antilegal.xyz Open in urlscan Pro
2606:4700:20::ac43:485b  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response antilegal.xyz/	2 KB 1 KB	138ms 87ms	Document text/html	2606:4700:20::ac43:485b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://antilegal.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:485b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a260b00dc688124315d12a1995fe65f996e71956fb67380c39d80231f51beb3c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 892fdde888439f3c-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 13 Jun 2024 06:01:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8zmplp7URrB5SZ2D%2F7RfIiwr75Cc39uPKD0tXjlhD6EiFdorgUe2mMjD1aWOH5wMw3yE4eThoHLq3nVV4GO9tHDRPlB8CkrrGiSNbeR2fR2VqPNViW0IT2O6l01nm5tD279KdALmSjhpNus%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	css2 fonts.googleapis.com/	2 KB 986 B	36ms 15ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Bricolage+Grotesque:opsz,wght@12..96,200..800&display=swap Requested by Host: antilegal.xyz URL: https://antilegal.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 57467deb373351f56089eec84b102c78f5c3bf9cb592403806c42e545afb63a9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Thu, 13 Jun 2024 06:01:34 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 13 Jun 2024 06:01:21 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 13 Jun 2024 06:01:34 GMT
GET H3	200	index-oNFtaUn1.js Show response antilegal.xyz/assets/	859 KB 256 KB	173ms 172ms	Script application/javascript	2606:4700:20::ac43:485b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://antilegal.xyz/assets/index-oNFtaUn1.js Requested by Host: antilegal.xyz URL: https://antilegal.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:485b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dcb39ca8647bc0ab564842a000c91f19a40c2474718d8d1d4396e555ff42be38 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Origin https://antilegal.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:01:35 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 12 Jun 2024 21:54:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eryuPz0Zig%2F6lhh7bL2058hED0QMfDQumMMiwdepqZTUQ8ThaP1qcAWkEeLJoOZ1UnUK%2Fiak3T25o4dkdVvPBTrhdRNspKJdjqZ53I1o5dB6f%2B5FGkbjtsLnEBCuNF7zfQcQASFFsIHHpFc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 892fdde918dd9f3c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	index-CSeDjF6Q.css antilegal.xyz/assets/	52 KB 9 KB	108ms 108ms	Stylesheet text/css	2606:4700:20::ac43:485b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://antilegal.xyz/assets/index-CSeDjF6Q.css Requested by Host: antilegal.xyz URL: https://antilegal.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:485b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a8ccd11c1a455b986ed6819946fa14f87c91e88af0d13f039e42314b82d38c5 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Origin https://antilegal.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:01:34 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 12 Jun 2024 21:54:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mZMfgpaeyj1aPHr2Sez3FUbA6TODYRsqiLbtaYLG7SRN%2FHOZFw9AbMgx3pQAKpX1zMPCwvbEuwmD6fwFK89r47hBS%2BFDNvXcefLjgvKuFRFhPABcDdW1mwmtu5CJiW2ELbMv67H2WP7YRVQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 892fdde918de9f3c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	l.js Show response client.crisp.chat/	8 KB 4 KB	45ms 22ms	Script application/javascript	2606:4700::6812:1c68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/l.js Requested by Host: antilegal.xyz URL: https://antilegal.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1c68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c465346b51857141127bedbe5725a72c8edfed26d6a38d840e1b721bbbc4ab5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:01:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 77106 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3430 last-modified Thu, 24 Aug 2023 11:12:52 GMT server cloudflare etag W/"64e73b34-217d" access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 access-control-allow-credentials false vary Accept-Encoding accept-ranges bytes cf-ray 892fdde9fff79972-FRA access-control-allow-headers Content-Type, Origin expires Fri, 14 Jun 2024 06:01:35 GMT
