replacementrate.xyz Open in urlscan Pro
2606:4700:3035::6815:1d42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fraid5jes.dka.com.np/t/funhexa1y/rccf8441051x1801x84579x25796103x1369155x0160994381x9296098
Effective URL:
https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
Submission: On February 12 via manual (February 12th 2023, 10:52:13 am UTC) from GB — Scanned from GB

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3035::6815:1d42, located in United States and belongs to CLOUDFLARENET, US. The main domain is replacementrate.xyz.
TLS certificate: Issued by E1 on December 28th 2022. Valid for: 3 months.

This is the only time replacementrate.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.67.156.183 45.67.156.183	39679 (ASJZTKFT) (ASJZTKFT)
1 1	57.128.19.228 57.128.19.228	16276 (OVH) (OVH)
1 1	34.117.79.165 34.117.79.165	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 11	2606:4700:303... 2606:4700:3035::6815:1d42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:e6:... 2606:4700:e6::ac40:ce23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2

1 45.67.156.183 (Mezotur, Hungary) 1 redirects

ASN39679 (ASJZTKFT, HU)
PTR: white.imporary.me.uk

fraid5jes.dka.com.np	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 57.128.19.228 (France) 1 redirects

ASN16276 (OVH, FR)

www.betaspacing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.79.165 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 165.79.117.34.bc.googleusercontent.com

www.lpredirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3035::6815:1d42 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

replacementrate.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e6::ac40:ce23 (United States)

ASN13335 (CLOUDFLARENET, US)

trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	replacementrate.xyz 1 redirects replacementrate.xyz	539 KB
5	trk-consulatu.com trk-consulatu.com — Cisco Umbrella Rank: 31510 event.trk-consulatu.com — Cisco Umbrella Rank: 84010	3 KB
1	lpredirect.com 1 redirects www.lpredirect.com — Cisco Umbrella Rank: 526238	471 B
1	betaspacing.com 1 redirects www.betaspacing.com — Cisco Umbrella Rank: 390035	581 B
1	dka.com.np 1 redirects fraid5jes.dka.com.np	334 B
15	5

	Domain	Requested by
11	replacementrate.xyz	1 redirects replacementrate.xyz
4	event.trk-consulatu.com	trk-consulatu.com
1	trk-consulatu.com	replacementrate.xyz
1	www.lpredirect.com	1 redirects
1	www.betaspacing.com	1 redirects
1	fraid5jes.dka.com.np	1 redirects
15	6

This site contains no links.

Subject Issuer	Validity	Valid
*.replacementrate.xyz E1	`2022-12-28` - `2023-03-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-01` - `2023-08-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
Frame ID: 2B968C05E66697AF52044F75487F7E4C
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

(1) Notification

Page URL History Show full URLs

http://fraid5jes.dka.com.np/t/funhexa1y/rccf8441051x1801x84579x25796103x1369155x0160994381x9296098 HTTP 302
https://www.betaspacing.com/7D8X3R6/21NDFLZ4&sub1=222_150144_97548_1081&sub2=8906929_5519631&sub3=48301999 HTTP 302
https://www.lpredirect.com/24QSBG/GRW6L9B/?source_id=3949&sub1=4bd3290a8bf949a890ecd40b9b40768b HTTP 302
https://replacementrate.xyz/QYxh6qM1ke/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=... HTTP 302
https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4... Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Page Statistics

15
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

2
IPs

3
Countries

542 kB
Transfer

619 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fraid5jes.dka.com.np/t/funhexa1y/rccf8441051x1801x84579x25796103x1369155x0160994381x9296098 HTTP 302
https://www.betaspacing.com/7D8X3R6/21NDFLZ4&sub1=222_150144_97548_1081&sub2=8906929_5519631&sub3=48301999 HTTP 302
https://www.lpredirect.com/24QSBG/GRW6L9B/?source_id=3949&sub1=4bd3290a8bf949a890ecd40b9b40768b HTTP 302
https://replacementrate.xyz/QYxh6qM1ke/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949 HTTP 302
https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
replacementrate.xyz/
Redirect Chain

http://fraid5jes.dka.com.np/t/funhexa1y/rccf8441051x1801x84579x25796103x1369155x0160994381x9296098
https://www.betaspacing.com/7D8X3R6/21NDFLZ4&sub1=222_150144_97548_1081&sub2=8906929_5519631&sub3=48301999
https://www.lpredirect.com/24QSBG/GRW6L9B/?source_id=3949&sub1=4bd3290a8bf949a890ecd40b9b40768b
https://replacementrate.xyz/QYxh6qM1ke/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949

