user.xn--b1v335i.com Open in urlscan Pro Puny
user.鸢梯.com IDN
206.237.117.147  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response user.xn--b1v335i.com/	44 KB 12 KB	590ms 194ms	Document text/html	206.237.117.147 NEAROUTE Nearoute...
General Check archive.org Show headers Download Go to Full URL https://user.xn--b1v335i.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 206.237.117.147 , United States, ASN51847 (NEAROUTE Nearoute Limited, HK), Reverse DNS Software nginx / Resource Hash 2a91b29d9eefb9d8f7601c568dde1ff032f303fa88b1545054cb83ef290762fe Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html date Sun, 17 Nov 2024 06:52:08 GMT etag W/"66c4a05b-b098" last-modified Tue, 20 Aug 2024 13:55:39 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	js Show response www.googletagmanager.com/gtag/	322 KB 107 KB	201ms 109ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-7B4CZPTMMH Requested by Host: user.xn--b1v335i.com URL: https://user.xn--b1v335i.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 22a08fe567d07bca1571baf5271c9f6aa107b0c3e9dbdf9fbbb9f98dc8ae37bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Sun, 17 Nov 2024 06:52:08 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 17 Nov 2024 06:52:08 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 109591 x-xss-protection 0 server Google Tag Manager
GET H2	200	gtm.js Show response www.googletagmanager.com/	193 KB 70 KB	150ms 58ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NBQZ3Z9R Requested by Host: user.xn--b1v335i.com URL: https://user.xn--b1v335i.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3daa298ef10fb5cebd0a03489f725dcd0a2b03d92c60593ea2cb85b51065d55a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Sun, 17 Nov 2024 06:52:08 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 17 Nov 2024 06:52:08 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Sun, 17 Nov 2024 06:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 70694 x-xss-protection 0 server Google Tag Manager
GET H2	200	logo.png user.xn--b1v335i.com/	35 KB 35 KB	267ms 267ms	Image image/png	206.237.117.147 NEAROUTE Nearoute...
General Check archive.org Show headers Download Go to Show image Full URL https://user.xn--b1v335i.com/logo.png Requested by Host: user.xn--b1v335i.com URL: https://user.xn--b1v335i.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 206.237.117.147 , United States, ASN51847 (NEAROUTE Nearoute Limited, HK), Reverse DNS Software nginx / Resource Hash c2362a475597edc725331b2d000995f5e13cd8d1c12b01000d37f691ddd30085 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers strict-transport-security max-age=31536000 cache-control max-age=2592000 content-encoding gzip etag W/"66bc8a42-8c48" expires Tue, 17 Dec 2024 06:52:08 GMT date Sun, 17 Nov 2024 06:52:08 GMT content-type image/png last-modified Wed, 14 Aug 2024 10:43:14 GMT server nginx vary Accept-Encoding
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 11585ad8da8976c5854c1dcd57d922d3fc6324e4c9d975e61c30167e2cb0a64f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	favicon.ico www.vpacr.com//	25 KB 26 KB	592ms 189ms	Image image/x-icon	206.237.117.147 NEAROUTE Nearoute...
General Check archive.org Show headers Download Go to Show image Full URL https://www.vpacr.com//favicon.ico?1731826328646 Requested by Host: user.xn--b1v335i.com URL: https://user.xn--b1v335i.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 206.237.117.147 , United States, ASN51847 (NEAROUTE Nearoute Limited, HK), Reverse DNS Software nginx / Resource Hash c429f6ed5c5b715e488682052fbb0452832f0aca97ddd44203e30bced1b869b2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers strict-transport-security max-age=31536000 etag "66bc1aef-659e" accept-ranges bytes content-length 26014 date Sun, 17 Nov 2024 06:52:09 GMT content-type image/x-icon last-modified Wed, 14 Aug 2024 02:48:15 GMT server nginx
