fjordextramundane.life Open in urlscan Pro
2606:4700:3037::ac43:bfb7 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://upsearching.com/b4jhwh6/26fg9tk3/?sub1=10253502ca0f84a17e9ddd948beec0&sub2=1032
Effective URL:
https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_i...
Submission: On February 05 via api (February 5th 2024, 10:57:25 pm UTC) from US — Scanned from US

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3037::ac43:bfb7, located in United States and belongs to CLOUDFLARENET, US. The main domain is fjordextramundane.life.
TLS certificate: Issued by GTS CA 1P5 on January 3rd 2024. Valid for: 3 months.

This is the only time fjordextramundane.life was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.145.208.238 194.145.208.238	200514 (KNOWNSRV) (KNOWNSRV)
1 1	2606:4700:303... 2606:4700:3034::ac43:ac11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 20	2606:4700:303... 2606:4700:3037::ac43:bfb7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e6:... 2606:4700:e6::ac40:cf26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e2:... 2606:4700:e2::ac40:8f15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:e2:... 2606:4700:e2::ac40:8e15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	4

1 194.145.208.238 (Amsterdam, Netherlands) 1 redirects

ASN200514 (KNOWNSRV, GB)

upsearching.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:ac11 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.redirectingservices.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3037::ac43:bfb7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fjordextramundane.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:cf26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8f15 (United States)

ASN13335 (CLOUDFLARENET, US)

trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:8e15 (United States)

ASN13335 (CLOUDFLARENET, US)

event.trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	fjordextramundane.life 1 redirects fjordextramundane.life	1 MB
5	trk-consulatu.com trk-consulatu.com — Cisco Umbrella Rank: 78920 event.trk-consulatu.com — Cisco Umbrella Rank: 154645	3 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	426 KB
1	redirectingservices.org 1 redirects www.redirectingservices.org	850 B
1	upsearching.com 1 redirects upsearching.com	645 B
25	5

	Domain	Requested by
20	fjordextramundane.life	1 redirects fjordextramundane.life
4	event.trk-consulatu.com	trk-consulatu.com
1	trk-consulatu.com	fjordextramundane.life
1	use.fontawesome.com	fjordextramundane.life
1	www.redirectingservices.org	1 redirects
1	upsearching.com	1 redirects
25	6

This site contains no links.

Subject Issuer	Validity	Valid
fjordextramundane.life GTS CA 1P5	`2024-01-03` - `2024-04-02`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
trk-consulatu.com GTS CA 1P5	`2023-12-26` - `2024-03-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
Frame ID: 964D2947BFEE01C30DE0096DFF60A3CE
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Survey Rewards

Page URL History Show full URLs

http://upsearching.com/b4jhwh6/26fg9tk3/?sub1=10253502ca0f84a17e9ddd948beec0&sub2=1032 HTTP 302
https://www.redirectingservices.org/24QSBG/TNRTX22/?source_id=5629&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8 HTTP 302
https://fjordextramundane.life/W7ZbTISiOl/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&... HTTP 302
http://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=... HTTP 307
https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=... Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

25
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

1957 kB
Transfer

2804 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://upsearching.com/b4jhwh6/26fg9tk3/?sub1=10253502ca0f84a17e9ddd948beec0&sub2=1032 HTTP 302
https://www.redirectingservices.org/24QSBG/TNRTX22/?source_id=5629&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8 HTTP 302
https://fjordextramundane.life/W7ZbTISiOl/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11 HTTP 302
http://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11 HTTP 307
https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fjordextramundane.life/
Redirect Chain

http://upsearching.com/b4jhwh6/26fg9tk3/?sub1=10253502ca0f84a17e9ddd948beec0&sub2=1032
https://www.redirectingservices.org/24QSBG/TNRTX22/?source_id=5629&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8
https://fjordextramundane.life/W7ZbTISiOl/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
http://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11

