presbyterlifeguard.online Open in urlscan Pro
172.67.207.75 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/bertacanada/hamisudenise.html
Effective URL:
https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Submission: On April 24 via manual (April 24th 2024, 5:33:03 am UTC) from ES — Scanned from ES

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 8 domains to perform 25 HTTP transactions. The main IP is 172.67.207.75, located in United States and belongs to CLOUDFLARENET, US. The main domain is presbyterlifeguard.online.
TLS certificate: Issued by GTS CA 1P5 on March 7th 2024. Valid for: 3 months.

This is the only time presbyterlifeguard.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 2	172.217.18.27 172.217.18.27	15169 (GOOGLE) (GOOGLE)
2 2	35.195.30.15 35.195.30.15	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.76.98.215 34.76.98.215	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	172.67.207.75 172.67.207.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
1	172.67.177.88 172.67.177.88	() ()
25	5

2 172.217.18.27 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f27.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.195.30.15 (Brussels, Belgium) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.30.195.35.bc.googleusercontent.com

myguidancetrack2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.76.98.215 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 215.98.76.34.bc.googleusercontent.com

breakingtrackss1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.trackitlivenow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.67.207.75 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

presbyterlifeguard.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.177.88 (None, )

ASN- ()

virtualpushplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	presbyterlifeguard.online 1 redirects presbyterlifeguard.online	693 KB
2	myguidancetrack2.com 2 redirects myguidancetrack2.com	775 B
2	googleapis.com 1 redirects storage.googleapis.com — Cisco Umbrella Rank: 361	793 B
1	virtualpushplatform.com virtualpushplatform.com	5 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	trackitlivenow.com 1 redirects www.trackitlivenow.com	804 B
1	breakingtrackss1.com 1 redirects breakingtrackss1.com	754 B
0	fontawesome.com Failed use.fontawesome.com Failed
25	8

	Domain	Requested by
14	presbyterlifeguard.online	1 redirects presbyterlifeguard.online
2	myguidancetrack2.com	2 redirects
2	storage.googleapis.com	1 redirects
1	virtualpushplatform.com	presbyterlifeguard.online
1	www.google.com
1	www.trackitlivenow.com	1 redirects
1	breakingtrackss1.com	1 redirects
0	use.fontawesome.com Failed	presbyterlifeguard.online
25	8

This site contains no links.

Subject Issuer	Validity	Valid
storage.googleapis.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
presbyterlifeguard.online GTS CA 1P5	`2024-03-07` - `2024-06-05`	3 months	crt.sh
virtualpushplatform.com Cloudflare Inc ECC CA-3	`2024-01-14` - `2024-12-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Frame ID: 5B4DA34F8775BCCC77ECCD538F4DDD72
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://storage.googleapis.com/bertacanada/hamisudenise.html Page URL
https://myguidancetrack2.com/?a=2429&oc=20133&c=54377&p=r&m=3&s1=hamisudenise HTTP 302
https://myguidancetrack2.com/?a=2429&oc=20133&c=54377&p=r&m=3&s1=hamisudenise&ch-redir=1&ckmxid=cok9j2tp0... HTTP 302
https://breakingtrackss1.com/?a=2429&oc=20133&c=54377&p=r&m=3&s1=hamisudenise&ch-redir=1&ckmxid=cok9j2tp0... HTTP 302
https://www.trackitlivenow.com/B1Z33J/W8GP3KW/?sub2=362885945&source_id=2429 HTTP 302
https://presbyterlifeguard.online/cJy6kh2HOd/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265... HTTP 302
http://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=... HTTP 307
https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=... Page URL

Page Statistics

25
Requests

60 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

5
IPs

3
Countries

700 kB
Transfer

901 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/bertacanada/hamisudenise.html Page URL
https://myguidancetrack2.com/?a=2429&oc=20133&c=54377&p=r&m=3&s1=hamisudenise HTTP 302
https://myguidancetrack2.com/?a=2429&oc=20133&c=54377&p=r&m=3&s1=hamisudenise&ch-redir=1&ckmxid=cok9j2tp00018c23hot0 HTTP 302
https://breakingtrackss1.com/?a=2429&oc=20133&c=54377&p=r&m=3&s1=hamisudenise&ch-redir=1&ckmxid=cok9j2tp00018c23hot0&ckmguid=9bf4a207-1ca2-429c-955d-cca5cdbc017f HTTP 302
https://www.trackitlivenow.com/B1Z33J/W8GP3KW/?sub2=362885945&source_id=2429 HTTP 302
https://presbyterlifeguard.online/cJy6kh2HOd/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17 HTTP 302
http://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17 HTTP 307
https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://storage.googleapis.com/favicon.ico HTTP 307
https://www.google.com/images/icons/product/cloud_storage-32.png

