urlscan.io logo urlscan.io
SecurityTrails logo

ep.jah-3tectsth.xyz Open in urlscan Pro
2606:4700:3031::ac43:d640  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clickl.work/public/8447845522069222?10031630100701
Effective URL: https://ep.jah-3tectsth.xyz/
Submission: On December 17 via manual from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 9 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3031::ac43:d640, located in United States and belongs to CLOUDFLARENET, US. The main domain is ep.jah-3tectsth.xyz.
TLS certificate: Issued by R3 on November 30th 2021. Valid for: 3 months.
This is the only time ep.jah-3tectsth.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 190.115.24.146 262254 (DDOS-GUAR...)
2 185.137.235.84 49505 (SELECTEL)
2 190.115.19.162 262254 (DDOS-GUAR...)
1 3 186.2.162.165 262254 (DDOS-GUAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
17 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
27 7
1    190.115.24.146 (Belize City, Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net
clickl.work
2    185.137.235.84 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: s4.hostingru.net
onlibanks.5k5.ru
2    190.115.19.162 (Belize City, Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
spaysdomains.com
e-pay.bz
3    186.2.162.165 (Belize City, Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net
promolines.art
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
17    2606:4700:3031::ac43:d640 (United States)

ASN13335 (CLOUDFLARENET, US)
ep.jah-3tectsth.xyz
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
17 ep.jah-3tectsth.xyz promolines.art
ep.jah-3tectsth.xyz
3 promolines.art 1 redirects onlibanks.5k5.ru
promolines.art
2 fonts.gstatic.com fonts.googleapis.com
2 onlibanks.5k5.ru onlibanks.5k5.ru
1 fonts.googleapis.com ep.jah-3tectsth.xyz
1 e-pay.bz promolines.art
1 code.jquery.com promolines.art
1 spaysdomains.com onlibanks.5k5.ru
1 clickl.work 1 redirects
27 9

This site contains no links.

Subject Issuer Validity Valid
spaysdomains.com
R3		 2021-12-01 -
2022-03-01		 3 months crt.sh
promolines.art
R3		 2021-12-15 -
2022-03-15		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
e-pay.bz
R3		 2021-11-30 -
2022-02-28		 3 months crt.sh
*.jah-3tectsth.xyz
R3		 2021-11-30 -
2022-02-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ep.jah-3tectsth.xyz/
Frame ID: 71107F4C522A127C78F9D511752E01A1
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Главная

Page URL History Show full URLs

  1. https://clickl.work/public/8447845522069222?10031630100701 HTTP 302
    http://onlibanks.5k5.ru/ Page URL
  2. https://promolines.art//tds/p2b7 HTTP 302
    http://promolines.art/3pzo?tds=1&url_id=35214&url_full_id=34925 HTTP 307
    https://promolines.art/3pzo?tds=1&url_id=35214&url_full_id=34925 Page URL
  3. https://ep.jah-3tectsth.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

93 %
HTTPS

50 %
IPv6

9
Domains

9
Subdomains

7
IPs

5
Countries

843 kB
Transfer

1870 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clickl.work/public/8447845522069222?10031630100701 HTTP 302
    http://onlibanks.5k5.ru/ Page URL
  2. https://promolines.art//tds/p2b7 HTTP 302
    http://promolines.art/3pzo?tds=1&url_id=35214&url_full_id=34925 HTTP 307
    https://promolines.art/3pzo?tds=1&url_id=35214&url_full_id=34925 Page URL
  3. https://ep.jah-3tectsth.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://clickl.work/public/8447845522069222?10031630100701 HTTP 302
  • http://onlibanks.5k5.ru/
Request Chain 3
  • https://promolines.art//tds/p2b7 HTTP 302
  • http://promolines.art/3pzo?tds=1&url_id=35214&url_full_id=34925 HTTP 307
  • https://promolines.art/3pzo?tds=1&url_id=35214&url_full_id=34925

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
onlibanks.5k5.ru/
Redirect Chain
  • https://clickl.work/public/8447845522069222?10031630100701
  • http://onlibanks.5k5.ru/
194 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
http://onlibanks.5k5.ru/
Protocol
HTTP/1.1
Server
185.137.235.84 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
s4.hostingru.net
Software
nginx/1.20.2 /
Resource Hash
af3f6a7d9d7dde724257617f4839c1a8af878205c7ccc62fc1f53cbc21be5309

