urlscan.io logo urlscan.io
SecurityTrails logo

medialysticos.live Open in urlscan Pro
2a06:98c1:3120::c  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rotations.info/c/Wpjq8ZqG222218K9EEjLsM/h9HD7Yr116506924962tL27e/e8mR6t8JC3MNW/04WZ6NS3yGS1E/P5pL8aSum0h0ri7I1I/
Effective URL: https://medialysticos.live/?s1=350563&s2=816183102&s3=2275&s4=0&ow=&s10=739
Submission: On September 29 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 33 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is medialysticos.live.
TLS certificate: Issued by GTS CA 1P5 on September 14th 2022. Valid for: 3 months.
This is the only time medialysticos.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 208.73.206.229 19318 (IS-AS-1)
1 185.147.127.145 398343 (BAXET-GROUP)
27 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
33 6
1    208.73.206.229 (United States)

ASN19318 (IS-AS-1, US)
PTR: rotations.info
rotations.info
1    185.147.127.145 (Warsaw, Poland)

ASN398343 (BAXET-GROUP, US)
balistacllys.com
27    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
medialysticos.live
2    2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
27 medialysticos.live
medialysticos.live
8 MB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
113 KB
1 gstatic.com
fonts.gstatic.com
18 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2852
349 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
1 KB
1 balistacllys.com
balistacllys.com
392 B
1 rotations.info
rotations.info
361 B
33 7
Domain Requested by
27 medialysticos.live balistacllys.com
medialysticos.live
2 www.googletagmanager.com balistacllys.com
www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com medialysticos.live
1 balistacllys.com
1 rotations.info 1 redirects
33 7

This site contains no links.

Subject Issuer Validity Valid
balistacllys.com
R3		 2022-08-05 -
2022-11-03		 3 months crt.sh
*.medialysticos.live
GTS CA 1P5		 2022-09-14 -
2022-12-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://medialysticos.live/?s1=350563&s2=816183102&s3=2275&s4=0&ow=&s10=739
Frame ID: D6E2EBEDD60B0895CF4EB05188602E7C
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Prämie ausstehend - Online Survey - Wir wollen Ihre Meinung!

Page URL History Show full URLs

  1. http://rotations.info/c/Wpjq8ZqG222218K9EEjLsM/h9HD7Yr116506924962tL27e/e8mR6t8JC3MNW/04WZ6NS3yGS1... HTTP 302
    https://balistacllys.com/0/0/0/9228551d3103dd7be6358f20a14e1a89/110/22218_0_1/165069249 Page URL
  2. https://medialysticos.live/?s1=350563&s2=816183102&s3=2275&s4=0&ow=&s10=739 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

8738 kB
Transfer

9597 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rotations.info/c/Wpjq8ZqG222218K9EEjLsM/h9HD7Yr116506924962tL27e/e8mR6t8JC3MNW/04WZ6NS3yGS1E/P5pL8aSum0h0ri7I1I/ HTTP 302
    https://balistacllys.com/0/0/0/9228551d3103dd7be6358f20a14e1a89/110/22218_0_1/165069249 Page URL
  2. https://medialysticos.live/?s1=350563&s2=816183102&s3=2275&s4=0&ow=&s10=739 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://rotations.info/c/Wpjq8ZqG222218K9EEjLsM/h9HD7Yr116506924962tL27e/e8mR6t8JC3MNW/04WZ6NS3yGS1E/P5pL8aSum0h0ri7I1I/ HTTP 302
  • https://balistacllys.com/0/0/0/9228551d3103dd7be6358f20a14e1a89/110/22218_0_1/165069249

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
165069249
balistacllys.com/0/0/0/9228551d3103dd7be6358f20a14e1a89/110/22218_0_1/
Redirect Chain
  • http://rotations.info/c/Wpjq8ZqG222218K9EEjLsM/h9HD7Yr116506924962tL27e/e8mR6t8JC3MNW/04WZ6NS3yGS1E/P5pL8aSum0h0ri7I1I/
  • https://balistacllys.com/0/0/0/9228551d3103dd7be6358f20a14e1a89/110/22218_0_1/165069249
138 B
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://balistacllys.com/0/0/0/9228551d3103dd7be6358f20a14e1a89/110/22218_0_1/165069249
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.147.127.145 Warsaw, Poland, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
138
content-type
text/html; charset=UTF-8
date
Thu, 29 Sep 2022 20:46:24 GMT
server
Apache

