urlscan.io logo urlscan.io
SecurityTrails logo

direxctcom.top Open in urlscan Pro
2606:4700:3033::6815:4774  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://han.gl/hkKEQ
Effective URL: https://direxctcom.top/EHQKA/
Submission: On November 28 via manual from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3033::6815:4774, located in United States and belongs to CLOUDFLARENET, US. The main domain is direxctcom.top.
TLS certificate: Issued by GTS CA 1P5 on November 15th 2022. Valid for: 3 months.
This is the only time direxctcom.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Deutsche Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 35.244.149.249 15169 (GOOGLE)
3 25 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2600:1901:0:c... 15169 (GOOGLE)
2 2600:1901:0:5... 15169 (GOOGLE)
2 2600:1901:0:2... 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
1 34.95.108.180 396982 (GOOGLE-CL...)
1 2600:9000:21f... 16509 (AMAZON-02)
37 8
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
han.gl
1    35.244.149.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.149.244.35.bc.googleusercontent.com
lihi2.cc
25    2606:4700:3033::6815:4774 (United States)

ASN13335 (CLOUDFLARENET, US)
direxctcom.top
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2600:1901:0:c07c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
api.usercentrics.eu
2    2600:1901:0:5987:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
app.usercentrics.eu
2    2600:1901:0:256b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
aggregator.service.usercentrics.eu
2    2600:1901:0:7903:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
graphql.usercentrics.eu
1    34.95.108.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.108.95.34.bc.googleusercontent.com
uct.service.usercentrics.eu
1    2600:9000:21f3:6800:13:46b5:7d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.deutsche-bank.de
Apex Domain
Subdomains		 Transfer
25 direxctcom.top
direxctcom.top
511 KB
13 usercentrics.eu
api.usercentrics.eu — Cisco Umbrella Rank: 8431
app.usercentrics.eu — Cisco Umbrella Rank: 8714
aggregator.service.usercentrics.eu — Cisco Umbrella Rank: 9694
graphql.usercentrics.eu — Cisco Umbrella Rank: 11100
uct.service.usercentrics.eu — Cisco Umbrella Rank: 13668
19 KB
1 deutsche-bank.de
www.deutsche-bank.de — Cisco Umbrella Rank: 192668
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
1 KB
1 lihi2.cc
lihi2.cc — Cisco Umbrella Rank: 693887
707 B
1 han.gl
han.gl
615 B
37 6
Domain Requested by
25 direxctcom.top 3 redirects direxctcom.top
6 api.usercentrics.eu direxctcom.top
2 graphql.usercentrics.eu direxctcom.top
2 aggregator.service.usercentrics.eu direxctcom.top
2 app.usercentrics.eu direxctcom.top
1 www.deutsche-bank.de
1 uct.service.usercentrics.eu
1 fonts.googleapis.com direxctcom.top
1 lihi2.cc 1 redirects
1 han.gl 1 redirects
37 10

This site contains no links.

Subject Issuer Validity Valid
*.direxctcom.top
GTS CA 1P5		 2022-11-15 -
2023-02-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
api.usercentrics.eu
GTS CA 1D4		 2022-10-14 -
2023-01-12		 3 months crt.sh
app.usercentrics.eu
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
aggregator.service.usercentrics.eu
GTS CA 1D4		 2022-10-06 -
2023-01-04		 3 months crt.sh
graphql.usercentrics.eu
GTS CA 1D4		 2022-10-17 -
2023-01-15		 3 months crt.sh
uct.service.usercentrics.eu
GTS CA 1D4		 2022-10-06 -
2023-01-04		 3 months crt.sh
www.deutsche-bank.de
DigiCert EV RSA CA G2		 2022-11-15 -
2023-11-14		 a year crt.sh

This page contains 3 frames:

Primary Page: https://direxctcom.top/EHQKA/
Frame ID: 54FFFDAEB0DA9A7E1D967E01FB68D0F2
Requests: 30 HTTP requests in this frame

Frame: https://direxctcom.top/EHQKA/assets/cross-domain-bridge.html
Frame ID: 5B6D58C9A1B762D9CD9470EE54F86424
Requests: 1 HTTP requests in this frame

Frame: https://app.usercentrics.eu/browser-sdk/4.16.0/cross-domain-bridge.html
Frame ID: 2DE3911D8F31CDDEA84A060734B05DBE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Onlinebanking and Brokerage Deutsche Bank

Page URL History Show full URLs

  1. https://han.gl/hkKEQ HTTP 301
    https://lihi2.cc/AafCj HTTP 302
    http://direxctcom.top/EHQKA HTTP 301
    https://direxctcom.top/EHQKA HTTP 301
    http://direxctcom.top/EHQKA/ HTTP 301
    https://direxctcom.top/EHQKA/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Page Statistics