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 hamisudenise.html Show response
storage.googleapis.com/bertacanada/ 121 B
588 B 280ms
279ms Document
text/html 172.217.18.27
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/bertacanada/hamisudenise.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.27 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s22-in-f27.1e100.net
Software: UploadServer /
Resource Hash: f6fb83d2d458c97a8258557e6931c0655a24a19d71af5c0a8220c7f4a7c85814

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 121
content-type: text/html
date: Wed, 24 Apr 2024 05:32:59 GMT
etag: "81136fba60a6b16591cdceea65815596"
expires: Wed, 24 Apr 2024 06:32:59 GMT
last-modified: Tue, 23 Apr 2024 15:45:47 GMT
server: UploadServer
x-goog-generation: 1713887147125992
x-goog-hash: crc32c=2QHpXA== md5=gRNvumCmsWWRzc7qZYFVlg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 121
x-guploader-uploadid: ABPtcPq9TzgmcPK7AKcc4uojYnhvgYHHxwdfHZEYxMvEZitUwXoKcB3510gp1POUbPLKT51NvqA

GET
H2

200

Primary Request / Show response
presbyterlifeguard.online/
Redirect Chain

https://myguidancetrack2.com/?a=2429&oc=20133&c=54377&p=r&m=3&s1=hamisudenise
https://myguidancetrack2.com/?a=2429&oc=20133&c=54377&p=r&m=3&s1=hamisudenise&ch-redir=1&ckmxid=cok9j2tp00018c23hot0
https://breakingtrackss1.com/?a=2429&oc=20133&c=54377&p=r&m=3&s1=hamisudenise&ch-redir=1&ckmxid=cok9j2tp00018c23hot0&ckmguid=9bf4a207-1ca2-429c-955d-cca5cdbc017f
https://www.trackitlivenow.com/B1Z33J/W8GP3KW/?sub2=362885945&source_id=2429
https://presbyterlifeguard.online/cJy6kh2HOd/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
http://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17

29 KB
5 KB

285ms
281ms

Document
text/html

172.67.207.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.207.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd9dc7cbaf2657132e76a987f1e3a1ae32e533ef0010cacc58199dd15e4ca608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://storage.googleapis.com/bertacanada/hamisudenise.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8793b759ee6a214f-CDG
content-encoding: br
content-type: text/html
date: Wed, 24 Apr 2024 05:33:02 GMT
expires: Wed, 24 Apr 2024 05:33:01 GMT
last-modified: Sun, 10 Mar 2024 08:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y8o6Lbib3EAfck4KrZFHLOg7mJ8sbVfQGtcwDxyLrDvCc5Q0%2BkXaenB0JVSkyIEUDvTNZKgPUiS35xDvv00SP9lHvKBRUkPB2VJ6ouOoIrd1viVGON%2F4A%2BaUEsHXB0mqRW21PnBp32mU%2Ba7M"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Non-Authoritative-Reason: HSTS

GET
H2

200

cloud_storage-32.png
www.google.com/images/icons/product/
Redirect Chain

https://storage.googleapis.com/favicon.ico
https://www.google.com/images/icons/product/cloud_storage-32.png

850 B
1 KB

793ms
162ms

Other
image/png

216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/images/icons/product/cloud_storage-32.png

Protocol

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f4.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://storage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Apr 2024 05:33:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 850
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 24 Apr 2024 05:33:00 GMT

Redirect headers

date: Wed, 24 Apr 2024 05:19:55 GMT
server: UploadServer
age: 784
x-guploader-uploadid: ABPtcPpsDyQW1rLevhAmWtLGjpHnlAckd4xEk59N_dx9yNO9P4kcB5cBDLlgFPLoZ8AtxfDuCRkp2r361w
content-type: text/html; charset=UTF-8
location: https://www.google.com/images/icons/product/cloud_storage-32.png
cache-control: public, max-age=31556926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 style.css
presbyterlifeguard.online/css/ 15 KB
3 KB 455ms
453ms Stylesheet
text/css 172.67.207.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://presbyterlifeguard.online/css/style.css