GET H3	200	client.js Show response client.crisp.chat/static/javascripts/	445 KB 132 KB	24ms 24ms	Script application/javascript	2606:4700::6812:1c68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/static/javascripts/client.js?3654117 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/l.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1c68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3559ae69ab17d03a5eb05ac06172010e9f692148a70cfa2cc53c2d119318d795 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:01:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 77106 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Thu, 24 Aug 2023 11:12:52 GMT server cloudflare etag W/"64e73b34-6f47a" access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=315360000 access-control-allow-credentials false vary Accept-Encoding cf-ray 892fddea18129972-FRA access-control-allow-headers Content-Type, Origin expires Sun, 11 Jun 2034 06:01:35 GMT
GET H3	200	client_default.css client.crisp.chat/static/stylesheets/	432 KB 74 KB	18ms 18ms	Stylesheet text/css	2606:4700::6812:1c68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/static/stylesheets/client_default.css?3654117 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/l.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1c68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b106b4c5b1be4fb5bdf7670f5118a0fa7b10b62c4ddf69fe07d05b6897bc8556 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:01:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 77106 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Tue, 11 Jun 2024 08:35:32 GMT server cloudflare etag W/"66680c54-6bf5a" access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type text/css access-control-allow-origin * cache-control public, max-age=315360000 access-control-allow-credentials false vary Accept-Encoding cf-ray 892fddea18159972-FRA access-control-allow-headers Content-Type, Origin expires Sun, 11 Jun 2034 06:01:35 GMT
GET H3	200	general Show response stores-api.billgang.com/shops/antilegal.xyz/	427 B 786 B	83ms 56ms	Fetch application/json	2606:4700:20::681a:2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stores-api.billgang.com/shops/antilegal.xyz/general Requested by Host: antilegal.xyz URL: https://antilegal.xyz/assets/index-oNFtaUn1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee27a4cf41ca910f47e54eb63a1aec01034fa100f2234a5b84aef77918490ac1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:01:35 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-response-time-ms 24 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sZbnhVYt11Pw6hx%2FtynDQeCCSYKPAeAaLkvLNbxgSLvFEMkCl8EwnKnrqmcdA9Zjx8wcIqoymhS3wJEF1qACI0XACFZn0BPkMEQd%2BrGSSL%2BsLDQEXQ1jo2c%2Bekxp7gsx%2FQWTsKf8vT2Iy7hvwL4R0sBbLRY%2B"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 892fddeaf8b83641-FRA alt-svc h3=":443"; ma=86400
GET H3	200	settings Show response stores-api.billgang.com/shops/antilegal.xyz/	3 KB 2 KB	84ms 58ms	Fetch application/json	2606:4700:20::681a:2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stores-api.billgang.com/shops/antilegal.xyz/settings Requested by Host: antilegal.xyz URL: https://antilegal.xyz/assets/index-oNFtaUn1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66d6904a092a896a694ff597e122d09763e99358ffbd3d169e0115c5f8b05883 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:01:35 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-response-time-ms 24 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=emseUAFiFvCddpz8Cza3qtcjTj8jj%2BbQKQfnoBgFGnRT8JlVIP2Qt2qvotYBCXmRzhVWgNVIQKrrO2XYYjyugsXD6cCtQ0D9AhthK9B47GLLEgp%2F2jShTGBzjDky5%2BukVIoVHZ6ODoXz6b59w8g6SJ%2Brt44r"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 892fddeaf8b53641-FRA alt-svc h3=":443"; ma=86400
