urlscan.io logo urlscan.io
SecurityTrails logo

ps-script.vsebas.workers.dev Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ps-script.vsebas.workers.dev/
Effective URL: https://ps-script.vsebas.workers.dev/
Submission: On September 01 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 4 countries across 25 domains to perform 64 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ps-script.vsebas.workers.dev.
TLS certificate: Issued by E1 on July 5th 2023. Valid for: 3 months.
This is the only time ps-script.vsebas.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 205.234.175.175 30081 (CACHENETW...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 91.235.133.113 30286 (THM)
1 2606:2800:220... 15133 (EDGECAST)
1 2606:4700:303... 13335 (CLOUDFLAR...)
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:ec80:300... 14907 (WIKIMEDIA)
1 1.1.1.1 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 1 204.79.197.219 8068 (MICROSOFT...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 104.17.233.12 13335 (CLOUDFLAR...)
1 2606:4700:7::... 13335 (CLOUDFLAR...)
1 104.19.154.16 13335 (CLOUDFLAR...)
1 23.209.233.112 16625 (AKAMAI-AS)
2 2606:2800:234... 15133 (EDGECAST)
1 2606:4700:7::... 13335 (CLOUDFLAR...)
1 104.17.95.20 13335 (CLOUDFLAR...)
64 24
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ps-script.vsebas.workers.dev
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
cdn.ckeditor.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    91.235.133.113 (United States)

ASN30286 (THM, US)
imgs.signifyd.com
1    2606:2800:220:1:248:1893:25c8:1946 (United States)

ASN15133 (EDGECAST, US)
example.com
1    2606:4700:3035::ac43:bb76 (United States)

ASN13335 (CLOUDFLARENET, US)
klarittyjoy.com
8    2606:4700:3035::6815:3e54 (United States)

ASN13335 (CLOUDFLARENET, US)
examples.page-shield.workers.dev
csp-prototype.page-shield.workers.dev
test2.page-shield.workers.dev
1    2606:4700::6812:c0f (United States)

ASN13335 (CLOUDFLARENET, US)
workers.dev
1    2606:4700::6810:8409 (United States)

ASN13335 (CLOUDFLARENET, US)
workers.cloudflare.com
1    2a02:ec80:300:ed1a::1 (United States)

ASN14907 (WIKIMEDIA, US)
en.wikipedia.org
1    1.1.1.1 (None, )

ASN13335 (CLOUDFLARENET, US)
PTR: one.one.one.one
1.1.1.1
1    2606:4700::6811:6fb8 (United States)

ASN13335 (CLOUDFLARENET, US)
dash.cloudflare.com
2    2606:4700::6812:1c07 (United States)

ASN13335 (CLOUDFLARENET, US)
blog.cloudflare.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bing.com
2    2a02:26f0:3100::1735:2b70 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
1    204.79.197.219 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bing.co.uk
1    2606:4700:4400::6812:228a (United States)

ASN13335 (CLOUDFLARENET, US)
cn.pandora.net
1    104.17.233.12 (None, )

ASN13335 (CLOUDFLARENET, US)
global.direct.asda.com
1    2606:4700:7::a29f:863d (United States)

ASN13335 (CLOUDFLARENET, US)
useinsider.com
1    104.19.154.16 (None, )

ASN13335 (CLOUDFLARENET, US)
otvetstvennayaigra.betfair.com
1    23.209.233.112 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-233-112.deploy.static.akamaitechnologies.com
static.atgsvcs.com
2    2606:2800:234:305:1538:7d5:1af9:e7f (United States)

ASN15133 (EDGECAST, US)
cdn.sub2tech.com
1    2606:4700:7::a29f:853d (United States)

ASN13335 (CLOUDFLARENET, US)
assets.api.useinsider.com
1    104.17.95.20 (None, )