8 KB
3 KB

46ms
46ms

Document
text/html

2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb7db2cd4e5cf23d289a76b2f6b59632d28f4644ea4b4a4c45aa45d3c090769

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7984c5ebadce23d4-LHR
content-encoding: br
content-type: text/html
date: Sun, 12 Feb 2023 10:52:08 GMT
last-modified: Mon, 30 Jan 2023 10:32:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IX8pikkPxw7c%2FmufYqp1loUb4HOsEeun2knAE803N64FxeiY0jPKdLruvZcS64v2wUvoLESADwOmI7Qg6Xputrn2HtNv9eOZPSaHVETTarQhXyKxjT6l3i9I8Ux0PiQLY0NZsvCti0Um8ekh7VLb94eZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7984c5eb5d8423d4-LHR
content-type: text/html
date: Sun, 12 Feb 2023 10:52:08 GMT
location: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5RI%2BdI3lqXGfqy%2BKMZr2MF9LWLQh0W%2Blr4Yq3puHZA7Eoi3ZkWodq6pSuZo8Rg6DToHXVlYwyMV6%2BLS%2F9qyT22JUUrZd64NEZn4IvNqmT3ukkGdvUigYPvRraEpFSV%2FyIbqyGQhQmT8b%2FFmkztx0saR"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.css
replacementrate.xyz/css/ 10 KB
2 KB 47ms
46ms Stylesheet
text/css 2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://replacementrate.xyz/css/style.css
Requested by: Host: replacementrate.xyz
URL: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ec6166145bef4de853f66da0baf44de88488f59900b24a4093fedb0bf40bdb2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 10:52:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 19 Jan 2023 17:37:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"231738996"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fim%2BVJCSjjtnJcksfg0k9mzm%2F4PFKBLzGU%2FKp10UUwv5D%2FDLZPtosRHx7nR8So48tuqBt1ge15%2FV9sVMUIlJ%2FJ3TdJetBcXqSIGeduAcmV96cZtOCaQr9vbrnA%2BtJwOjJIBDbCAiGHdzTOKAQZazfewI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: no-cache
cf-ray: 7984c5ebfe3223d4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 animate.min.css
replacementrate.xyz/css/ 57 KB
5 KB 47ms
47ms Stylesheet
text/css 2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://replacementrate.xyz/css/animate.min.css
Requested by: Host: replacementrate.xyz
URL: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c055e6d0d9ba2b8f1be4719110e92c1b9499ed0759f0d1c48fccd16a7b31dcf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 10:52:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 14 Apr 2022 13:44:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"12454358"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzHY%2BddjEDbXZxisA0va6gboo9thsNKVP6evj1rm2VEB1rMaCe4BDAixb1kQRQaxLLTepX%2FsITHLgOjaCWPUqHvbJXZA%2Br2HiMBxp6BZwyfzg7Wtomk7cTF1FKWIuTHalszc%2Fg3NdUX05ziyvAtv1%2BPG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: no-cache
cf-ray: 7984c5ebfe3423d4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 l231231244.png
replacementrate.xyz/images/ 53 KB
53 KB 98ms
97ms Image
image/png 2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://replacementrate.xyz/images/l231231244.png
Requested by: Host: replacementrate.xyz
URL: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f41cdf5d691bcc47ad31ca79d3f082920c54a176c07603433adf9d2faf826b3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 10:52:09 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 19 Jan 2023 17:33:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1804471860"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZHLxNuRkGb%2BYd8IOmABCTf6uKiKyYtBudH6NdI42V0oEKtf73z34aikbRNTig2AphbT%2FLA%2BE8c6P6hFoD7YP1hxIG6ef1A0TxZem8TtgXGHEkwOGx9SMh1lvLkEQRgUr%2BxEq1UjYV%2FfcnW7pY%2B1O8fW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
cf-ray: 7984c5ec0a3071cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53884

