ts-lightning-conduct-jerusalem.trycloudflare.com Open in urlscan Pro
104.17.124.55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/6FOtxVp4tM
Effective URL:
https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlo...
Submission: On February 23 via manual (February 23rd 2022, 8:50:41 am UTC) from DE — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 21 HTTP transactions. The main IP is 104.17.124.55, located in and belongs to CLOUDFLARENET, US. The main domain is ts-lightning-conduct-jerusalem.trycloudflare.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2021. Valid for: a year.

This is the only time ts-lightning-conduct-jerusalem.trycloudflare.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Postbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1 1	84.16.78.180 84.16.78.180	29222 (INFOMANIA...) (INFOMANIAK-AS)
3 23	104.17.124.55 104.17.124.55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.16.78.180 (Switzerland) 1 redirects

ASN29222 (INFOMANIAK-AS, CH)
PTR: od-de07c4.ch2.infomaniak.ch

www.baya-axess.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.17.124.55 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ts-lightning-conduct-jerusalem.trycloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	trycloudflare.com 3 redirects ts-lightning-conduct-jerusalem.trycloudflare.com	1 MB
1	baya-axess.com 1 redirects www.baya-axess.com	199 B
1	t.co t.co — Cisco Umbrella Rank: 456	519 B
21	3

	Domain	Requested by
23	ts-lightning-conduct-jerusalem.trycloudflare.com	3 redirects t.co ts-lightning-conduct-jerusalem.trycloudflare.com
1	www.baya-axess.com	1 redirects
1	t.co
21	3

This site contains no links.

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
Frame ID: 8BD6ED0E7482FC6D9966A070D92FFAB9
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://t.co/6FOtxVp4tM Page URL
https://www.baya-axess.com/upload/0x.php HTTP 302
https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/ HTTP 302
https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhf... HTTP 301
http://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhf... HTTP 302
https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhf... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

1053 kB
Transfer

2063 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/6FOtxVp4tM Page URL
https://www.baya-axess.com/upload/0x.php HTTP 302
https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/ HTTP 302
https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy HTTP 301
http://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy/ HTTP 302
https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 6FOtxVp4tM
t.co/ 276 B
519 B 189ms
143ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/6FOtxVp4tM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 23 Feb 2022 08:50:32 GMT
vary: Origin
server: tsa_o
expires: Wed, 23 Feb 2022 08:55:33 GMT
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 187
content-encoding: gzip
x-xss-protection: 0
strict-transport-security: max-age=0
x-response-time: 121
x-connection-hash: 9671bc46e339e570c1f386aa5e7071e73986ffe9f048f2aeac72dcdff95316c9

GET
H2

200

Primary Request oauthlogn3.php Show response
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//
Redirect Chain

https://www.baya-axess.com/upload/0x.php
https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/
https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy
http://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy/
https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FW...

7 KB
2 KB

316ms
315ms

Document
text/html

104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
Requested by: Host: t.co
URL: https://t.co/6FOtxVp4tM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.1
Resource Hash: 15c15ce8c5cbe0b4fca3fbe3d7795fc984a3f38ca0568564a8f84b7c6a3a0c30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://t.co/6FOtxVp4tM

Response headers

date: Wed, 23 Feb 2022 08:50:35 GMT
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-powered-by: PHP/8.1.1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e1f3518cd2e697b-FRA
content-encoding: gzip

Redirect headers

Date: Wed, 23 Feb 2022 08:50:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
X-Powered-By: PHP/8.1.1
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 6e1f3516ea79915f-FRA

GET
H2 200 bootstrap.min.css
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/ 152 KB
23 KB 103ms
101ms Stylesheet
text/css 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/bootstrap.min.css
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Aug 2021 21:37:38 GMT
server: cloudflare
etag: W/"2606e-5ca914ad38c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css
cf-ray: 6e1f351ad9db697b-FRA

GET
H2 200 helpers.css
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/ 41 KB
5 KB 86ms
85ms Stylesheet
text/css 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/helpers.css
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Aug 2021 21:37:38 GMT
server: cloudflare
etag: W/"a318-5ca914ad38c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css
cf-ray: 6e1f351ad9dd697b-FRA

GET
H2 200 fonts.css
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/ 2 KB
439 B 80ms
79ms Stylesheet
text/css 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/fonts.css
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fa75ee47fff91e4313626e9472aafb62b06467c269bdac1e1ac767ac96eb235