ASN13335 (CLOUDFLARENET, US)
www.americantourister.co.kr
Apex Domain
Subdomains		 Transfer
11 workers.dev
ps-script.vsebas.workers.dev
examples.page-shield.workers.dev
csp-prototype.page-shield.workers.dev
test2.page-shield.workers.dev
workers.dev
6 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
workers.cloudflare.com — Cisco Umbrella Rank: 353999
dash.cloudflare.com — Cisco Umbrella Rank: 88376
blog.cloudflare.com — Cisco Umbrella Rank: 433732
foo.cloudflare.com Failed
14 KB
3 bing.com
bing.com — Cisco Umbrella Rank: 26
www.bing.com — Cisco Umbrella Rank: 75
1 KB
2 sub2tech.com
cdn.sub2tech.com — Cisco Umbrella Rank: 110043
2 KB
2 useinsider.com
useinsider.com — Cisco Umbrella Rank: 9207
assets.api.useinsider.com — Cisco Umbrella Rank: 29452
23 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
16 KB
1 americantourister.co.kr
www.americantourister.co.kr
7 KB
1 atgsvcs.com
static.atgsvcs.com — Cisco Umbrella Rank: 20791
34 KB
1 betfair.com
otvetstvennayaigra.betfair.com
4 KB
1 asda.com
global.direct.asda.com
3 KB
1 pandora.net
cn.pandora.net
1 bing.co.uk
bing.co.uk
288 B
1 wikipedia.org
en.wikipedia.org — Cisco Umbrella Rank: 4143
1 klarittyjoy.com
klarittyjoy.com
1 example.com
example.com — Cisco Umbrella Rank: 14078
malicious.cf-malicious-test.domain.example.com Failed
another.malicious.cf-malicious-test.domain.example.com Failed
new3.malicious.cf-malicious-test.domain.example.com Failed
threat.malicious.cf-malicious-test.domain.example.com Failed
cf-malicious-test.url.example.com Failed
cf-malicious-test.domain.example.com Failed
1 signifyd.com
imgs.signifyd.com — Cisco Umbrella Rank: 8255
255 B
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2771
17 KB
1 ckeditor.com
cdn.ckeditor.com — Cisco Umbrella Rank: 18136
194 KB
0 hookb.in Failed
hookb.in Failed
0 baefaweing.com Failed
baefaweing.com Failed
0 sefjse.com Failed
sefjse.com Failed
0 baeaweing.com Failed
baeaweing.com Failed
0 polinaryapp.com Failed
polinaryapp.com Failed
0 sascdn.com Failed
ced-ns.sascdn.com Failed
0 Failed
function sub() { [native code] }. Failed
64 25
Domain Requested by
4 examples.page-shield.workers.dev ps-script.vsebas.workers.dev
3 csp-prototype.page-shield.workers.dev ps-script.vsebas.workers.dev
2 cdn.sub2tech.com ps-script.vsebas.workers.dev
cdn.sub2tech.com
2 www.bing.com ps-script.vsebas.workers.dev
2 blog.cloudflare.com 1 redirects ps-script.vsebas.workers.dev
2 cdn.jsdelivr.net ps-script.vsebas.workers.dev
2 cdnjs.cloudflare.com ps-script.vsebas.workers.dev
2 ps-script.vsebas.workers.dev ps-script.vsebas.workers.dev
1 www.americantourister.co.kr ps-script.vsebas.workers.dev
1 assets.api.useinsider.com ps-script.vsebas.workers.dev
1 static.atgsvcs.com ps-script.vsebas.workers.dev
1 otvetstvennayaigra.betfair.com ps-script.vsebas.workers.dev
1 useinsider.com ps-script.vsebas.workers.dev
1 global.direct.asda.com ps-script.vsebas.workers.dev
1 cn.pandora.net ps-script.vsebas.workers.dev
1 bing.co.uk 1 redirects
1 bing.com 1 redirects
1 dash.cloudflare.com ps-script.vsebas.workers.dev
1 en.wikipedia.org ps-script.vsebas.workers.dev
1 workers.cloudflare.com ps-script.vsebas.workers.dev
1 workers.dev 1 redirects
1 test2.page-shield.workers.dev ps-script.vsebas.workers.dev
1 klarittyjoy.com ps-script.vsebas.workers.dev
1 example.com ps-script.vsebas.workers.dev
1 imgs.signifyd.com ps-script.vsebas.workers.dev
1 stackpath.bootstrapcdn.com ps-script.vsebas.workers.dev
1 cdn.ckeditor.com ps-script.vsebas.workers.dev
0 cf-malicious-test.domain.example.com Failed ps-script.vsebas.workers.dev
0 hookb.in Failed ps-script.vsebas.workers.dev
0 baefaweing.com Failed ps-script.vsebas.workers.dev
0 sefjse.com Failed ps-script.vsebas.workers.dev
0 baeaweing.com Failed ps-script.vsebas.workers.dev
0 foo.cloudflare.com Failed ps-script.vsebas.workers.dev
0 polinaryapp.com Failed ps-script.vsebas.workers.dev
0 cf-malicious-test.url.example.com Failed ps-script.vsebas.workers.dev
0 threat.malicious.cf-malicious-test.domain.example.com Failed ps-script.vsebas.workers.dev
0 new3.malicious.cf-malicious-test.domain.example.com Failed ps-script.vsebas.workers.dev
0 another.malicious.cf-malicious-test.domain.example.com Failed ps-script.vsebas.workers.dev
0 malicious.cf-malicious-test.domain.example.com Failed ps-script.vsebas.workers.dev
0 ced-ns.sascdn.com Failed ps-script.vsebas.workers.dev
0 cf-malicious-test.domain.example Failed ps-script.vsebas.workers.dev
64 41

This site contains links to these domains. Also see Links.

Domain
example.com
Subject Issuer Validity Valid
vsebas.workers.dev
E1		 2023-07-05 -
2023-10-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
cdn.ckeditor.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-06 -
2024-05-06		 a year crt.sh
imgs.signifyd.com
Go Daddy Secure Certificate Authority - G2		 2022-12-19 -
2023-12-19		 a year crt.sh
www.example.org
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-13 -
2024-02-13		 a year crt.sh
klarittyjoy.com
GTS CA 1P5		 2023-08-20 -
2023-11-18		 3 months crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-27 -
2023-11-17		 a year crt.sh
cloudflare-dns.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-12 -
2024-01-11		 a year crt.sh
dash.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-06-06 -
2024-06-05		 a year crt.sh
evecom.pandora.net
GlobalSign RSA OV SSL CA 2018		 2023-05-03 -
2024-03-23		 a year crt.sh
direct.asda.com
GlobalSign RSA OV SSL CA 2018		 2022-12-09 -
2024-01-10		 a year crt.sh
useinsider.com
Cloudflare Inc ECC CA-3		 2023-07-21 -
2024-07-19		 a year crt.sh
betfair.com
Cloudflare Inc ECC CA-3		 2023-04-25 -
2024-04-24		 a year crt.sh
static.atgsvcs.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-06 -
2024-07-10		 a year crt.sh
*.sub2tech.com
Go Daddy Secure Certificate Authority - G2		 2022-10-11 -
2023-11-11		 a year crt.sh
americantourister.co.kr
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-02-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ps-script.vsebas.workers.dev/
Frame ID: 730C9DF1463B09D26730EF813FAE8676
Requests: 63 HTTP requests in this frame

Frame: https://ps-script.vsebas.workers.dev/cdn-cgi/challenge-platform/scripts/invisible.js
Frame ID: FDA02DD3CD848FEFDE5D9D73E6CC96EF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ps-script.vsebas.workers.dev/ HTTP 307
    https://ps-script.vsebas.workers.dev/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /demandware\.static/
Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • api\.useinsider\.\w+/
Overall confidence: 100%
Detected patterns
  • atgsvcs.+atgsvcs\.js
Overall confidence: 100%
Detected patterns
  • <(?:script|link)[^>]*sh(?:Core|Brush|ThemeDefault)
Overall confidence: 100%
Detected patterns
  • twemoji(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