37
Requests

100 %
HTTPS

80 %
IPv6

6
Domains

10
Subdomains

8
IPs

2
Countries

531 kB
Transfer

2007 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://han.gl/hkKEQ HTTP 301
    https://lihi2.cc/AafCj HTTP 302
    http://direxctcom.top/EHQKA HTTP 301
    https://direxctcom.top/EHQKA HTTP 301
    http://direxctcom.top/EHQKA/ HTTP 301
    https://direxctcom.top/EHQKA/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
direxctcom.top/EHQKA/
Redirect Chain
  • https://han.gl/hkKEQ
  • https://lihi2.cc/AafCj
  • http://direxctcom.top/EHQKA
  • https://direxctcom.top/EHQKA
  • http://direxctcom.top/EHQKA/
  • https://direxctcom.top/EHQKA/
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51840ddb5e736e869275117e05238b844866ccdf7641d237f875525d2bc2a381

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7712fcb45cccb99a-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 28 Nov 2022 12:08:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mH9TXYxi9thdV96KgRFU6%2F7%2B83zykYR0lqorlKo0Y92wnyxeJ4lB%2BEQfxpt3ajIZyV1bTSpiCYVq0Tn6tj8ZRgkUYi1IjM3yvH47l1Cjj87IAQOpoqi5UK27jraHxd2FTFZzU9nXtbSN%2Fjribg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
7712fcb4181f1c08-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 28 Nov 2022 12:08:07 GMT
Expires
Mon, 28 Nov 2022 13:08:07 GMT
Location
https://direxctcom.top/EHQKA/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PagR7%2Be%2BX%2FlEHDij6IrcaLLxpxzHE2bpBp8jizZS%2Fxb78VhnhqJBKW3cOBzRq22Xle9fw%2BPz0MDQtVNOCY8gvgt7FwVhowpr287vE5yF33b4mtgVOK2b6Oj4SgevN47ZWOuR1Zwixr8rk%2Bt%2FAw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
prototype.js.download
direxctcom.top/EHQKA/assets/ 		195 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/assets/prototype.js.download
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4449265edb6b39d65017149d01aeeb1f79d6e11ed313cbc2bf097ef14fbbed3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 21 Nov 2022 11:46:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"30c7a-5edf99b517600-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0iuPFIadge2055eiV718ZsztWWjsq9BdmKtj%2Fm5x6P5djBKFm8dnKff%2BVn2dP%2BQ5VdJQQMiEGrl0XyOYItF%2FcMU2a9bKMDWq1ozowqRUAfv9HKqVlUsQzAtlCnxjH%2BFDHSp2Tc%2BiGo1XBVZWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
7712fcb4ce18b7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
global.js.download
direxctcom.top/EHQKA/assets/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/assets/global.js.download
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee6fef6ff7fabff3bcbe87b4a109585e2442aaa96860d1ed1a8d0a3c75214eba

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 21 Nov 2022 11:46:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5ffa-5edf99b517600-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9V%2BpL3OP48EGTEu84cRar23bbA%2B0asCPdBTovqx1KPJQUsfs8sDiA2kzD1oLLMJoTtph4ebR%2BgILpzzdpQVJzokaQGN8fBetR2ahoHqxOF3FvqrsCNQSv5rYmVYNqxPZezI%2FgG5mgQtqYiS1ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
7712fcb4ce19b7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
polyfills.es5.js.download
direxctcom.top/EHQKA/assets/ 		435 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/assets/polyfills.es5.js.download
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71135efed1022d62d2d805d6383ffe2d07dfb09cea04d6889655d9e4dfa540e0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 21 Nov 2022 11:46:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6cc6d-5edf99b517600-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRCDG%2Bw2sSPdMXs1ypAYDX1RLe3McWfmK8n47939gDeteaibeJ10GwyrZTZwEHBGjHtk1Vmp1tEmI3HfheoqfW%2BtEVrUkEaDfkERFo40vP712iB4Vbr1sZePoir2OjiMt8aG2Tm5JAEPPmrSQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
7712fcb4ce1ab7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
native-shim.js.download
direxctcom.top/EHQKA/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/assets/native-shim.js.download
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bf7b013d798a458b822b2c4e46a65fa2b3af38ab3ae9f594e954f0b344da2e6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 21 Nov 2022 11:46:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"861-5edf99b517600-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nh5U5N8pdUZJceDxd3M84SuIktb7slMG2wuydPODSRIFVbS%2BpJuEh7BsqyESvx0Ok0BxYjsXOoXv%2FhGQXwiPWRplRAHpE4uMnkGHlnCVMJTbp3q5CL0SMHlM07V1ZwTdWzWlITb%2FL9Do5ffk5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
7712fcb4ce1bb7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
custom-elements.min.js.download
direxctcom.top/EHQKA/assets/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/assets/custom-elements.min.js.download
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b86d62cd6db965295cd25c44221ae2f91e9a84aebdff867b32619dcdc6354391

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 21 Nov 2022 11:46:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4bdd-5edf99b517600-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSo2oQmb1w0KN9gjm6UrT4chd5SmmGXeQ9D51HTU871wLaR4mBvsoiRDPpMpagnKM82op0LZodl5eA6mG0OxU4KOCCZJ5jIrhefvxuIu5GgWQPZ8d%2FU4A0oig5wjmsQn3yNbgSudzjnMZWIAKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
7712fcb4ce1db7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cms_snippets.es5.js.download
direxctcom.top/EHQKA/assets/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/assets/cms_snippets.es5.js.download
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60f2c6d5a8cfd513ba53986bfbb2f40b73097b4cf2048dec99f96970a68e2575