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Aug 2021 21:37:38 GMT
server: cloudflare
etag: W/"7f8-5ca914ad38c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css
cf-ray: 6e1f351ad9e0697b-FRA

GET
H2 200 main.css
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/ 7 KB
2 KB 95ms
94ms Stylesheet
text/css 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/main.css
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4234a2d13658058cc21d063537f02b330554c53e86c8d2f997cda38cd7feecfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Aug 2021 21:37:38 GMT
server: cloudflare
etag: W/"1bf0-5ca914ad38c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css
cf-ray: 6e1f351ad9e3697b-FRA

GET
H2 200 logo.svg
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/images/ 6 KB
3 KB 93ms
93ms Image
image/svg+xml 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/images/logo.svg
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ad849d8a916dcde00adb1ee3d0f21c7f636a98b7b2c49f57194f245d37b2e91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Aug 2021 21:37:38 GMT
server: cloudflare
etag: W/"18ff-5ca914ad38c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/svg+xml
cf-ray: 6e1f351ae9f2697b-FRA

GET
H2 200 img1.jpg
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/images/ 370 KB
371 KB 140ms
139ms Image
image/jpeg 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/images/img1.jpg
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 130d73c4eb6e09d7372576762b61bdc69ccc112befefde6c40220278baf30686

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:35 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Aug 2021 21:37:38 GMT
server: cloudflare
etag: "5c7af-5ca914ad38c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e1f351afa25697b-FRA
content-length: 378799

GET
H2 200 img2.jpg
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/images/ 15 KB
16 KB 134ms
134ms Image
image/jpeg 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/images/img2.jpg
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 550778f7050b2f39fc38c8e326c78e0a53921774f9f39dd3685f1c73efee2613

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:35 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Aug 2021 21:37:38 GMT
server: cloudflare
etag: "3dc0-5ca914ad38c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e1f351afa29697b-FRA
content-length: 15808

GET
H2 200 img3.jpg
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/images/ 186 KB
187 KB 115ms
115ms Image
image/jpeg 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/images/img3.jpg
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 946660bb68994bd9480fd5822b55ebd2907bcf76927305e84f47c20431568789

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:35 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Aug 2021 21:37:38 GMT
server: cloudflare
etag: "2e8f0-5ca914ad38c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6e1f351afa2f697b-FRA
content-length: 190704

GET
H2 200 jquery.min.js Show response
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/js/ 86 KB
31 KB 126ms
125ms Script
application/javascript 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/js/jquery.min.js
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Aug 2021 21:37:38 GMT
server: cloudflare
etag: W/"15851-5ca914ad38c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cf-ray: 6e1f351ae9e6697b-FRA

GET
H2 200 popper.min.js Show response
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/js/ 20 KB
7 KB 118ms
117ms Script
application/javascript 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/js/popper.min.js
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Aug 2021 21:37:38 GMT
server: cloudflare
etag: W/"4f74-5ca914ad38c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cf-ray: 6e1f351ae9ea697b-FRA

GET
H2 200 bootstrap.min.js Show response
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/js/ 133 KB
26 KB 125ms
124ms Script
application/javascript 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/js/bootstrap.min.js
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Aug 2021 21:37:38 GMT
server: cloudflare
etag: W/"21388-5ca914ad38c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cf-ray: 6e1f351ae9ed697b-FRA

GET
H2 200 fontawesome.min.js Show response
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/js/ 1 MB
380 KB 80ms
79ms Script
application/javascript 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/js/fontawesome.min.js
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Aug 2021 21:37:38 GMT
server: cloudflare
etag: W/"10314e-5ca914ad38c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cf-ray: 6e1f351ae9ef697b-FRA

GET
H2 200 main.js Show response
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/js/ 2 KB
584 B 101ms
100ms Script
application/javascript 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/js/main.js
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e08509dbc957f16b23edf52159c4403dded420c385bcc4524a7ce4802ba3dfb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/0ezxbFaFhszl7pvjih8aYS13reKnBJd50Xx7UjaWIPDsEHmU1VdkiSnRkhfympTkFwQ6Iy//oauthlogn3.php?c6Unu836ZomsnAkuQx8mRrAsQST2S0FdH4FWrUXmpqj2TJYJ9Qk25qGpRFWh1TXqUzaUu6x0ortBP31XF4vY5ftU2zs6BXkNApQ1AJz4eKVylsrk7g1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Aug 2021 21:37:38 GMT
server: cloudflare
etag: W/"6f7-5ca914ad38c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cf-ray: 6e1f351ae9f1697b-FRA