Requested by

Host: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.207.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21c4a88c43c6ffda845d1140cc4935a956c04a55c8fd2294282c393c31eb9bf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 05:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 10 Mar 2024 08:16:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ed6c58-3d46"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1JJWEmaMvWJODaoroL5bqx2qDq5GM9TTrNE9idb3oEHnIR838V7GD4YWU%2FjHH0T9D2sIZjq%2FwcRzfFrlOi0dcWGYNW6%2BporV2NGzo0HiHiCeK9uyXAUW4Pntz%2B9EUxCnsqM1k20ZsraIxnhm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8793b75bbf9c214f-CDG
alt-svc: h3=":443"; ma=86400
expires: Wed, 24 Apr 2024 05:33:01 GMT

GET
H2 200 animate.min.css
presbyterlifeguard.online/css/ 70 KB
6 KB 174ms
172ms Stylesheet
text/css 172.67.207.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://presbyterlifeguard.online/css/animate.min.css

Requested by

Host: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.207.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 05:33:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 10 Mar 2024 08:16:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ed6c58-11846"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rf4CRuVZXLLuJ6rXCzPRTol4B3p2b11wW3C7l%2B%2BxJP%2FmwLtqv5JFQQiEGBUYQIFGKl5zbhjGCGGI0lnd1RGaD%2BIeY2nZqz6YIHR4W0WCezkHeKw%2F%2BwEASaro7GiPv5pBAJg%2B2x5ayQL1m2Ia"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8793b75bbf9d214f-CDG
alt-svc: h3=":443"; ma=86400
expires: Wed, 24 Apr 2024 05:33:01 GMT

GET all.js
use.fontawesome.com/releases/v5.15.4/js/ 0
0

GET
H2 200 ace-push.js Show response
virtualpushplatform.com/ 13 KB
5 KB 702ms
228ms Script
text/javascript 172.67.177.88

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/ace-push.js
Requested by: Host: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.177.88 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b817d86aff80a58f7440cbf3f6e24eeab0c41cef66274d6972a465106af99fc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://presbyterlifeguard.online/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 05:33:03 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 25 Mar 2024 14:48:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1da7ec387a0744b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9WVSUQ5RFCHbZ%2Fx67GvtZV5gDLulkBcx3trtjjtW%2FoW56Eoifo5ExEhycsOTiZKb05qK%2F5bKqY9YYr4%2FFnVJFqVMByicZuHyVQ15yF68HRfIhjqxAXO%2BDw9D8nibA5SPMZt47b1XKaqajA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 8793b75ebc2a0416-MAD
alt-svc: h3=":443"; ma=86400

GET
H2 200 datehead.js Show response
presbyterlifeguard.online/js/ 2 KB
1 KB 391ms
390ms Script
application/javascript 172.67.207.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://presbyterlifeguard.online/js/datehead.js

Requested by

Host: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.207.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e731cb202ccd03a6da7083d25dc9e3ff3986d9fd708b615584f45b16bdc836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 05:33:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 10 Mar 2024 08:16:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ed6c57-990"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FPcMYlzgmFPcG77svd%2BQeNPYkyN4DJc3QHadUeZWIrbAu670TZnsV1hgRFxdpfjLxslcTnFqU4my877qrnXa%2FpHWnpkzk4LWeIwOyAXPRuK86xfYVQPuWuFDdYh91MP7ssgNbYVFpwzJaCeq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8793b75befb2214f-CDG
alt-svc: h3=":443"; ma=86400
expires: Wed, 24 Apr 2024 05:33:01 GMT

GET
H2 200 logo111.png
presbyterlifeguard.online/images/ 16 KB
16 KB 484ms
483ms Image
image/png 172.67.207.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://presbyterlifeguard.online/images/logo111.png