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 21 Nov 2022 11:46:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9e5d-5edf99b517600-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dzj3LYN%2FIdsSoOxTQ1cMATDVIX7ZnU%2FBiDXoPtcmFtbladwR%2BTHXiHVFYZCfGkI%2FFz2rMvlZ270lZniHZ9nszxk9pCGhHqSq%2B6s631lZADNorw7gxjioOLVJtQRxFIJajq9joxFAI5LUbRA9%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
7712fcb4ce1eb7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
db-eccs-pws-pwcc-clientlib-trxm.css
direxctcom.top/EHQKA/assets/ 		104 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/assets/db-eccs-pws-pwcc-clientlib-trxm.css
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80e83185b609626b3977ae01dd2ca79b4e36e962454959f21162dc66352d978e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 21 Nov 2022 11:46:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"19e11-5edf99b517600-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nn3Wg3P3JFbfBbjp3l%2FbbT2YXE%2BvK6e4jkl%2FmqhRJyyqErSLXID%2B590ziNYfSxcdAhnKNuzRnGdYsk8F%2FN3uZ8du8qGtoqL3gSL6E4eqvpzWl2RqWE0X6Q7sph5iv4%2F1tFOThz%2BT3%2BbSjOfvUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7712fcb4ce1fb7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
usercentrics-3.6.0.js.download
direxctcom.top/EHQKA/assets/ 		600 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/assets/usercentrics-3.6.0.js.download
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0053c654aec205ce4b9f4b0c9288f30c1b0b82142bff6864345584cb4b419325

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 21 Nov 2022 11:46:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"95ffd-5edf99b517600-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uxa6AkgPqEeUXYXeodmVE%2BOlBjhlddxTXKNukFb%2Bm4eZjuvjt0NX%2BS0RCgz1rLxydGStHtpooBhng%2FqCZ3KyBwDsiwp5DzpS4XMQjl21ChyE8eZx2dtcnwW2PXJS9tgpGG%2F%2BQo6aJIBJrksmSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
7712fcb60f35b7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
base.css
direxctcom.top/EHQKA/assets/ 		333 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/assets/base.css
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38c94fac1bfc95bc65e0ca957a52b96d50fce672f783885b7653f2adec4cb00e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 21 Nov 2022 13:29:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"53257-5edfb0b143080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbuJXRprkUMf%2FxmuCZmjQYPBi5cqcGXpfvqqd6ibusbiX2T1L96ANJwq8aZZcVsXPGqoacSJhMshIGqZpTM4AR%2Frbi2T5MiYxcguTmBw97UNJk49YH%2BG24P5gu%2B4S04K43YKlWKfaDK%2BBk414g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7712fcb4ce21b7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo_db.gif
direxctcom.top/EHQKA/assets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direxctcom.top/EHQKA/assets/logo_db.gif
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
102d5e9253625aeb5d47ad0350763b534b95a92a240f353e8bd9bb43ef1722c2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 21 Nov 2022 11:46:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"774-5edf99b60b840"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FBtIZ%2B8a%2FzuqvNKggta0OIc86Oez%2F%2F0b8dbv59URD0auYYRAx8oQqlr9sytFU9Xg%2BLaDFMbH9soFXUQiM7GIxxgDQ6yvzI3fih0VPud46qgUoVgskfcK9%2BXnLiR%2FMdb9bQ3qQHmPijTObLp7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7712fcb60f37b7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1908
autotab.js.download
direxctcom.top/EHQKA/assets/ 		706 B
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/assets/autotab.js.download
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
748210c9dfa18aab5950bfc5d81d1a34c6f008bd347372b7defc0471e93e2e81

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 21 Nov 2022 11:46:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2c2-5edf99b60b840-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cB0opr4AA%2FdrV9Amai76odL9xoKrFt298MarNkS1222U78Glsi%2FC2XpOokURi%2FyhCW6VtANRBUHq%2F3V5Eyd3BZD91xT%2F2p0Ol16ng%2BIqDTyG3%2FZNJXLfHpM%2Bk5oItyA8rNBVqTNAad6ntr0Mqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
7712fcb5aeecb7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fingerprintLoginUi.js.download
direxctcom.top/EHQKA/assets/ 		1 KB
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/assets/fingerprintLoginUi.js.download
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2feb12ed2624d8a59bb18c116b8bf12c1f38a9611ce94353c65450d46ed57433