64
Requests

48 %
HTTPS

69 %
IPv6

25
Domains

41
Subdomains

24
IPs

4
Countries

318 kB
Transfer

1050 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ps-script.vsebas.workers.dev/ HTTP 307
    https://ps-script.vsebas.workers.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://workers.dev/x.js HTTP 301
  • https://workers.cloudflare.com/
Request Chain 32
  • https://blog.cloudflare.com/foo.js HTTP 301
  • https://blog.cloudflare.com/foo.js/
Request Chain 34
  • https://bing.com/foo.js HTTP 301
  • https://www.bing.com/foo.js?toWww=1&redig=568BDD718CAE4A0D96FC5A58684A2774
Request Chain 37
  • https://bing.co.uk/da.js HTTP 301
  • https://www.bing.com/da.js?cc=gb

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ps-script.vsebas.workers.dev/
Redirect Chain
  • http://ps-script.vsebas.workers.dev/
  • https://ps-script.vsebas.workers.dev/
25 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a134fad8f844570dd4604166d4d93f29aa2275482e7dbb7557bb4c04c56a9366

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
7fff723879a11d84-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Fri, 01 Sep 2023 18:06:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6%2BMfvrEtGnefGZzWPKuATfroMV0zgduTT3i8ZUplrpywic5%2BC4sTimw3lZkPWIDLVapGtEDtv%2BD5EwmQ0mbYbVIcKW6Btso7UQabBJ09fdWP%2BIHA6Fsaonr8CpaNgW4DoJoFcOcps8M6iYdxZOZqZWvAh9TIh9BzQka"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://ps-script.vsebas.workers.dev/
Non-Authoritative-Reason
HSTS
fontawesome.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/fontawesome.min.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc47119fdcd69986bc537c3f32fcd1a2c84e145c1037b9d1f597e0a8f090d55
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://ps-script.vsebas.workers.dev/
Origin
https://ps-script.vsebas.workers.dev
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2158393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11768
last-modified
Thu, 22 Jun 2023 11:02:19 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a3b-2df8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7ph4JxnonBnQTHi6vE9ISj17Z6oCY5cNkspRCRDVaAzjow2KxEbhCQaKfZyh%2FxumF8BtrOVPsLFCTFo1ofbS%2Bm%2B%2BYFEt8qOdYs5Zw1TxYBC%2B46u0A7b0iXC47bZ2a4nUN39khZcYp9ipzAm299oAwkj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fff723919224d44-FRA
expires
Wed, 21 Aug 2024 18:06:16 GMT
ckeditor.js
cdn.ckeditor.com/4.16.0/standard/ 		650 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ckeditor.com/4.16.0/standard/ckeditor.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
1a95c5e72dcd353cc2d1c4bc1e57062ff6f01e3d7b6720ab7af0de6924da5395
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
x-cf-tsc
1693487928
x-content-type-options
nosniff
x-cf3
H
cf4ttl
604800.000
content-encoding
gzip
x-cf1
28810:fB.ams1:co:1692882985:cacheN.ams1-01:M
x-cf-reqid
38359ae046de6dd4dee010efa32f9a7b
content-length
197775
x-xss-protection
1; mode=block
x-cf2
H
last-modified
Tue, 26 Jan 2021 16:34:42 GMT
server
CFS 0215
x-cff
B
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800, public
cf4age
604836
accept-ranges
bytes
x-cf-rand
63.994
expires
Thu, 31 Aug 2023 13:17:07 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ps-script.vsebas.workers.dev/
Origin
https://ps-script.vsebas.workers.dev
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cdn-edgestorageid
1075
cdn-cachedat
01/04/2023 07:40:19
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"61f338f870fcd0ff46362ef109d28533"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
ad9de506225bbde817e4ee476ca055ff
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7fff72393f06bbc7-FRA
cdn-requestpullsuccess
True
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ps-script.vsebas.workers.dev/
Origin
https://ps-script.vsebas.workers.dev
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10988596
x-jsd-version
1.16.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230124-FRA, cache-yyz4561-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5X3KIkoFRT0VzExuFdG2j5NA0TvB6SWeltxpBo2ofHERyOzUaaHniesn34qm5wn5xq%2BN8YB1xAGvU8YlTeaGkz%2FblelBClDEuAWvGZtXnv3qgrpBzdIJxI8Ax6TWxAvQuzbEMghMzfiqpeaAUvw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7fff7239287e37ef-FRA
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js?x=asdas
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ps-script.vsebas.workers.dev/
Origin
https://ps-script.vsebas.workers.dev
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10988596
x-jsd-version
1.16.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230124-FRA, cache-yyz4561-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tc5QxLXNOAAJ5bVgVpYgGjDgngUFCUpQbUi8Z52RrGOZzjGuGeq%2BMakDMCNV4AEBREGt333cK0qdHbah0BjsFa3V3RW0B6T9V4nanJ8YaclfZwtqaho8MTdCG%2FRhSI4Zj7NnATsLhi7b35ks8vc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7fff7239288237ef-FRA
badthing.js
cf-malicious-test.domain.example/ 		0
0
sas-banner-1.1.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ 		0
0
clear3.png;CIS3SID=A1B1472639831C2EA63E92714FC7F5EF
imgs.signifyd.com/fp/ 		2 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imgs.signifyd.com/fp/clear3.png;CIS3SID=A1B1472639831C2EA63E92714FC7F5EF
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.113 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 18:06:16 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Content-Language
en
Content-Type
text/html;charset=utf-8
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
2
2023.5.0.js
example.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://example.com/2023.5.0.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:1:248:1893:25c8:1946 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
shBrushJScript.min.js
cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/scripts/ 		821 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/SyntaxHighlighter/3.0.83/scripts/shBrushJScript.min.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa17a8bb36e3b53ec3b55b141463cfaa6e036cf10c0dacf7d181fca83a6974f4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10985046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
342
last-modified
Mon, 04 May 2020 16:04:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf2-335"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BG2rt91y0bChojewoEIaDGpmee33IAuakOoORias%2BGgX%2FpOvZKBdNXLNElFf2WH73gU78OyDIHm8XDcrrxCNknVVesmylrtzsmKCERTS9AfZ0ttbpLFqRpPWKxsqncvhL543kXPco6r%2B2Hedjn%2FuJbXS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fff723918213831-FRA
expires
Wed, 21 Aug 2024 18:06:16 GMT
1.js
malicious.cf-malicious-test.domain.example.com/ 		0
0
1.js
another.malicious.cf-malicious-test.domain.example.com/ 		0
0
990.js
new3.malicious.cf-malicious-test.domain.example.com/ 		0
0
test.js
klarittyjoy.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://klarittyjoy.com/test.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:bb76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
1.js
threat.malicious.cf-malicious-test.domain.example.com/ 		0
0
500.js
cf-malicious-test.url.example.com/ 		0
0
100.js
cf-malicious-test.url.example.com/ 		0
0
990.js
cf-malicious-test.url.example.com/ 		0
0
new3.js
cf-malicious-test.url.example.com/ 		0
0
21ecefdd84a1d2a730.js
polinaryapp.com/ 		0
0
0001.js
examples.page-shield.workers.dev/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://examples.page-shield.workers.dev/0001.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3e54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
cf-malicious-test-script-new3.js
examples.page-shield.workers.dev/ 		87 B
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://examples.page-shield.workers.dev/cf-malicious-test-script-new3.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3e54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bbb990624b2a4a0a7206c70ca6ed2a82470dec17358d99ae81df54240f9334b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
content-encoding
br
referrer-policy
unsafe-url
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37jK96nvMG04akSwkvg6HpMdrbslUCiHCOXMZ%2BKBHZYx9hD1oGA7YsLcqBvdtycS0kNmvBwwhrXOu8dRPW7WAsM0RCabwfeqT7jkRUDscg67g04GRV5HwV5g3KQHgZRN3W13TnwmSSeX5RWhp9%2B1efdimvM4HpohmBujxuDLgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
feature-policy
none
cf-ray
7fff72396a8d361d-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
cf-malicious-test-script-new1.js
examples.page-shield.workers.dev/ 		87 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://examples.page-shield.workers.dev/cf-malicious-test-script-new1.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3e54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bbb990624b2a4a0a7206c70ca6ed2a82470dec17358d99ae81df54240f9334b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
content-encoding
br
referrer-policy
unsafe-url
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4d2PWxoUp4pP01p5NAqKgt7WoYL3glw8q0d2ykzlbwls3nx1iKj8Xi%2FG6ml0FSU93p59SRY5wThAahL%2BzH5wHeO%2BSCOugwz917qmwwsODYB%2FojENZXoMOaVOsaxt7V0T7%2FerS8wAx7N%2FUYEGw1kpv8CVwlv5GSwbG%2FkU%2FMTZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=UTF-8
vary
Accept-Encoding
feature-policy
none
cf-ray
7fff72396a8f361d-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
external-script-1.js
csp-prototype.page-shield.workers.dev/ 		282 B
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://csp-prototype.page-shield.workers.dev/external-script-1.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3e54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c201d2f72e351b4fcdc676a29bc1b25233047ec43af3161f8bb074e19ada10