GET H3	200	/ Show response client.crisp.chat/settings/website/8bc6ef9a-c31b-42d4-b0fb-083c90213b10/prelude/	214 B 531 B	76ms 76ms	Script application/javascript	2606:4700::6812:1c68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/settings/website/8bc6ef9a-c31b-42d4-b0fb-083c90213b10/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2024-5-13-8-1 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/static/javascripts/client.js?3654117 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1c68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e6c348383f2fccbecd9d562fa9662ac5f6e9d749c4d520ca8d523e75a183fe6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:01:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 173 last-modified Thu, 13 Jun 2024 06:01:35 GMT server cloudflare access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 access-control-allow-credentials false vary Accept-Encoding accept-ranges bytes cf-ray 892fddeae9129972-FRA access-control-allow-headers Content-Type, Origin expires Thu, 13 Jun 2024 10:01:35 GMT
GET H3	200	w=100 imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/8a538ac7-f924-4990-66fc-ecd1786dc100/	3 KB 3 KB	52ms 28ms	Other image/avif	2606:4700::6812:224 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/8a538ac7-f924-4990-66fc-ecd1786dc100/w=100 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:224 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f13d2f1c3756deab8bcc013492b0360a3677bf811524939c34de12d3b00c94ef Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers cf-images internal=ok/- q=0 n=26+0 c=14+67 v=2024.6.0 l=3047 date Thu, 13 Jun 2024 06:01:35 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT alt-svc h3=":443"; ma=86400 content-length 3047 cf-bgj imgq:85,h2pri server cloudflare etag "cfY7Eu4z8IWaxXPGsVqqg30X-RNEWuYOetQxiZZywEDQ" vary Accept, Accept-Encoding content-type image/avif access-control-allow-origin * cache-control public,max-age=172800,stale-while-revalidate=7200 accept-ranges bytes cf-ray 892fddeb1de29171-FRA
GET H3	200	iconSprite.svg antilegal.xyz/	21 KB 7 KB	109ms 109ms	Other image/svg+xml	2606:4700:20::ac43:485b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://antilegal.xyz/iconSprite.svg Requested by Host: antilegal.xyz URL: https://antilegal.xyz/assets/index-oNFtaUn1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:485b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f94547f911fafb348945a99d496d0c0a030b21d689ca9bffa8a1767359c039bf Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:01:35 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 12 Jun 2024 21:54:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2qXuYlOeU0%2F1I2kQlM6iwZSlc0pFzyV4xokAUr%2FoHhmUse6JCoge81q%2B2Iu9FO6ysvPxPslsl5bqn%2BnDUR8C1D78o5bKNFwnqJSmq4F0kT%2FefHVPkZwkKtKIWL1zoEVPILHWFIhh7GVl180%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 892fddeb6b899f3c-FRA alt-svc h3=":443"; ma=86400
GET H3	200	%2F Show response stores-api.billgang.com/shops/antilegal.xyz/	7 KB 3 KB	246ms 246ms	Fetch application/json	2606:4700:20::681a:2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stores-api.billgang.com/shops/antilegal.xyz/%2F Requested by Host: antilegal.xyz URL: https://antilegal.xyz/assets/index-oNFtaUn1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fca17a72159cf1f87a076e02d2778e715a857cd44f9e25510c2e488c33e4135 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:01:35 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-response-time-ms 219 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TXFbDPlvD654DcfoBwNzAl9Jj1e5Nt86GfvDeEFa1b13dAumdXz0EdorxCYr2xYYIFNRYZJN0IFIcZFuuo7YqQb5FlHlZTCuahsRtMbCzieV3Sucym7MoOv%2BoRKgAeY5o%2FcoC7sMRg7VtPSmUOiE%2B%2FgHZuh5"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 892fddeb79493641-FRA alt-svc h3=":443"; ma=86400