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 21 Nov 2022 11:46:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5c4-5edf99b60b840-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kj4Fr1mhLiQM2aPjm6J06iRsNVrrxw1C530qtHPgXkOFVHX12tgSl%2FhbQeGW0CArBXP1QSG7xdhqveqqCu5oda8HA4rVyOPZ2OqeZiMTlnCFji9SJL34YFPtWwERo9EoGD8I4mvsgpDlEOqofg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
7712fcb5aeefb7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ic_help.gif
direxctcom.top/EHQKA/assets/ 		356 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direxctcom.top/EHQKA/assets/ic_help.gif
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5fa586c418c08dce89bb46bfa91597e880cdb2cd405a7da519bafb1c2ff5ae1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Nov 2022 11:46:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"164-5edf99b60b840"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKwB0hrSuGBSbmhzusJT3AluN6VTdrCvMvlJczg6HkEAxNihkD%2BGxX4rbpd9%2F6KyvAoXt28w7s2GKf4L7tQ%2FEHFcXt4T2Awd3sRjPUPDsFLevCOqw9XvCXCJI8%2Bfoa36CbIZR2%2BbbUQ2Y94OJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7712fcb60f38b7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
356
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/assets/base.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 10:58:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 12:08:07 GMT
print.css
direxctcom.top/EHQKA/assets/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/assets/print.css
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ad8478925b9c5d28672c14ad7b15aa406d0f6dd0f16946652c32248b4f4ba2c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 21 Nov 2022 11:46:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"30f5-5edf99b517600-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCjvJ7IR5vSN%2FtosjyfC8wzgkx2I2GXfjUvWzJldIihgRcXqI5PJiewQFQ50y9gtwTfYheUFCvpzaFM1bUSblmOVufunCUw4D1AUGN5RgufDYcmJs0%2B3HmcJYCVTcHYue7GS%2BF78Hh0kPcmHbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7712fcb60f39b7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
languages.json
api.usercentrics.eu/settings/hFeT9yF-a/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/hFeT9yF-a/latest/languages.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://direxctcom.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 28 Nov 2022 12:08:07 GMT
expires
Mon, 28 Nov 2022 12:08:07 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
NL,NLZH
x-guploader-uploadid
ADPycduFTPMgwYAWYqgGyzNRLCH75QoJR1RfK82ZWijSPCqfzslCCTDP909MjmNHr6iHKNwfNbshdbh-5orRIYy4SHCalA
languages.json
api.usercentrics.eu/settings/hFeT9yF-a/latest/ 		66 B
104 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/hFeT9yF-a/latest/languages.json
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/assets/usercentrics-3.6.0.js.download
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
eb3f4cf387fca0337770c0919834536dca1fc6c95ec5d142c46537a0f20ec14b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://direxctcom.top/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
content-type
application/json

Response headers

date
Mon, 28 Nov 2022 12:08:01 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
6
x-client-geo-location
NL,NLZH
x-guploader-uploadid
ADPycdutOE1-A2x5zY_BGwGpV-8hXyWgvASZfLHPFdbn_ptNic9OJARgVH0ZBQoshWAetrcTpZthdb1aaA1M0BEDaQU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71
last-modified
Mon, 07 Nov 2022 13:24:23 GMT
server
UploadServer
etag
"645afc9e7aa2c884f8a470fd78671460"
vary
Accept-Encoding
x-goog-generation
1667827463212503
x-goog-hash
crc32c=VEQXGw==, md5=ZFr8nnqiyIT4pHD9eGcUYA==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=10
x-goog-stored-content-length
71
accept-ranges
bytes
content-type
application/json
expires
Mon, 28 Nov 2022 12:08:11 GMT
bg_headerContainer.svg
direxctcom.top/EHQKA/assets/ 		24 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direxctcom.top/EHQKA/assets/bg_headerContainer.svg
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/assets/base.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8e151c9a4662eed5ed30c64a2ae9feaa84748d92286849c9093b68724634bd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/assets/base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 21 Nov 2022 11:51:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6002-5edf9ab5a1340"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gE7c9XfXDdVbckz%2BYA4eRvEWEg%2F3KVErrzoZoFkRH0MtkQc8%2BljFRkp1m7haMNDKLvxmjxpoUjiVyX%2BvKUjlBq9PAmgbZwQ%2B5FQTl7wisyOxvTFDsYe63Y3lBxGUQioofJHBCe%2BCut4wbMJuzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7712fcb6c813b7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pfbicons.woff
direxctcom.top/EHQKA/assets/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/assets/pfbicons.woff
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/assets/base.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddccf75b6a6b536c7a92cb5dcc1b9e0f07fe40118ab9f16e729d71aa367988ca

Request headers

Referer
https://direxctcom.top/EHQKA/assets/base.css
Origin
https://direxctcom.top
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
cf-cache-status
MISS
last-modified
Mon, 21 Nov 2022 12:06:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e2b8-5edf9e169cc00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UpEy0sstSufpimx2CkvFsKq8C%2BqT8hv3aeU9kQzlI7y2hp0c44iOEXLWUJzx7Q07awMg0PK7XsDTJpESt4SAlwWg2JJBfZGp3bn0JYb9k0PPz%2Bwjn4nZ9ml0NE2GCuExrk9x3mSHyY4ryU5Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7712fcb6d814b7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58040
cross-domain-bridge.html
direxctcom.top/EHQKA/assets/ Frame 5B6D 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/assets/cross-domain-bridge.html
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2df376e08515919c94760d337c71b8cf48e0df327cd8223b5eb534730eabdb