GET
H2 404 OpenSans-Bold.woff
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/ 0
0 72ms
71ms Font
text/html 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/OpenSans-Bold.woff
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/fonts.css
Origin: https://ts-lightning-conduct-jerusalem.trycloudflare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:36 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e1f351ecad2697b-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=iso-8859-1

GET
H2 404 OpenSans-SemiBold.woff
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/ 0
0 74ms
73ms Font
text/html 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/OpenSans-SemiBold.woff
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/fonts.css
Origin: https://ts-lightning-conduct-jerusalem.trycloudflare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:36 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e1f351ecad6697b-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=iso-8859-1

GET
H2 404 OpenSans-Regular.woff
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/ 0
0 102ms
102ms Font
text/html 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/OpenSans-Regular.woff
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/fonts.css
Origin: https://ts-lightning-conduct-jerusalem.trycloudflare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:36 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e1f351ecad9697b-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=iso-8859-1

GET
H2 404 OpenSans-Bold.ttf
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/ 0
0 157ms
157ms Font
text/html 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/OpenSans-Bold.ttf
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/fonts.css
Origin: https://ts-lightning-conduct-jerusalem.trycloudflare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:36 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e1f351f3bb7697b-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=iso-8859-1

GET
H2 404 OpenSans-SemiBold.ttf
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/ 0
0 66ms
66ms Font
text/html 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/OpenSans-SemiBold.ttf
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/fonts.css
Origin: https://ts-lightning-conduct-jerusalem.trycloudflare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:36 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e1f351f4bc9697b-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=iso-8859-1

GET
H2 404 OpenSans-Regular.ttf
ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/ 0
0 73ms
72ms Font
text/html 104.17.124.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/OpenSans-Regular.ttf
Requested by: Host: ts-lightning-conduct-jerusalem.trycloudflare.com
URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.124.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/css/fonts.css
Origin: https://ts-lightning-conduct-jerusalem.trycloudflare.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:50:36 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e1f351f6c17697b-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Postbank (Banking)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.t.co/	1970-01-20 10:37:00	Name: muc Value: 04f64ec6-a706-4bf3-a92b-b71492b1fab5
			ts-lightning-conduct-jerusalem.trycloudflare.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: c7rfcest3maqukipf1at53l642

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/OpenSans-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/OpenSans-SemiBold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/OpenSans-Regular.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/OpenSans-SemiBold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/OpenSans-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ts-lightning-conduct-jerusalem.trycloudflare.com/wp-iclude/MIolod/assets/fonts/OpenSans-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

t.co
ts-lightning-conduct-jerusalem.trycloudflare.com
www.baya-axess.com
104.17.124.55
104.244.42.197
84.16.78.180
130d73c4eb6e09d7372576762b61bdc69ccc112befefde6c40220278baf30686
15c15ce8c5cbe0b4fca3fbe3d7795fc984a3f38ca0568564a8f84b7c6a3a0c30
1ad849d8a916dcde00adb1ee3d0f21c7f636a98b7b2c49f57194f245d37b2e91
21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
2caa6404ddb0de2b9d191b1e2c8b5c35c68ca48f2a9521140bbf83b27c063700
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58
4234a2d13658058cc21d063537f02b330554c53e86c8d2f997cda38cd7feecfa
4fa75ee47fff91e4313626e9472aafb62b06467c269bdac1e1ac767ac96eb235
550778f7050b2f39fc38c8e326c78e0a53921774f9f39dd3685f1c73efee2613
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
946660bb68994bd9480fd5822b55ebd2907bcf76927305e84f47c20431568789
e08509dbc957f16b23edf52159c4403dded420c385bcc4524a7ce4802ba3dfb0
f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765

ts-lightning-conduct-jerusalem.trycloudflare.com Open in urlscan Pro 104.17.124.55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

1053 kBTransfer

2063 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

2 Cookies

6 Console Messages

Security Headers

Indicators

ts-lightning-conduct-jerusalem.trycloudflare.com Open in urlscan Pro
104.17.124.55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

1053 kB
Transfer

2063 kB
Size

2
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!