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 29 Sep 2022 20:46:23 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
location
https://balistacllys.com/0/0/0/9228551d3103dd7be6358f20a14e1a89/110/22218_0_1/165069249
Primary Request /
medialysticos.live/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/?s1=350563&s2=816183102&s3=2275&s4=0&ow=&s10=739
Requested by
Host: balistacllys.com
URL: https://balistacllys.com/0/0/0/9228551d3103dd7be6358f20a14e1a89/110/22218_0_1/165069249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dcc461fbe7e3a155944e3879af831c3e24b257eb14ad41cf07e3a02e0665bd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://balistacllys.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7527916efa10916e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Sep 2022 20:46:25 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BT0ANQz%2FuQ9HITNbTYXTr3fmO5Bh%2BXVfmulNGFTfU%2BazQAVcFKB%2FHp%2FdZ170dhk%2FrDlPj1HRoTh6e73CUtcPgNIyEodQ5Zt1HLWFyy8MdMPiePZE1rD79oEJtqXCtRgIBXI7Jj3B%2FPirhpu%2F%2BKlupc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
e9b558a3ecec327d1af503db841bfe7a
medialysticos.live/ 		382 KB
69 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a?_ax=w
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350563&s2=816183102&s3=2275&s4=0&ow=&s10=739
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2be43ed1f10c1c09cdaed909b6ccda11b010e0dce392a8756371f7ad5d807427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmoDS3sjDZkl03zbwe6cd5qJcvp9PGjcuVuBW7Opgfsl%2FyHVCpxopmYXouXwOxO5Ip96r5InS5QiYnnM0z%2Bhob8QU1%2BfhwUGGAMA0S8AzC%2FcaEJqfW6P%2Bgx7npIwVgLDxhyIRK47wt5fQSEeIj%2F4TG4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
75279172cd45916e-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
bootstrap.min.css
medialysticos.live/assets/js/vendor/bootstrap/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/js/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350563&s2=816183102&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
192970
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvapiv%2BOxBX3ANL4Coo0b7T12ZAlGWC4D5JO5sWFwK%2BwQGJxcqEMUgCrJanNxt8vsnYgM0rx5xYUs01BLkyJrNJ5wn3L8nnngfkYyVpMk0G9bG6S15aDr30X3G1uHrI%2FLa9%2FXDORRt%2Fcb4bzjinoVvE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7527917859a7996e-FRA
expires
Tue, 04 Oct 2022 15:10:16 GMT
all.css
medialysticos.live/assets/vendors/fontawesome/css/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/vendors/fontawesome/css/all.css
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350563&s2=816183102&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
192970
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pqwIXniYOPWgbb8cThPHJnWSqBQmJXaokKG7oYzIAS0uCbwmAidybyRzOHRSn8Jcf8ln8EdoEZKV3EtR6Q90S%2BwE1lyjAQuoku%2BupskYgXmuf8uLov5PA7HqvHPfOd2jDq%2BRru3OGkE1fdlhuyMQNk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7527917859ab996e-FRA
expires
Tue, 04 Oct 2022 15:10:16 GMT
common-hybrid.css
medialysticos.live/assets/css/legacy/dist/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/css/legacy/dist/common-hybrid.css?v=8aaeccc8911de05ffc4830be456a992f
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350563&s2=816183102&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
442e63845d930f59ce5bd67f92ea462f769931cae5f53f290bfeda0d9965218e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 26 Sep 2022 20:48:44 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JiQ9HSzHUYeIU9bwdYu3TBpE0JDzFKN0ohJHz2o6VMbOunFSQbKOTXf1wnJdjzydeCIiyxDLTNSFiNoAJv3pYn537kVwYGuLUG5g5prNdKwtfPf%2Bw5jyiyuPL7Q41mfjBkHrCrPyMzT79YwNZO260k%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7527917859bb996e-FRA
expires
Thu, 06 Oct 2022 20:46:26 GMT
1.3-hybrid.css
medialysticos.live/assets/css/legacy/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/css/legacy/1.3-hybrid.css?v=8aaeccc8911de05ffc4830be456a992f
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350563&s2=816183102&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8f312054de522489129b95a3630cf1ad4fe7314e3d0a01a43e51a6b42405042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 30 Aug 2022 16:56:50 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sLU9BD%2FRLqQg62jVLQxphFmok7bAdGHoc%2BAH0SZxjsmpIAXSnug9ZwKv0QW0%2FZvclQnoi50%2F0S7gDDBLySazI81lDg0aJ4E2aGwECE56S%2BRgUN%2F8MacyGLmAHvkCpWpJQu%2BmNPsarvY0PRvbiCm7Bg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7527917859bf996e-FRA
expires
Thu, 06 Oct 2022 20:46:26 GMT