Request headers

Referer
https://direxctcom.top/EHQKA/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7712fcb6e821b7a0-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 28 Nov 2022 12:08:07 GMT
last-modified
Mon, 21 Nov 2022 11:46:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQxeRVVDFCsB7%2BH0A5%2BVJTr9%2Fr5qXWWqKe3KzcFsIu%2FTaRt5egp9NPRpxmql6M8RbBT9cJpW3rgMx8tYKCjbOMhrvmOTC%2BFCttH4%2Bd9BVqebxnObmneq8LTOunxPb20uvCzUhoFmWx54BCvRnA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bg_phishingDistractor.png
direxctcom.top/EHQKA/assets/ 		541 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direxctcom.top/EHQKA/assets/bg_phishingDistractor.png
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/assets/base.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/assets/base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 21 Nov 2022 11:51:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"21d-5edf9abf2a9c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yw3vMkHU4b3nhlg3Q1kLPs225eXu7TzVBbpjYQPZ8tnfZ741C2tmiQTv8TwMcG%2FCDXKEX95HyiygNFAPqf%2FUVa%2Bbb3Xb8QxtVRgegidoKvNHyMihGSOWCjT%2F8EDNvFnFwU5icayvvVLXIHF8yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7712fcb6e81fb7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
541
bt_primary_default.png
direxctcom.top/EHQKA/assets/ 		396 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direxctcom.top/EHQKA/assets/bt_primary_default.png
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/assets/base.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/assets/base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 21 Nov 2022 11:51:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"18c-5edf9ac7bfe00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2Fy034LD4b55X3LesLnWjpnkZc96gAipkUzckuRoHId0zJixJDM6jAxEt%2BAN8BjA1z6jozT8eD3VkE3L8cnpjHg4JI5JGy6s6wJS9Mas4UKZ6%2Fd8eVIS%2Fm5zwS%2Fm6FgQ%2BcATT6VJIH2WZhuviA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7712fcb6e820b7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
396
logo_verimi.svg
direxctcom.top/EHQKA/assets/ 		893 B
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://direxctcom.top/EHQKA/assets/logo_verimi.svg
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/assets/base.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04dc44d70bab5f51ac523dd363d6dbeb91c227ca4617d2498ed4856468a57903

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/EHQKA/assets/base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 21 Nov 2022 11:51:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"37d-5edf9ad702200"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSaRfr1GyT4nYDEFbbYy1f52YCtw8RqXjnJ9VBOmf0cIqVntS%2FoNcEr%2BAACJFu6ByIY90HrgEgyxqFvuw0xKhSV%2FwHHylxsCC5lYQNcQxTrS4G0%2BAbqYSGK9YILdzPYeFcXaG1aiwsy8P8aixg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7712fcb6e822b7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pfbicons.ttf
direxctcom.top/EHQKA/assets/ 		57 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://direxctcom.top/EHQKA/assets/pfbicons.ttf
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/assets/base.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4774 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f7156b4df52fbd5e6d52360559842a57cbc8522f27337ae65c847ef77f65486

Request headers

Referer
https://direxctcom.top/EHQKA/assets/base.css
Origin
https://direxctcom.top
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 21 Nov 2022 12:06:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e26c-5edf9e38f1d00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knl2fxdet%2BMtXgiHfGv%2FzM5afmd2djb8ycQ7658DK7U4b7q9ZxH7FkONNciBTJMJni%2BNKWorzeqowFqg2%2FJwnK%2BKp8%2FXf3f7CYP9Teg23MyAFkatbEsGfZnJ3VbG3UwiEWwb4VvGnV5rNzFOqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
max-age=14400
cf-ray
7712fcb7184bb7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
en.json
api.usercentrics.eu/settings/hFeT9yF-a/latest/ 		26 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/hFeT9yF-a/latest/en.json
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/assets/usercentrics-3.6.0.js.download
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fcf0680931ef591a00a3bca373d65953aff3d0e75049f8182d6f39c29a011111
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://direxctcom.top/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
content-type
application/json