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THQ2B3SqjaQiu3H8IwCZAEZ2YhETgEN7QJjo6dOvQaHxTAiV953TIhhdFv%2F1rtN51BJUApbLGSIYc8kyfpPO20n3nYfh0u7yVc%2B%2FF7P3Wj92V9dqF7S2Y9XkdnaxVLN7OgeC%2FaaKKGn2bKrHeZZQueo6twxBOQHMo9D9JCyoEHd5VYOO"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
7fff723969af3656-FRA
alt-svc
h3=":443"; ma=86400
external-script-2.js
csp-prototype.page-shield.workers.dev/ 		282 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://csp-prototype.page-shield.workers.dev/external-script-2.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3e54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c201d2f72e351b4fcdc676a29bc1b25233047ec43af3161f8bb074e19ada10

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxriT%2ByzwVkzO15HsgPj%2F5FGVCYBGLVzqi2B80l1c0qa%2FuvdJiu8uZe%2BOCD4YDdR31IjJMcgomfUVp882AHwXz7KjE7pDSxFAp4t%2Bp8%2Feq40ifCtGLFGTODQVGJAabbODGnRjCIfXfjVmXIaBJyVzFC2XKTlmYJhZJbarVwLfJXteOhw"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
7fff723969b13656-FRA
alt-svc
h3=":443"; ma=86400
external-script-3.js
csp-prototype.page-shield.workers.dev/ 		282 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://csp-prototype.page-shield.workers.dev/external-script-3.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3e54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c201d2f72e351b4fcdc676a29bc1b25233047ec43af3161f8bb074e19ada10

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBmgFwIQlDC7dRr3045YdzM9AYktu4zJkmGIyehGm34pJPiK8SQxDb8wq9ldC3DZDT9cXtlCpVnyAKhlDtz%2BYJeGUpGmImdaTuwgqrZMetHDa4IFEq1BEZhxhZt8Q7fys%2BuHg4XAz7WAChT98o%2Fv0jHhutaYh3MJPjUPl8%2BT%2BPIUlUyd"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
7fff723969b33656-FRA
alt-svc
h3=":443"; ma=86400
foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001f...
examples.page-shield.workers.dev/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://examples.page-shield.workers.dev/foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001bar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001obar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001bar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001r0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001bar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3e54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dd%2BBQNQijho9L65xRWuhHnBEKIxR%2Fe0euGes8ovr7xVBJ%2BQbV62WxF0Z1lnCK%2B4z%2FK7Mgz3xEMIHmBesq16%2FoAveRm2oLzoDW6yl0j%2FzsjHXu6S9ZiCFq81zJVJt2vik74fp5Qq5S9qsAFefdWzsU%2B0%2F%2B%2BHFoy%2Fg2VL69ILNmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
7fff72398acb361d-FRA
alt-svc
h3=":443"; ma=86400
content-length
29
x.js
test2.page-shield.workers.dev/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://test2.page-shield.workers.dev/x.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3e54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
/
workers.cloudflare.com/
Redirect Chain
  • https://workers.dev/x.js
  • https://workers.cloudflare.com/
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://workers.cloudflare.com/
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Server
2606:4700::6810:8409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