GET H3	200	favicon.ico demo.vpacr.com//	25 KB 25 KB	795ms 711ms	Image image/x-icon	172.67.203.246 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://demo.vpacr.com//favicon.ico?1731826328646 Requested by Host: user.xn--b1v335i.com URL: https://user.xn--b1v335i.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.203.246 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c429f6ed5c5b715e488682052fbb0452832f0aca97ddd44203e30bced1b869b2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers content-encoding zstd cf-cache-status MISS etag W/"66bc1aef-659e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oSz5A8k35%2BSej8d%2FpYMeRVAto7j1%2Fsy%2FnAUxb%2BKp5Bpu0xOFfql7frTyOY6XNJnYL%2BLTouwhZUP98V%2FjW%2BtqPp9X2bb1FHTFB7HCMaueTyT54pyXAnOMt7F23UVMRy837w%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=37076&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4157&recv_bytes=4452&delivery_rate=445&cwnd=12000&unsent_bytes=0&cid=b79b0dabde356586&ts=716&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 17 Nov 2024 06:52:09 GMT content-type image/x-icon last-modified Wed, 14 Aug 2024 02:48:15 GMT vary Accept-Encoding priority u=3,i strict-transport-security max-age=31536000 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e3dcbdaadb83655-FRA server cloudflare
GET H2	200	favicon.ico www.xhjfq.com//	25 KB 26 KB	675ms 202ms	Image image/x-icon	45.78.25.189 IT7NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.xhjfq.com//favicon.ico?1731826328646 Requested by Host: user.xn--b1v335i.com URL: https://user.xn--b1v335i.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.78.25.189 Hong Kong, Hong Kong, ASN25820 (IT7NET, CA), Reverse DNS 45.78.25.189.16clouds.com Software nginx / Resource Hash c429f6ed5c5b715e488682052fbb0452832f0aca97ddd44203e30bced1b869b2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers strict-transport-security max-age=31536000 etag "66bc1aef-659e" accept-ranges bytes content-length 26014 date Sun, 17 Nov 2024 06:52:09 GMT content-type image/x-icon last-modified Wed, 14 Aug 2024 02:48:15 GMT server nginx
GET H3	200	l.js Show response client.crisp.chat/	8 KB 3 KB	105ms 49ms	Script application/javascript	104.18.29.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/l.js Requested by Host: user.xn--b1v335i.com URL: https://user.xn--b1v335i.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 370d92637201ed662aff7bfc0fdf353d77c8463e432453be9dbd7ec4e3fd70c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers access-control-max-age 300 content-encoding br cf-cache-status HIT etag W/"64e73b34-21a6" age 57458 access-control-allow-methods HEAD, GET, OPTIONS x-content-type-options nosniff expires Mon, 18 Nov 2024 06:52:08 GMT alt-svc h3=":443"; ma=86400 date Sun, 17 Nov 2024 06:52:08 GMT content-type application/javascript last-modified Thu, 24 Aug 2023 11:12:52 GMT vary Accept-Encoding access-control-allow-headers Content-Type, Origin strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin access-control-allow-credentials false cf-ray 8e3dcbda8cdeaca7-TXL access-control-allow-origin * server cloudflare
GET H3	200	client.js Show response client.crisp.chat/static/javascripts/	369 KB 95 KB	83ms 83ms	Script application/javascript	104.18.29.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/static/javascripts/client.js?3718772 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/l.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 147266671b6250687f00c62a23eb92a4a0f673efb3a432a9c07305f992cfdea4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers access-control-max-age 300 content-encoding br cf-cache-status HIT etag W/"64e73b34-5c23a" age 57437 access-control-allow-methods HEAD, GET, OPTIONS x-content-type-options nosniff expires Wed, 15 Nov 2034 06:52:08 GMT alt-svc h3=":443"; ma=86400 date Sun, 17 Nov 2024 06:52:08 GMT content-type application/javascript last-modified Thu, 24 Aug 2023 11:12:52 GMT vary Accept-Encoding access-control-allow-headers Content-Type, Origin strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=315360000 cross-origin-resource-policy cross-origin access-control-allow-credentials false cf-ray 8e3dcbdadd59aca7-TXL access-control-allow-origin * server cloudflare