Response headers

date
Mon, 28 Nov 2022 12:08:07 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
NL,NLZH
x-guploader-uploadid
ADPycdsF9LsUgkejUiozWI2GabhlYCiI5ctReIGJz7HfjDPihb23Ru41QGjzmOaHZlQX8tJ4OezS7joUFNWfEI4uDb-B
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7657
last-modified
Mon, 07 Nov 2022 13:24:23 GMT
server
UploadServer
etag
"f04134c581bb4694877a196f28ae43bc"
vary
Accept-Encoding
x-goog-generation
1667827463211467
x-goog-hash
crc32c=g0nTVA==, md5=8EE0xYG7RpSHehlvKK5DvA==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=10
x-goog-stored-content-length
7657
accept-ranges
bytes
content-type
application/json
expires
Mon, 28 Nov 2022 12:08:17 GMT
en.json
api.usercentrics.eu/settings/hFeT9yF-a/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/hFeT9yF-a/latest/en.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://direxctcom.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 28 Nov 2022 12:08:07 GMT
expires
Mon, 28 Nov 2022 12:08:07 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
NL,NLZH
x-guploader-uploadid
ADPycdsqJ8b9CeOKvYU96mdpKUz5ZUrX4fIaPQYuF8PwpkivfQf3NFJPZaQKkySCfaZPHt8039fbsvuUXSVhffuHDqmwOQ
cross-domain-bridge.html
app.usercentrics.eu/browser-sdk/4.16.0/ Frame 2DE3 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-sdk/4.16.0/cross-domain-bridge.html
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/assets/usercentrics-3.6.0.js.download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8563f915516318c564b1a4b4d4005778294178cfac736d0ed7dd5afa86d4cd50
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://direxctcom.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
Content-Type Content-Length Transfer-Encoding
age
966722
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=2592000, no-transform
content-encoding
gzip
content-length
1123
content-type
text/html
date
Thu, 17 Nov 2022 07:36:05 GMT
etag
"590318360dd4b7eddf1f8ec23baed619"
expires
Sat, 17 Dec 2022 07:36:05 GMT
last-modified
Tue, 18 Oct 2022 08:39:16 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-goog-generation
1666082356317203
x-goog-hash
crc32c=nhP8Ug== md5=WQMYNg3Ut+3fH47CO67WGQ==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1123
x-guploader-uploadid
ADPycduGFSF4dmyXAbVpB-7UKW_cooNSKRrVie9foP95XBxzDJu-aef8v_Yx9MW6FiUFB3F43nDKWkSGjZ_kvmpzPuAMXw
1px.png
app.usercentrics.eu/session/ 		489 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=hFeT9yF-a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 11:51:10 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
1017
x-guploader-uploadid
ADPycdv7ELndqgk_ppLS37iF7T0rc2lddeCUlIivBQrTl1Kyz9BuyuwtYliIx91vDRS-B0_kwmOKW7lvTbzn3DK8CuNqyQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
522
last-modified
Fri, 08 May 2020 09:06:13 GMT
server
UploadServer
etag
"3702ada73b8951017b8451cbd6a96523"
x-goog-generation
1588928773413784
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type
image/png
cache-control
public,max-age=1800,no-transform
x-goog-stored-content-length
522
accept-ranges
bytes
expires
Mon, 28 Nov 2022 12:21:10 GMT
translations-en.json
api.usercentrics.eu/translations/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-en.json
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/assets/usercentrics-3.6.0.js.download
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a860acff478ef9d91d38024f21089d81a426da5d59c4847f3c5c33d061e1659f
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://direxctcom.top/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
content-type
application/json

Response headers

date
Sun, 27 Nov 2022 16:08:19 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
71988
x-client-geo-location
NL,NLZH
x-guploader-uploadid
ADPycdsiMr-093sRRYxv-idY-_oT2h7PCtg5_QhrqFwOLgijbMGG2oScnBoLXn0ffd6X5di5nuSV39_nNaQtzkPwdfmAnw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2305
last-modified
Mon, 21 Nov 2022 10:38:06 GMT
server
UploadServer
etag
"b2ddc9c3832854924c07b315d47869de"
vary
Accept-Encoding
x-goog-generation
1659013975131951
x-goog-hash
crc32c=x3i0og==, md5=st3Jw4MoVJJMB7MV1Hhp3g==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400, s-maxage=86400
x-goog-stored-content-length
2305
accept-ranges
bytes
content-type
application/json
expires
Mon, 28 Nov 2022 16:08:19 GMT
translations-en.json
api.usercentrics.eu/translations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-en.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://direxctcom.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 28 Nov 2022 12:08:07 GMT
expires
Mon, 28 Nov 2022 12:08:07 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
NL,NLZH
x-guploader-uploadid
ADPycds-WSm9BiJEurqXd5OiBsztrqzwORuOMgpdDybHPHnjh5ARPX4e5jJ1Vv6galq8wgUSe1f_8VCqJlhQA-nWr07FjS4BVQRK
en
aggregator.service.usercentrics.eu/aggregate/ 		42 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aggregator.service.usercentrics.eu/aggregate/en?templates=8L9bkqYbV@9.6.2,AkH3-hdIF@3.0.3,B1SI9Nsus-Q@8.5.2,BJf5EjOi-X@12.5.6,BJz7qNsdj-7@15.7.12,H1Vl5NidjWX@40.17.38,HyiV94juoW7@8.3.2,Hysgc4odiZ7@13.6.5,IrHlMsvFk@1.0.23,QmkqgbGhi@1.1.2,S1_9Vsuj-Q@15.7.11,ko1w5PpFl@23.12.19,oMRbgWzWH@1.0.4
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/assets/usercentrics-3.6.0.js.download
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:256b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
03f90a5e592706520af41a8fc94aad3a9b7d5af5b835854fd235a327f62256af

Request headers

Referer
https://direxctcom.top/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
content-type
application/json

Response headers

date
Wed, 23 Nov 2022 08:04:01 GMT
content-encoding
br
via
1.1 google
server
Google Frontend
age
446647
etag
"1o5wewk"
vary
Accept-Encoding, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
e4aaa77c8e5faa5a5a14171cca2d9124
cache-control
public,max-age=604800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6336
en
aggregator.service.usercentrics.eu/aggregate/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aggregator.service.usercentrics.eu/aggregate/en?templates=8L9bkqYbV@9.6.2,AkH3-hdIF@3.0.3,B1SI9Nsus-Q@8.5.2,BJf5EjOi-X@12.5.6,BJz7qNsdj-7@15.7.12,H1Vl5NidjWX@40.17.38,HyiV94juoW7@8.3.2,Hysgc4odiZ7@13.6.5,IrHlMsvFk@1.0.23,QmkqgbGhi@1.1.2,S1_9Vsuj-Q@15.7.11,ko1w5PpFl@23.12.19,oMRbgWzWH@1.0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:256b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://direxctcom.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 28 Nov 2022 12:08:07 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
a3ab9867250109dd4e083611fdf7bfe3
graphql
graphql.usercentrics.eu/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graphql.usercentrics.eu/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7903:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://direxctcom.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 28 Nov 2022 12:08:08 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
graphql
graphql.usercentrics.eu/ 		1 KB
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graphql.usercentrics.eu/graphql
Requested by
Host: direxctcom.top
URL: https://direxctcom.top/EHQKA/assets/usercentrics-3.6.0.js.download
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7903:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/ Express
Resource Hash
2a1245bf354ce905cd91f815496f85a89ba5f3819f6ac1ccc2e42285c017020c