GET
H3 200 212125555.png
replacementrate.xyz/images/ 60 KB
60 KB 72ms
71ms Image
image/png 2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://replacementrate.xyz/images/212125555.png
Requested by: Host: replacementrate.xyz
URL: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 124bc89987a4026aef6f1b9c307821d9d30525e426e3fa3e24dd9c9a32534990

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 10:52:09 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 17 Jan 2023 21:39:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2697651432"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itulXI4G3INL4OhHh2jQC1b0VtxxaGQr7BZucAK1foDUgvLBBhyPhBkV%2FSQ02PhHRgCptcKHwPVFYiGYhe7GDUqnUzQrRYKLerPaHhblBxhXuXorzbPwywzT05oZjsxZXr7pEGdoipBHsxhkzFeTVv6p"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
cf-ray: 7984c5ec0a3271cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61205

GET
H3 200 l12112255.gif
replacementrate.xyz/images/ 197 KB
197 KB 186ms
185ms Image
image/gif 2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://replacementrate.xyz/images/l12112255.gif
Requested by: Host: replacementrate.xyz
URL: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed219ad69f9290d7b86548e7ff09edd761ae988aa2d3c0debfc758a1804c3553

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 10:52:09 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 20:56:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3011796454"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wb5ZvgKlriOZkVdJ7mYQorm58YsLQqvgmp905h9OVhDWBPq2WadVXFNoqTLDzyLRtIUGz2jSqfJQVBb%2FziRLGd9qU4jnfE6Bh8IUxU6SxUFlwD%2BxV5UJEXAyRqa3GHYnRNaMyo9Lv716NBBp71no7wZ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
cf-ray: 7984c5ec0a3571cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 201595

GET
H3 200 77123654.png
replacementrate.xyz/images/ 5 KB
5 KB 70ms
69ms Image
image/png 2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://replacementrate.xyz/images/77123654.png
Requested by: Host: replacementrate.xyz
URL: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db30693e6da36ef09016c13f850bc1fc844b2b62f598872bf3fa76b18ae4c72c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 10:52:09 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Sep 2022 20:57:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1150655462"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRP9sUTxSyRhp2QkiAQTrUu3W%2FFKurmSrgY%2FUhmzKo4Xc%2BUSGV44QOJDnyw7Albavf7zxB5GYNJcej3ZCD0tWnr0bhRGfvWY0mgchQocFHiobTCB%2FzbQS5YwXHQ%2BEy5SEmO49VL2kAWBgwfASI7Gj3lQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
cf-ray: 7984c5ec0a3771cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5017

GET
H3 200 821222553.png
replacementrate.xyz/images/ 144 KB
145 KB 132ms
131ms Image
image/png 2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://replacementrate.xyz/images/821222553.png
Requested by: Host: replacementrate.xyz
URL: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f8853e4028627f1a38018b08ddb13f6c300d3355cef7f20e37cc59f208bfea5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 10:52:09 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 17 Jan 2023 21:39:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2422243560"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aiJGcX69Wq8uvaKsPsENV%2F%2FsiHq%2BV6S9u2Pdl%2B5lZKTcyIAEOI8XvHUkcPe%2B2j3XNxI2ZhRrHmz074plVw%2FfArrBO5Xex2X9yMjsIo7xteiR7dVjV21dPtAt6eLzB7tfpyQvG%2BqNakvsh7fSKvElSQM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
cf-ray: 7984c5ec0a3871cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 147461