POST H3	200	p Show response t-api.billgang.com/12a80921-877d-4540-b6c6-3977162abf75/t/	54 B 477 B	54ms 43ms	Fetch application/json	2606:4700:20::681a:2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t-api.billgang.com/12a80921-877d-4540-b6c6-3977162abf75/t/p Requested by Host: antilegal.xyz URL: https://antilegal.xyz/assets/index-oNFtaUn1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10229f3a1796f8f3b68c493f92623ce977df7a520246be5382e928297c508bb4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:01:35 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pfMCrcWwEIqjBopy9%2B7xMn590ub6r4yTQ7OvvgnDOmESCaYn7IARAmsBnd87b0C%2F6Ro8EqtTkjOG3Rz%2BicDlxaq8KkZRi5l2urolUc6fLrbUOcnN1n6NP2u0x4uT4tzFmXPD25jk8NEZbcajeSQ%2B7Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 892fddeb89633641-FRA alt-svc h3=":443"; ma=86400
GET H2	200	3y9K6as8bTXq_nANBjzKo3IeZx8z6up5BeSl9D4dj_x9PpZBMlGIInE.woff2 fonts.gstatic.com/s/bricolagegrotesque/v2/	77 KB 78 KB	33ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/bricolagegrotesque/v2/3y9K6as8bTXq_nANBjzKo3IeZx8z6up5BeSl9D4dj_x9PpZBMlGIInE.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Bricolage+Grotesque:opsz,wght@12..96,200..800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87dd7a40f7e7b3a454c2936f4c657a8c64cb8eabf626b2a96c130f537100fd0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://antilegal.xyz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 11 Jun 2024 11:14:59 GMT x-content-type-options nosniff age 153996 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78872 x-xss-protection 0 last-modified Tue, 12 Sep 2023 21:32:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 11 Jun 2025 11:14:59 GMT
GET H3	200	w=500 imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/8a538ac7-f924-4990-66fc-ecd1786dc100/	28 KB 28 KB	25ms 25ms	Image image/avif	2606:4700::6812:224 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/8a538ac7-f924-4990-66fc-ecd1786dc100/w=500 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:224 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ea5e88e58b340b38959ed173de4d7f3c3a800a3e27fe19b7ed71ab697451c2c Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers cf-images internal=ok/- q=0 n=546+263 c=0+0 v=2024.6.0 l=28678 date Thu, 13 Jun 2024 06:01:35 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT alt-svc h3=":443"; ma=86400 content-length 28678 cf-bgj imgq:85,h2pri server cloudflare etag "cfY7Eu4z8IWaxXPGsVqqg30X-Rhi8yaH7pEf2-gNpVDQ" vary Accept, Accept-Encoding content-type image/avif access-control-allow-origin * cache-control public,max-age=172800,stale-while-revalidate=7200 accept-ranges bytes cf-ray 892fddeb7e519171-FRA
GET H3	200	w=150 imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/8a538ac7-f924-4990-66fc-ecd1786dc100/	5 KB 6 KB	32ms 32ms	Image image/avif	2606:4700::6812:224 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/8a538ac7-f924-4990-66fc-ecd1786dc100/w=150 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:224 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 980e5111da467d96fd8852c2c97957008da59f85ab9590940e3b7c7a0a07157a Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers cf-images internal=ok/- q=0 n=33+0 c=12+91 v=2024.6.0 l=5370 date Thu, 13 Jun 2024 06:01:35 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT alt-svc h3=":443"; ma=86400 content-length 5370 cf-bgj imgq:85,h2pri server cloudflare etag "cfY7Eu4z8IWaxXPGsVqqg30X-Rr3a4R_Tyycf9pL2QDQ" vary Accept, Accept-Encoding content-type image/avif access-control-allow-origin * cache-control public,max-age=172800,stale-while-revalidate=7200 accept-ranges bytes cf-ray 892fddeb7e529171-FRA