29 KB
5 KB

309ms
308ms

Document
text/html

2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be11a552e947432fc6bda78ce366ff8b05bffc7c7c22310ed5463e7bffc3e4ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 850ec05b2ac06dd1-MIA
content-encoding: br
content-type: text/html
date: Mon, 05 Feb 2024 22:57:16 GMT
expires: Mon, 05 Feb 2024 22:57:15 GMT
last-modified: Sun, 14 Jan 2024 23:57:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6A%2Bww3XC1xS517YDXdwELCK%2F0we0Xq7evBqH%2BxaAidpLEBPuXulFlnCKBX5uIewarQneXjfS2mY8XsEBDgef6gIgHIXn7HhOuDHznXY9heXqXaXL5SGgs7n6sXvu6emGC0PKMCUVE%2FV69to8sU32JbJsycVM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
Non-Authoritative-Reason: HSTS

GET
H3 200 style.css
fjordextramundane.life/css/ 15 KB
4 KB 1148ms
1118ms Stylesheet
text/css 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fjordextramundane.life/css/style.css

Requested by

Host: fjordextramundane.life
URL: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27a144b3c249b7ce08248cfd7b766dfa74de3841e2d9c9afd71dfe83eb92a38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 14 Jan 2024 23:57:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65a474dc-3cbf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIgfONn2MmqfXyJn5bs4BzVhB2ZpqeCkFzVcp2RDcNWm4mAhOUbv908w6%2FVYer4AJOYn51leVcHNRjQvJHpR15brbU6UQORL2Je%2B5IgYVHvIjz30xHMqu1J8sIvIa9ufg2c5SS5WdCa8vzyJnzynOtfYfq0b"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 850ec05d4aa56da9-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 22:57:16 GMT

GET
H3 200 animate.min.css
fjordextramundane.life/css/ 70 KB
6 KB 854ms
822ms Stylesheet
text/css 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fjordextramundane.life/css/animate.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 14 Jan 2024 23:57:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65a474db-11846"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tVJUSUZddi5WhWaphFVdVuqlHxZr2Qx9ejNcixI8zP2ehAQjjt8QcgAEOzR7ne6xpwsdbYf2D2W4re1g8LJ8B5SOTKbigrCOGaXpH124OmEoXf%2BJXrpFiXe1g6bpiF85iO2ukaqWxqPvq0L5gQU%2BDkzfNcf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 850ec05d4aaf6da9-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 22:57:16 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.15.4/js/ 1 MB
426 KB 243ms
161ms Script
application/javascript 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/js/all.js
Requested by: Host: fjordextramundane.life
URL: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

Request headers

Referer: https://fjordextramundane.life/
Origin: https://fjordextramundane.life
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5e29440867fdb02a48dffded02338c31"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKaTeadqWiMm%2F352T9yx0E%2BBItsKSyQYhTgmgmhtOutgt%2BQ0l16lEC6vvOsyEuu%2FhrDmS5b%2Bs%2BWstpKQOTpAnz%2FsILw%2BjXxmeDVEBTuuk87CkdXfhe0iR6KM%2F7qShI05K9zTzzLy9W6R1uyDrJufTu7X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 850ec0663a95287a-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 datehead.js Show response
fjordextramundane.life/js/ 2 KB
1 KB 860ms
828ms Script
application/javascript 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fjordextramundane.life/js/datehead.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a45cef5e46aa1a339428e2ad060b97029c6e4470bff8b15d6a04c1d614d7b791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 14 Jan 2024 23:57:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65a474d9-99c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=re%2FUUG5%2FdFCOq%2Bep%2BXgR9KQCjlgCFyPrPMFnB4VcujDy1TTVmbBOqxaRKD8Pdkvq%2BYVdpOCV2j%2Bv0b8PNKMv%2FZ%2BT%2FDKp5AmUxJLj4uQS5xpJmC8hajHnSwMKXf5j1eN2JZTueFoftDboUv%2F%2BFHLEeMwa06Ex"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 850ec05d4ab26da9-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 22:57:16 GMT

GET
H3 200 logo.png
fjordextramundane.life/images/ 29 KB
30 KB 1119ms
1088ms Image
image/png 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fjordextramundane.life/images/logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e3edbcf2348ebf5dd1ecc6dce7d1f4f482be84a0148459991da3813e7f7f673