jquery-3.4.1.min.js
medialysticos.live/assets/js/vendor/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/js/vendor/jquery-3.4.1.min.js
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350563&s2=816183102&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
192969
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUJNJM2bFkbb2IxxRvt%2FOyWbYqZxmnC1EoZiRtEdeWZCdxmZyHQlgO8fE%2F6xr%2BWCib1t6hgVQ%2Feu2sMRQbtyQPFnAer5YnGb%2BXsglXCQSXtryUo4mIVm1P9W9BmJ%2BvLn0M2GUP4eH3kRv6R39ckwHkk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7527917859c1996e-FRA
expires
Tue, 04 Oct 2022 15:10:17 GMT
bootstrap.min.js
medialysticos.live/assets/js/vendor/bootstrap/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/js/vendor/bootstrap/js/bootstrap.min.js
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350563&s2=816183102&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
192969
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yz3jknfJd1Vc8JrwU2vNmraps6%2B4u7reirXZwnWJ2Z6imiPdz2J5q2VApN%2Bk47JhkXMVAgSzln1wcnwvkppbP%2Fj%2FhM4k7aK5N%2Brm7ygl2CsIvsT74Z34rOI%2B0m8R9zCPCQSWrT7zyqiIJB21OcXJ8cE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7527917859c2996e-FRA
expires
Tue, 04 Oct 2022 15:10:17 GMT
functions.js
medialysticos.live/assets/js/ 		495 B
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/js/functions.js?v=8aaeccc8911de05ffc4830be456a992f
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350563&s2=816183102&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1889b6974dcdd299f94f8fbf28ac3b73ec7fc5be2dc1686bca0eef1aa0716eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 26 Sep 2022 20:48:44 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDhbaXG2kH3Cnlw4cKGu%2FyLw%2Fm%2FyRxq1NcOJA%2F2CSgr15%2FUNg%2BffnBD5YcauuJKJcuFwUXkhT%2B2ZIL8s8hG1%2Bds4boae4d6iP87YkZARfESdmw9dBqHaiBUJAME4tdsNLL7n7Uab8%2FtYcOO4iRXALcg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7527917859c4996e-FRA
expires
Thu, 06 Oct 2022 20:46:26 GMT
common-hybrid.js
medialysticos.live/assets/js/legacy/dist/ 		91 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/js/legacy/dist/common-hybrid.js?v=8aaeccc8911de05ffc4830be456a992f
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/?s1=350563&s2=816183102&s3=2275&s4=0&ow=&s10=739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29f24c3d2069cc3551aa1c3f1eaabbe01cf96e051c283cf09e72dce334e9a80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 22 Sep 2022 15:09:21 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGia50lFmnleEVeIYu2%2FKjGz8FE1YMIcCfavTewyTRsjWqmtPiVifMsnhUP1iyqwzK%2BGu8fwEaU4XW1wvIQiwVzZN5L0cUvVI3Wh8f7FvYEjR97EEIus6oNKtBCOsJapg73xivzO5E9QvxTr6uwxAhk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7527917859c6996e-FRA
expires
Thu, 06 Oct 2022 20:46:26 GMT
gtm.js
www.googletagmanager.com/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Requested by
Host: balistacllys.com
URL: https://balistacllys.com/0/0/0/9228551d3103dd7be6358f20a14e1a89/110/22218_0_1/165069249
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b70b84682994caf19f417e9239cfcbc2a20f225f1462edef55a9b258899a0ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40587
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 20:13:43 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Sep 2022 20:46:26 GMT
js
www.googletagmanager.com/gtag/ 		209 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c815163656f256dda3fa73d39f209c7d2c76097010890229a74bfe0c02570408
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75109
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 29 Sep 2022 20:46:26 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/assets/css/legacy/dist/common-hybrid.css?v=8aaeccc8911de05ffc4830be456a992f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f2de36054525c7a25f6b4ca1447f762169a97d0f11593cf0f8f254880f4c2bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Sep 2022 20:46:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 20:46:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Sep 2022 20:46:26 GMT
collect
region1.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DKB9VH2QW4&gtm=2oe9s0&_p=1715035243&cid=894300535.1664484387&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664484386&sct=1&seg=0&dl=https%3A%2F%2Fmedialysticos.live%2Fe9b558a3ecec327d1af503db841bfe7a&dr=https%3A%2F%2Fbalistacllys.com%2F&dt=%5B1%5D%20Pr%C3%A4mie%20ausstehend%20-%20Online%20Survey%20-%20Wir%20wollen%20Ihre%20Meinung!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Sep 2022 20:46:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medialysticos.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4db4bb771e4139f84fcd062707e3613a.png
