urlscan.io logo urlscan.io
SecurityTrails logo

bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link Open in urlscan Pro
2602:fea2:2::1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apiservices.krxd.net/click_tracker/track?k37x_event_uid=LR25EaJr&clk=http://ticortitle.woodandscrews.com/ticortitle#9...
Effective URL: https://bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link/
Submission: On July 28 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 6 HTTP transactions. The main IP is 2602:fea2:2::1, located in United States and belongs to PROTOCOL, US. The main domain is bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link.
TLS certificate: Issued by R3 on June 11th 2023. Valid for: 3 months.
This is the only time bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 151.101.130.133 54113 (FASTLY)
1 2 208.91.198.30 46606 (UNIFIEDLA...)
1 2602:fea2:2::1 40680 (PROTOCOL)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 6
1    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
apiservices.krxd.net
2    208.91.198.30 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: bh-72.webhostbox.net
ticortitle.woodandscrews.com
1    2602:fea2:2::1 (United States)

ASN40680 (PROTOCOL, US)
bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
kgkagkgaga.ws
Apex Domain
Subdomains		 Transfer
2 woodandscrews.com
ticortitle.woodandscrews.com
759 B
1 kgkagkgaga.ws
kgkagkgaga.ws — Cisco Umbrella Rank: 908817
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 107
193 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 743
78 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
14 KB
1 dweb.link
bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link
39 KB
1 krxd.net
apiservices.krxd.net — Cisco Umbrella Rank: 36272
252 B
6 7
Domain Requested by
2 ticortitle.woodandscrews.com 1 redirects
1 kgkagkgaga.ws code.jquery.com
1 lh3.googleusercontent.com
1 code.jquery.com ticortitle.woodandscrews.com
1 cdnjs.cloudflare.com bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link
1 bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link ticortitle.woodandscrews.com
1 apiservices.krxd.net 1 redirects
6 7

This site contains no links.

Subject Issuer Validity Valid
dweb.link
R3		 2023-06-11 -
2023-09-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
kgkagkgaga.ws
E1		 2023-07-20 -
2023-10-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link/
Frame ID: B09B2D74178DF271EFDAFCE746BC5B02
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://apiservices.krxd.net/click_tracker/track?k37x_event_uid=LR25EaJr&clk=http://ticortitle.woodandscr... HTTP 302
    http://ticortitle.woodandscrews.com/ticortitle?k37x_event_uid=LR25EaJr Page URL
  2. http://ticortitle.woodandscrews.com/red.php?e=97465616d64616e69407469636f727469746c652e636f6d HTTP 302
    https://bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

83 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

324 kB
Transfer

676 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apiservices.krxd.net/click_tracker/track?k37x_event_uid=LR25EaJr&clk=http://ticortitle.woodandscrews.com/ticortitle HTTP 302
    http://ticortitle.woodandscrews.com/ticortitle?k37x_event_uid=LR25EaJr Page URL
  2. http://ticortitle.woodandscrews.com/red.php?e=97465616d64616e69407469636f727469746c652e636f6d HTTP 302
    https://bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://apiservices.krxd.net/click_tracker/track?k37x_event_uid=LR25EaJr&clk=http://ticortitle.woodandscrews.com/ticortitle HTTP 302
  • http://ticortitle.woodandscrews.com/ticortitle?k37x_event_uid=LR25EaJr

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ticortitle
ticortitle.woodandscrews.com/
Redirect Chain
  • https://apiservices.krxd.net/click_tracker/track?k37x_event_uid=LR25EaJr&clk=http://ticortitle.woodandscrews.com/ticortitle
  • http://ticortitle.woodandscrews.com/ticortitle?k37x_event_uid=LR25EaJr
164 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ticortitle.woodandscrews.com/ticortitle?k37x_event_uid=LR25EaJr
Protocol
HTTP/1.1
Server
208.91.198.30 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
bh-72.webhostbox.net
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
153
Content-Type
text/html; charset=UTF-8
Date
Fri, 28 Jul 2023 13:58:41 GMT
Keep-Alive
timeout=5, max=75
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding

Redirect headers

accept-ranges
bytes
age
0
content-length
0
date
Fri, 28 Jul 2023 13:58:39 GMT
location
http://ticortitle.woodandscrews.com/ticortitle?k37x_event_uid=LR25EaJr
via
1.1 varnish (Varnish/5.2), 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
click-tracker-a004-ash-prod.krxd.net, cache-cph2320047-CPH
x-timer
S1690552720.521476,VS0,VE383
Primary Request /
bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link/
Redirect Chain
  • http://ticortitle.woodandscrews.com/red.php?e=97465616d64616e69407469636f727469746c652e636f6d
  • https://bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link/
53 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link/
Requested by
Host: ticortitle.woodandscrews.com
URL: http://ticortitle.woodandscrews.com/ticortitle?k37x_event_uid=LR25EaJr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
508208d894f6623f71522bc3bead8a53fa67920c61b3e52c78ce998ebfad8dfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://ticortitle.woodandscrews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-methods
GET GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
cache-control
public, max-age=29030400, immutable
content-encoding
gzip
content-type
text/html
date
Fri, 28 Jul 2023 13:58:42 GMT
etag
W/"bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u"
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
x-ipfs-gateway-host
ipfs-bank16-fr2
x-ipfs-lb-pop
gateway-bank3-fr2
x-ipfs-path
/ipfs/bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u/
x-ipfs-pop
ipfs-bank16-fr2
x-ipfs-roots
bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u
x-proxy-cache
HIT