Request headers

Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://direxctcom.top/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
X-Request-ID
3410e334-bf04-41d0-bcf2-6799328f6623
content-type
application/json

Response headers

date
Mon, 28 Nov 2022 12:08:08 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
Express
etag
W/"442-CWWrvwvWMa4RJ19Q6HFknMPK57Y"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
uct
uct.service.usercentrics.eu/ 		35 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uct.service.usercentrics.eu/uct?v=1&sid=hFeT9yF-a&t=1&abv=&r=https%3A%2F%2Fdirexctcom.top%2FEHQKA%2F&cb=1669637288149
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.108.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
180.108.95.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 12:08:08 GMT
via
1.1 google
strict-transport-security
max-age=7776000
server
Google Frontend
x-powered-by
Express
content-type
image/gif
x-cloud-trace-context
b695c1fc3311c02de77b24330b34df8b
cache-control
no-store
function-execution-id
hf2aty8bttcc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
deutsche_bank_logo_retina.gif
www.deutsche-bank.de/dam/deutschebank/de/shared/logo/ 		854 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deutsche-bank.de/dam/deutschebank/de/shared/logo/deutsche_bank_logo_retina.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6800:13:46b5:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
81e601a8a1848ba07173f974a88cc2f6a50f0d23105d9327a30e1c9c28f8adb9
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.deutsche-bank.de
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, allow-from https://meine.deutsche-bank.de

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://direxctcom.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-dispatcher
dispatcher1eucentral1
date
Mon, 28 Nov 2022 12:08:08 GMT
x-dispatcher-version
1.4.7
x-content-type-options
nosniff
content-security-policy
frame-ancestors https://*.deutsche-bank.de
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-vhost
deutsche-bank
x-cache
Miss from cloudfront
content-disposition
inline
content-length
854
last-modified
Wed, 21 Feb 2018 08:38:06 GMT
server
Apache
etag
"356-565b4d8995780"
vary
Host
x-frame-options
SAMEORIGIN, allow-from https://meine.deutsche-bank.de
content-type
image/gif
accept-ranges
bytes
x-amz-cf-id
aEnO2oqFFRlWGH4cCKx8wshJ6LL3l8VUbyWaIO9teglkaAaJj6iKPw==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Deutsche Bank (Banking)

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| Prototype object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Abstract object| Try object| Ajax object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $ function| $$ undefined| Sizzle function| Selector function| showMaxChars function| loadScript function| stopEvent function| getScript function| loadContactWidget function| handleAnnotations function| toggleSepaDetails function| handleCookieConsentBox function| debug function| setOPRAPortalTeaserContainer function| updateOPRAPortalTeaserContainerSize function| enhanceLayout function| addHeadline function| toggleTooltip function| hoverButtons function| toggleButtonClassName function| collapseTable function| toggleContent function| displayCompletedSteps function| setBackgroundImage function| printPage function| OPrA_SB_equalSectionHeight function| validateLogin function| setFocus function| setWidth function| openWin function| openWinWithEvent function| nativeLinkHandler function| openWinFromIframe function| findRelevantAnchor function| addTANKeypad function| enterTan function| efaFontsize function| setFontsize function| observeEnterKey function| heightBalancing function| AKK_enhanceLayout function| cookieRepair function| getSessionIds string| ua object| isiPad boolean| isMac string| language object| REPLACE_TOKEN string| scriptPath object| TOGGLE_BUTTON_CLASSES object| TOGGLE_BUTTON_HOVER object| COLLAPSE_TABLE_NEW_TITLE object| TOGGLE_CONTENT_NEW_TITLE object| Cookie function| setImmediate function| clearImmediate object| cmsSnippets function| __CE_installPolyfill object| cmsStore object| cmsVoucher object| __eventListeners function| __import__ boolean| UC_UI_IS_RENDERED function| doNext function| setFocusNext object| FingerprintLoginUI object| dataLayer object| UC_UI