medialysticos.live/fim/739-DE/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/4db4bb771e4139f84fcd062707e3613a.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41556
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 20:46:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFs29%2BnW5EsRQ1GP5fEAwta3nrOO8EU0QU66syTRVnLn29I1%2FssUNrDeHzZESwjCHe22ZDtqcqICN%2BNQ0fkcfIk3AIKMC6Ij2Or2fznk9pwiFTPO2K1sUa%2BCbflHSXR54wpBdg1IDIRrIZgV0oWRMPU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917b998a996e-FRA
expires
Thu, 06 Oct 2022 20:46:27 GMT
50a00465374bc8dbfa20bdb24e3c8519.png
medialysticos.live/fim/739-DE/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/50a00465374bc8dbfa20bdb24e3c8519.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
329f79c0441a8516e75e17ea8a736903a739d32f97b35af8b5f6ed72a76173d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7881
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 20:42:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxuR0z0Ms%2BipCpEaDbcMbwFY4ejQ85YidIEn2gBqLpM0QsHmpbKw%2BrdQ0eSXiEaiY2kV8EJV791AGEt2fz2ZthwQiK725OIGi0HKkE0QT3nxyPPUP53MSkBOpKmU3eoxpGFTln0%2BoCgx48lZXudLqK0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917b9994996e-FRA
expires
Thu, 06 Oct 2022 20:46:27 GMT
318b77dfde2c0ccd8caaf0a6cb2a9ba3.gif
medialysticos.live/fim/739-DE/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/318b77dfde2c0ccd8caaf0a6cb2a9ba3.gif
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15537
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 20:42:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/gif
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cj3B49zOVFgaHQKH%2FROPJKak67%2FpIrVduMJQTc%2BI3g%2FwFEB7HHrwWCtZafPv27MkoKT6KTytF4lYao%2F70IrH2cty2La0LS1My4%2BE3QMCVUDq2myfD4h1QkhF1hnOpQE1zzjid2QkEll6kQafPpXxefY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917b9997996e-FRA
expires
Thu, 06 Oct 2022 20:46:27 GMT
6cb57efabe9aa73afaae2743b030caac.png
medialysticos.live/fim/739-DE/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/6cb57efabe9aa73afaae2743b030caac.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1714
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 20:42:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEnHt3dUlELYEoR8azaRdMakaFK5TjLl4IN%2FJB30MXkEaYKkL3%2B7qAyjDJ8IfgPQ2Aq9ATX%2FXh1fJg3e1SMk3TBzNYALjVqp26u4cEa%2F%2BR1pBBAMwtdrv5ikXL%2FKAA0%2FVgVh1YkL9J4H61T5yBp23IU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917b9999996e-FRA
expires
Thu, 06 Oct 2022 20:46:27 GMT
1d86bd127f634a88a1fe09e717859363.png
medialysticos.live/fim/739-DE/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/1d86bd127f634a88a1fe09e717859363.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dacd7f42331d09c2bd945acc6e2872cb3e1444e1f394546b99046582e209545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4209334
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 20:46:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lx9xrbCHLQIM8o5ZCgS4whz8QUJbU%2BmchGDy9zm1ywX7ffjUnK9IDDKDTQZGnI55tpImKnNZjn28XOb3Lnm7zFcIBcs4d3%2BTDXukwYu7IoRpnbStcIwhKN4Wx35r6GyjC9Gb0IMEYvbi2pVVt4GgfBk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917b999a996e-FRA
expires
Thu, 06 Oct 2022 20:46:27 GMT
f8f37a4ab89d852361e1e26029486e7f.png
medialysticos.live/fim/739-DE/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/f8f37a4ab89d852361e1e26029486e7f.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8047
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 20:42:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYKdixnCmA73uSDQz52xjtfeKP6UovneICjODY%2FlAbCyw8rky%2FcpZPH%2BOLPNqzvRqM88uON1pnLSDCr8bmXQDSam1lMzGRljHmqOtBvced3sHXb8B19o%2BBUGDHoVYd%2B8M9QV6BmldhJtCUepRPjXitY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917b999e996e-FRA
expires
Thu, 06 Oct 2022 20:46:27 GMT
700b10aa129a7daa175555a18115f1bd.png
medialysticos.live/fim/739-DE/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/700b10aa129a7daa175555a18115f1bd.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4604e524a2131ee561e13c9fe760267a0bbc64ca91027ab92fd355ff4dc1514d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1120