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.20.2
Date
Fri, 17 Dec 2021 06:36:24 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive

Redirect headers

server
ddos-guard
content-security-policy
upgrade-insecure-requests;
date
Fri, 17 Dec 2021 06:36:24 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.34
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
http://onlibanks.5k5.ru
content-encoding
br
vary
Accept-Encoding
tds.js
onlibanks.5k5.ru/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://onlibanks.5k5.ru/tds.js
Requested by
Host: onlibanks.5k5.ru
URL: http://onlibanks.5k5.ru/
Protocol
HTTP/1.1
Server
185.137.235.84 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
s4.hostingru.net
Software
nginx/1.20.2 /
Resource Hash
af9e3d87511cc7735164dac9f7d7be1f554b03d1135658f547abbb485a8a958f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://onlibanks.5k5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 17 Dec 2021 06:36:24 GMT
Last-Modified
Thu, 16 Dec 2021 08:16:59 GMT
Server
nginx/1.20.2
ETag
"61baf5fb-793"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1939
request_tds.php
spaysdomains.com/ 		44 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spaysdomains.com/request_tds.php
Requested by
Host: onlibanks.5k5.ru
URL: http://onlibanks.5k5.ru/tds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.19.162 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://onlibanks.5k5.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
server
ddos-guard
date
Fri, 17 Dec 2021 06:36:24 GMT
x-frame-options
ALLOWALL
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
strict-transport-security
max-age=15768000; includeSubdomains; preload
3pzo
promolines.art/
Redirect Chain
  • https://promolines.art//tds/p2b7
  • http://promolines.art/3pzo?tds=1&url_id=35214&url_full_id=34925
  • https://promolines.art/3pzo?tds=1&url_id=35214&url_full_id=34925
2 KB
892 B 		Document
General
Check archive.org
Download Go to
Full URL
https://promolines.art/3pzo?tds=1&url_id=35214&url_full_id=34925
Requested by
Host: onlibanks.5k5.ru
URL: http://onlibanks.5k5.ru/tds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.165 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
0055db42d953d5d190e342bb23258260350ddd4ae13ec5e566abf4357558a069
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://onlibanks.5k5.ru/

Response headers

server
ddos-guard
content-security-policy
upgrade-insecure-requests;
date
Fri, 17 Dec 2021 06:36:25 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15768000; includeSubdomains; preload
access-control-allow-origin
*
x-frame-options
ALLOWALL
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

Location
https://promolines.art/3pzo?tds=1&url_id=35214&url_full_id=34925
Non-Authoritative-Reason
HSTS
jquery-2.1.3.min.js
code.jquery.com/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.1.3.min.js
Requested by
Host: promolines.art
URL: https://promolines.art/3pzo?tds=1&url_id=35214&url_full_id=34925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://promolines.art/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:25 GMT
content-encoding
gzip
last-modified
Thu, 18 Dec 2014 15:17:03 GMT
server
nginx
etag
W/"5492efef-14960"
vary
Accept-Encoding
x-hw
1639722985.dop056.fr8.t,1639722985.cds207.fr8.hn,1639722985.cds097.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29507
jquery.syotimer.js
promolines.art/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promolines.art/js/jquery.syotimer.js
Requested by
Host: promolines.art
URL: https://promolines.art/3pzo?tds=1&url_id=35214&url_full_id=34925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.165 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
b648262c5dd3817590d4077f423a487895ac9e0b185f3e7f683e6c75b24afe1b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://promolines.art/3pzo?tds=1&url_id=35214&url_full_id=34925
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Tue, 25 Jun 2019 09:48:00 GMT
server
ddos-guard
age
962
etag
W/"5d11edd0-286f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
date
Fri, 17 Dec 2021 06:20:23 GMT
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
3057
8143.jpg
e-pay.bz/i/product/814/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e-pay.bz/i/product/814/8143.jpg
Requested by
Host: promolines.art
URL: https://promolines.art/3pzo?tds=1&url_id=35214&url_full_id=34925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.19.162 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://promolines.art/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
last-modified
Tue, 29 Jun 2021 18:48:16 GMT
server
ddos-guard
age
70536
etag
"60db6af0-32fa1"
x-frame-options
ALLOWALL
content-type
image/jpeg
access-control-allow-origin
*
date
Thu, 16 Dec 2021 11:00:49 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
accept-ranges
bytes
x-ddg-cachegen
1639160934
content-length
208801
Primary Request /
ep.jah-3tectsth.xyz/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ep.jah-3tectsth.xyz/
Requested by
Host: promolines.art
URL: https://promolines.art/3pzo?tds=1&url_id=35214&url_full_id=34925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45ab5c8b43827e78655c61f4f06cde45fbd80a2200152ba1a7c9b27dadc224fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://promolines.art/

Response headers

date
Fri, 17 Dec 2021 06:36:25 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8UfxeuBzn6TVkKUbY3%2FthZeHTDTpOi2bsDsN4xi0YE%2FfOyesqjbPYTXhUmLnYLQkIdPnc2NXvYL%2BBxbRFZ%2BxFnsl%2FXLTm3oBWs80u8FbVkr4VM2VVBd6rcHoQK9noqbwm3r0TlN2NN%2FB3B41p7D1zUI"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6bee23151deedaa8-ARN
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
app.53117119e44f7af8cea70955a9d42e11.css
ep.jah-3tectsth.xyz/static/css/ 		154 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ep.jah-3tectsth.xyz/static/css/app.53117119e44f7af8cea70955a9d42e11.css
Requested by
Host: ep.jah-3tectsth.xyz
URL: https://ep.jah-3tectsth.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b30a3478c30f09ba7e571a3ba527f3c9a95ddb21a87c013214e46cc7b43f7d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ep.jah-3tectsth.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 13 Dec 2021 18:28:02 GMT
server
cloudflare
etag
W/"61b790b2-26644"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqxYYJeS4YSX6Euvr7%2FlGeBDb3PbeMhfESrDVBbGeo3Qt%2BnmIBjSQ%2Fggi57QIDLFx0dcz%2FY3QtFMj0cZF33GHnTnhReui9YXLgCm984cQosHpaHEPDD98n2%2B1pkS06%2BPWjZvzETz02Hol3Io9Z3DCSWP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
6bee2316afb3daa8-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
loading_spinner2.gif
ep.jah-3tectsth.xyz/static/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep.jah-3tectsth.xyz/static/img/loading_spinner2.gif
Requested by
Host: ep.jah-3tectsth.xyz
URL: https://ep.jah-3tectsth.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915c186c42d88d0c8f7cb1b9ac823ba63a600164822aa663cbb95f14c6cf0225
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ep.jah-3tectsth.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:26 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16338
last-modified
Mon, 13 Dec 2021 18:28:02 GMT
server
cloudflare
etag
"61b790b2-3fd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74tJP%2Brn8GCNT9zDLgo53X7Ga6ymwyjTHoqz3RCplYD1S9gAa4PTcY7cBKhgPOHqO619U1ayJcTjW5rxSwrbRa2cRxZ9J9A4XHoWg4E26sO%2BD457MlQnZn9Yn0B9Lh5bMHmh6JCFEciUHpiZhkW8IO%2Bv"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6bee2316afb5daa8-ARN
manifest.2ae2e69a05c33dfc65f8.js
ep.jah-3tectsth.xyz/static/js/ 		799 B
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ep.jah-3tectsth.xyz/static/js/manifest.2ae2e69a05c33dfc65f8.js
Requested by
Host: ep.jah-3tectsth.xyz
URL: https://ep.jah-3tectsth.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8162403bfffd36e97c3d0d2f07f8bdc2fc5e65b6638b0d8d951c58e7f95327
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ep.jah-3tectsth.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 13 Dec 2021 18:28:02 GMT
server
cloudflare
etag
W/"61b790b2-31f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkD40g7Ymy0lqnwdubOaU5SDuHmYLPOd%2BhHGueiIsWZQqA26E7xH9%2FsVAURi5mv9zDP3%2BcIwAnVOQB3%2Fya7XGuyJq8INHvBQD4NvbE3xQmyqUZFVukJb839sUYvljxJca4ZfplFSKNjgHOa5Z5PX2N29"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
6bee2316afb6daa8-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
vendor.a64cea12b36e58fc944a.js
ep.jah-3tectsth.xyz/static/js/ 		535 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep.jah-3tectsth.xyz/static/js/vendor.a64cea12b36e58fc944a.js
Requested by
Host: ep.jah-3tectsth.xyz
URL: https://ep.jah-3tectsth.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d14651c6e395990c9e3a434f628f1efd36acc6bf527f821c0822f7f4cdd1196c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ep.jah-3tectsth.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 13 Dec 2021 18:28:02 GMT
server
cloudflare
etag
W/"61b790b2-85ac4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncAt8VVqPklHoVOl3%2BhEDljv%2FGElNYSBJ41Lt9jbHAigyEEe1WQSSZ9fb%2F6KUAAbazrCJoLdSvLh563i6oGKiBN17aeiaFqMMLzNZsLsY7itZsKSJjUXX2vdHvCdVz24NiR%2FtuiK4YChS1%2BtB8yqk7R3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
6bee2316afb8daa8-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
app.336a4a3f9af0e9d844d4.js
ep.jah-3tectsth.xyz/static/js/ 		557 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep.jah-3tectsth.xyz/static/js/app.336a4a3f9af0e9d844d4.js
Requested by
Host: ep.jah-3tectsth.xyz
URL: https://ep.jah-3tectsth.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78995452a9ec4773b1827cb20dfc34fada7abb5d5a0da648c1dda943c0dc3f03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ep.jah-3tectsth.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 13 Dec 2021 18:28:02 GMT
server
cloudflare
etag
W/"61b790b2-8b4d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVNEXVpu8mKv47jRLjAGUkbLoeVvFvOsv2vp2CjXc%2FujBprMPF4p82cmyodp2aQjzAi4q%2FT4eCgU0BY3GsXG3uA7XID7k%2BMQcW0pz2a34U8Ow4c%2F4aAHCuOR3KwaD%2BwY3SXdcozUJjExaNw4WDJldmf4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
6bee2316afbbdaa8-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap
Requested by
Host: ep.jah-3tectsth.xyz
URL: https://ep.jah-3tectsth.xyz/static/css/app.53117119e44f7af8cea70955a9d42e11.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
04ebfc8e8f7afe1d2ab06ea3fd9c0c6b74b17a0e2b702ecc5443624b9eb0ffb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ep.jah-3tectsth.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Dec 2021 06:29:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Dec 2021 06:36:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Dec 2021 06:36:26 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ep.jah-3tectsth.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 00:14:34 GMT
x-content-type-options
nosniff
age
195712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Dec 2022 00:14:34 GMT
managerMessages.json
ep.jah-3tectsth.xyz/static/api/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep.jah-3tectsth.xyz/static/api/managerMessages.json
Requested by
Host: ep.jah-3tectsth.xyz
URL: https://ep.jah-3tectsth.xyz/static/js/vendor.a64cea12b36e58fc944a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7789f84816fd8fb6685a068be6ad9927709ddd62cd4ecc74e8843c214b147676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept
application/json, text/plain, */*
Referer
https://ep.jah-3tectsth.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 13 Dec 2021 18:28:02 GMT
server
cloudflare
etag
W/"7cf-5d30b3ba92f5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHu9vfZmIsYF%2BbHvomE2Rw7SNO5v9qjPrCjJlVjdJ1Unzg1dxs2Sn4AWkp%2Byr6IDfB7An5%2FgPPHiioAyqae9F9GRq4qvShVdHZlNca4O6JEm0dAQY73AJYsmYmRwVBdI4tkb4NFZFjlJX%2B2MrsJt9aiq"}],"group":"cf-nel","max_age":604800}
content-type
application/json
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6bee231a1f40cb00-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
getDomain.php
ep.jah-3tectsth.xyz/static/php/ 		68 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep.jah-3tectsth.xyz/static/php/getDomain.php
Requested by
Host: ep.jah-3tectsth.xyz
URL: https://ep.jah-3tectsth.xyz/static/js/vendor.a64cea12b36e58fc944a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
9e9ba40885f4a40f9d657072e6dfb51b26780f20bfd397d198b8082338541a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept
application/json, text/plain, */*
Referer
https://ep.jah-3tectsth.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4vtw8kE2jDDuyr1GkoZVi6uK7k3CixXh75bX2h2Ehh2mYDySLiyL1oy0SHrSStP3ud34VZs2n%2FYd%2B%2FVXo7%2Fjs%2FMem5R9ZH1cgcuBRCUJfqLcPVxmXFwwYeTWYYmC%2FyDK7hnhFzt756cNlBFLjmxvwdJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
6bee231a1f42cb00-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
geo.php
ep.jah-3tectsth.xyz/static/php/ 		146 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep.jah-3tectsth.xyz/static/php/geo.php
Requested by
Host: ep.jah-3tectsth.xyz
URL: https://ep.jah-3tectsth.xyz/static/js/vendor.a64cea12b36e58fc944a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