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 29766
last-modified: Sun, 14 Jan 2024 23:57:23 GMT
server: cloudflare
etag: "65a474e3-7446"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjkLsgD02piz7nBkgeN2Db1gZXMTwYx5TMoJS%2BVBuuFAB%2FC45S52um62ynfRuA%2BwmZ09WBbTq5YtX7iggIk4e2EyT%2FBKQL6wm76Ul%2BHMcXPzbbAYAS35LuDZI7W6qxI3juQfv1vmdu3tN3VuoK9wlEuY8qIA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 850ec05d4ab46da9-MIA
expires: Mon, 05 Feb 2024 22:57:16 GMT

GET
H3 200 flaglogo.png
fjordextramundane.life/images/ 2 KB
2 KB 851ms
819ms Image
image/png 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fjordextramundane.life/images/flaglogo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1781
last-modified: Sun, 14 Jan 2024 23:57:28 GMT
server: cloudflare
etag: "65a474e8-6f5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2u9J4ACRFb%2BXtdMC%2BPbC93UE0FdT7sZqS2Puj%2B4%2FRBed6sKznaSxIhlZGCV%2Fb1VSpqvDfjTyUwq00xbVKevKahJnDXud%2FTb%2B4OwUwImSZj4kZXeUz794RRBTEmsYmJHGNJfvFShs8LlWyQHK627Mc%2BV%2BG9fZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 850ec05d4ab66da9-MIA
expires: Mon, 05 Feb 2024 22:57:16 GMT

GET
H3 200 product.png
fjordextramundane.life/images/ 369 KB
370 KB 559ms
559ms Image
image/png 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fjordextramundane.life/images/product.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2de97776b8851b17a9848f6bc3e2497ac2b9d9ac3ac544f054bfe9b1911e81d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 378112
last-modified: Sun, 14 Jan 2024 23:57:21 GMT
server: cloudflare
etag: "65a474e1-5c500"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKOocJVH7f54WiLa7vIW0gKS0suzJQw7QyMbSpB3Y7Q8rgeWcBXq9xRC77vNFOcHqDoIUxBo1HjDdXNK%2BuM2TrIC%2BqxQgLmkURf0QynnYvQGNr0CPXbalUlVMAVEyJb6ZVKp2LEF1Ws97IwOQ5AVGTGsw13f"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 850ec06269936da9-MIA
expires: Mon, 05 Feb 2024 22:57:16 GMT

GET
H3 200 loadingBL.gif
fjordextramundane.life/images/ 118 KB
118 KB 302ms
301ms Image
image/gif 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fjordextramundane.life/images/loadingBL.gif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58669c15b15430de02d4aa06b4e725ad0763e1edcd99f946d998dfa9b350c699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 120380
last-modified: Sun, 14 Jan 2024 23:57:19 GMT
server: cloudflare
etag: "65a474df-1d63c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4qaLla2Eo4tqLfBxQ3YNfcDIuHKyVJ2UbalPXmir%2FWB9aBGfoXTYkBGVZR0NI%2FzusOmCvTgxF3l5zwnqqrJaPO1Iub2uVIGdbCliG3z5ysoFVnqpJPlbfee9%2BOcld5gdIkUvIe0fxAC8HCykovJbiUug%2FcU"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 850ec0647c796da9-MIA
expires: Mon, 05 Feb 2024 22:57:16 GMT

GET
H3 200 prize1.png
fjordextramundane.life/images/ 551 KB
552 KB 318ms
308ms Image
image/png 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fjordextramundane.life/images/prize1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffb56d3b6cdef0fa30cf2f5c6c944efc65f832fbf0c2b796426657470428c923

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 564361
last-modified: Sun, 14 Jan 2024 23:57:20 GMT
server: cloudflare
etag: "65a474e0-89c89"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBmUD6fou2je0Lxgt1EOB7g4aChzxXkx7Iz%2BGHcecrVX5ILEER6mdqYBbgBmCPdbQso90oFEI36FD955j%2FqEYz5ujhqcL%2BC5BAfCr%2FzBKjoDsWScWLHUMMKn%2F3PRnL07vRrbOqHG5kJ5vg%2FGu3QTV0aQ%2BJDB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 850ec065ce136da9-MIA
expires: Mon, 05 Feb 2024 22:57:16 GMT

GET
H3 200 1.jpg
fjordextramundane.life/images/ 45 KB
45 KB 326ms
317ms Image
image/jpeg 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fjordextramundane.life/images/1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e7dc85c3520478d73fe61832297fec8e37955e03ee8a87108030f50582841fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 45907
last-modified: Sun, 14 Jan 2024 23:57:27 GMT
server: cloudflare
etag: "65a474e7-b353"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Id0B%2B11fskJAfOqUFHtaq4GdP9GRQCyEaVlFfv17JItZKQ8%2FDovAG7TcvDLuTHdlzyforFviK7eLyirmvfjpz3ugeCsumLAAZtd0vU98GOjzmyuPpUUsFUxwmFsLJt1h46pfuCzna63z%2F9fO1ZRI0AcitxhN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 850ec065ce186da9-MIA
expires: Mon, 05 Feb 2024 22:57:16 GMT

GET
H3 200 2.jpg
fjordextramundane.life/images/ 48 KB
48 KB 865ms
854ms Image
image/jpeg 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fjordextramundane.life/images/2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32444886364c971cff1c32a7f2b0a81ec06c739cc5a1780dc8c26bfd39d2a447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 48965
last-modified: Sun, 14 Jan 2024 23:57:25 GMT
server: cloudflare
etag: "65a474e5-bf45"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IMMPlvpiLijiwaxc2RSkFBsVseFeujDVdJACh0fbskjpkwD7VTgXghQUxxmq%2BbV%2BJnXIk1rZfDFuYJAV3WzLZHySwUWMYxs1hfIk90413GJFPHTIdoYff5UE9XzLafONVL23GUL1fD46hzBLjoi8kBFwX4z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 850ec065ce1c6da9-MIA
expires: Mon, 05 Feb 2024 22:57:17 GMT

GET
H3 200 3.jpg
fjordextramundane.life/images/ 49 KB
49 KB 868ms
858ms Image
image/jpeg 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fjordextramundane.life/images/3.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7be9e8a2a42c6296ec989ea3cdafbc1f145eb8169c3b40ee634996b9f2c7ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 49820
last-modified: Sun, 14 Jan 2024 23:57:26 GMT
server: cloudflare
etag: "65a474e6-c29c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEPGOYPWcCCod4j0WwfnwkmcpKHfDf0j1pojfmSla4KH8cetCO%2Fa4gMYf7a6Gk4i9TvRp5VhH8P4ikTZEfnTkP%2FRDDJjPxZQXJkQB2AmjuVYcHqdMN2v3lWeEDpMyJUI%2Bp6s97ey7ydiPQwy%2F7%2F7H3q73%2BOO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 850ec065ce1f6da9-MIA
expires: Mon, 05 Feb 2024 22:57:17 GMT

GET
H3 200 4.jpg
fjordextramundane.life/images/ 38 KB
38 KB 1088ms
1078ms Image
image/jpeg 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fjordextramundane.life/images/4.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e5737a7a9e0d9588443dd20d2c4cda5034ee79b4caf2d2d61daa8a811196d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 38543
last-modified: Sun, 14 Jan 2024 23:57:20 GMT
server: cloudflare
etag: "65a474e0-968f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1r3X2Zo6a5W%2FRa1YE4WTCH60GGffEhy0kYMRhKHusODkIaKeu8O3sfWpMOoedvrL8NUgDLpyzUVbeIVqKvnJN9kK6iWgy034v9Lxr10IT6VOPq41fsUzrASYnGCrNeCeYnCanz0bZh7fmP0veSmB%2F7PHxLIq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 850ec065ce216da9-MIA
expires: Mon, 05 Feb 2024 22:57:17 GMT

GET
H3 200 5.jpg
fjordextramundane.life/images/ 36 KB
37 KB 1118ms
1110ms Image
image/jpeg 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fjordextramundane.life/images/5.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

204928c8b1cbaf5a3e846e0616dbb17af95a0fbe4846008c1b1f771620114b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 37181
last-modified: Sun, 14 Jan 2024 23:57:18 GMT
server: cloudflare
etag: "65a474de-913d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiHUgtv107s6CQou2XNbH%2Fxb6qXy%2BACM8KBBlAkrkMUSvaRJN6DTS6wRwGM%2BoKb7Duf9oOHJ50%2BwDJikABoUKK9K76b4xoGwsaptvURnFP8QGwxSBuKdn6x9ZWfzxMvwo5kzLjMYLmXP6XQK%2BZmEJ%2FxZ0IyD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 850ec065ce236da9-MIA
expires: Mon, 05 Feb 2024 22:57:17 GMT

GET
H3 200 f_guarantee.png
fjordextramundane.life/images/ 6 KB
7 KB 868ms
861ms Image
image/png 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fjordextramundane.life/images/f_guarantee.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6352
last-modified: Sun, 14 Jan 2024 23:57:18 GMT
server: cloudflare
etag: "65a474de-18d0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02I5%2BMLiuaeL1ONF%2FPgrwW7jXNHOrJ7TdodgK6HX0Qg5AfLPTizQLj94Q60J6gzuceEjYHX5YxaeHy54X3rCRXZY0rFArYX%2FR8J1GF7SJKdQvVD7e%2FG1vYVMAsfcG5vpHohCteGpWGj942%2Fp6cwDjhaQsdb4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 850ec065ce246da9-MIA
expires: Mon, 05 Feb 2024 22:57:17 GMT

GET
H3 200 f_secure_1.png
fjordextramundane.life/images/ 10 KB
10 KB 1117ms
1110ms Image
image/png 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fjordextramundane.life/images/f_secure_1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9862
last-modified: Sun, 14 Jan 2024 23:57:24 GMT
server: cloudflare
etag: "65a474e4-2686"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqYUVlzXikZXqrqrvsqGE7DfUzN2kn9JuLx9fOYWFPfB1ltWGQwQhnJIecQGxNlxx7iDAl%2BpZOFmF%2B%2F2klu6bqUYujXrbdnwWFg046yfjwv9APU%2BzdS4z7jewyV5qg28tr7CjAgA5LpyR%2Fm%2BaO%2BTWN0x1ObG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 850ec065ce266da9-MIA
expires: Mon, 05 Feb 2024 22:57:17 GMT

GET
H3 200 logo2.png
fjordextramundane.life/images/ 29 KB
30 KB 868ms
862ms Image
image/png 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fjordextramundane.life/images/logo2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0200467d85ede9ac0e20989b704f72553573d4c25fdb8eb64d4644fa9572e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 29795
last-modified: Sun, 14 Jan 2024 23:57:24 GMT
server: cloudflare
etag: "65a474e4-7463"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HB0BTnYvVGiUhhtgCCf9%2FhsTgIN5%2Bh8LSWkA592w%2Fz1hCDjg9zTpgudCS4X55fJkFx%2BCIzAyaE3MKZWzPeTEpAc3JaluRkX2fHTxV9uAk28MT2YYJYa0Qnz8g7n8sPnshgMuj%2Fi5i7CTwRp4fwMzkOChd4J8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 850ec065ce286da9-MIA
expires: Mon, 05 Feb 2024 22:57:17 GMT

GET
H3 200 script.js Show response
fjordextramundane.life/js/ 10 KB
2 KB 325ms
315ms Script
application/javascript 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fjordextramundane.life/js/script.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4319caf485edd71c270a7ec98e0e0beeb70a69ba4d775ae345fc1b808ce56f86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 14 Jan 2024 23:57:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65a474da-28f7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IGjLDWq0PuDkS45uciIUSYJucxkq%2FRCPc%2FC1E0xrkO%2BFJErvZse4ZQpBnrc6zGu8hOsF4Az%2Ffq15h8AdqwJvpzmBBOYtSLgch1%2BQrhw8%2B%2FSiczTpwk%2BMl601fwsHMrmcqKUpycrC%2BOWk8W3kTHGrmdK1%2FPC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 850ec065ce166da9-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 05 Feb 2024 22:57:16 GMT