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 20:46:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixlNaGUEwhoyqvUNspXwKH%2BEjEuJU1m0%2BhZAsXrkfwaGqtO%2BE8vti1BPNGYhxqlCTCx%2FwHxIV7PPwPlQahMz4y3y0IS2PyNjY3GCqMhrUq%2FnrQHhiXnYswDrtUJlImSS8D95pkTaEwCOSQxrjNCXAjI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917b99a0996e-FRA
expires
Thu, 06 Oct 2022 20:46:27 GMT
9fcb8ff80d5162dc08331403dd836d12.png
medialysticos.live/fim/739-DE/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/9fcb8ff80d5162dc08331403dd836d12.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b513e00f3fe11e63631cc40e84d7db2e6b6ff367efed2ac5eaf8717de4e6b49c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1917834
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 20:46:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDBQvecbJSc4qm%2FA8f1WKEBPxp%2Frzt%2F6qGhNfaM2sR3ROMbkYG%2B1uWxgo3B9X4W7fMPlR5OhHvNr1X5eBNK5%2Bhqgc321BZlGXqpgPLPKCeHohMBWThOZzBGnIhLEAqUzflioOOPVSLMZ9ySqMRDVkIc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917b99a1996e-FRA
expires
Thu, 06 Oct 2022 20:46:27 GMT
4960111b76dcb309b64b9cc337dfd3de.png
medialysticos.live/fim/739-DE/ 		538 KB
539 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/4960111b76dcb309b64b9cc337dfd3de.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9747e77e06adfb183ca4a57b9be822881c6bfe9093bf703a3ec1fd5e087abd85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
551119
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 20:42:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=or1wbL8zkEr%2BKp3cFPpZUJmbtzjzZzcME6x%2FOcOoQyIk27wlexIq1lGxtshoPSltn12Fiwq3ixuGTYWuZCkoDuc4eWlwGtM6Ffudm15ign2hvmnrA2ETpIwUw9HHiPHfdj3wkwAnTY5Cfpo48mOyqiQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917b99a4996e-FRA
expires
Thu, 06 Oct 2022 20:46:27 GMT
98d05348191f3b94a98f4f3653a1c067.png
medialysticos.live/fim/739-DE/ 		430 KB
431 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/98d05348191f3b94a98f4f3653a1c067.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d20c937746ce10d7624256299bcc9fac8f77e490507bac0c3d98324b0612fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
440312
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 20:46:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eNSDRsgBVNdu2uMM16hZqKc1QNFgYxTPpOhst248%2FrBc3AlJS7WrIqfhql1C1UrxP0EdhQDZ02OkPzDZque5j6XhzMUIhNbF9mKt%2BjmZQ%2FY3inDkBe1xj3s2yxSeLlT7zEg4mU0U7VVZV3pzD7arEc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917b99a6996e-FRA
expires
Thu, 06 Oct 2022 20:46:27 GMT
dc63adc387be9d949d41e9519e49b798.png
medialysticos.live/fim/739-DE/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/dc63adc387be9d949d41e9519e49b798.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b60afc8548639623f2395f3f828b2ea05d029d0218b9632ee85909ef8071f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1543
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 20:46:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bn8HpOPPldr%2BMFbe4omB0GSNkktB4%2Bp3TdKrfMojm0n0A8uIuLDMQXh7YvHi9xsRtXnhgmYGJxTkDmfN5PRA%2Bq%2FiRu3uSoLnVUzfW78OIzQC3Zr7eTsjl62b5hReoRNikL80r631i8uo7%2Ft52794dgE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917b99a9996e-FRA
expires
Thu, 06 Oct 2022 20:46:27 GMT
74468ecc9411db5837d739056bea3edd.png
medialysticos.live/fim/739-DE/ 		882 KB
883 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/74468ecc9411db5837d739056bea3edd.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a87b493459cac48add828b9ea2772c3cef6998ee1f5ce7bcc8ec2f53e7729e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
903310
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 20:46:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKeXOepO2z3zB5MYHtQmILKaPsUgJ%2FJlEwoxJRTm2c%2BCgdUZ42yvtcQYF1avrzuqMvLn6efj%2Bv%2B1kbzNoFb1yLXuC%2FzyPlu52izEdUgYoCQVOu7J7D%2Fh2mrTguX1DattJ1DwWZ5NXXMGtYK%2BMpZ5sHw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917b99ab996e-FRA
expires
Thu, 06 Oct 2022 20:46:27 GMT
1a88d76675e7afdd4d711a9e73e810e3.png
medialysticos.live/fim/739-DE/ 		407 KB
407 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/1a88d76675e7afdd4d711a9e73e810e3.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd5f85edb4ab2e4e4cdb7a8e8d632789153f396b75991b4bb233dffaf7078727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
416608
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 20:42:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxYT1qFNp2q%2FFmjY5TTFtFrhCXjg2EQfaHqsoQRnNCH%2BNHkpZVQuuT7witWpCHd4dbXGkniO1U9XNtajH0stWrtPjj0dEs8tWJSDHmgW117PZO2T5e9%2BxCq%2Bh3UJ%2Boj4IF9KKIYolrfJXhgh%2FDHdtmE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917b99ad996e-FRA