location
https://workers.cloudflare.com
date
Fri, 01 Sep 2023 18:06:16 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
7fff72393f731e60-FRA
vary
Accept-Encoding
expires
Fri, 01 Sep 2023 19:06:16 GMT
x.js
en.wikipedia.org/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://en.wikipedia.org/x.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:ec80:300:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
site-16bcc13e690cc771698c.js
1.1.1.1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://1.1.1.1/site-16bcc13e690cc771698c.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.1.1.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
one.one.one.one
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
foo.js
dash.cloudflare.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dash.cloudflare.com/foo.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6fb8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
/
blog.cloudflare.com/foo.js/
Redirect Chain
  • https://blog.cloudflare.com/foo.js
  • https://blog.cloudflare.com/foo.js/
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.cloudflare.com/foo.js/
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Server
2606:4700::6812:1c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

date
Fri, 01 Sep 2023 18:06:16 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
location
/foo.js/
access-control-allow-origin
https://dash.cloudflare.com
cache-control
public, max-age=31536000
cf-ray
7fff72393e668fe9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 31 Aug 2024 18:06:16 GMT
foo.js
foo.cloudflare.com/ 		0
0
foo.js
www.bing.com/
Redirect Chain
  • https://bing.com/foo.js
  • https://www.bing.com/foo.js?toWww=1&redig=568BDD718CAE4A0D96FC5A58684A2774
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bing.com/foo.js?toWww=1&redig=568BDD718CAE4A0D96FC5A58684A2774
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Server
2a02:26f0:3100::1735:2b70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E5C39F76ADF541DABF0BC76539F134A6 Ref B: FRA31EDGE0622 Ref C: 2023-09-01T18:06:17Z
x-cdn-traceid
0.6c2b3517.1693591577.cd28dfa
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-CkCfszHm7lhGBdToNbhAZ1nOUtqv5yyJnLo04Tz0J+8='; base-uri 'self';report-to csp-endpoint
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-eventid
64f228194c0849fa9d00af3a4ee8147f
cache-control
private
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

date
Fri, 01 Sep 2023 18:06:15 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 503AED7EA56A415EA78F58A643D0DCF2 Ref B: AMS04EDGE1116 Ref C: 2023-09-01T18:06:16Z
vary
Accept-Encoding
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-1LT2EN0AIY2xySHUsfoJqLuUQCOvaiKWSbXVp7lfKUE='; base-uri 'self';report-to csp-endpoint
content-type
text/html; charset=utf-8
location
https://www.bing.com:443/foo.js?toWww=1&redig=568BDD718CAE4A0D96FC5A58684A2774
x-eventid
64f22818e2fd4e78b04111f01e22ebc0
cache-control
private
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache
CONFIG_NOCACHE
content-length
149
fadawoo.js
baeaweing.com/ 		0
0
awdkja.js
sefjse.com/ 		0
0
da.js
www.bing.com/
Redirect Chain
  • https://bing.co.uk/da.js
  • https://www.bing.com/da.js?cc=gb
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bing.com/da.js?cc=gb
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Server
2a02:26f0:3100::1735:2b70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1AE689B6ACF94BD293428CA9648E66F1 Ref B: FRAEDGE1512 Ref C: 2023-09-01T18:06:17Z
x-cdn-traceid
0.6c2b3517.1693591576.cd28e2d
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-Iz9fWuwGZJH5DIbzVLA/z70c9cNCDEzkm8hVB7zk/x0='; base-uri 'self';report-to csp-endpoint
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
x-eventid
64f228190fa040d097164679600bf679
cache-control
private
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

location
https://www.bing.com/da.js?cc=gb
date
Fri, 01 Sep 2023 18:06:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0E6F469295DD49CB9AB1C40099809B9E Ref B: AMS04EDGE3313 Ref C: 2023-09-01T18:06:16Z
content-length
0
test.js
baefaweing.com/ 		0
0
sbu_hc.js
cn.pandora.net/_ws_sbu/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cn.pandora.net/_ws_sbu/sbu_hc.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:228a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
service-worker.js
global.direct.asda.com/ 		33 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.direct.asda.com/service-worker.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.233.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3394dac0f13468fa6520075e33464e3adaa33b221146b5d6b05d58cafe64201
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
strict-transport-security
max-age=15552000; includeSubDomains
pragma
no-cache
last-modified
Fri, 01 Sep 2023 18:06:16 GMT
server
cloudflare
x-frame-options
DENY
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cf-ray
7fff72399fde9295-FRA
x-dw-request-base-id
aPUAyLpa8WQBAAB_
expires
Thu, 01 Dec 1994 16:00:00 GMT
wp-emoji-release.min.js
useinsider.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://useinsider.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:863d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 09 Apr 2023 12:00:59 GMT
server
cloudflare
etag
W/"6432a8fb-4904"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=30
cf-ray
7fff72393d37bbbf-FRA
expires
Fri, 01 Sep 2023 18:06:46 GMT
twemoji.js
otvetstvennayaigra.betfair.com/wp-includes/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://otvetstvennayaigra.betfair.com/wp-includes/js/twemoji.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.154.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cca73b5e8f7b1a1976c60afc2fe8ef02eb2ebfb951c0675431345f7ff3bfa107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
content-encoding
br
cf-polished
origSize=25798
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 09:56:41 GMT
cf-bgj
minify
server
cloudflare
etag
W/"64e72959-64c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5HJpAyVxHsZpeat3%2FH5uKVT3lm1rLSU7NFi22e7nwTTT63m2JyBK4Zz%2BIemwp4OoFpLdfaGBNynGsGo%2Fh4JxkuEK4OqVbcmtFN3DNkG9LsEF47d7La1R4JpExD%2FGSGLX%2BkH9m1hasbI1ieNjcdpIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7fff723968ed37ef-FRA
expires
Sat, 31 Aug 2024 18:06:16 GMT
atgsvcs.js
static.atgsvcs.com/js/ 		96 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.atgsvcs.com/js/atgsvcs.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.209.233.112 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-233-112.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2545ce6ce7bb78184be698e6a97455ba061153d4bd122c5fe740fb4c17840801