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 28 Jul 2023 13:58:42 GMT
Keep-Alive
timeout=5, max=74
Server
Apache
location
https://bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link/##97465616d64616e69407469636f727469746c652e636f6d
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
Requested by
Host: bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link
URL: https://bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 28 Jul 2023 13:58:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5771604
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13972
last-modified
Sat, 14 Aug 2021 20:33:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61182885-3694"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4ltMIwx%2BsClNMHM3piiuDJWhFMQwFb0f7izb%2FeFt52MBPT1pnrZYOUdVDj0C52maIU5HLy12%2FgXRgBKhevIqbn0yMZoHHa3B1QiX7d3Z8ezFeNpU7bfb6SXGYru7SvoB7NLj1Sjw9uB3kqO1ilIV8ay"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7edda3772a0837d8-FRA
expires
Wed, 17 Jul 2024 13:58:43 GMT
jquery-1.9.1.js
code.jquery.com/ 		262 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.js
Requested by
Host: ticortitle.woodandscrews.com
URL: http://ticortitle.woodandscrews.com/ticortitle?k37x_event_uid=LR25EaJr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 13:58:43 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:01 GMT
server
nginx
etag
W/"62f659d5-4185d"
vary
Accept-Encoding
x-hw
1690552723.dop149.fr8.t,1690552723.cds125.fr8.hn,1690552723.cds330.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
79506
AJFCJaXhZo6cUCNh1ssNQzSV3jc1ppd5Vt2HN5GjHL82rJR25OrOigrMWVvBpwQN6BD4T_qHdwh2spOZ9bKA-BqcHsttYMUy5sxc-E99nKe9pgDJsCX0icydpRhjm97W_S4_6cism2sTCOp-Oxa807yjCEw=w1580-h720-s-no
lh3.googleusercontent.com/pw/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/pw/AJFCJaXhZo6cUCNh1ssNQzSV3jc1ppd5Vt2HN5GjHL82rJR25OrOigrMWVvBpwQN6BD4T_qHdwh2spOZ9bKA-BqcHsttYMUy5sxc-E99nKe9pgDJsCX0icydpRhjm97W_S4_6cism2sTCOp-Oxa807yjCEw=w1580-h720-s-no?authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c51ecfdbb39612d629bbbfa57896c63dc52971d7bcf78f1795944be16274a8eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 13:58:43 GMT
x-content-type-options
nosniff
server
fife
etag
"v51"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="Flashback - Jul 5, 2023 00_04_12.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
197044
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
kgkagkgaga.ws/obufsssssssscaaatoion/ 		121 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://kgkagkgaga.ws/obufsssssssscaaatoion/
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 28 Jul 2023 13:58:44 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
origin
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKNwA4UcGv8iFdJJVTrzMzRQb%2B%2FqlCC%2FPdv%2BHqdd87jJCLxear4SFgOb7WTcYV5YTECmw5UYm9f6Y%2BkKhW%2BivxgHfwGR4Ya5Dj7aEduY90gN%2FALFyxXsytUvcJ9oquHwe8AKmf6vfAWBE%2FeW"}],"group":"cf-nel","max_age":604800}
cf-ray
7edda37e4fa63a64-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| KKFECGMl object| CryptoJS object| decrypted object| key function| _0x249f78 function| _0xec2024 function| _0x50d663 function| _0xcbc3ae function| _0x40e63f function| _0x534dbf function| _0x22bea5 function| _0x5a7241 function| _0x1e46f6 function| _0x183e01 function| _0x250359 function| _0x2922e9 function| _0x264550 function| _0x28ce68 function| _0x28e7cc function| _0x5ad4d6 function| _0x1f8fab function| _0x2813f8 function| _0x1b7cf1 function| _0xe4442f function| _0x27f572 function| _0x41bda7 function| _0x1df266 function| _0x18cb69 function| _0x2be46d function| _0x5910eb function| _0x476016 function| _0x3d2725 function| _0x45ad75 function| _0x3ffdd0 function| _0x4a8973 function| _0x585832 function| _0x29b338 function| _0x340ee8 function| _0x57ed81 function| _0x4ac5f9 function| _0x557a31 function| _0x4e6998 function| _0x2f70e6 function| _0x3296af function| _0x3c4143 function| _0x37678f function| _0x320401 function| _0x25c296 function| _0x1811ea function| _0x4a88f5 function| _0x40fe7f function| _0xead57e function| _0x3e9847 function| _0x49d5e2 function| _0x6a439a function| _0x712ba4 function| _0x198323 function| _0x3ded7c function| _0x2b4466 function| _0x5f16bb function| _0x2a875e function| _0x30b5bb function| _0x577995 function| _0x3936dc function| _0x277256 function| _0x206517 function| _0x19bb17 function| _0x5baa0c function| _0x125791 function| _0x2a7381 function| _0x416364 function| _0x1a85b2 function| _0x4f2914 function| _0x3a559d function| _0x555414 function| _0x57e1be function| _0x2b42cd function| _0x5a525f function| _0x3f9bae function| _0x5b55ec function| _0x37569f function| _0x2c7519 function| _0x1be764 function| _0x50c9eb function| _0x47d73b function| _0x110f6d function| _0x28c3ad function| _0x1934ac function| _0x393e90 function| _0x78ba70 function| _0x585164 function| _0x192434 function| _0x39c91a function| _0x1bc8d6 function| _0x60657b function| _0x10419f function| _0x22fd8b function| _0x4ad562 function| _0x5cd58b function| _0x5385a0 function| _0x3b1a67 function| _0x4c72ce function| _0x5d13d0 function| _0x224a01 function| _0x5e95b4 function| _0x395b26 function| _0x4d13c1 function| _0x3d08b1 function| _0x308694 function| _0x1bf46d function| _0x4e91ae function| _0x31e76f function| _0x497844 function| _0x413e04 function| _0x4e87a5 function| _0xfb547b function| _0x4eaadd function| _0x34e156 function| _0x5dee51 function| _0x59571d function| _0x1d4ad1 function| _0x2020d5 function| _0x5eae87 function| _0x188b3b function| _0x4b8f85 function| _0x57a1f1 function| _0x14a71d function| _0x249ba0 function| _0x4ffbd7 function| _0x36c4cf function| _0xb05753 function| _0xa584b2 function| _0x4fdda7 function| _0x58d4a9 function| _0x41729d function| _0x4805da function| _0x1a4674 function| _0x1a8359 function| _0x3bd378 function| _0x219df0 function| _0x58d28e function| _0x26c4 function| _0x494f object| _0xd876 string| IGOBZL string| cbbg string| kaka90nal string| ka45k459final2 string| kak0011afinal number| countttingerr function| $ function| jQuery

0 Cookies

2 Console Messages

Source Level URL
Text
javascript warning URL: https://bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bafkreicqqienrfhwmi7xcurlyo7k3cst7jtzeddbwpssy6gotghl7lmn7u.ipfs.dweb.link/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.