GET H3	200	client_default.css client.crisp.chat/static/stylesheets/	113 KB 14 KB	50ms 50ms	Stylesheet text/css	104.18.29.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/static/stylesheets/client_default.css?3718772 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/l.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6b811a23972c3cb26119c1b0e8258a05ef2cf89f0f9dc6adb380b0df65fb5d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers access-control-max-age 300 content-encoding br cf-cache-status HIT etag W/"672cd425-1c503" age 57437 access-control-allow-methods HEAD, GET, OPTIONS x-content-type-options nosniff expires Wed, 15 Nov 2034 06:52:08 GMT alt-svc h3=":443"; ma=86400 date Sun, 17 Nov 2024 06:52:08 GMT content-type text/css last-modified Thu, 07 Nov 2024 14:52:21 GMT vary Accept-Encoding access-control-allow-headers Content-Type, Origin strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=315360000 cross-origin-resource-policy cross-origin access-control-allow-credentials false cf-ray 8e3dcbdadd5aaca7-TXL access-control-allow-origin * server cloudflare
GET H2	200	js Show response www.googletagmanager.com/gtag/	322 KB 107 KB	70ms 69ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-7B4CZPTMMH&l=dataLayer&cx=c&gtm=45He4bc0v9183300272za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBQZ3Z9R Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e9b6646e83b23351b3621faa3b5573096db2fe156c3b278db2237800770958f5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Sun, 17 Nov 2024 06:52:08 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 17 Nov 2024 06:52:08 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 109530 x-xss-protection 0 server Google Tag Manager
GET H2	200	a www.googletagmanager.com/	0 270 B	45ms 44ms	Image text/html	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-NBQZ3Z9R&v=3&t=t&pid=1916754&cv=1&rv=4bc0&tc=0&tag_exp=101925629~102067555~102067808~102077855&es=1&e=gtm.init_consent&eid=-1&h=Ag&z=0 Requested by Host: user.xn--b1v335i.com URL: https://user.xn--b1v335i.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 date Sun, 17 Nov 2024 06:52:08 GMT x-xss-protection 0 content-type text/html server Google Tag Manager
GET H2	200	a www.googletagmanager.com/	0 52 B	46ms 45ms	Image text/html	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-NBQZ3Z9R&v=3&t=t&pid=1916754&cv=1&rv=4bc0&tc=0&tag_exp=101925629~102067555~102067808~102077855&es=1&e=gtm.init&eid=0&h=Ag&z=0 Requested by Host: user.xn--b1v335i.com URL: https://user.xn--b1v335i.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 date Sun, 17 Nov 2024 06:52:08 GMT x-xss-protection 0 content-type text/html server Google Tag Manager
GET H2	200	a www.googletagmanager.com/	0 52 B	47ms 46ms	Image text/html	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-NBQZ3Z9R&v=3&t=t&pid=1916754&cv=1&rv=4bc0&tc=0&tag_exp=101925629~102067555~102067808~102077855&es=1&e=gtm.js&eid=1&h=Ag&z=0 Requested by Host: user.xn--b1v335i.com URL: https://user.xn--b1v335i.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 date Sun, 17 Nov 2024 06:52:08 GMT x-xss-protection 0 content-type text/html server Google Tag Manager
GET H2	200	a www.googletagmanager.com/	0 52 B	46ms 46ms	Image text/html	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-NBQZ3Z9R&v=3&t=t&pid=1916754&cv=1&rv=4bc0&tc=0&tag_exp=101925629~102067555~102067808~102077855&es=1&e=gtag.config&eid=3&h=Ag&z=0 Requested by Host: user.xn--b1v335i.com URL: https://user.xn--b1v335i.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 date Sun, 17 Nov 2024 06:52:08 GMT x-xss-protection 0 content-type text/html server Google Tag Manager
POST H2	204	collect region1.google-analytics.com/g/	0 0	151ms 46ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-7B4CZPTMMH&gtm=45je4bc0v9183306459za200zb9183300272&_p=1731826328644&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&cid=2090369184.1731826329&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731826329&sct=1&seg=0&dl=https%3A%2F%2Fuser.xn--b1v335i.com%2F&dt=%E9%B9%8A%E6%A1%A5%C2%B7%E5%B0%8F%E7%81%AB%E7%AE%AD-%E7%BD%91%E5%9D%80%E5%AF%BC%E8%88%AA%E9%A1%B5&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1043 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-7B4CZPTMMH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://user.xn--b1v335i.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 17 Nov 2024 06:52:09 GMT content-type text/plain server Golfe2