GET
H3 200 script.js Show response
replacementrate.xyz/js/ 13 KB
1 KB 71ms
70ms Script
application/javascript 2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://replacementrate.xyz/js/script.js
Requested by: Host: replacementrate.xyz
URL: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8636ba84846e7184b57fb60a4dcf142057ddd1c42b43a8fd821db33d4554a9f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 10:52:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 17 Jan 2023 17:40:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3569030890"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3k6rpiDYsaxztIETftTWK9engT1H%2B5o7k0%2FbSoeId62oF%2FqP3ufqcsIh7NCS5eqSC9XaUlvTNRxX29M6inZYgL1g%2Bjol906lb7ISAF%2F3jQjxf4ws%2FFSVa3Xi92mbTG9wR8OP4S4Uez7kZz0Ron87UuMP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
cf-ray: 7984c5ec0a2b71cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 64d5p99gj0 Show response
trk-consulatu.com/scripts/push/script/ 7 KB
3 KB 126ms
39ms Script
application/javascript 2606:4700:e6::ac40:ce23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=replacementrate.xyz

Requested by

Host: replacementrate.xyz
URL: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:ce23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a3965dc90c30254f9bab23f7ee45f6b4487f44c997cc67e4747c6ad3578f05f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://replacementrate.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 10:52:09 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7093
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 12 Feb 2023 08:53:56 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkWA8ZUtGcqhjUdO9quKa8Mdq%2FKcdn54Ax3WPAwFZKL%2BhiyXsPplVLnvBuCTC%2BzEiGBcBZIu%2B1ARenuxMB%2B%2FH7ldfw3MYzlL8OFxSTmz1fG1whZoxwCdcqUvOXUMWfsdL5KcporohHZFY9s8b0i24w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray: 7984c5ec98ff72ac-LHR
expires: 0

GET
H3 200 bg.jpg
replacementrate.xyz/images/ 66 KB
67 KB 204ms
204ms Image
image/jpeg 2606:4700:3035::6815:1d42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://replacementrate.xyz/images/bg.jpg
Requested by: Host: replacementrate.xyz
URL: https://replacementrate.xyz/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1d42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ac4ecf5455456ebf1af953e79215c1c3481462395e8dc6e9e0fcbb791986e68

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://replacementrate.xyz/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 10:52:09 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 19 Jan 2023 17:35:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2246392948"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IR4KcmHFu8E8NcjVrWqrsyWOp6k4Za0gbCET9EbzYD9V6wODihEWd%2FhJ5kKsXD93tQEKYZsnXMwFkFHEO%2BC0DmyWZdHfQwkFr1sbq9xgoepopdLp1VElVR1Fb5nOxbRPNuWo%2FRDUF3p0LQFvNbZE15AL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
cf-ray: 7984c5ec4a5271cf-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68023

POST
H3 200 q2goowxygr
event.trk-consulatu.com/register/event_log/ 0
0 119ms
119ms Fetch 2606:4700:e6::ac40:ce23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/q2goowxygr

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=replacementrate.xyz

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e6::ac40:ce23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://replacementrate.xyz/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Sun, 12 Feb 2023 10:52:09 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VV7GreuYtaP1Np2%2FEujHtz6tebvh11nTVGNydA5GUw%2BonTF2qsph5BtPBcvdb6AxKxNSJnnbfOv%2BNLpNykh%2FET8u673XoZ%2B6uBn4z2OqVQMX9Lw7r2QjNl119ZeBu4u1ixgC59D9SPBa3RIOjGtSiqBCborJCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://replacementrate.xyz
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray: 7984c5f17bc6718c-LHR
x-pushplatformapp-params

OPTIONS
H2 200 q2goowxygr
event.trk-consulatu.com/register/event_log/ 0
0 267ms
198ms Preflight 2606:4700:e6::ac40:ce23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-consulatu.com/register/event_log/q2goowxygr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://replacementrate.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://replacementrate.xyz
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7984c5f04f1b23ca-LHR
content-length: 0
date: Sun, 12 Feb 2023 10:52:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPR1kdTo74dAd59moY3cW7bczrbUcHrWF0C9YfcHFZq7WIbSckcXpIl6%2BR4wwd6WuuADCJJTr9rCfjbiAAhJvfSXPWlVBJYPmEfOAGfmY2JgN3Y%2FVSF5LLjBkv0cDx3LvKgZ5ucRwP3BcBl60aP3c4zqf%2FYJeg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H2 200 q2goowxygr
event.trk-consulatu.com/register/event_log/ 0
0 127ms
127ms Fetch 2606:4700:e6::ac40:ce23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/q2goowxygr