POST H3	200	s Show response t-api.billgang.com/12a80921-877d-4540-b6c6-3977162abf75/t/p/822f9a11-0026-4dca-ac40-1a66612ceccf/	54 B 479 B	33ms 33ms	Fetch application/json	2606:4700:20::681a:2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t-api.billgang.com/12a80921-877d-4540-b6c6-3977162abf75/t/p/822f9a11-0026-4dca-ac40-1a66612ceccf/s Requested by Host: antilegal.xyz URL: https://antilegal.xyz/assets/index-oNFtaUn1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9d21f28e617ecefa186597231e58403a363e9ece26a78e42ccb722a0732c69f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:01:35 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OwiDmzvS8HYVBm2%2FA0KibTyP5DQ5d6rIcxVlZEXZHJxcB67x5EV4%2F2VheBbGeYiurLh%2B4w1gMvxMqdzdM7KbmAzD1nKmfZ2qykfif26qo4TTR8tHeIgmHdFIDyGc94RfWq7Gdw%2BrhteSzw0lFw2pDw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 892fddebc9ae3641-FRA alt-svc h3=":443"; ma=86400
POST H3	200	e Show response t-api.billgang.com/12a80921-877d-4540-b6c6-3977162abf75/t/p/822f9a11-0026-4dca-ac40-1a66612ceccf/s/ecbb1210-724b-4b18-8f04-510763c5621a/	54 B 485 B	70ms 70ms	Fetch application/json	2606:4700:20::681a:2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t-api.billgang.com/12a80921-877d-4540-b6c6-3977162abf75/t/p/822f9a11-0026-4dca-ac40-1a66612ceccf/s/ecbb1210-724b-4b18-8f04-510763c5621a/e Requested by Host: antilegal.xyz URL: https://antilegal.xyz/assets/index-oNFtaUn1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca117c73d731a17b42777478bc3dcd31126e9360aa00bbc702dcf25483be653f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Response headers date Thu, 13 Jun 2024 06:01:35 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=phCZwwJG%2BP5fhVP%2FQpOd3qk8ocqFC2rStyhZVuZ7ehF4kw36M39E7nA2sQiY8L%2BkEqdqC6HqK3qPEsLS19l%2FsNN%2FQXAveooFCp%2FVIUjQKBG%2Fov5UPl8j0sNmG75FvHKRna2DWtu%2F6gyB9tH6v5GXtQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 892fddec3a233641-FRA alt-svc h3=":443"; ma=86400
OPTIONS H3	204	e t-api.billgang.com/12a80921-877d-4540-b6c6-3977162abf75/t/p/822f9a11-0026-4dca-ac40-1a66612ceccf/s/ecbb1210-724b-4b18-8f04-510763c5621a/	0 0	30ms 30ms	Preflight	2606:4700:20::681a:2a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t-api.billgang.com/12a80921-877d-4540-b6c6-3977162abf75/t/p/822f9a11-0026-4dca-ac40-1a66612ceccf/s/ecbb1210-724b-4b18-8f04-510763c5621a/e Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:2a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://antilegal.xyz Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 892fddec09f33641-FRA date Thu, 13 Jun 2024 06:01:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Etr4bpFQGVEjVgJB9zN%2B91aatV5HXGewoG1YQhnl0h2zpddvMJ5XVg7B%2Br0A%2Fmwda%2FmIIroUZSIWvS1ibl%2BIxjyTeYCCqsksoeRvwRdqneE8YFNGDs9ZS9X32765xV71zOgmizxPeJBW0hsMQiKaDw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	w=1280 imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/0211c026-1366-4a05-9ed7-10a613377200/	28 KB 28 KB	60ms 59ms	Image image/avif	2606:4700::6812:224 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/0211c026-1366-4a05-9ed7-10a613377200/w=1280 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:224 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5f6aa61d2cb55f84e46840143e7e53263ce4937e9756291c5b4b2d8e2f12847 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers cf-images internal=ok/- q=0 n=1372+236 c=0+0 v=2024.6.0 l=28309 date Thu, 13 Jun 2024 06:01:35 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT alt-svc h3=":443"; ma=86400 content-length 28309 cf-bgj imgq:85,h2pri server cloudflare etag "cfCNJ1bQY3k_sGKdoCc0NpmM4qcqc3DLOvoRahjW0mDQ" vary Accept, Accept-Encoding content-type image/avif access-control-allow-origin * cache-control public,max-age=172800,stale-while-revalidate=7200 accept-ranges bytes cf-ray 892fdded0fa29171-FRA
GET H3	200	w=1440 imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/97684ebe-51e7-4556-d5d6-d087d2e8bf00/	2 KB 2 KB	30ms 29ms	Image image/avif	2606:4700::6812:224 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/97684ebe-51e7-4556-d5d6-d087d2e8bf00/w=1440 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:224 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15c8fb30cf686adacf096832012403054b659c5484e44586dbf2d8d87cdd584d Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers cf-images internal=ok/- q=0 n=987+0 c=0+40 v=2024.6.0 l=2181 date Thu, 13 Jun 2024 06:01:35 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT alt-svc h3=":443"; ma=86400 content-length 2181 cf-bgj imgq:85,h2pri server cloudflare etag "cfHPVp8hl2nj33CSIbwE7E-eiH8zUXQujaPvHIKoSEDQ" vary Accept, Accept-Encoding content-type image/avif access-control-allow-origin * cache-control public,max-age=172800,stale-while-revalidate=7200 accept-ranges bytes cf-ray 892fdded0fa39171-FRA
GET H3	200	w=1440 imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/21e3118b-f88a-4878-e70c-35860a36d800/	2 KB 3 KB	24ms 24ms	Image image/avif	2606:4700::6812:224 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/21e3118b-f88a-4878-e70c-35860a36d800/w=1440 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:224 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4df1932b8e0d106c32a011009d0a8beed4d439d9934656e0a8cc49ee2fa972d Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers cf-images internal=ok/- q=0 n=500+0 c=0+24 v=2024.6.0 l=2490 date Thu, 13 Jun 2024 06:01:35 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT alt-svc h3=":443"; ma=86400 content-length 2490 cf-bgj imgq:85,h2pri server cloudflare etag "cf00L6_Cp6vjHE6WV_aJdXTQEE8zUXQujaPvHIKoSEDQ" vary Accept, Accept-Encoding content-type image/avif access-control-allow-origin * cache-control public,max-age=172800,stale-while-revalidate=7200 accept-ranges bytes cf-ray 892fdded0fa49171-FRA
GET H3	200	w=1440 imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/428b9dec-9a32-4788-a64a-5dc998d67800/	2 KB 2 KB	26ms 26ms	Image image/avif	2606:4700::6812:224 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/428b9dec-9a32-4788-a64a-5dc998d67800/w=1440 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:224 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7175adbb2e2f01e86f512f81ba026cdfdadaa0c8b88ee8328e2b6c84b229a2c Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers cf-images internal=ok/- q=0 n=237+0 c=0+29 v=2024.6.0 l=1867 date Thu, 13 Jun 2024 06:01:35 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT alt-svc h3=":443"; ma=86400 content-length 1867 cf-bgj imgq:85,h2pri server cloudflare etag "cfhZ2_q1zJpAfuQffdGOBOricG8zUXQujaPvHIKoSEDQ" vary Accept, Accept-Encoding content-type image/avif access-control-allow-origin * cache-control public,max-age=172800,stale-while-revalidate=7200 accept-ranges bytes cf-ray 892fdded0fa59171-FRA
GET H3	200	w=1440 imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7756445f-b399-43d1-9f52-4ceba84e1100/	4 KB 5 KB	28ms 28ms	Image image/avif	2606:4700::6812:224 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/7756445f-b399-43d1-9f52-4ceba84e1100/w=1440 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:224 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01d25ef75b855994d470a9a7de58e2ddbdb37604f2c21a55872717d1056cf796 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers cf-images internal=ok/- q=0 n=23+0 c=0+27 v=2024.6.0 l=4489 date Thu, 13 Jun 2024 06:01:35 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT alt-svc h3=":443"; ma=86400 content-length 4489 cf-bgj imgq:85,h2pri server cloudflare etag "cf7sfJ2roOYhNOqRaoocRL6_yI8zUXQujaPvHIKoSEDQ" vary Accept, Accept-Encoding content-type image/avif access-control-allow-origin * cache-control public,max-age=172800,stale-while-revalidate=7200 accept-ranges bytes cf-ray 892fdded0fa69171-FRA
GET H3	200	/ Show response client.crisp.chat/settings/website/8bc6ef9a-c31b-42d4-b0fb-083c90213b10/	2 KB 1 KB	20ms 20ms	Script application/javascript	2606:4700::6812:1c68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/settings/website/8bc6ef9a-c31b-42d4-b0fb-083c90213b10/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1718070095408 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/static/javascripts/client.js?3654117 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1c68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b472c6f29394d26e1f1d0e4eac713d2ddfc34dc887af0494bae2283e9015dcf6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:01:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 10547 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 890 last-modified Thu, 13 Jun 2024 03:05:48 GMT server cloudflare access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 access-control-allow-credentials false vary Accept-Encoding accept-ranges bytes cf-ray 892fdded9b829972-FRA access-control-allow-headers Content-Type, Origin expires Thu, 13 Jun 2024 10:01:35 GMT
GET H3	200	en.js Show response client.crisp.chat/static/javascripts/locales/	9 KB 4 KB	19ms 19ms	Script application/javascript	2606:4700::6812:1c68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/static/javascripts/locales/en.js?3654117 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/static/javascripts/client.js?3654117 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:1c68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1dc5b8a83469caee70c6cd03361f65c980e2bbd5fcb9aa4ea0bfccc3b8746f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://antilegal.xyz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 13 Jun 2024 06:01:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 77104 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3612 last-modified Tue, 08 Aug 2023 12:01:16 GMT server cloudflare etag W/"64d22e8c-250b" access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=315360000 access-control-allow-credentials false vary Accept-Encoding accept-ranges bytes cf-ray 892fddedcbaa9972-FRA access-control-allow-headers Content-Type, Origin expires Sun, 11 Jun 2034 06:01:35 GMT
GET DATA	200 OK	truncated /	881 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| $crisp string| CRISP_WEBSITE_ID object| d object| s boolean| $__CRISP_INCLUDED object| $__CRISP_INSTANCE

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.antilegal.xyz/	1970-01-21 01:40:26	Name: crisp-client%2Fsession%2F8bc6ef9a-c31b-42d4-b0fb-083c90213b10 Value: session_90e9fa48-cbfd-4df9-951d-46416432db6b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

antilegal.xyz
client.crisp.chat
fonts.googleapis.com
fonts.gstatic.com
imagedelivery.net
stores-api.billgang.com
t-api.billgang.com
2606:4700:20::681a:2a
2606:4700:20::ac43:485b
2606:4700::6812:1c68
2606:4700::6812:224
2a00:1450:4001:80f::2003
2a00:1450:4001:827::200a
01d25ef75b855994d470a9a7de58e2ddbdb37604f2c21a55872717d1056cf796
0ea5e88e58b340b38959ed173de4d7f3c3a800a3e27fe19b7ed71ab697451c2c
10229f3a1796f8f3b68c493f92623ce977df7a520246be5382e928297c508bb4
15c8fb30cf686adacf096832012403054b659c5484e44586dbf2d8d87cdd584d
1a8ccd11c1a455b986ed6819946fa14f87c91e88af0d13f039e42314b82d38c5
3559ae69ab17d03a5eb05ac06172010e9f692148a70cfa2cc53c2d119318d795
57467deb373351f56089eec84b102c78f5c3bf9cb592403806c42e545afb63a9
66d6904a092a896a694ff597e122d09763e99358ffbd3d169e0115c5f8b05883
7e6c348383f2fccbecd9d562fa9662ac5f6e9d749c4d520ca8d523e75a183fe6
87dd7a40f7e7b3a454c2936f4c657a8c64cb8eabf626b2a96c130f537100fd0e
8c465346b51857141127bedbe5725a72c8edfed26d6a38d840e1b721bbbc4ab5
8fca17a72159cf1f87a076e02d2778e715a857cd44f9e25510c2e488c33e4135
980e5111da467d96fd8852c2c97957008da59f85ab9590940e3b7c7a0a07157a
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
a260b00dc688124315d12a1995fe65f996e71956fb67380c39d80231f51beb3c
a4df1932b8e0d106c32a011009d0a8beed4d439d9934656e0a8cc49ee2fa972d
a9d21f28e617ecefa186597231e58403a363e9ece26a78e42ccb722a0732c69f
b106b4c5b1be4fb5bdf7670f5118a0fa7b10b62c4ddf69fe07d05b6897bc8556
b472c6f29394d26e1f1d0e4eac713d2ddfc34dc887af0494bae2283e9015dcf6
ca117c73d731a17b42777478bc3dcd31126e9360aa00bbc702dcf25483be653f
d1dc5b8a83469caee70c6cd03361f65c980e2bbd5fcb9aa4ea0bfccc3b8746f9
dcb39ca8647bc0ab564842a000c91f19a40c2474718d8d1d4396e555ff42be38
e5f6aa61d2cb55f84e46840143e7e53263ce4937e9756291c5b4b2d8e2f12847
e7175adbb2e2f01e86f512f81ba026cdfdadaa0c8b88ee8328e2b6c84b229a2c
ee27a4cf41ca910f47e54eb63a1aec01034fa100f2234a5b84aef77918490ac1
f13d2f1c3756deab8bcc013492b0360a3677bf811524939c34de12d3b00c94ef
f94547f911fafb348945a99d496d0c0a030b21d689ca9bffa8a1767359c039bf