urlscan.io logo urlscan.io
SecurityTrails logo

ipfs.io Open in urlscan Pro
2602:fea2:2::1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://xhenetazenelaj.repl.co/#OMv?cb=5Se1&VfDbGdT4R4ErD54tR1DtR=egold&moD=lQB&wE657UyRfVtO=freedomdebtrelief.com&Hy=9rkEH
Effective URL: https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/?pYhJWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3Rp...
Submission: On September 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 10 HTTP transactions. The main IP is 2602:fea2:2::1, located in United States and belongs to PROTOCOL, US. The main domain is ipfs.io. The Cisco Umbrella rank of the primary domain is 55820.
TLS certificate: Issued by R3 on August 26th 2023. Valid for: 3 months.
This is the only time ipfs.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Adobe (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 35.186.245.55 15169 (GOOGLE)
1 7 2602:fea2:2::1 40680 (PROTOCOL)
1 13.224.187.46 16509 (AMAZON-02)
1 2a02:4780:dea... 204915 (AWEX)
10 4
Apex Domain
Subdomains		 Transfer
7 ipfs.io
ipfs.io — Cisco Umbrella Rank: 55820
90 KB
2 repl.co
xhenetazenelaj.repl.co
7 KB
1 000webhostapp.com
windowofoppo.000webhostapp.com
243 B
1 adobelogin.com
static.adobelogin.com — Cisco Umbrella Rank: 28176
4 KB
10 4
Domain Requested by
7 ipfs.io 1 redirects xhenetazenelaj.repl.co
ipfs.io
2 xhenetazenelaj.repl.co xhenetazenelaj.repl.co
1 windowofoppo.000webhostapp.com ipfs.io
1 static.adobelogin.com ipfs.io
10 4

This site contains no links.

Subject Issuer Validity Valid
repl.co
GTS CA 1P5		 2023-08-21 -
2023-11-19		 3 months crt.sh
dweb.link
R3		 2023-08-26 -
2023-11-24		 3 months crt.sh
static.adobelogin.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-09 -
2024-07-09		 a year crt.sh
*.000webhostapp.com
RapidSSL TLS RSA CA G1		 2023-07-11 -
2024-08-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/?pYhJWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL=mEsRzEcDvfGbtHYRve&trexxx=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&trexxcoz=freedomdebtrelief.com&6574RGYEVD56YRH43RF32R4T35GGH53T4G5TR234TH6474RHUEGTINJRBRHUEGTR8OLIUK3EWF86JGTHY57UJ68IU76Y44TGE3T5Y4TH53T=4R35THRYRFT4R3Tb86KUJTYRHsPizePWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&coztrexx=egold&wfIUbh=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL
Frame ID: CAD8C68FBDFDFA5B03086EDC6F1AD6C6
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PDF Viewer

Page URL History Show full URLs

  1. https://xhenetazenelaj.repl.co/ Page URL
  2. https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su?pYhJWmqzIuScttBH7ktrRLBi... HTTP 301
    https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/?pYhJWmqzIuScttBH7ktrRLB... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

99 kB
Transfer

231 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://xhenetazenelaj.repl.co/ Page URL
  2. https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su?pYhJWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL=mEsRzEcDvfGbtHYRve&trexxx=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&trexxcoz=freedomdebtrelief.com&6574RGYEVD56YRH43RF32R4T35GGH53T4G5TR234TH6474RHUEGTINJRBRHUEGTR8OLIUK3EWF86JGTHY57UJ68IU76Y44TGE3T5Y4TH53T=4R35THRYRFT4R3Tb86KUJTYRHsPizePWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&coztrexx=egold&wfIUbh=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL HTTP 301
    https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/?pYhJWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL=mEsRzEcDvfGbtHYRve&trexxx=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&trexxcoz=freedomdebtrelief.com&6574RGYEVD56YRH43RF32R4T35GGH53T4G5TR234TH6474RHUEGTINJRBRHUEGTR8OLIUK3EWF86JGTHY57UJ68IU76Y44TGE3T5Y4TH53T=4R35THRYRFT4R3Tb86KUJTYRHsPizePWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&coztrexx=egold&wfIUbh=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
xhenetazenelaj.repl.co/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xhenetazenelaj.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.245.186.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=6305592; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-length
6720
content-type
text/html; charset=utf-8
date
Thu, 07 Sep 2023 17:15:55 GMT
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster
global
strict-transport-security
max-age=6305592; includeSubDomains
jQuery.js
xhenetazenelaj.repl.co/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://xhenetazenelaj.repl.co/jQuery.js
Requested by
Host: xhenetazenelaj.repl.co
URL: https://xhenetazenelaj.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.245.186.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=6305591; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xhenetazenelaj.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=6305591; includeSubDomains
date
Thu, 07 Sep 2023 17:15:55 GMT
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/html; charset=utf-8
Primary Request /
ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/
Redirect Chain
  • https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su?pYhJWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL...
  • https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/?pYhJWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cUR...
83 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/?pYhJWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL=mEsRzEcDvfGbtHYRve&trexxx=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&trexxcoz=freedomdebtrelief.com&6574RGYEVD56YRH43RF32R4T35GGH53T4G5TR234TH6474RHUEGTINJRBRHUEGTR8OLIUK3EWF86JGTHY57UJ68IU76Y44TGE3T5Y4TH53T=4R35THRYRFT4R3Tb86KUJTYRHsPizePWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&coztrexx=egold&wfIUbh=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL
Requested by
Host: xhenetazenelaj.repl.co
URL: https://xhenetazenelaj.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
f0981e6f104c6c7cc1be751bf0f8fe6d8dc75d8982699e66c1c49a07aba6de05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xhenetazenelaj.repl.co/#OMv?cb=5Se1&VfDbGdT4R4ErD54tR1DtR=egold&moD=lQB&wE657UyRfVtO=freedomdebtrelief.com&Hy=9rkEH
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-methods
GET HEAD OPTIONS GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
cache-control
public, max-age=29030400, immutable
content-encoding
gzip
content-type
text/html
date
Thu, 07 Sep 2023 17:15:55 GMT
etag
W/"Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su"
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
x-bfid
d9290e6c7e23f4fb864a74e034cd7562
x-ipfs-datasize
85054
x-ipfs-gateway-host
ipfs-bank12-fr2
x-ipfs-lb-pop
gateway-bank2-fr2
x-ipfs-path
/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/
x-ipfs-pop
ipfs-bank12-fr2
x-ipfs-roots
Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su
x-proxy-cache
MISS

Redirect headers

access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-methods
GET HEAD OPTIONS GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
content-length
834
content-type
text/html; charset=utf-8
date
Thu, 07 Sep 2023 17:15:55 GMT
location
/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/?pYhJWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL=mEsRzEcDvfGbtHYRve&trexxx=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&trexxcoz=freedomdebtrelief.com&6574RGYEVD56YRH43RF32R4T35GGH53T4G5TR234TH6474RHUEGTINJRBRHUEGTR8OLIUK3EWF86JGTHY57UJ68IU76Y44TGE3T5Y4TH53T=4R35THRYRFT4R3Tb86KUJTYRHsPizePWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&coztrexx=egold&wfIUbh=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
x-bfid
7a30d267a0c5462fdc93d542ecef07ad
x-ipfs-datasize
834
x-ipfs-gateway-host
ipfs-bank12-fr2
x-ipfs-lb-pop
gateway-bank2-fr2
x-ipfs-path
/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su
x-ipfs-pop
ipfs-bank12-fr2
x-ipfs-roots
Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su
x-proxy-cache
MISS
jquery.js
ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/jquery.js
Requested by
Host: xhenetazenelaj.repl.co
URL: https://xhenetazenelaj.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/?pYhJWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL=mEsRzEcDvfGbtHYRve&trexxx=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&trexxcoz=freedomdebtrelief.com&6574RGYEVD56YRH43RF32R4T35GGH53T4G5TR234TH6474RHUEGTINJRBRHUEGTR8OLIUK3EWF86JGTHY57UJ68IU76Y44TGE3T5Y4TH53T=4R35THRYRFT4R3Tb86KUJTYRHsPizePWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&coztrexx=egold&wfIUbh=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:15:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-ipfs-datasize
85578
x-ipfs-gateway-host
ipfs-bank14-fr2
x-ipfs-pop
ipfs-bank14-fr2
server
openresty
x-ipfs-lb-pop
gateway-bank2-fr2
x-ipfs-roots
Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su,QmYSoY817pbEsCjAGjtJWKnnmdCWuuyUAbfX8dXYUfDEKG
etag
W/"QmYSoY817pbEsCjAGjtJWKnnmdCWuuyUAbfX8dXYUfDEKG"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS, GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
cache-control
public, max-age=29030400, immutable
x-ipfs-path
/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/jquery.js
x-bfid
d4a7fe1ae74ef2f4e8c0b3d95a61eea9
timing-allow-origin
*
access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
x-proxy-cache
MISS
js.js
ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/js.js
Requested by
Host: xhenetazenelaj.repl.co
URL: https://xhenetazenelaj.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
c5a0be167f39d10b1bbbdb449c97e4103a2b191eb121895658e3909da3911b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/?pYhJWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL=mEsRzEcDvfGbtHYRve&trexxx=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&trexxcoz=freedomdebtrelief.com&6574RGYEVD56YRH43RF32R4T35GGH53T4G5TR234TH6474RHUEGTINJRBRHUEGTR8OLIUK3EWF86JGTHY57UJ68IU76Y44TGE3T5Y4TH53T=4R35THRYRFT4R3Tb86KUJTYRHsPizePWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&coztrexx=egold&wfIUbh=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:15:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-ipfs-datasize
6039
x-ipfs-gateway-host
ipfs-bank15-fr2
x-ipfs-pop
ipfs-bank15-fr2
server
openresty
x-ipfs-lb-pop
gateway-bank2-fr2
x-ipfs-roots
Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su,QmWdnuYLhYFgcFGzmBUnN2PaKnRnUfskqB9SqpAK7H3aif
etag
W/"QmWdnuYLhYFgcFGzmBUnN2PaKnRnUfskqB9SqpAK7H3aif"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS, GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
cache-control
public, max-age=29030400, immutable
x-ipfs-path
/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/js.js
x-bfid
f68a6442ec24aa587a5e0281f2ee785f
timing-allow-origin
*
access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
x-proxy-cache
MISS
jg.js
ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/ 		951 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/jg.js
Requested by
Host: xhenetazenelaj.repl.co
URL: https://xhenetazenelaj.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
9201f2ee02b6b642504b09f95e61a57a2bcff43e23c7d737473229e2e4f7d503
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/?pYhJWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL=mEsRzEcDvfGbtHYRve&trexxx=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&trexxcoz=freedomdebtrelief.com&6574RGYEVD56YRH43RF32R4T35GGH53T4G5TR234TH6474RHUEGTINJRBRHUEGTR8OLIUK3EWF86JGTHY57UJ68IU76Y44TGE3T5Y4TH53T=4R35THRYRFT4R3Tb86KUJTYRHsPizePWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&coztrexx=egold&wfIUbh=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:15:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-ipfs-datasize
951
x-ipfs-gateway-host
ipfs-bank5-fr2
x-ipfs-pop
ipfs-bank5-fr2
server
openresty
x-ipfs-lb-pop
gateway-bank2-fr2
x-ipfs-roots
Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su,QmRL3xdCcQRMP6ebGyeNxnG6GE7xLvS17cmyXCgfe7h8hY
etag
W/"QmRL3xdCcQRMP6ebGyeNxnG6GE7xLvS17cmyXCgfe7h8hY"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS, GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
cache-control
public, max-age=29030400, immutable
x-ipfs-path
/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/jg.js
x-bfid
cff7442ef1d9c815e48662cfa0557fb6
timing-allow-origin
*
access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
x-proxy-cache
MISS
js1.js
ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/js1.js
Requested by
Host: xhenetazenelaj.repl.co
URL: https://xhenetazenelaj.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
4050919fd9513ee85741701d19fea6b834122607a8db3d92eff88e421eec11ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/?pYhJWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL=mEsRzEcDvfGbtHYRve&trexxx=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&trexxcoz=freedomdebtrelief.com&6574RGYEVD56YRH43RF32R4T35GGH53T4G5TR234TH6474RHUEGTINJRBRHUEGTR8OLIUK3EWF86JGTHY57UJ68IU76Y44TGE3T5Y4TH53T=4R35THRYRFT4R3Tb86KUJTYRHsPizePWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&coztrexx=egold&wfIUbh=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:15:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-ipfs-datasize
1869
x-ipfs-gateway-host
ipfs-bank6-fr2
x-ipfs-pop
ipfs-bank6-fr2
server
openresty
x-ipfs-lb-pop
gateway-bank2-fr2
x-ipfs-roots
Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su,QmTxK3F52d8crZ2wZgWfBa9ErEWsQTXcF97Dfh9NcWy5cZ
etag
W/"QmTxK3F52d8crZ2wZgWfBa9ErEWsQTXcF97Dfh9NcWy5cZ"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS, GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
cache-control
public, max-age=29030400, immutable
x-ipfs-path
/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/js1.js
x-bfid
8680eda0cfba0d9fc04ab2abe4fef037
timing-allow-origin
*
access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
x-proxy-cache
HIT
4x_817cf14a2f3fcff4ee6d4e35c5026779.png
static.adobelogin.com/clients/virgoweb-2020/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adobelogin.com/clients/virgoweb-2020/4x_817cf14a2f3fcff4ee6d4e35c5026779.png
Requested by
Host: ipfs.io
URL: https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/?pYhJWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL=mEsRzEcDvfGbtHYRve&trexxx=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&trexxcoz=freedomdebtrelief.com&6574RGYEVD56YRH43RF32R4T35GGH53T4G5TR234TH6474RHUEGTINJRBRHUEGTR8OLIUK3EWF86JGTHY57UJ68IU76Y44TGE3T5Y4TH53T=4R35THRYRFT4R3Tb86KUJTYRHsPizePWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&coztrexx=egold&wfIUbh=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.187.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-187-46.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf2c42990195a30809f22c5097c932f55e458d68220a542d1260a62e07fd23c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ipfs.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 07 Sep 2023 15:29:30 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
last-modified
Thu, 10 Jun 2021 12:31:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
6391
etag
"25bd761418173f99a652f875fae7e82c"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3484
x-amz-cf-id
WKPjJ8cPQoebBeNScW3uEU05z1lfybwb43kQQhRA9EtvoUx3tCL5sg==
7dHA6V2.jpg
ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/7dHA6V2.jpg
Requested by
Host: ipfs.io
URL: https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/?pYhJWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL=mEsRzEcDvfGbtHYRve&trexxx=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&trexxcoz=freedomdebtrelief.com&6574RGYEVD56YRH43RF32R4T35GGH53T4G5TR234TH6474RHUEGTINJRBRHUEGTR8OLIUK3EWF86JGTHY57UJ68IU76Y44TGE3T5Y4TH53T=4R35THRYRFT4R3Tb86KUJTYRHsPizePWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&coztrexx=egold&wfIUbh=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
2d9b3835ce3a659c907acd33d613bab446a7894f108dddca2f2d1407263cd2d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/?pYhJWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL=mEsRzEcDvfGbtHYRve&trexxx=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&trexxcoz=freedomdebtrelief.com&6574RGYEVD56YRH43RF32R4T35GGH53T4G5TR234TH6474RHUEGTINJRBRHUEGTR8OLIUK3EWF86JGTHY57UJ68IU76Y44TGE3T5Y4TH53T=4R35THRYRFT4R3Tb86KUJTYRHsPizePWmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL&coztrexx=egold&wfIUbh=WmqzIuScttBH7ktrRLBijlOWY6q6hDdljjSF3RpLBhU5MPpHDHgLSCHuCEBx2SqsKZTCZxmgkvkModHqHwHhqjUwAih10GG5RpQmXVGaMi3yv0s0qEKif4dn2cURL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:15:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-ipfs-datasize
47302
x-ipfs-gateway-host
ipfs-bank4-fr2
content-length
47302
x-ipfs-pop
ipfs-bank4-fr2
server
openresty
x-ipfs-lb-pop
gateway-bank2-fr2
x-ipfs-roots
Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su,QmZbRS14yS4AKUPx37iwKXMsorfQpTEKyMNPMvToYTcHnv
etag
"QmZbRS14yS4AKUPx37iwKXMsorfQpTEKyMNPMvToYTcHnv"
x-bfid
75fe161e4659dd62385a6e2ef3acce51
access-control-allow-methods
GET, HEAD, OPTIONS, GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
cache-control
public, max-age=29030400, immutable
x-ipfs-path
/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/7dHA6V2.jpg
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
x-proxy-cache
HIT
chkdsk.php
windowofoppo.000webhostapp.com/ 		17 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://windowofoppo.000webhostapp.com/chkdsk.php
Requested by
Host: ipfs.io
URL: https://ipfs.io/ipfs/Qmd2b6gmmFq5rLDHWrjUmCcfD18LXP3rKzmbhKQ9e1g8Su/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:29e4::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
4e17a9c5bfc4998daf931d9c5fe88a8702a8ae65be78cde986f3d127c7a296d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ipfs.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 07 Sep 2023 17:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
awex
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-request-id
216a22a2c549a0006e15266ad5e3ec7b

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Adobe (Consumer)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery object| _$_8b0d function| mary object| _$_bfca object| _$_4a2d string| domain string| newPageTitle

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://xhenetazenelaj.repl.co/jQuery.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=6305592; includeSubDomains