GET
H2 200 64d5p99gj0 Show response
trk-consulatu.com/scripts/push/script/ 7 KB
3 KB 206ms
108ms Script
application/javascript 2606:4700:e2::ac40:8f15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=fjordextramundane.life

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8f15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

113295f08f078fa06ef8632edd09b5f70bf9309e472fe2640030fd5d58e6d310

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:17 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Feb 2024 22:57:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdnmVgqvkd0yXxb0R4u1HOaEUD47MgxYykyoGMkT8whpDUKjosH%2BpYB2JMT0S3RrjuTXTQqAv9V2ag9ARZZfi9xSro7oS9X9Uw2jVN8BHu61E5UvGMXkkln89vG0SaOspkHStIWbrVbAQyN5zvQAqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 850ec06669450a1a-MIA
expires: 0

GET
H3 200 bg.png
fjordextramundane.life/images/ 173 KB
173 KB 1118ms
1112ms Image
image/png 2606:4700:3037::ac43:bfb7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fjordextramundane.life/images/bg.png

Requested by

Host: fjordextramundane.life
URL: https://fjordextramundane.life/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:bfb7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af80355db9198002ab1473de17ce4074a9e1acc7c60e33aadc65b192af8da4ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fjordextramundane.life/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:57:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 176915
last-modified: Sun, 14 Jan 2024 23:57:30 GMT
server: cloudflare
etag: "65a474ea-2b313"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Na%2BDWktigtxJjVTXPYmK1qPx0b6uj7ZkUyGuir%2FMvpvhJaX82Lh0YcoiWb9O7X%2FUvX%2BYvb25r27xr4oAg0qnww087IN9cebLJB1UIi4agw5IZLSUYY5mn9OTLixbE2YZAXsvZR5FdW2Pp1y1KoTCOgtthK6%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 850ec065ce296da9-MIA
expires: Mon, 05 Feb 2024 22:57:17 GMT

OPTIONS
H2 200 zqd20w74ek
event.trk-consulatu.com/register/event_log/ 0
0 150ms
72ms Preflight 2606:4700:e2::ac40:8e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/zqd20w74ek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fjordextramundane.life
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 850ec06f2f5d7416-MIA
content-length: 0
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date: Mon, 05 Feb 2024 22:57:19 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Dm2D6S4j98LMsG39Mwjmzj%2BfTSZ44QOKpVs1GOeb3khSZAxZ0ACttOvnXK8hcKPhDm05d0nE91vsQTJl5ju4xyIySCO5ypZdTy3PjHigkQTfeIR0OsFAPp4n7taR4UbHPKytmaBr7BL%2F7hcyHTrcizFA93AsA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 zqd20w74ek
event.trk-consulatu.com/register/event_log/ 0
0 71ms
70ms Fetch 2606:4700:e2::ac40:8e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/zqd20w74ek

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=fjordextramundane.life

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fjordextramundane.life/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Mon, 05 Feb 2024 22:57:19 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OO0pVd%2BhhRK0Nn6xNR9tLu5TzjI0QKEmlQCXI6j8TipgCzRYhI%2BtA%2FL3WmCYsGgdJ7ub2s683ClsNJGo9sEhaoAakYiwoRomNt2JPsKU7ZCWRx8GWZLOF1pLFMPaP2tjH9YX9AHjL5uu2JSU1x7j6COaIWSIoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 850ec06fa82b7416-MIA
x-pushplatformapp-params

POST
H2 200 zqd20w74ek
event.trk-consulatu.com/register/event_log/ 0
0 70ms
65ms Fetch 2606:4700:e2::ac40:8e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/zqd20w74ek

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=fjordextramundane.life

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fjordextramundane.life/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Mon, 05 Feb 2024 22:57:19 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jK3xmvBENU2KRCrM5K8zPwiaje5SJ3Aifuizkgb%2FuHoYP9NTW8fUFijQHF30EVLoUEr%2BVXnzn7jFLQNgKmu1jXeRnXKUSzeGI2lmNpazRj5HhhAnMNdPYxI9HaouEaeKx3JOzAbxeqLyVWJjncFF00teay83Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 850ec06fa8277416-MIA
x-pushplatformapp-params

OPTIONS
H2 200 zqd20w74ek
event.trk-consulatu.com/register/event_log/ 0
0 146ms
70ms Preflight 2606:4700:e2::ac40:8e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/zqd20w74ek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fjordextramundane.life
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 850ec06f2f607416-MIA
content-length: 0
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date: Mon, 05 Feb 2024 22:57:19 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15LQoIrkneGqGfiJzB%2B7FjTS2KrycQvJdbxGHauO1mNSMCLCEAJBSzKvIfd698nWokwLq2UEO%2B4%2FtsiKuK9mypLg%2BhVtonPiRPpr7YMwJQG6xPVL64VPryRzEB%2BhqYlWJalKmftFL%2BD9NHt1BCL3hmuScSk8FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.redirectingservices.org/	1970-01-20 18:14:20	Name: uniqueClick_TNRTX22 Value: b22f6d01-7fd4-4848-806a-9c6e1c17c63f:1707173834
www.redirectingservices.org/	1970-01-20 20:22:29	Name: transaction_id Value: ab706b4f5a4940a3887eb6dd930e37cb
fjordextramundane.life/	1969-12-31 23:59:59	Name: SESSIONIDS Value: W7ZbTISiOl

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other	error	URL: https://fjordextramundane.life/?encoded_value=LF4LQ&sub1=945ddbf4acfc4387be67bdd4f6ddc2e8&sub2=&sub3=&sub4=&sub5=13949&source_id=5629&ip=2001%3A550%3A1d05%3A1%3A%3A11 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-consulatu.com
fjordextramundane.life
trk-consulatu.com
upsearching.com
use.fontawesome.com
www.redirectingservices.org
194.145.208.238
2606:4700:3034::ac43:ac11
2606:4700:3037::ac43:bfb7
2606:4700:e2::ac40:8e15
2606:4700:e2::ac40:8f15
2606:4700:e6::ac40:cf26
113295f08f078fa06ef8632edd09b5f70bf9309e472fe2640030fd5d58e6d310
204928c8b1cbaf5a3e846e0616dbb17af95a0fbe4846008c1b1f771620114b33
27a144b3c249b7ce08248cfd7b766dfa74de3841e2d9c9afd71dfe83eb92a38c
2de97776b8851b17a9848f6bc3e2497ac2b9d9ac3ac544f054bfe9b1911e81d8
32444886364c971cff1c32a7f2b0a81ec06c739cc5a1780dc8c26bfd39d2a447
3e5737a7a9e0d9588443dd20d2c4cda5034ee79b4caf2d2d61daa8a811196d64
4319caf485edd71c270a7ec98e0e0beeb70a69ba4d775ae345fc1b808ce56f86
58669c15b15430de02d4aa06b4e725ad0763e1edcd99f946d998dfa9b350c699
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
8e7dc85c3520478d73fe61832297fec8e37955e03ee8a87108030f50582841fe
9e3edbcf2348ebf5dd1ecc6dce7d1f4f482be84a0148459991da3813e7f7f673
a45cef5e46aa1a339428e2ad060b97029c6e4470bff8b15d6a04c1d614d7b791
af80355db9198002ab1473de17ce4074a9e1acc7c60e33aadc65b192af8da4ab
be11a552e947432fc6bda78ce366ff8b05bffc7c7c22310ed5463e7bffc3e4ab
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
d7be9e8a2a42c6296ec989ea3cdafbc1f145eb8169c3b40ee634996b9f2c7ec8
db0200467d85ede9ac0e20989b704f72553573d4c25fdb8eb64d4644fa9572e1
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43
ffb56d3b6cdef0fa30cf2f5c6c944efc65f832fbf0c2b796426657470428c923

fjordextramundane.life Open in urlscan Pro 2606:4700:3037::ac43:bfb7 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

83 %IPv6

5 Domains

6 Subdomains

4 IPs

2 Countries

1957 kBTransfer

2804 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

32 JavaScript Global Variables

3 Cookies

2 Console Messages

fjordextramundane.life Open in urlscan Pro
2606:4700:3037::ac43:bfb7 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

1957 kB
Transfer

2804 kB
Size

3
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!