Requested by

Host: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.207.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2c4cafb6cd6c92a61a5d68188458309497bae90663e7b8c7cdfbbb5d82418ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 05:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15941
last-modified: Sun, 10 Mar 2024 08:16:28 GMT
server: cloudflare
etag: "65ed6c5c-3e45"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9En5gxA4BkuJDsY9QXyhiSGmjh5qjz2uiWShW3%2BXSPoC296FZKFmV5eP8SxwqQJ0lz29pWq%2F0CtjVB%2BkArPBdly%2FhuMA0gUZYp4b96EuMvvU4ujP4u9U06EFmN8Vybk%2FcjElQk%2F1NhW99Lwr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8793b75befb3214f-CDG
expires: Wed, 24 Apr 2024 05:33:01 GMT

GET
H2 200 flaglogo.png
presbyterlifeguard.online/images/ 3 KB
3 KB 388ms
388ms Image
image/png 172.67.207.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://presbyterlifeguard.online/images/flaglogo.png

Requested by

Host: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.207.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eeaef40c6f32a9b0394061c34c5ac5f1ebfa0b7162ccf7579625e63c8b654ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 05:33:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2905
last-modified: Sun, 10 Mar 2024 08:16:31 GMT
server: cloudflare
etag: "65ed6c5f-b59"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qpOy%2FrZlwKcMFdmyXK4mWeMSrXkJebkDBOGYQ8p2S6Ao%2BA211oeNNns4%2F1Xtts07ZaRYEToJyTXBPMzFov%2BixHELskt%2BGtkXA6qLrfDxPfCGsHd1fwG9XL8qH4h64DemTBeaVFmTT87Z3A90"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8793b75befb4214f-CDG
expires: Wed, 24 Apr 2024 05:33:01 GMT

GET
H2 200 product111.png
presbyterlifeguard.online/images/ 362 KB
363 KB 175ms
174ms Image
image/png 172.67.207.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://presbyterlifeguard.online/images/product111.png

Requested by

Host: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.207.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0308c356e81daaf8d33e8f6255988d10b16b4ea03a86eec00a4e2da61594625b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 05:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 371068
last-modified: Sun, 10 Mar 2024 08:16:27 GMT
server: cloudflare
etag: "65ed6c5b-5a97c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ma76iQt%2BnI6l4YFhUHHNZkqt65xOeabSZo53PsEM1c7QGz4IJac1I1KwUr0C%2BQHrEL5KHNSJYxTzSfr3zyykSQZAqNaKq8cJBDhCfV8wlAYoSmMl416H109LWjyBGw1vxmo%2FlnHIn7ATk5KW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8793b75e38ec214f-CDG
expires: Wed, 24 Apr 2024 05:33:02 GMT

GET
H2 200 loadingRD.gif
presbyterlifeguard.online/images/ 122 KB
122 KB 281ms
281ms Image
image/gif 172.67.207.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://presbyterlifeguard.online/images/loadingRD.gif

Requested by

Host: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.207.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87910e1ad10e02a9d917a224d113eb00db143946dda6afddb14b63b654621d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 05:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 124490
last-modified: Sun, 10 Mar 2024 08:16:32 GMT
server: cloudflare
etag: "65ed6c60-1e64a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m67hoihMkyaBVp%2FiTr5DFE%2FniZWjuA9wFwr8%2BzN8rHO3VA%2FE44jUpF4Wj7C1wMUdl9sR5Fy%2FSCqhhBdcgbdhNlmwjK%2B9F38%2Bx2TV5GTxpmDTpW5Y0WCOomRK459eK8LT28uZBSuopKYmd79x"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8793b75ee958214f-CDG
expires: Wed, 24 Apr 2024 05:33:02 GMT

GET
H2 200 prize111.png
presbyterlifeguard.online/images/ 96 KB
0 363ms
357ms Image
image/png 172.67.207.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://presbyterlifeguard.online/images/prize111.png

Requested by

Host: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.207.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 05:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 538835
last-modified: Sun, 10 Mar 2024 08:16:31 GMT
server: cloudflare
etag: "65ed6c5f-838d3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OwcufZbLFQ3xQ8Rq%2FWKaI7hfluWX4n11INlh79WDg4%2F42w5q6SGD9aha2HXVR%2Bms0K9Z6YUh4ZPQOid5FVbBsv5J6PFLXqy95WdYXPgIFJymT5PkFcS7czJzwFpN7uGjuHChvVSXX1qxWqwt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8793b76049eb214f-CDG
expires: Wed, 24 Apr 2024 05:33:02 GMT