GET H3	200	/ Show response client.crisp.chat/settings/website/4deee0e9-1b4f-4aa3-8ded-9daaf00538cd/prelude/	222 B 512 B	99ms 99ms	Script application/javascript	104.18.29.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/settings/website/4deee0e9-1b4f-4aa3-8ded-9daaf00538cd/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler&2024-10-17-7-52 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/static/javascripts/client.js?3718772 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fcf37409be879c0b7d7fcaff8db13efb511ee60e9d94a8693a9b8730eaf15ad Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers access-control-max-age 300 content-encoding br cf-cache-status MISS access-control-allow-methods HEAD, GET, OPTIONS x-content-type-options nosniff expires Sun, 17 Nov 2024 10:52:09 GMT alt-svc h3=":443"; ma=86400 date Sun, 17 Nov 2024 06:52:09 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Sun, 17 Nov 2024 06:52:09 GMT access-control-allow-headers Content-Type, Origin strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=14400 cross-origin-resource-policy cross-origin access-control-allow-credentials false cf-ray 8e3dcbdcbf79aca7-TXL access-control-allow-origin * server cloudflare
GET H3	200	a www.googletagmanager.com/	0 14 B	46ms 46ms	Image text/html	142.250.184.232 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-NBQZ3Z9R&v=3&t=t&pid=1916754&cv=1&rv=4bc0&tc=0&tag_exp=101925629~102067555~102067808~102077855&es=1&e=gtm.dom&eid=4&h=Ag&z=0 Requested by Host: user.xn--b1v335i.com URL: https://user.xn--b1v335i.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f8.1e100.net Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 date Sun, 17 Nov 2024 06:52:09 GMT x-xss-protection 0 content-type text/html server Google Tag Manager
GET H3	200	/ Show response client.crisp.chat/settings/website/4deee0e9-1b4f-4aa3-8ded-9daaf00538cd/	2 KB 1 KB	177ms 177ms	Script application/javascript	104.18.29.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/settings/website/4deee0e9-1b4f-4aa3-8ded-9daaf00538cd/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler&1723001778842 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/static/javascripts/client.js?3718772 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f880303ff76c3a6f3ca1f36006a84e5516bbb617d388e133fbb99565f7f85d7c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers access-control-max-age 300 content-encoding br cf-cache-status EXPIRED access-control-allow-methods HEAD, GET, OPTIONS x-content-type-options nosniff expires Sun, 17 Nov 2024 10:52:09 GMT alt-svc h3=":443"; ma=86400 date Sun, 17 Nov 2024 06:52:09 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding last-modified Sun, 17 Nov 2024 06:52:09 GMT access-control-allow-headers Content-Type, Origin strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=14400 cross-origin-resource-policy cross-origin access-control-allow-credentials false cf-ray 8e3dcbdf9ab6aca7-TXL access-control-allow-origin * server cloudflare
GET H3	200	zh.js Show response client.crisp.chat/static/javascripts/locales/	9 KB 4 KB	47ms 46ms	Script application/javascript	104.18.29.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/static/javascripts/locales/zh.js?3718772 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/static/javascripts/client.js?3718772 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 395b0c09be4b5454af6fd510a83d2a448f0a6575375be60aaf7b0f008e7ad316 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers access-control-max-age 300 content-encoding br cf-cache-status HIT etag W/"66759605-24ed" age 49716 access-control-allow-methods HEAD, GET, OPTIONS x-content-type-options nosniff expires Wed, 15 Nov 2034 06:52:09 GMT alt-svc h3=":443"; ma=86400 date Sun, 17 Nov 2024 06:52:09 GMT content-type application/javascript last-modified Fri, 21 Jun 2024 15:02:29 GMT vary Accept-Encoding access-control-allow-headers Content-Type, Origin strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=315360000 cross-origin-resource-policy cross-origin access-control-allow-credentials false cf-ray 8e3dcbe0bbbcaca7-TXL access-control-allow-origin * server cloudflare
GET H2	200	favicon.ico user.xn--b1v335i.com/	25 KB 26 KB	222ms 221ms	Other image/x-icon	206.237.117.147 NEAROUTE Nearoute...