expires
Thu, 06 Oct 2022 20:46:27 GMT
6f0b3aa8e16ba2e6a3110831ce7b190d.png
medialysticos.live/fim/739-DE/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/fim/739-DE/6f0b3aa8e16ba2e6a3110831ce7b190d.png
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 20:42:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPKyzPD21VV6A7UlQi7v2G%2BI6BfX9tSkZK%2FpPBf70lLfjmetbFuCKn5T9r5jL5Wm6aLG4yQue6EZR9ri23dGeOuqGgrZWpgAKj3qSdz3EKbD0xAeLANExi1vIfoPzYPcv%2FM0AUOYswDOtMcpfvB4ooE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917b99ae996e-FRA
expires
Thu, 06 Oct 2022 20:46:27 GMT
e9b558a3ecec327d1af503db841bfe7a
medialysticos.live/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medialysticos.live/e9b558a3ecec327d1af503db841bfe7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lQ7fJtSHK07T%2BIM9q%2FK1dWrwwQOEga15sL5lIp%2BF8vsvf5OwrsO%2FNZyLIA9Nw6XeDRayVxYi0XHYKbRM%2Bf1aleE7zln2VwZJVuICr7du%2FerG2oKxsUNAD740ApUWEsBLWAyr5HjRYu%2FEfSWQMrktsc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
7527917ba9bc996e-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://medialysticos.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 17:56:58 GMT
x-content-type-options
nosniff
age
182969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18260
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:03:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 17:56:58 GMT
fa-solid-900.woff2
medialysticos.live/assets/vendors/fontawesome/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medialysticos.live/assets/vendors/fontawesome/css/all.css
Origin
https://medialysticos.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
192965
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80252
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2gIn15Qp4PfsKxjx3NhwlZTqXFfU2M0bALW8m028d52XQf86qjga7HyWCq06b7B8NE7FXwguzSyUNsaf50exs4SWE44%2B3gcCE%2BKJ9LL1Vz%2BmP03rpT%2B13%2FG74pVvwpXUMY09%2BGU%2Fshm0IF8cZB1xbc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917ba9c4996e-FRA
expires
Tue, 04 Oct 2022 15:10:22 GMT
fa-regular-400.woff2
medialysticos.live/assets/vendors/fontawesome/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://medialysticos.live/assets/vendors/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: medialysticos.live
URL: https://medialysticos.live/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medialysticos.live/assets/vendors/fontawesome/css/all.css
Origin
https://medialysticos.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 20:46:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
192965
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13588
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCCZSfPtqxk8gLtbToOez5aDbtyP75Xgwly%2BZhtUaDe4xwUfh0918WwtZQ76VaB1DszTPEeYaXjByKncaqMNpW1P4tGYMigRbz98ZUMeEqmywV7JadJ6QGaVSCMFn7jOqh8eJXFfM%2BvFhs7fp8wOvHU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7527917ba9c6996e-FRA
expires
Tue, 04 Oct 2022 15:10:22 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| _0x1732 function| _0xc10f object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| _0xc77e function| _0xe11c function| $ function| jQuery object| bootstrap function| startTimer number| duration object| _0xc23e function| _0xe75c string| LNG string| CMP string| CNT string| BID string| API_URL object| _0xc93e function| _0xe48c object| currentdate object| months function| a0_0x32831c string| attrChoices string| domain string| pipeline string| zipcode string| state_selected object| states function| birthdayFill function| a0_0x5d89 function| beforeShowQuestion function| a0_0x299f function| showOfferWall function| createQuestion function| sendOf function| popunder function| runT function| replaceUrlParam function| startsurvey function| nextQuestion function| formatPhoneNumber function| overflowP function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| startSurveyU function| switchTypeQuestionsU function| nextQuestionU function| showOfferWallU function| validateData function| showStreetStateU function| showDisclaimer function| preventS string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| emailURL string| phoneURL string| zipcodeURL string| cityURL string| stateURL string| languageCode string| countryCode string| popUrl function| putVarCommon object| _0xc63e function| _0xe10c object| _0xc84e function| _0xe0c number| answered number| prevProgress number| stepsTotal number| progress string| cheerstx string| txt function| cheers