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=replacementrate.xyz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:ce23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://replacementrate.xyz/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Sun, 12 Feb 2023 10:52:09 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO603m0PnfTszz8655Fo1Kd4jefqstTyihI0t0RliMx91sML8Gri3jkKBC8S60YFH1QRgxDvJOgoFYSrGvBONasdZdde2lV8fpQ%2BCeqjDVyoH6CTDU28vIcQf2MuTfUMQD9Ioulx11O1aCN7Yd3mFeutQkeMjA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://replacementrate.xyz
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray: 7984c5f0f86223ca-LHR
x-pushplatformapp-params

OPTIONS
H2 200 q2goowxygr
event.trk-consulatu.com/register/event_log/ 0
0 185ms
117ms Preflight 2606:4700:e6::ac40:ce23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-consulatu.com/register/event_log/q2goowxygr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ce23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://replacementrate.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://replacementrate.xyz
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7984c5f04f1f23ca-LHR
content-length: 0
date: Sun, 12 Feb 2023 10:52:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdG08ejzeKm9tu6if4r5QAu3nMK7dJRAU%2BmasPJqXiG0xBkkdhRStvFDFuPqT%2BpKgal5nQHEAqzfnbYyF4scQwJRyZE6NvLgcswL7fNH7bHXgziHtpOZOHaWcW0exYQbtAu8QXrU2fDbVASu%2ByeP22%2FPBeQEcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.lpredirect.com/	1970-01-20 09:38:05	Name: uniqueClick_GRW6L9B Value: d3cb5f45-9962-43d3-b2f4-589daea5f9b1:1676199128
www.lpredirect.com/	1970-01-20 11:46:15	Name: transaction_id Value: a14cf622dc624a48b13166650d9817c0
replacementrate.xyz/	1969-12-31 23:59:59	Name: SESSIONIDS Value: QYxh6qM1ke

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://replacementrate.xyz/?encoded_value=24QSBG&sub1=4bd3290a8bf949a890ecd40b9b40768b&sub2=&sub3=&sub4=&sub5=&source_id=3949 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-consulatu.com
fraid5jes.dka.com.np
replacementrate.xyz
trk-consulatu.com
www.betaspacing.com
www.lpredirect.com
2606:4700:3035::6815:1d42
2606:4700:e6::ac40:ce23
34.117.79.165
45.67.156.183
57.128.19.228
0a3965dc90c30254f9bab23f7ee45f6b4487f44c997cc67e4747c6ad3578f05f
124bc89987a4026aef6f1b9c307821d9d30525e426e3fa3e24dd9c9a32534990
1ac4ecf5455456ebf1af953e79215c1c3481462395e8dc6e9e0fcbb791986e68
1ec6166145bef4de853f66da0baf44de88488f59900b24a4093fedb0bf40bdb2
1f41cdf5d691bcc47ad31ca79d3f082920c54a176c07603433adf9d2faf826b3
4c055e6d0d9ba2b8f1be4719110e92c1b9499ed0759f0d1c48fccd16a7b31dcf
4f8853e4028627f1a38018b08ddb13f6c300d3355cef7f20e37cc59f208bfea5
8636ba84846e7184b57fb60a4dcf142057ddd1c42b43a8fd821db33d4554a9f8
db30693e6da36ef09016c13f850bc1fc844b2b62f598872bf3fa76b18ae4c72c
ed219ad69f9290d7b86548e7ff09edd761ae988aa2d3c0debfc758a1804c3553
eeb7db2cd4e5cf23d289a76b2f6b59632d28f4644ea4b4a4c45aa45d3c090769

replacementrate.xyz Open in urlscan Pro 2606:4700:3035::6815:1d42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

40 %IPv6

5 Domains

6 Subdomains

2 IPs

3 Countries

542 kBTransfer

619 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

replacementrate.xyz Open in urlscan Pro
2606:4700:3035::6815:1d42 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

2
IPs

3
Countries

542 kB
Transfer

619 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions