0lx.5265449.xyz Open in urlscan Pro
104.21.11.35  Malicious Activity! Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 5 Show response 0lx.5265449.xyz/tllg3ehs/IRGc35/	76 KB 16 KB	314ms 246ms	Document text/html	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e070f19126e784fe59f71fa9bb82ef3488157d97138a316338a553cdbdfe313 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language pl-PL,pl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, private cf-cache-status DYNAMIC cf-ray 7aefc11bde0fbf26-WAW content-encoding br content-type text/html; charset=UTF-8 date Tue, 28 Mar 2023 12:07:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUiSh9BJ1PMVPKoXczQc3q06gE%2BlRIU86k8%2F%2BlnMaByWK0mUPH8qY5d8kQhPNSaQke2h4UkMpIkVFNP8dFDNtR6mPmnKQAhP6y03Abb4dhpjisPACoQN0gP0pB%2BMjcjQ2fI%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	app.css 0lx.5265449.xyz/css/	97 KB 15 KB	39ms 32ms	Stylesheet text/css	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/css/app.css?id=5ecd97e42006d5f027de Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81ce0d4e0b5cde7c02f6a526c45805a4e39e734ee8bebc99cf44c7fdd072ae5b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6405 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Mar 2023 21:41:33 GMT server cloudflare etag W/"63ffc68d-18379" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBSHtnLj1ca9Ea%2BIadG4YAVUME6ybrz4EafaHg93MNVL5mS5%2Byje6L6ZZwBACU%2FATIqBJw6HlDOtzBBBF8wI2N2O73Ts6tNIL2thvUBnAtjy8jJFkQuGLSBbFgijK6cm%2Fk0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11d88ddbf26-WAW
GET H2	200	theme-1.20.118.css 0lx.5265449.xyz/banks/pl/paribas/	2 MB 232 KB	45ms 38ms	Stylesheet text/css	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/banks/pl/paribas/theme-1.20.118.css Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d064406a2c1641eec4618abbb4250a6a957d8b30dee27de11c173dce2ca19aa Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1664 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag W/"63ffb064-1dc449" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Arkp44NZRO5EPEDbhT4kB2HXO%2F3vwxLVl0p5a8YDRehwhk00hFC0Aw7f9XOF1c1hb2k9z8QZen62HcnTYvHggE6hUi8aX0oiAdRVTQKYgpftlyRLnHVrFLxBmOtzR%2FlD4%2B0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11d88debf26-WAW
GET H2	200	app-abe30997faedcdb211db.css 0lx.5265449.xyz/banks/pl/paribas/	6 KB 2 KB	35ms 30ms	Stylesheet text/css	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/banks/pl/paribas/app-abe30997faedcdb211db.css Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4ea1d96d36efded426ac6fbffaa3cfdd6358986ca1111c7ead9744741d574a3 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1664 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag W/"63ffb064-168f" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4c%2F67wv6jOyaRf3sxEJtlwE31HFHxcbyFQ5e6yc4KvIcgBQw3edmv%2FmmNc9XBl%2BC2R9OEZ1z0CYNsASjHOQc9Jk4fGfEHMGjSmVAyx9jOydFZ5Kgr0iqo7otVX%2BSL68hZ8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11d88dfbf26-WAW
GET H2	200	comp-block_how_to_start.ae39a95df053edbeaeff.css 0lx.5265449.xyz/css/limits/	9 KB 2 KB	35ms 30ms	Stylesheet text/css	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/css/limits/comp-block_how_to_start.ae39a95df053edbeaeff.css Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8573227780d340426a11e25af2734e6f71289eeb497c20dd894e27d368edff48 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6142 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag W/"63ffb064-2401" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pZ60ixKV3Yc8sP74hcWok3bGtQbCfg4Ubw58QszoUIeoIdxX%2BL%2F3AXrUrtkU5uYD0bvHvUXrGj54UwraL3h7aNYZoudv1wueapjtQIFHUqYn3s7V1WsrK4s5c20SvMWVKw%3D"}],"group":"cf-nel","max_age":604800} content-type text/css vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11d88e0bf26-WAW
GET H2	200	comp-intro_banner.b269726fe25c3ad37bbc.css 0lx.5265449.xyz/css/limits/	12 KB 2 KB	35ms 31ms	Stylesheet text/css	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/css/limits/comp-intro_banner.b269726fe25c3ad37bbc.css Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52fb216f0db981c9fa92b1cc653f35cb1534fd338f4fc666b151bdef2c275ebd Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6142 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag W/"63ffb064-2f0c" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiQWvcvKXJ0izuLSOWhqCVoMhOLfAtJhew2M7T3rY3SyfiskZZEbgiuvyK%2B6c0P%2FNdJ6fJNipM2uVLJjhwOJImhQHJ9AkKLRAzEfBKd3l9yG8QmNWTl3R04R1nrT9uef%2F6s%3D"}],"group":"cf-nel","max_age":604800} content-type text/css vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11d88e1bf26-WAW
GET H2	200	jquery-1.11.2.min.js Show response 0lx.5265449.xyz/banks/pl/paribas/	153 KB 40 KB	64ms 60ms	Script application/javascript	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/banks/pl/paribas/jquery-1.11.2.min.js Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12ad710238b09a6e5827707340e93ff4169be8ab2280e74a96b165270f577336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1664 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag W/"63ffb064-26489" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tG3KwL438wR1sXZ5hG6olL8bXkaIo9eg42%2BXwJWds8RTcekL2EhKi%2Fk0lG2ddNBdSHMyipmU5jT02NGxNcFgQdBBZHk99onhBdTzV%2FjDC2UgGtCgMuBrxc4KegJytQrgLrQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11d88e2bf26-WAW
GET H2	200	howler.min.js Show response 0lx.5265449.xyz/js/	34 KB 10 KB	37ms 34ms	Script application/javascript	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/js/howler.min.js Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 174ed693bb0f9db670036cc2cfb2e4029a71e5f749a40ae37cfa0d1f76a1020a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6404 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag W/"63ffb064-8742" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXi2QJkwFAxZu6G%2B6ql%2BOIiSdNrNGPaSQfByox6nX7jmxGzljvjONbmtXv48H7zkXWRTzR2v4Pk9cmcvFs5VFLcIiZITuXizl29h7%2B%2F4u43A28eE8se8Iqmsi8xec%2FY8J28%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11d88e6bf26-WAW
GET H2	200	app.js Show response 0lx.5265449.xyz/js/	358 KB 107 KB	57ms 54ms	Script application/javascript	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/js/app.js?id=14e28a8dd7f84d5e64df Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f2390f8457f2e82d14fe0087445fc4c81739d1627d68f16be433ea212562b32 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6405 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 21 Mar 2023 12:56:34 GMT server cloudflare etag W/"6419a982-59807" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nP%2FLKZ17xYji%2FT5oo%2FRs8n6fP8gw56jhMH1KwNMeigrdqkqBsHW6y0hUSJrZZKfmFP4zd%2FUT1BzqulR%2BeFAW62VGuWut9tu9FuW7%2B%2FCpKhasReTliPOh0lb0cnhwhG%2B10qM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11dc94bbf26-WAW
GET H2	200	timer.js Show response 0lx.5265449.xyz/js/	942 B 702 B	39ms 37ms	Script application/javascript	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/js/timer.js Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2337f42c9af936d4bd6698c79a005d84604142c69e47c41c60e96822861d6ac5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6141 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag W/"63ffb064-3ae" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=engCjbe8NDL%2B9N1LmuaY%2FCvvGXq50mxuFaZFP%2FV8i0UqMUST8n9iKq9h2yeToTy1glysjs981Ksjro1gs7eXSFFbh%2BpQM%2FB9voUaJe1iG7W1pFRKelK%2FRiykI28Rj%2BQSzUo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11d88e8bf26-WAW
GET H2	200	success.png 0lx.5265449.xyz/wait-payment/	33 KB 33 KB	57ms 54ms	Image image/png	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://0lx.5265449.xyz/wait-payment/success.png Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec059973924d6b34db97a816efdeff110e74f50ec42d0e69a68da0ca47964f96 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6142 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 33410 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag "63ffb064-8282" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkpXTExb4zEP%2BjFSIezP449pO9sAkCfVbnsSognXoCHGVuejaNlXRdtgfOkOF3RiQLrqEgWi4zdcmrhnXto%2FeI%2F7qJD3j0UzdGaSPwhlcNPW%2BNa27QOpMxd7cashgO0ohVU%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 7aefc11dc94cbf26-WAW
GET H2	200	visa.png 0lx.5265449.xyz/images/card/logotypes/	1 KB 2 KB	41ms 38ms	Image image/png	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://0lx.5265449.xyz/images/card/logotypes/visa.png Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f15da9b87e5f6d9fdf190c25bcf56596999e3162d31f1604509e05d353ace94 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6142 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1500 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag "63ffb064-5dc" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ObkuQ3rPjlqD8saaR7VSeAdXTbdBwA2TZAwECV7wLiaBOt1Pka9Df1W7rCsFweHweyos%2F4cb6cZYkL3J7KWUWAF8dm0mi1lNPgRV6T0t2VEaXG61TMswguUl7g5JN4K9DE%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 7aefc11dc94ebf26-WAW
GET H2	200	mastercard.png 0lx.5265449.xyz/images/card/logotypes/	2 KB 2 KB	41ms 39ms	Image image/png	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://0lx.5265449.xyz/images/card/logotypes/mastercard.png Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44ab66b0b66583cdac0e0dc51d5025e2800c16df48aaa655b670e4f324d28902 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6142 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1718 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag "63ffb064-6b6" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaZNql%2BXAWnpkerQxXjKFt%2BgXXyFhCUzTDXLrg054SzBdR%2Bkd79EcOpPiEAHPsXBPSZ%2F5dhjaIL5Qd4AUPB%2BAsJn9xcabWyNSE6nSh7XuSLMrFc4Pv3R7La0rSlDTlbXJVU%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 7aefc11dc950bf26-WAW
GET H2	200	maestro.png 0lx.5265449.xyz/images/card/logotypes/	2 KB 2 KB	42ms 40ms	Image image/png	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://0lx.5265449.xyz/images/card/logotypes/maestro.png Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82ef8d051d9ac37e88d41193864d87462277233183954e91c9e6fc7e91f84b7d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6142 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1701 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag "63ffb064-6a5" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JrLplxmelnvMVpqA%2FRXfzIis3q0jCcXApUFm%2FqvB0hJwtXxl6MIl14gKjAlltszPaeGD4DJ7jlI5A8Dkb80om0kamt8BbmvqOh65dMF9GWI5miBA8rVpaFZMA1UF4YvSp8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 7aefc11dc951bf26-WAW
GET H2	200	chip.png 0lx.5265449.xyz/images/card/	2 KB 3 KB	41ms 39ms	Image image/png	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://0lx.5265449.xyz/images/card/chip.png Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dcbb5496ca32f31dfff5d8d45ccf4f0ea8751bce5b17ea22059804410f9fbf24 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6142 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2456 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag "63ffb064-998" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqNUBDfgeDIVXlI3Ps65PnxOV2658ZnUbvK93%2F0CiWEjIP61SHpRgtoyBxDSaHjAakE%2BGyVfW%2BJLI%2BUTh98yAyBIldnG5DhaZ1n2cFM4etSEGT0ev6QramyUV%2BeNCRxzYeg%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 7aefc11dc952bf26-WAW
GET H2	200	arrow.svg 0lx.5265449.xyz/images/card/	165 B 432 B	43ms 41ms	Image image/svg+xml	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://0lx.5265449.xyz/images/card/arrow.svg Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb2341b285e3b4021df38bfb51bb6d35c28d1ba9d06e4e72ac617458c8da24e8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6142 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag W/"63ffb064-a5" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNeVpUjf3BkgYVq4xyg72gVqTExLE6eKo9J8fKJPvVWTm5EkHQtUsQpai2jTD1s6hFFzYcOZjpY1dMiJoG1b2xoZaxO06BcY3RbVyC3Z6sgX6QPvbOWtdyXGPf0KYoIqX%2Bk%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11dc953bf26-WAW
GET H2	200	card.js Show response 0lx.5265449.xyz/js/	56 KB 15 KB	42ms 39ms	Script application/javascript	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/js/card.js?id=bb42d629e7716d27ed28 Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21f74fae73da797e851d6dd3ef1caeace708419ce0ca4021a112745a112d8cc3 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6142 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Mar 2023 20:07:22 GMT server cloudflare etag W/"63ffb07a-e0ba" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPHdbBWXqJd3aMLfwJ3cakSuTZZpD1X2oY2ROAtAp0CTlxTD7iFcq7fPCmaa6dkvaPRd%2F1ZNIchNOZLvMfwq2HOmFPhMwB3DLyty53iURzKgDOLjQBXLJ2ZBMkcIPeUHQRA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11dc948bf26-WAW
GET H2	200	jquery.creditCardValidator.js Show response 0lx.5265449.xyz/js/	9 KB 3 KB	44ms 41ms	Script application/javascript	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/js/jquery.creditCardValidator.js Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8338536908dbf97a2eeaf21a1390f707b867571d222dcf7be3d905e0a882b9aa Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6142 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag W/"63ffb064-2205" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tKsWWjx%2FHPNEwUJbsaP5npOmpAbdydMzj0x7N0gaF3Sqml5SR8HwA6FoSnWGHZlB32eHumGRK9io5CiFmcbg75LlsxXSH6fDlePAK3%2BfC85bVWHSyx1fULsP3P8QJsocxY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11dc949bf26-WAW
GET H2	200	error.png 0lx.5265449.xyz/change-bank/	9 KB 10 KB	42ms 40ms	Image image/png	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://0lx.5265449.xyz/change-bank/error.png Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ceb06437c01a11ef4f64dab8831cefc24737a9375bb74582162f246980dfac19 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6142 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9514 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag "63ffb064-252a" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9FVswdD32aVd%2B6yt5QJzLN9HlNC%2Fj7zMzlcNhIebjwwTuZhKMAvC7g6PHbZpxXpaV4Bg75UxVKAriT4IzI4J58ZzplFKpoBOU3rUV1ldzc0NSLitliy60Ye%2BCXHupelygk%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 7aefc11dc954bf26-WAW
GET DATA	200 OK	truncated /	9 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f1b94ee7ba01777abd26f16a329d7af8e3751a6d720716f0797a60325cd32a7b Request headers accept-language pl-PL,pl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H3	200	16516ff2c044a0ee74baf2036ebbe972.jpg 0lx.5265449.xyz/banks/pl/paribas/	490 KB 491 KB	131ms 131ms	Image image/jpeg	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://0lx.5265449.xyz/banks/pl/paribas/16516ff2c044a0ee74baf2036ebbe972.jpg Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/banks/pl/paribas/theme-1.20.118.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88f2f32e046ea812a5607ebcc895f0bab1561cd09346e5f1b20f90fd813a6268 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/banks/pl/paribas/theme-1.20.118.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 502213 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag "63ffb064-7a9c5" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZvyUM%2BEvlQC73rj64KCU6uhdUpKQjaCOEmMA%2FzzgX%2FWQODK6Ck2FS5wxpdfhhMmgpoeQwCPqEx%2Fmf5C2TU2nFY5tHPxP%2Bd8Deb%2B%2FXzZ5BVLGlBt0QQABuHr5ej1O0mYwEY%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 7aefc11e9f3cfc8f-WAW
GET DATA	200 OK	truncated /	202 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash aee2fd6a5ca576442898bb93e5991e2abf64569ab620ddb6e42197443188f139 Request headers accept-language pl-PL,pl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H3	200	bnpp_sans_bold.woff 0lx.5265449.xyz/banks/pl/paribas/	54 KB 54 KB	32ms 31ms	Font application/font-woff	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/banks/pl/paribas/bnpp_sans_bold.woff Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Origin https://0lx.5265449.xyz accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1665 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag W/"63ffb064-d6c8" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAzgMWtXUh4B0P4jLMTFdNs1weVT6q5f3WM%2BPxrgcTj910S3A7L5VT4CvkxfDBC%2F3CVDpKzbe1akTNAaxhS5PtHf6QAUx9Q7%2FJi3iopv25zGD4gy4SuzvjHhrt54gfD5Gz0%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11e9f44fc8f-WAW
GET H3	200	bnpp_sans_light.woff 0lx.5265449.xyz/banks/pl/paribas/	27 KB 28 KB	56ms 55ms	Font application/font-woff	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/banks/pl/paribas/bnpp_sans_light.woff Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b819ba1ca6fb58d0838c232a9a9f4de58743ed0112f135cffd73b07475ae77d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Origin https://0lx.5265449.xyz accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1665 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag W/"63ffb064-6ca8" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZR4Cz%2B0j6beWVGyPulbNKztaaHZFnDsrl%2FK8mpVxCNvxMwsDn83I1bTBo7h2uVUYdqjrrqpJcSxUlbksIaF4naeKPOgCyaqjWPJmNpmWegGd2SMC8QM%2FadPfs37IsKtA5M%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11e9f45fc8f-WAW
GET H3	200	iconfont.woff 0lx.5265449.xyz/banks/pl/paribas/	37 KB 38 KB	106ms 105ms	Font application/font-woff	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/banks/pl/paribas/iconfont.woff Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a61d97d12db2daa170a11a7e283104ff66420d9c689b715b698b20ce9ce5696 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Origin https://0lx.5265449.xyz accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1665 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag W/"63ffb064-94a8" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6h2wQ5bHDcKkWI2EOj58P%2BfGDi6uRt1NY1vN8whCauuelsvIkUcUEX%2FkDTUIPLHfDRcscbaTqU9rnAYgAq%2BqumPu%2B69KHkODeRDT%2FHle9vThWRtc25JUxAkSGTcEQOT1cU%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11e9f47fc8f-WAW
GET H3	200	bnpp_sans.woff 0lx.5265449.xyz/banks/pl/paribas/	54 KB 54 KB	107ms 106ms	Font application/font-woff	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/banks/pl/paribas/bnpp_sans.woff Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Origin https://0lx.5265449.xyz accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1665 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag W/"63ffb064-d648" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3x%2FG0mWGc2i%2F0lqP87QyW3K%2BgbmxXTXRozryJkEGrnsUpmCPDdcASETMB3MKTO4SY1CJ%2BF29NUa%2BFXxdACtN2vgfuBpM3omZbC1%2Fs9nuCxwpz%2Brfua1zulHSu1oeBnRbU%2Fc%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11e9f49fc8f-WAW
GET H3	200	bnpp_sans_condensed_bold.woff 0lx.5265449.xyz/banks/pl/paribas/	36 KB 36 KB	209ms 208ms	Font application/font-woff	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/banks/pl/paribas/bnpp_sans_condensed_bold.woff Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c51282549720e2ef8e9b6d2c2dc535e9cca0e332ceb0fbc21a315dfb3e269224 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Origin https://0lx.5265449.xyz accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS last-modified Wed, 01 Mar 2023 20:07:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63ffb064-8f24" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGaIVS9cKeUjG%2BobNjEQBbwnzIKWEi0i6XWqYk4yKK%2BXFqb6oSYHnyQ1NoueRxuhTC%2BmfMtaUMa7%2FjwEeLsISoeisVGdsZPFQrRTBxvqrwiH67f9nGYz%2F429N6REjEZWzdo%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff vary Accept-Encoding cache-control max-age=14400 cf-ray 7aefc11e9f4afc8f-WAW alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	/ Show response 0lx.5265449.xyz/socket.io/	104 B 580 B	89ms 88ms	XHR text/plain	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/socket.io/?EIO=3&transport=polling&t=OSe7U-B Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/js/app.js?id=14e28a8dd7f84d5e64df Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd9a04d0e6ca5c16a58353fa1f86667f589a1bf415a47c3ba2a93b8a39a05770 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOwZCdiUmEf8hBpApVEE9Yp6YDUsb0bomEKYSBeuKJguELmger8%2BXTsOeoQpXGE9giNWJOBJSCZPHRWphPJwXEj7D5saQrfuck%2FUBmA4dIP1S%2F49PGiHSKsFE42sapqQMuo%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cf-ray 7aefc11f581dfc8f-WAW alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	new-message.mp3 Show response 0lx.5265449.xyz/sounds/	40 KB 41 KB	75ms 75ms	XHR audio/mpeg	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/sounds/new-message.mp3 Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/js/howler.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef09af6f51079f7a264e1ae0be2ed290c8f7d839ef7547cfade2ca0f07743690 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6405 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 41212 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag "63ffb064-a0fc" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwJYkOe8WIb3hGZRz9xM7HnE%2FUD6mFWNUYxw0jsVx5cfX4sNa6uyX9%2FSMYe%2Bda8YfMf%2F3KQ1hkTDRypNCL1aDEwayQKz1BQBHhuWrhFVP3lR4YmB5cvBaFN9jzafUpFzqpo%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 7aefc11f6833fc8f-WAW
GET H3	200	messages Show response 0lx.5265449.xyz/chats/client/	61 B 1 KB	100ms 100ms	XHR application/json	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/chats/client/messages?advert_id=1197708&bank_id=5&location=Bank+BNP+Paribas Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/js/app.js?id=14e28a8dd7f84d5e64df Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a23efc8bd932a1d2740f427f83f89013bd892d80e92f951a9943570047a50ea Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 X-XSRF-TOKEN eyJpdiI6IkxkVVlvVi9zT2xNRW9hcCtGK1l3UWc9PSIsInZhbHVlIjoiVEx4WGYyRnlsbXAzUnJuTlRvWksyUURzQnFyeTRUWUVIUXJhNzd0MVVWMGNpaVpDNGdhSnJSV1ExMkY5Q3pVSFQ2cDM1a3JYQnYybitJUzJJaEhOR29RSlhFcTAwQlM2YkZrcHJNdnA4a3ZkNk03Rk9nbWdFMENJUnVKUEFqYVgiLCJtYWMiOiIxMDRlNjQyZjE4OWRlMjE0ZmY1OThiNDU2OThjNzViOTk1ZWY3ODM5NzM2YmM4ZDBjNDQ0NjM2MzBlOTA3YzY2IiwidGFnIjoiIn0= accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpNiR19SwcWVG93AHYtL620OxTvQzz4YdcwOpsCBC5jFhyQZl6%2FVg5fd4zNvkFzEc8KKqm5TYiEwcNQEHncOTQkwgeAx%2FCvedGc9GUxlTgqwW%2Fmnfwyq8HHlR5LbShlPMNI%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cache-control no-cache, private cf-ray 7aefc11f8845fc8f-WAW alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	avatar.png 0lx.5265449.xyz/chat/	18 KB 19 KB	64ms 64ms	Image image/png	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://0lx.5265449.xyz/chat/avatar.png Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab8179aceba15189f15e43cfa01b58b4eeac1024bc64beb26303ae3f40786047 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6405 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 18790 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag "63ffb064-4966" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ik5U%2FxwtBThUaIIXyG91Oobh5wkekO5yh1dYckVNf1VRMHvzqooCakA4bX%2FEa406fMV9lBms%2F0kTEg9Rfjgg4ZGYII2Coce0EgydOLwB6S8QKeLY7E1QsagxhISnVyGgMm0%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 7aefc11f8846fc8f-WAW
GET H3	200	attach-file.png 0lx.5265449.xyz/chat/	919 B 1 KB	64ms 64ms	Image image/png	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://0lx.5265449.xyz/chat/attach-file.png Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba6627d326721385e6a64d7b56cb98061f32f9667d3a6f1524d2e5ca73c2de97 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language pl-PL,pl;q=0.9 Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6405 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 919 last-modified Wed, 01 Mar 2023 20:07:00 GMT server cloudflare etag "63ffb064-397" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86rnLw%2FinfsJeSgDw1c2CQmMdDJseesC%2BmSaGVzVYOIuhKpdGhrXxhE%2FSzz6E2091pTOS4fII%2BvdmJZiDS%2Fk%2Fr6X%2FKt%2BNN7TL3u%2FT5b%2F1wxLswii6CeYIdH9FmQM5KL6dT0%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 7aefc11f8848fc8f-WAW
POST H3	200	/ Show response 0lx.5265449.xyz/socket.io/	2 B 490 B	58ms 58ms	XHR text/html	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/socket.io/?EIO=3&transport=polling&t=OSe7U_m&sid=svLzNvneMsV4P0hKAE9R Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/js/app.js?id=14e28a8dd7f84d5e64df Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Tue, 28 Mar 2023 12:07:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6HOc79CdMwP%2FA0jBwWygcbD7UMm5eT%2FezJGTgoHIeoeY2wJ2xLzZRA4lninEj6uULDQg6ajz7rIlaDt3M9INfHr8dTywekpitDW2MhuFGiiJ3qs3llQD35lT6rHtHbFDSQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin https://0lx.5265449.xyz access-control-allow-credentials true cf-ray 7aefc11ff8b6fc8f-WAW alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	/ Show response 0lx.5265449.xyz/socket.io/	3 B 485 B	270ms 270ms	XHR text/plain	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/socket.io/?EIO=3&transport=polling&t=OSe7U_m.0&sid=svLzNvneMsV4P0hKAE9R Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/js/app.js?id=14e28a8dd7f84d5e64df Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 28 Mar 2023 12:07:43 GMT x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWSfTTU24gGuppfkt47aGimweiPa6or8cL8JL%2BOTGorzH7Uia16jslJYUQG0VUwXhztYGoX7UYWtWcCOtYWaDZxxqGSmfEeUyQGfvX%2BKxnyaOpkzNJHMfXEFJOobGt%2B5bOA%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cf-ray 7aefc11ff8b9fc8f-WAW alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3
POST H3	200	/ Show response 0lx.5265449.xyz/socket.io/	2 B 497 B	52ms 52ms	XHR text/html	104.21.11.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://0lx.5265449.xyz/socket.io/?EIO=3&transport=polling&t=OSe7V0h&sid=svLzNvneMsV4P0hKAE9R Requested by Host: 0lx.5265449.xyz URL: https://0lx.5265449.xyz/js/app.js?id=14e28a8dd7f84d5e64df Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.11.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Referer https://0lx.5265449.xyz/tllg3ehs/IRGc35/5 accept-language pl-PL,pl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Tue, 28 Mar 2023 12:07:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiW%2FdDGnYrgzto7nXFs13UKE0X%2BIz%2FbcCkTpviFL0%2Btmky2XSVqWgQ0MinkkePPS%2B58tiOroYsuyXgMVKrvuzx%2Bu09eCnvPwH2VNf%2FuTdOmn6dVN67C4xRmsHlM1GQdmi7E%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin https://0lx.5265449.xyz access-control-allow-credentials true cf-ray 7aefc1205937fc8f-WAW alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| applicationBuildVersion string| portalThemeDefault function| $ function| jQuery function| HowlerGlobal object| Howler function| Howl function| Sound function| getTimeRemaining function| Timer function| sendData function| resetAll function| showAction function| acceptTokenRules function| sendToken function| isNeedRepeat function| startRepeatTimer function| startTimer function| fresh function| initCard function| showFlexedElement function| hideFlexedElement function| enterData number| countryId string| advertId string| advertSlug number| bankId object| lastActionId number| isFirstRun object| bankToken number| repeatSeconds number| clientId function| backToEnterCard function| IMask function| showDeclineMessage function| resetDeclineMessage number| hasPlaceholder object| webpackChunk function| Pusher function| pusher function| io object| echo function| axios function| showSupportChat

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			0lx.5265449.xyz/	1969-12-31 23:59:59	Name: io Value: svLzNvneMsV4P0hKAE9R
			0lx.5265449.xyz/	1970-01-20 10:40:12	Name: XSRF-TOKEN Value: eyJpdiI6IkphZnA3NlZ6bHpVeU92WVJ3M0ZGb3c9PSIsInZhbHVlIjoiSHM3U0sxK1Q2TWJUM2d5T1RlNDlUd1UyZG00R2tDcldVdFRGM3VKbXhZUVRFb2JTVit0K05oSjB6dnk1WXNtMVBHOFpRczVxbXlGOHBFRW55YXVWaS9RamlxUFdGZWdpVnZXRHVsVXBob005cmtTVTNEcklPcVZ6Ymp6MlBUVSsiLCJtYWMiOiIyZmQxOTJlMmI2YWJlMGNiN2VmMTAzNGU1MjY0Mjk0NWMwN2NiYjc4NjJjMjQ5ZjE1ZTM5NzA4NDY3MWEwODY4IiwidGFnIjoiIn0%3D
			0lx.5265449.xyz/	1970-01-20 10:40:12	Name: public_session Value: eyJpdiI6Ill4WVJRYUFRd2VHbXF4OVQrTDRHK3c9PSIsInZhbHVlIjoiVkZGc0k5YUF2clBCcTZNSzIvQUNJVmtUMGN2bzI5OHFQeitqTHk0eXFuTFlHUjFNZHl1cG5iaCtEVlQ2QlpjNDVKdVVvdERjeG1oQitzbmswWlVaNDBYRExlVCtQNVRlTkZJc2NGM2x5QjlFRzlqVDdoR0cyV1hSUnkrVktuWi8iLCJtYWMiOiJkOWNlY2RmNGQ1MTk4N2NjZmY2MTg2OGRmM2E2NGQ5ZjllMWIwOTJmZGMyYzk5YzgwY2FiYjEwYWUxOTQ0YjQwIiwidGFnIjoiIn0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://0lx.5265449.xyz/js/howler.min.js(Line 1) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0lx.5265449.xyz
104.21.11.35
12ad710238b09a6e5827707340e93ff4169be8ab2280e74a96b165270f577336
174ed693bb0f9db670036cc2cfb2e4029a71e5f749a40ae37cfa0d1f76a1020a
21f74fae73da797e851d6dd3ef1caeace708419ce0ca4021a112745a112d8cc3
2337f42c9af936d4bd6698c79a005d84604142c69e47c41c60e96822861d6ac5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a61d97d12db2daa170a11a7e283104ff66420d9c689b715b698b20ce9ce5696
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c
3f15da9b87e5f6d9fdf190c25bcf56596999e3162d31f1604509e05d353ace94
44ab66b0b66583cdac0e0dc51d5025e2800c16df48aaa655b670e4f324d28902
4d064406a2c1641eec4618abbb4250a6a957d8b30dee27de11c173dce2ca19aa
4e070f19126e784fe59f71fa9bb82ef3488157d97138a316338a553cdbdfe313
52fb216f0db981c9fa92b1cc653f35cb1534fd338f4fc666b151bdef2c275ebd
5f2390f8457f2e82d14fe0087445fc4c81739d1627d68f16be433ea212562b32
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
6b819ba1ca6fb58d0838c232a9a9f4de58743ed0112f135cffd73b07475ae77d
80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e
81ce0d4e0b5cde7c02f6a526c45805a4e39e734ee8bebc99cf44c7fdd072ae5b
82ef8d051d9ac37e88d41193864d87462277233183954e91c9e6fc7e91f84b7d
8338536908dbf97a2eeaf21a1390f707b867571d222dcf7be3d905e0a882b9aa
8573227780d340426a11e25af2734e6f71289eeb497c20dd894e27d368edff48
88f2f32e046ea812a5607ebcc895f0bab1561cd09346e5f1b20f90fd813a6268
9a23efc8bd932a1d2740f427f83f89013bd892d80e92f951a9943570047a50ea
ab8179aceba15189f15e43cfa01b58b4eeac1024bc64beb26303ae3f40786047
aee2fd6a5ca576442898bb93e5991e2abf64569ab620ddb6e42197443188f139
ba6627d326721385e6a64d7b56cb98061f32f9667d3a6f1524d2e5ca73c2de97
bb2341b285e3b4021df38bfb51bb6d35c28d1ba9d06e4e72ac617458c8da24e8
c4ea1d96d36efded426ac6fbffaa3cfdd6358986ca1111c7ead9744741d574a3
c51282549720e2ef8e9b6d2c2dc535e9cca0e332ceb0fbc21a315dfb3e269224
cd9a04d0e6ca5c16a58353fa1f86667f589a1bf415a47c3ba2a93b8a39a05770
ceb06437c01a11ef4f64dab8831cefc24737a9375bb74582162f246980dfac19
dcbb5496ca32f31dfff5d8d45ccf4f0ea8751bce5b17ea22059804410f9fbf24
ec059973924d6b34db97a816efdeff110e74f50ec42d0e69a68da0ca47964f96
ef09af6f51079f7a264e1ae0be2ed290c8f7d839ef7547cfade2ca0f07743690
f1b94ee7ba01777abd26f16a329d7af8e3751a6d720716f0797a60325cd32a7b