GET
H2 200 1.jpg
presbyterlifeguard.online/images/ 36 KB
37 KB 362ms
358ms Image
image/jpeg 172.67.207.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://presbyterlifeguard.online/images/1.jpg

Requested by

Host: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.207.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32c8ec80b88c926ac896f2eb0318bbdd580a65926b9f666dfa3c70fa9e5c38ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 05:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 37111
last-modified: Sun, 10 Mar 2024 08:16:30 GMT
server: cloudflare
etag: "65ed6c5e-90f7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SB0bXYrBd8TCNJ4hJ4jKhkBzLGT%2FF%2Fel1OJwgiZBHxr2msn1nXV0afQSYJV5C1g7D30nwZC7HBYA%2Fta5rW5ZAH6wpM05rjoV3Qqy%2BbheuinWXzNe4gdi137JRvLdYuuqbVj4lTmFYMoGxL4m"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8793b7607a1d214f-CDG
expires: Wed, 24 Apr 2024 05:33:02 GMT

GET
H2 200 2.jpg
presbyterlifeguard.online/images/ 39 KB
40 KB 363ms
359ms Image
image/jpeg 172.67.207.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://presbyterlifeguard.online/images/2.jpg

Requested by

Host: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.207.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d077d095c4a034f2af04412bbabe203880557c80db5b8c7db9a065395626f231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 05:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 40361
last-modified: Sun, 10 Mar 2024 08:16:29 GMT
server: cloudflare
etag: "65ed6c5d-9da9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eeZwgCbWpt7prAzAlMv345OB%2BJL47K0IxdPxAq5%2B4AeDudgHANt%2FuxSN3carfykN9T6DKEYrrCuyIJRgCNjgZYyesBBXSDzfWaiyzYMyZi9RVAPo3I1kAzPWP9EreI4lQ5jf5pUJG2BilBuQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8793b7607a1f214f-CDG
expires: Wed, 24 Apr 2024 05:33:02 GMT

GET
H2 200 comm_pic_1.jpg
presbyterlifeguard.online/images/ 90 KB
90 KB 353ms
350ms Image
image/jpeg 172.67.207.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://presbyterlifeguard.online/images/comm_pic_1.jpg

Requested by

Host: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.207.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e022f994f6d13fa695a6c04be38f0113ac3f297e7ddf6d6b7ff3ff16893121a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 05:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 92144
last-modified: Sun, 10 Mar 2024 08:16:30 GMT
server: cloudflare
etag: "65ed6c5e-167f0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Cgmke7xZAQbHfNY5mpXGCavEgaSzKrPoMPgIUUSDwbr33PEnlAmz8LpJN9eNfgyvloJOR6YyUmBdIDWONErSbXhSCnJlZFxskFWX8qWNhLFKNorCOlBxZrG1%2BODQslYaXyvBaeKWpGgXUNF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8793b7607a20214f-CDG
expires: Wed, 24 Apr 2024 05:33:02 GMT

GET 3.jpg
presbyterlifeguard.online/images/ 0
0

GET 4.jpg
presbyterlifeguard.online/images/ 0
0

GET comm_pic_2.jpg
presbyterlifeguard.online/images/ 0
0

GET 5.jpg
presbyterlifeguard.online/images/ 0
0

GET
H2 200 f_guarantee.png
presbyterlifeguard.online/images/ 6 KB
6 KB 410ms
408ms Image
image/png 172.67.207.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://presbyterlifeguard.online/images/f_guarantee.png

Requested by

Host: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.207.75 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 05:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6352
last-modified: Sun, 10 Mar 2024 08:16:27 GMT
server: cloudflare
etag: "65ed6c5b-18d0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DlZAs8ID%2BsBMx2SorQe9MBbc8hHRonIwZh43Y8MpojenxVpqAGM07f3f1e2CYnfYXL7VNGFSmmSfR5rqZ3%2BPogg%2FDHtjNOFGkfZi53ZSgV5afJDYE5WMqVy8f8QZ8Yb0wkLfBpX%2Fwe1ZxBTK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8793b7607a26214f-CDG
expires: Wed, 24 Apr 2024 05:33:02 GMT