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 18:06:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Aug 2023 08:01:48 GMT
Server
AkamaiNetStorage
ETag
"01e3ab9df034745626c1bd3a59df3fa5:1693209708.681672"
Vary
Accept-Encoding
Content-Type
application/x-javascript
P3P
CP="NOI DSP COR NID CUR OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34820
sub2.js
cdn.sub2tech.com/CodeBase/LIVE/Min/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sub2tech.com/CodeBase/LIVE/Min/sub2.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:305:1538:7d5:1af9:e7f , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B87) /
Resource Hash
712da4ffb942e87da4129d246209cb397b7f04412906332b8ba87bf0df0dca2d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
content-encoding
gzip
content-md5
FCFxhMg6eFebCR+Rf9/r2Q==
age
6591
x-cache
HIT
content-length
1592
last-modified
Thu, 25 May 2023 05:14:05 GMT
server
ECS (amb/6B87)
x-ms-error-code
ConditionNotMet
etag
"0x8DB5CDEDC8510EF+gzip"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
10a159c9-701e-0018-10ef-dc045d000000
cache-control
max-age=120
x-ms-version
2018-03-28
accept-ranges
bytes
expires
Fri, 01 Sep 2023 18:08:16 GMT
opt-in-popup-helper.js
assets.api.useinsider.com/js/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.api.useinsider.com/js/opt-in-popup-helper.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:853d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d67fadec31f84edfd365b7a1ffb8335429a0fab142d1fc6bb2e7fd753f87088
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
3416
x-xss-protection
1
pragma
public
last-modified
Fri, 01 Sep 2023 16:48:54 GMT
server
cloudflare
etag
W/"64f215f6-d27f"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=18000
cf-ray
7fff72393a5c37ec-FRA
expires
Fri, 01 Sep 2023 23:06:16 GMT
kakaoStoreLocator.js
www.americantourister.co.kr/on/demandware.static/Sites-AmericanTouristerKR-Site/-/ko_KR/v1665602114344/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.americantourister.co.kr/on/demandware.static/Sites-AmericanTouristerKR-Site/-/ko_KR/v1665602114344/js/kakaoStoreLocator.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.95.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4afa0afd3ce52d49b89f7b15a354423daa9a9003935b41f3c52cbbf9f8432b1f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 25 Aug 2023 09:21:46 GMT
server
cloudflare
vary
accept-encoding
content-type
application/javascript
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
cf-ray
7fff72410d988fec-FRA
x-dw-request-base-id
IxxyNxoo8mQBAAB_
expires
Sun, 01 Oct 2023 18:06:18 GMT
sub2_custom_cbv.js
cdn.sub2tech.com/ccs// 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sub2tech.com/ccs//sub2_custom_cbv.js?r=36004
Requested by
Host: cdn.sub2tech.com
URL: https://cdn.sub2tech.com/CodeBase/LIVE/Min/sub2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:305:1538:7d5:1af9:e7f , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ps-script.vsebas.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
nP7QwexB8BhZVG2ZLa0Y
hookb.in/ 		0
0
foo
example.com/ 		0
0
barQwexB8BhZVG2ZLa0Y
hookb.in/ 		0
0
connectionPath2023
hookb.in/ 		0
0
connectionPath2
hookb.in/ 		0
0
foo
cf-malicious-test.domain.example.com/ 		0
0
/
cf-malicious-test.domain.example.com/ 		0
0
nP7QwexB8BhZVG2ZLa0Y
hookb.in/ 		0
0
foo
example.com/ 		0
0
barQwexB8BhZVG2ZLa0Y
hookb.in/ 		0
0
connectionPath2023
hookb.in/ 		0
0
connectionPath2
hookb.in/ 		0
0
foo
cf-malicious-test.domain.example.com/ 		0
0
/
cf-malicious-test.domain.example.com/ 		0
0
invisible.js
ps-script.vsebas.workers.dev/cdn-cgi/challenge-platform/scripts/ Frame FDA0 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ps-script.vsebas.workers.dev/cdn-cgi/challenge-platform/scripts/invisible.js
Requested by
Host: ps-script.vsebas.workers.dev
URL: https://ps-script.vsebas.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:06:18 GMT
content-encoding
gzip
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Be30yB8yqYhBMxfrxs%2B7zZ2Pzp2iIfkWK5vpdztennSYqWJooH9k9UfZmLVE%2FzGze7%2Fgj%2Brmqw3jL%2BYsguwiAJQovd4vnTu34Ofl42EWs6IPMrPdXeU20htRoZAxyKQ%2B1BTCVlXX8nlK4MbN1H0Gn922xNao2GCgujOW"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7fff7247db1e1d84-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cf-malicious-test.domain.example
URL
https://cf-malicious-test.domain.example/badthing.js
Domain
ced-ns.sascdn.com
URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.1.js
Domain
malicious.cf-malicious-test.domain.example.com
URL
https://malicious.cf-malicious-test.domain.example.com/1.js
Domain
another.malicious.cf-malicious-test.domain.example.com
URL
https://another.malicious.cf-malicious-test.domain.example.com/1.js
Domain
new3.malicious.cf-malicious-test.domain.example.com
URL
https://new3.malicious.cf-malicious-test.domain.example.com/990.js
Domain
threat.malicious.cf-malicious-test.domain.example.com
URL
https://threat.malicious.cf-malicious-test.domain.example.com/1.js
Domain
cf-malicious-test.url.example.com
URL
https://cf-malicious-test.url.example.com/500.js
Domain
cf-malicious-test.url.example.com
URL
https://cf-malicious-test.url.example.com/100.js
Domain
cf-malicious-test.url.example.com
URL
https://cf-malicious-test.url.example.com/990.js
Domain
cf-malicious-test.url.example.com
URL
https://cf-malicious-test.url.example.com/new3.js
Domain
polinaryapp.com
URL
https://polinaryapp.com/21ecefdd84a1d2a730.js
Domain
foo.cloudflare.com
URL
https://foo.cloudflare.com/foo.js
Domain
baeaweing.com
URL
https://baeaweing.com/fadawoo.js
Domain
sefjse.com
URL
https://sefjse.com/awdkja.js
Domain
baefaweing.com
URL
https://baefaweing.com/test.js
Domain
hookb.in
URL
https://hookb.in/nP7QwexB8BhZVG2ZLa0Y
Domain
example.com
URL
https://example.com/foo
Domain
hookb.in
URL
https://hookb.in/barQwexB8BhZVG2ZLa0Y
Domain
hookb.in
URL
https://hookb.in/connectionPath2023
Domain
hookb.in
URL
https://hookb.in/connectionPath2?a=1
Domain
cf-malicious-test.domain.example.com
URL
https://cf-malicious-test.domain.example.com/foo
Domain
cf-malicious-test.domain.example.com
URL
https://cf-malicious-test.domain.example.com/
Domain
hookb.in
URL
https://hookb.in/nP7QwexB8BhZVG2ZLa0Y
Domain
example.com
URL
https://example.com/foo
Domain
hookb.in
URL
https://hookb.in/barQwexB8BhZVG2ZLa0Y
Domain
hookb.in
URL
https://hookb.in/connectionPath2023
Domain
hookb.in
URL
https://hookb.in/connectionPath2?a=1
Domain
cf-malicious-test.domain.example.com
URL
https://cf-malicious-test.domain.example.com/foo
Domain
cf-malicious-test.domain.example.com
URL
https://cf-malicious-test.domain.example.com/