5 Cookies

Domain/Path Name / Value
han.gl/ Name: PHPSESSID
Value: obl9rr97llqarigldst75hhnks
han.gl/ Name: short_2033108
Value: 1
lihi2.cc/ Name: redirect_id
Value: eyJpdiI6Ik0xVytSaFljS3R5UEdmUDJWcUZTZ1E9PSIsInZhbHVlIjoicTYzTVNXMFE1NUwyQmRNMHR1cU9JR0F5SWxpZk9xcGlHTTl2Q2RmcWRzc1Y0RDRJYUtMaWRXR2NxbFNsamlzaiIsIm1hYyI6IjM0NzZlODBkNmI1YjViODU3ZGM0ODNjOTBmYzBmMTU5ZmY3MjM0M2Y0ZDYwNjU1MWE2ZGM4ZDA3ZmUyMzE2ZDgifQ%3D%3D
lihi2.cc/ Name: lihi_session
Value: eyJpdiI6ImRTSFdxR2pNNG5rUVJRaUFPc1JhQUE9PSIsInZhbHVlIjoiWmpPS0lvWVlSaFNxTWJOTGlRKzBpb1BQXC9EYmpGZjhTUFA4elptYW9aM0hjZmQwXC9BeFdqbmoyWUorQTd0bFVUIiwibWFjIjoiOWQzNTU4YmJiOGFlN2M1ZWNiNjFjMjBkNjFiZjdkYjg5MDA4YmNkY2UzYWRjN2QxZjk3NTY4OTljM2Y4MzQwZiJ9
direxctcom.top/ Name: font-sizer
Value: %7B%22font-size%22%3A%22fs-small%22%7D

4 Console Messages

Source Level URL
Text
other warning URL: https://direxctcom.top/EHQKA/
Message:
Failed to decode downloaded font: https://direxctcom.top/EHQKA/assets/pfbicons.woff
other warning URL: https://direxctcom.top/EHQKA/
Message:
OTS parsing error: incorrect file size in WOFF header
other warning URL: https://direxctcom.top/EHQKA/
Message:
Failed to decode downloaded font: https://direxctcom.top/EHQKA/assets/pfbicons.ttf
other warning URL: https://direxctcom.top/EHQKA/
Message:
OTS parsing error: post: table overruns end of file

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aggregator.service.usercentrics.eu
api.usercentrics.eu
app.usercentrics.eu
direxctcom.top
fonts.googleapis.com
graphql.usercentrics.eu
han.gl
lihi2.cc
uct.service.usercentrics.eu
www.deutsche-bank.de
2600:1901:0:256b::
2600:1901:0:5987::
2600:1901:0:7903::
2600:1901:0:c07c::
2600:9000:21f3:6800:13:46b5:7d80:93a1
2606:4700:3033::6815:4774
2a00:1450:4001:80f::200a
2a06:98c1:3120::3
34.95.108.180
35.244.149.249
0053c654aec205ce4b9f4b0c9288f30c1b0b82142bff6864345584cb4b419325
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
03f90a5e592706520af41a8fc94aad3a9b7d5af5b835854fd235a327f62256af
04dc44d70bab5f51ac523dd363d6dbeb91c227ca4617d2498ed4856468a57903
0f2df376e08515919c94760d337c71b8cf48e0df327cd8223b5eb534730eabdb
102d5e9253625aeb5d47ad0350763b534b95a92a240f353e8bd9bb43ef1722c2
2a1245bf354ce905cd91f815496f85a89ba5f3819f6ac1ccc2e42285c017020c
2feb12ed2624d8a59bb18c116b8bf12c1f38a9611ce94353c65450d46ed57433
38c94fac1bfc95bc65e0ca957a52b96d50fce672f783885b7653f2adec4cb00e
3bf7b013d798a458b822b2c4e46a65fa2b3af38ab3ae9f594e954f0b344da2e6
4449265edb6b39d65017149d01aeeb1f79d6e11ed313cbc2bf097ef14fbbed3d
51840ddb5e736e869275117e05238b844866ccdf7641d237f875525d2bc2a381
60f2c6d5a8cfd513ba53986bfbb2f40b73097b4cf2048dec99f96970a68e2575
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d8e151c9a4662eed5ed30c64a2ae9feaa84748d92286849c9093b68724634bd
71135efed1022d62d2d805d6383ffe2d07dfb09cea04d6889655d9e4dfa540e0
748210c9dfa18aab5950bfc5d81d1a34c6f008bd347372b7defc0471e93e2e81
7f7156b4df52fbd5e6d52360559842a57cbc8522f27337ae65c847ef77f65486
80e83185b609626b3977ae01dd2ca79b4e36e962454959f21162dc66352d978e
81e601a8a1848ba07173f974a88cc2f6a50f0d23105d9327a30e1c9c28f8adb9
8563f915516318c564b1a4b4d4005778294178cfac736d0ed7dd5afa86d4cd50
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
9ad8478925b9c5d28672c14ad7b15aa406d0f6dd0f16946652c32248b4f4ba2c
a860acff478ef9d91d38024f21089d81a426da5d59c4847f3c5c33d061e1659f
b86d62cd6db965295cd25c44221ae2f91e9a84aebdff867b32619dcdc6354391
ddccf75b6a6b536c7a92cb5dcc1b9e0f07fe40118ab9f16e729d71aa367988ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fa586c418c08dce89bb46bfa91597e880cdb2cd405a7da519bafb1c2ff5ae1
eb3f4cf387fca0337770c0919834536dca1fc6c95ec5d142c46537a0f20ec14b
ee6fef6ff7fabff3bcbe87b4a109585e2442aaa96860d1ed1a8d0a3c75214eba
fcf0680931ef591a00a3bca373d65953aff3d0e75049f8182d6f39c29a011111