GET f_secure_1.png
presbyterlifeguard.online/images/ 0
0

GET logo222.png
presbyterlifeguard.online/images/ 0
0

GET script.js
presbyterlifeguard.online/js/ 0
0

GET bg.png
presbyterlifeguard.online/images/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/js/all.js

Domain: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/images/3.jpg

Domain: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/images/4.jpg

Domain: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/images/comm_pic_2.jpg

Domain: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/images/5.jpg

Domain: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/images/f_secure_1.png

Domain: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/images/logo222.png

Domain: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/js/script.js

Domain: presbyterlifeguard.online
URL: https://presbyterlifeguard.online/images/bg.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.breakingtrackss1.com/	1969-12-31 23:59:59	Name: som Value: kycKUEuq4bdVk67sXj7aRPAQzH/ZMnfK3p3rOmIxdj0SsAilyG3oVQ==
.breakingtrackss1.com/	1970-01-21 05:41:36	Name: tm Value: FfDMmd94yJeChbvI9S9t9/AQzH/ZMnfK3p3rOmIxdj0SsAilyG3oVQ==
.breakingtrackss1.com/	1970-01-20 20:48:48	Name: c20081 Value: kycKUEuq4be6bnQun75b4WqnqZVsR9axFt8jXdFrMB8biynTZp1fRQ==
www.trackitlivenow.com/	1970-01-20 20:07:03	Name: uniqueClick_W8GP3KW Value: 448dd344-933e-40e8-87b7-d71ad7c7ed42:1713936781
www.trackitlivenow.com/	1970-01-20 22:15:12	Name: transaction_id Value: a7e902dfa3214fb990b0c6e18c27a8ae
presbyterlifeguard.online/	1969-12-31 23:59:59	Name: SESSIONIDS Value: cJy6kh2HOd

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other	warning	URL: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://presbyterlifeguard.online/?encoded_value=5XQHC8&sub1=&sub2=362885945&sub3=&sub4=&sub5=14265&source_id=2429&ip=80.29.38.17 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

breakingtrackss1.com
myguidancetrack2.com
presbyterlifeguard.online
storage.googleapis.com
use.fontawesome.com
virtualpushplatform.com
www.google.com
www.trackitlivenow.com
presbyterlifeguard.online
use.fontawesome.com
172.217.18.27
172.67.177.88
172.67.207.75
188.114.96.3
216.58.206.68
34.76.98.215
35.195.30.15
0308c356e81daaf8d33e8f6255988d10b16b4ea03a86eec00a4e2da61594625b
21c4a88c43c6ffda845d1140cc4935a956c04a55c8fd2294282c393c31eb9bf3
32c8ec80b88c926ac896f2eb0318bbdd580a65926b9f666dfa3c70fa9e5c38ec
5b817d86aff80a58f7440cbf3f6e24eeab0c41cef66274d6972a465106af99fc
5e022f994f6d13fa695a6c04be38f0113ac3f297e7ddf6d6b7ff3ff16893121a
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6eeaef40c6f32a9b0394061c34c5ac5f1ebfa0b7162ccf7579625e63c8b654ee
87910e1ad10e02a9d917a224d113eb00db143946dda6afddb14b63b654621d26
bd9dc7cbaf2657132e76a987f1e3a1ae32e533ef0010cacc58199dd15e4ca608
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c4e731cb202ccd03a6da7083d25dc9e3ff3986d9fd708b615584f45b16bdc836
d077d095c4a034f2af04412bbabe203880557c80db5b8c7db9a065395626f231
f2c4cafb6cd6c92a61a5d68188458309497bae90663e7b8c7cdfbbb5d82418ec
f6fb83d2d458c97a8258557e6931c0655a24a19d71af5c0a8220c7f4a7c85814

presbyterlifeguard.online Open in urlscan Pro 172.67.207.75 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

25 Requests

60 %HTTPS

0 %IPv6

8 Domains

8 Subdomains

5 IPs

3 Countries

700 kBTransfer

901 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

6 Cookies

3 Console Messages

Indicators

presbyterlifeguard.online Open in urlscan Pro
172.67.207.75 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

60 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

5
IPs

3
Countries

700 kB
Transfer

901 kB
Size

6
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!