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome object| CKEDITOR object| bootstrap function| Popper function| hello function| sendExternalData undefined| matchPage undefined| serveOfflinePage undefined| matchStaticResource undefined| matchPattern undefined| isPLPSearch object| twemoji object| wp object| _ATGSvcs function| iaDecisionServiceConditionsCheck function| conditionsCheck function| runConditions function| odaHelper function| webChatHelper function| esHelper function| odaVariableParse function| webChatVariableParse function| esVariableParse function| showODAChat function| formatVersion function| isValidWebChatVersion function| showWebChat function| showEs function| odaSetPrimaryChatLanguage function| odaUpdateUser function| getConnectionData function| updateConnectionData function| webChatSetInfo function| getPreLaunchFormData function| resetPreLaunchForm function| webChatSetFormFields function| webChatSetLocale function| hasActiveWebChat function| isValidWebChatAction function| odaSendMessage function| odaReconnect function| esUpdateChatHiddenFields function| callRules object| links string| DEBUG_C string| DEBUG_IP_C function| enableLogView function| displayLogView function| rnAddWidget function| rnPush function| Rule object| ruleHash function| wrap function| guard function| loadRules function| loadSiteConfigs function| loadConfig function| loadInvites function| doNotCall object| session function| registerPublicCallback object| ATGSvcs object| CleverSet object| _$_5ee4 boolean| __SUB2_Loaded object| SUB2 object| helpers function| searchAndStore function| init_connection

8 Cookies

Domain/Path Name / Value
.bing.com/ Name: SUID
Value: M
.bing.com/ Name: MUID
Value: 03529D91394B6E8E31A88EEE381C6F94
.useinsider.com/ Name: __cf_bm
Value: 6_o9ZPsPgd51a2B.5xqHponZXWOKcLu0WE0BAQmXAPU-1693591576-0-AWX1aTwXDJ0qCeADVOF7mDvGxJqln3HWLqN077BmhjIseLQmBxpIvx24Cry/lbKu8W8l79+1B/hGjN6rGcjC9tA=
.dash.cloudflare.com/ Name: __cf_bm
Value: 1YoF74LhGen3Ea9e8cPslF7upZbv2I9PmVcwNPD3HTU-1693591576-0-Ab0Mx/KIsQLQvTFO8bGObmizR9aEiiGjQhbJ00SxYtFmAE9bHo12ONZxHdPG4e4stkkUJa6Q7hxpAL8VKK5PtR0YcJHmwS3n9bvSLRlyloo3
.dash.cloudflare.com/ Name: __cfruid
Value: 7c4511c9de7c852d1e4a990a93252acf8a529f75-1693591576
.dash.cloudflare.com/ Name: _cfuvid
Value: fcwwDtSk9z.QFLWZWyei3Q71Mb_UH9Z7oKdzBjOviuo-1693591576616-0-604800000
.cn.pandora.net/ Name: __cf_bm
Value: uUXEPYXr.1hgWlYDd.8uX35mpttBzb7SMWsBE2Iz3rk-1693591576-0-AUyb1JXgmk72ZENqlKwjHVvQfK7bzATstTcb/sYoCbwyM8uWC05w4NB2Uqc3lRAiCMII4oAC1k743pCYrydwQDo=
.blog.cloudflare.com/ Name: __cf_bm
Value: 8MtpfmOukJyRHg3Y5E_jctVnb3ms..52phM_mk5p8_g-1693591576-0-AX5SsjQoTf6Dyi3polOY24XmdzH+nfoP4X5zC+vgIufFqycm5nbPhYAO3obkf4R6bdjNSBuYZrVb3RAdo0pEP3w=

47 Console Messages

Source Level URL
Text
security error URL: https://ps-script.vsebas.workers.dev/
Message:
Ignoring unrecogized 'integrity' attribute option 'x=asdas'.
network error URL: https://cf-malicious-test.domain.example/badthing.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://baeaweing.com/fadawoo.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://baefaweing.com/test.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://foo.cloudflare.com/foo.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sefjse.com/awdkja.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://en.wikipedia.org/x.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://1.1.1.1/site-16bcc13e690cc771698c.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://test2.page-shield.workers.dev/x.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://ps-script.vsebas.workers.dev/
Message:
Ignoring unrecogized 'integrity' attribute option 'x=asdas'.
security error URL: https://ps-script.vsebas.workers.dev/
Message:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js?x=asdas' with computed SHA-384 integrity '9/reFTGAW83EW2RDu2S0VKaIzap3H66lZH81PoYlFhbGU+6BZp6G7niu735Sk7lN'. The resource has been blocked.
network error URL: https://examples.page-shield.workers.dev/foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001fooboobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001bar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001obar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001bar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001r0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001bar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar000bar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001foobar0001.js
Message:
Failed to load resource: the server responded with a status of 500 ()
javascript error URL: https://ps-script.vsebas.workers.dev/
Message:
Access to script at 'https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.1.js' from origin 'https://ps-script.vsebas.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.1.js
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ps-script.vsebas.workers.dev/
Message:
Access to script at 'https://polinaryapp.com/21ecefdd84a1d2a730.js' from origin 'https://ps-script.vsebas.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://polinaryapp.com/21ecefdd84a1d2a730.js
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://dash.cloudflare.com/foo.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cn.pandora.net/_ws_sbu/sbu_hc.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://klarittyjoy.com/test.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.bing.com/da.js?cc=gb
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://new3.malicious.cf-malicious-test.domain.example.com/990.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.bing.com/foo.js?toWww=1&redig=568BDD718CAE4A0D96FC5A58684A2774
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://another.malicious.cf-malicious-test.domain.example.com/1.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://blog.cloudflare.com/foo.js/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://threat.malicious.cf-malicious-test.domain.example.com/1.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://malicious.cf-malicious-test.domain.example.com/1.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://example.com/2023.5.0.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cf-malicious-test.url.example.com/500.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cf-malicious-test.url.example.com/100.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cf-malicious-test.url.example.com/990.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cf-malicious-test.url.example.com/new3.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn.sub2tech.com/ccs//sub2_custom_cbv.js?r=36004
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ps-script.vsebas.workers.dev/cdn-cgi/challenge-platform/scripts/invisible.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://ps-script.vsebas.workers.dev/
Message:
Access to XMLHttpRequest at 'https://example.com/foo' from origin 'https://ps-script.vsebas.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://example.com/foo
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ps-script.vsebas.workers.dev/
Message:
Access to XMLHttpRequest at 'https://example.com/foo' from origin 'https://ps-script.vsebas.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://example.com/foo
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cf-malicious-test.domain.example.com/foo
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cf-malicious-test.domain.example.com/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cf-malicious-test.domain.example.com/foo
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cf-malicious-test.domain.example.com/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://hookb.in/nP7QwexB8BhZVG2ZLa0Y
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://hookb.in/barQwexB8BhZVG2ZLa0Y
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://hookb.in/connectionPath2023
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://hookb.in/connectionPath2?a=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://hookb.in/nP7QwexB8BhZVG2ZLa0Y
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://hookb.in/barQwexB8BhZVG2ZLa0Y
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

another.malicious.cf-malicious-test.domain.example.com
assets.api.useinsider.com
baeaweing.com
baefaweing.com
bing.co.uk
bing.com
blog.cloudflare.com
cdn.ckeditor.com
cdn.jsdelivr.net
cdn.sub2tech.com
cdnjs.cloudflare.com
ced-ns.sascdn.com
cf-malicious-test.domain.example
cf-malicious-test.domain.example.com
cf-malicious-test.url.example.com
cn.pandora.net
csp-prototype.page-shield.workers.dev
dash.cloudflare.com
en.wikipedia.org
example.com
examples.page-shield.workers.dev
foo.cloudflare.com
global.direct.asda.com
hookb.in
imgs.signifyd.com
klarittyjoy.com
malicious.cf-malicious-test.domain.example.com
new3.malicious.cf-malicious-test.domain.example.com
otvetstvennayaigra.betfair.com
polinaryapp.com
ps-script.vsebas.workers.dev
sefjse.com
stackpath.bootstrapcdn.com
static.atgsvcs.com
test2.page-shield.workers.dev
threat.malicious.cf-malicious-test.domain.example.com
useinsider.com
workers.cloudflare.com
workers.dev
www.americantourister.co.kr
www.bing.com
another.malicious.cf-malicious-test.domain.example.com
baeaweing.com
baefaweing.com
ced-ns.sascdn.com
cf-malicious-test.domain.example
cf-malicious-test.domain.example.com
cf-malicious-test.url.example.com
example.com
foo.cloudflare.com
hookb.in
malicious.cf-malicious-test.domain.example.com
new3.malicious.cf-malicious-test.domain.example.com
polinaryapp.com
sefjse.com
threat.malicious.cf-malicious-test.domain.example.com
1.1.1.1
104.17.233.12
104.17.95.20
104.19.154.16
204.79.197.219
205.234.175.175
23.209.233.112
2606:2800:220:1:248:1893:25c8:1946
2606:2800:234:305:1538:7d5:1af9:e7f
2606:4700:3035::6815:3e54
2606:4700:3035::ac43:bb76
2606:4700:4400::6812:228a
2606:4700:7::a29f:853d
2606:4700:7::a29f:863d
2606:4700::6810:5714
2606:4700::6810:8409
2606:4700::6811:190e
2606:4700::6811:6fb8
2606:4700::6812:1c07
2606:4700::6812:acf
2606:4700::6812:c0f
2620:1ec:c11::200
2a02:26f0:3100::1735:2b70
2a02:ec80:300:ed1a::1
2a06:98c1:3120::3
91.235.133.113
1a95c5e72dcd353cc2d1c4bc1e57062ff6f01e3d7b6720ab7af0de6924da5395
2545ce6ce7bb78184be698e6a97455ba061153d4bd122c5fe740fb4c17840801
43c201d2f72e351b4fcdc676a29bc1b25233047ec43af3161f8bb074e19ada10
4afa0afd3ce52d49b89f7b15a354423daa9a9003935b41f3c52cbbf9f8432b1f
4bbb990624b2a4a0a7206c70ca6ed2a82470dec17358d99ae81df54240f9334b
4cc47119fdcd69986bc537c3f32fcd1a2c84e145c1037b9d1f597e0a8f090d55
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
712da4ffb942e87da4129d246209cb397b7f04412906332b8ba87bf0df0dca2d
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
8d67fadec31f84edfd365b7a1ffb8335429a0fab142d1fc6bb2e7fd753f87088
a134fad8f844570dd4604166d4d93f29aa2275482e7dbb7557bb4c04c56a9366
a3394dac0f13468fa6520075e33464e3adaa33b221146b5d6b05d58cafe64201
cca73b5e8f7b1a1976c60afc2fe8ef02eb2ebfb951c0675431345f7ff3bfa107
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa17a8bb36e3b53ec3b55b141463cfaa6e036cf10c0dacf7d181fca83a6974f4
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f