmFNK%2FNFzZJ%2B3WkX2Cod1O2VYCma%2FFU%2FZgecTHT8SRYtj%2Fe4JEbmkfhMHoeLXMds3Is00sN05jDQmXifAVYYq%2F1NsZaCDtvMrQFGBxUCiJLnug5R1ayoPY9RhAPRThOpW9JBE1IRKJaYoLMo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e7d8d9134-FRA
expires
Thu, 06 Oct 2022 14:37:06 GMT
f0e50aaca712a3f9ba35735d1c19bc05.png
medialysticos.live/fim/739-DE/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/f0e50aaca712a3f9ba35735d1c19bc05.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1871
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 14:01:51 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDj%2F%2Bfp%2Fc7%2BcWbd3J%2FAT2IoGHshnJh2vNiotewrzrK6sAAqgmc4aR4a429STonHNn1hJU67Bmi%2BVFZUFpChz%2FlMTWyqBAiaOs7bWXeX%2B7Gv8HqM1x752g%2FwXSczjQFLOrj9XAWnAG5pvbizvG7VS6v4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e7d8e9134-FRA
expires
Thu, 06 Oct 2022 14:05:54 GMT
6c418369dbe6a7c9e15b9f072512ca85
medialysticos.live/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/6c418369dbe6a7c9e15b9f072512ca85
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bw0CogQxSYzeyaLCNvE4bYSUSXzuzRXNQdWLXH7NvX0CKk69ZTAHQXcg45RP8gtFF%2BnpNm1PVGvI%2BA1YteKgRmZghIfe9XHlfQm7VDD6r0kmhQus1Asa3mqbAHu1W9BD9UfEjaTHX%2BiSIRxY0pwPx7o%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7525746e9dbe9134-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medialysticos.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 21:03:39 GMT
x-content-type-options
nosniff
age
63206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18260
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:03:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 21:03:39 GMT
fa-solid-900.woff2
medialysticos.live/assets/vendors/fontawesome/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medialysticos.live/assets/vendors/fontawesome/css/all.css
Origin
https://medialysticos.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80252
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j19w1dngbXOI2g%2BLfpm7vLncIktA0MnrqbZMJ2n707NJgfIc%2FK3e6sJtWLlE3P%2FJ0OpOhA9Pp4C9mkXQKYjdeJ3nLWiOaBuCIcNW0GIbHFktHgPoIudLbi1n2JVrqvhmkd6SayzgHuUebvJT0UxmCZ4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e9dcb9134-FRA
expires
Tue, 04 Oct 2022 15:08:57 GMT
fa-regular-400.woff2
medialysticos.live/assets/vendors/fontawesome/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/vendors/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medialysticos.live/assets/vendors/fontawesome/css/all.css
Origin
https://medialysticos.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:37:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
170888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13588
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJpbT7WuCWLFCr6MYID4tWRghpJydptceuCQx5Wvz1UvxNMYf5yeQO4Z1jcw6u5MfPWRwfdaYvJIu2s%2FSrCzt%2FcWm6ROcZs3wWmd7Rctk1tspwMLI36c5SIdQOGOHLGEBav%2Bgl%2FMKOi6UHsar5ZmwW8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7525746e9ddd9134-FRA
expires
Tue, 04 Oct 2022 15:08:57 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| _0x1732 function| _0xc10f object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| _0xc88e function| _0xe60c function| $ function| jQuery object| bootstrap function| startTimer number| duration object| _0xc2e function| _0xe76c string| LNG string| CMP string| CNT string| BID string| API_URL object| _0xc42e function| _0xe54c object| currentdate object| months function| a0_0x32831c string| attrChoices string| domain string| pipeline string| zipcode string| state_selected object| states function| birthdayFill function| a0_0x5d89 function| beforeShowQuestion function| a0_0x299f function| showOfferWall function| createQuestion function| sendOf function| popunder function| runT function| replaceUrlParam function| startsurvey function| nextQuestion function| formatPhoneNumber function| overflowP function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| startSurveyU function| switchTypeQuestionsU function| nextQuestionU function| showOfferWallU function| validateData function| showStreetStateU function| showDisclaimer function| preventS string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| emailURL string| phoneURL string| zipcodeURL string| cityURL string| stateURL string| languageCode string| countryCode string| popUrl function| putVarCommon object| _0xc64e function| _0xe99c object| _0xc39e function| _0xe87c number| answered number| prevProgress number| stepsTotal number| progress string| cheerstx string| txt function| cheers

4 Cookies

Domain/Path Name / Value
neviwings.com/ Name: uid2275
Value: 815918204-20220929103703-f70b78f1499b6958c87bd4b873f4f067-0
medialysticos.live/ Name: PHPSESSID
Value: 5ca08a74beb558b08b582738b39d456a
.medialysticos.live/ Name: _ga_DKB9VH2QW4
Value: GS1.1.1664462225.1.0.1664462225.0.0.0
.medialysticos.live/ Name: _ga
Value: GA1.1.1393017748.1664462225

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ec2-18-205-241-233.compute-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
medialysticos.live
neviwings.com
region1.google-analytics.com
www.googletagmanager.com
141.98.5.229
18.205.241.233
2001:4860:4802:34::36
2a00:1450:4001:812::2003
2a00:1450:4001:829::2008
2a00:1450:400d:807::200a
2a06:98c1:3121::c
01c281bd16c02ed02d26626a673f0a64718fd39854a01fee7c9c6af26292897a
0ad0615765bf17bdb85ae307eb8f9eee2e1fb0b600117bdd991a1efe9c834078
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
17a87b493459cac48add828b9ea2772c3cef6998ee1f5ce7bcc8ec2f53e7729e
1889b6974dcdd299f94f8fbf28ac3b73ec7fc5be2dc1686bca0eef1aa0716eac
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
329f79c0441a8516e75e17ea8a736903a739d32f97b35af8b5f6ed72a76173d4
442e63845d930f59ce5bd67f92ea462f769931cae5f53f290bfeda0d9965218e
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
4604e524a2131ee561e13c9fe760267a0bbc64ca91027ab92fd355ff4dc1514d
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4ffa573838c907308f814503c6e07b9c9e2a37ad2a0d58cfb09bf14f02149d07
585662abad2714da115fbc951be87c788694b9d07f8e189f91cf2e256d4f0eb7
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6f2de36054525c7a25f6b4ca1447f762169a97d0f11593cf0f8f254880f4c2bc
74f321011aa03e4baee8be824cf5556cf7c9831fb66f1e8a08e5d76cfae74ba6
83f11d0273ff41fabc4c3cc6a78c3df3a666ba0d06055858c1d496bbab669bda
8b3313447c079f30cce385782b9d6e90ea97210ed2be4b66a0d5b8670f87899d
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
a29f24c3d2069cc3551aa1c3f1eaabbe01cf96e051c283cf09e72dce334e9a80
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
ba98eecff8a45afcc8b229c02fa6eefff2f42f467c65298a1816a0e16318c2f7
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
c59a8e9d701d301a763bc11ad489cc34870a63ad3d41e6b6347b5b4050517bb0
c664105704c5c66b85fb299173c8c8f66d13d439845eeb5018602d43d933147f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f8f312054de522489129b95a3630cf1ad4fe7314e3d0a01a43e51a6b42405042