4 Cookies

Domain/Path Name / Value
balistacllys.com/ Name: uid2275
Value: 816183102-20220929164624-ee809792704c82c663e429f8abd94a21-0
medialysticos.live/ Name: PHPSESSID
Value: a7bd7f7077ec1b02f0a5048f54af9dd3
.medialysticos.live/ Name: _ga_DKB9VH2QW4
Value: GS1.1.1664484386.1.0.1664484386.0.0.0
.medialysticos.live/ Name: _ga
Value: GA1.1.894300535.1664484387

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

balistacllys.com
fonts.googleapis.com
fonts.gstatic.com
medialysticos.live
region1.google-analytics.com
rotations.info
www.googletagmanager.com
185.147.127.145
2001:4860:4802:32::36
208.73.206.229
2a00:1450:400d:806::2008
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2003
2a06:98c1:3120::c
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
17a87b493459cac48add828b9ea2772c3cef6998ee1f5ce7bcc8ec2f53e7729e
1889b6974dcdd299f94f8fbf28ac3b73ec7fc5be2dc1686bca0eef1aa0716eac
18b60afc8548639623f2395f3f828b2ea05d029d0218b9632ee85909ef8071f4
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
2be43ed1f10c1c09cdaed909b6ccda11b010e0dce392a8756371f7ad5d807427
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
329f79c0441a8516e75e17ea8a736903a739d32f97b35af8b5f6ed72a76173d4
38d20c937746ce10d7624256299bcc9fac8f77e490507bac0c3d98324b0612fb
3dacd7f42331d09c2bd945acc6e2872cb3e1444e1f394546b99046582e209545
442e63845d930f59ce5bd67f92ea462f769931cae5f53f290bfeda0d9965218e
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
4604e524a2131ee561e13c9fe760267a0bbc64ca91027ab92fd355ff4dc1514d
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
6b70b84682994caf19f417e9239cfcbc2a20f225f1462edef55a9b258899a0ed
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6f2de36054525c7a25f6b4ca1447f762169a97d0f11593cf0f8f254880f4c2bc
8dcc461fbe7e3a155944e3879af831c3e24b257eb14ad41cf07e3a02e0665bd0
9747e77e06adfb183ca4a57b9be822881c6bfe9093bf703a3ec1fd5e087abd85
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
a29f24c3d2069cc3551aa1c3f1eaabbe01cf96e051c283cf09e72dce334e9a80
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
b513e00f3fe11e63631cc40e84d7db2e6b6ff367efed2ac5eaf8717de4e6b49c
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
bd5f85edb4ab2e4e4cdb7a8e8d632789153f396b75991b4bb233dffaf7078727
c815163656f256dda3fa73d39f209c7d2c76097010890229a74bfe0c02570408
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f8f312054de522489129b95a3630cf1ad4fe7314e3d0a01a43e51a6b42405042