General Check archive.org Show headers Download Go to Full URL https://user.xn--b1v335i.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 206.237.117.147 , United States, ASN51847 (NEAROUTE Nearoute Limited, HK), Reverse DNS Software nginx / Resource Hash c429f6ed5c5b715e488682052fbb0452832f0aca97ddd44203e30bced1b869b2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers strict-transport-security max-age=31536000 etag "66bc981b-659e" accept-ranges bytes content-length 26014 date Sun, 17 Nov 2024 06:52:09 GMT content-type image/x-icon last-modified Wed, 14 Aug 2024 11:42:19 GMT server nginx
GET DATA	200 OK	truncated /	308 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H3	200	/ image.crisp.chat/avatar/website/4deee0e9-1b4f-4aa3-8ded-9daaf00538cd/120/	3 KB 3 KB	123ms 79ms	Image image/webp	104.18.29.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.crisp.chat/avatar/website/4deee0e9-1b4f-4aa3-8ded-9daaf00538cd/120/?1723001778842 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd33e3bf10d1249078b9b1c2bb6f258b1719e43da33f06ac79a797497f4864ea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers cf-cache-status HIT etag W/"bdc-1931b5422b3" x-content-type-options nosniff expires Wed, 15 Nov 2034 06:52:09 GMT alt-svc h3=":443"; ma=86400 date Sun, 17 Nov 2024 06:52:09 GMT content-type image/webp last-modified Mon, 11 Nov 2024 13:05:19 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=315360000 cross-origin-resource-policy cross-origin cf-ray 8e3dcbe19cb2aca7-TXL accept-ranges bytes content-length 3036 server cloudflare
GET H3	200	a www.googletagmanager.com/	0 14 B	47ms 47ms	Image text/html	142.250.184.232 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-NBQZ3Z9R&v=3&t=t&pid=1916754&cv=1&rv=4bc0&tc=0&tag_exp=101925629~102067555~102067808~102077855&es=1&e=gtm.load&eid=11&u=Ag&h=Ag&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f8.1e100.net Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://user.xn--b1v335i.com/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 date Sun, 17 Nov 2024 06:52:10 GMT x-xss-protection 0 content-type text/html server Google Tag Manager
POST		collect region1.google-analytics.com/g/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

region1.google-analytics.com

URL

https://region1.google-analytics.com/g/collect?v=2&tid=G-7B4CZPTMMH&gtm=45je4bc0v9183306459za200zb9183300272&_p=1731826328644&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&cid=2090369184.1731826329&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731826329&sct=1&seg=0&dl=https%3A%2F%2Fuser.xn--b1v335i.com%2F&dt=%E9%B9%8A%E6%A1%A5%C2%B7%E5%B0%8F%E7%81%AB%E7%AE%AD-%E7%BD%91%E5%9D%80%E5%AF%BC%E8%88%AA%E9%A1%B5&en=scroll&epn.percent_scrolled=90&_et=7&tfd=6056

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer function| gtag object| us function| Ping object| login function| fuckyou function| ck function| hehe function| onhelp object| $crisp string| CRISP_WEBSITE_ID object| d object| s boolean| $__CRISP_INCLUDED object| google_tag_manager object| google_tag_data object| $__CRISP_INSTANCE function| onYouTubeIframeAPIReady object| gaGlobal

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.xn--b1v335i.com/	1970-01-21 10:39:46	Name: _ga Value: GA1.1.2090369184.1731826329
			.xn--b1v335i.com/	1970-01-21 10:39:46	Name: _ga_7B4CZPTMMH Value: GS1.1.1731826329.1.0.1731826329.0.0.0
			.xn--b1v335i.com/	1970-01-21 05:26:34	Name: crisp-client%2Fsession%2F4deee0e9-1b4f-4aa3-8ded-9daaf00538cd Value: session_449f986c-d34a-48b9-9ed0-908d177a6591

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client.crisp.chat
demo.vpacr.com
image.crisp.chat
region1.google-analytics.com
user.xn--b1v335i.com
www.googletagmanager.com
www.vpacr.com
www.xhjfq.com
region1.google-analytics.com
104.18.29.104
142.250.184.232
172.67.203.246
2001:4860:4802:34::36
206.237.117.147
2a00:1450:4001:827::2008
45.78.25.189
11585ad8da8976c5854c1dcd57d922d3fc6324e4c9d975e61c30167e2cb0a64f
147266671b6250687f00c62a23eb92a4a0f673efb3a432a9c07305f992cfdea4
22a08fe567d07bca1571baf5271c9f6aa107b0c3e9dbdf9fbbb9f98dc8ae37bd
2a91b29d9eefb9d8f7601c568dde1ff032f303fa88b1545054cb83ef290762fe
370d92637201ed662aff7bfc0fdf353d77c8463e432453be9dbd7ec4e3fd70c9
395b0c09be4b5454af6fd510a83d2a448f0a6575375be60aaf7b0f008e7ad316
3daa298ef10fb5cebd0a03489f725dcd0a2b03d92c60593ea2cb85b51065d55a
5fcf37409be879c0b7d7fcaff8db13efb511ee60e9d94a8693a9b8730eaf15ad
626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d
c2362a475597edc725331b2d000995f5e13cd8d1c12b01000d37f691ddd30085
c429f6ed5c5b715e488682052fbb0452832f0aca97ddd44203e30bced1b869b2
c6b811a23972c3cb26119c1b0e8258a05ef2cf89f0f9dc6adb380b0df65fb5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b6646e83b23351b3621faa3b5573096db2fe156c3b278db2237800770958f5
f880303ff76c3a6f3ca1f36006a84e5516bbb617d388e133fbb99565f7f85d7c
fd33e3bf10d1249078b9b1c2bb6f258b1719e43da33f06ac79a797497f4864ea