bb40794ffd450549f7f12fd42794d111489377d6a4358d1dd57b008513c90b9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept
application/json, text/plain, */*
Referer
https://ep.jah-3tectsth.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZouvxYJBbS6pjmO3FzbOXm4kqWPqKGCUTsVIen%2Fh0T82iATB7EZJ3r2wAg1itkleqYdTwRu4ka5nikbIohNtx9NvigFxK4HFpdrcgFx32dPVWisaDiPiPbJwwl%2B5DCXsqpGeWlG6eEvd7ZaJCzwYhwta"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
6bee231a1f44cb00-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
getRate.php
ep.jah-3tectsth.xyz/static/php/ 		7 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep.jah-3tectsth.xyz/static/php/getRate.php
Requested by
Host: ep.jah-3tectsth.xyz
URL: https://ep.jah-3tectsth.xyz/static/js/vendor.a64cea12b36e58fc944a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
4438075d35be0ec3ed53e0e4a466ec0adcfac844741e7d32e856c9d6fe3b6e1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept
application/json, text/plain, */*
Referer
https://ep.jah-3tectsth.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seuDHW%2BHym9SzaA8Vhu6x8nZWmW4oHAKm5GROe9iJLauJbPvgoWreK0SwzI2YqOTyRyIE4hnH17pX%2FczgVpR%2Fxz%2F8Wtm7DX7vWhGQmXCQYjXTKW8MVjUp%2FncO3uRqwRUQj1nZ%2Bg3KX3p5OZ062Cc%2FoJo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
6bee231b5838cb00-ARN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
loading_spinner2.gif
ep.jah-3tectsth.xyz/static/img/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep.jah-3tectsth.xyz/static/img/loading_spinner2.gif
Requested by
Host: ep.jah-3tectsth.xyz
URL: https://ep.jah-3tectsth.xyz/static/js/vendor.a64cea12b36e58fc944a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915c186c42d88d0c8f7cb1b9ac823ba63a600164822aa663cbb95f14c6cf0225
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ep.jah-3tectsth.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:26 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16338
last-modified
Mon, 13 Dec 2021 18:28:02 GMT
server
cloudflare
etag
"61b790b2-3fd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsU4MCb9S%2B1mCuOdHotmrSwdW5YE012lNDSt3Q%2FAOJ2bJqKJdDUuMwaVYzKp3zrl%2BFWG7ABsSXd9uuJYBtWZAvbxtPQXIHh0rTzUwrOMbJzp7WV069JOGRqrU9iCSba0Bvz8DDbUNsYmYAIo5dV1xj3I"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6bee231b784ccb00-ARN
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ep.jah-3tectsth.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 03:14:47 GMT
x-content-type-options
nosniff
age
184899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24756
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Dec 2022 03:14:47 GMT
1-checksmall.jpg
ep.jah-3tectsth.xyz/static/img/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep.jah-3tectsth.xyz/static/img/1-checksmall.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9216c81149df71901ee0c0fea4e6c059d595efeb6bd4b85ea913c62b2ac845c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ep.jah-3tectsth.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:27 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17461
last-modified
Mon, 13 Dec 2021 18:28:02 GMT
server
cloudflare
etag
"61b790b2-4435"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnj%2Bnhv5l%2BtUEWczWo2gE5rpb%2FZrVXgVF0JhCi3fSHqNsclmXwrwO6Z8f7kwXGveBCax5t0182z8qsHjfg%2BtsTzebIFRJ3JDbUqdJ8aHpPIypQc%2B4GMLmdT1fj9PEHZpKfhQNIjgRZdStCdvvYhMrwsr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6bee231bb88bcb00-ARN
visatrio.png
ep.jah-3tectsth.xyz/static/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep.jah-3tectsth.xyz/static/img/visatrio.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be0c6e47f9314156e902d8a2c39c5c770c867309cf5097f81665f8adc356e73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ep.jah-3tectsth.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:27 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4143
last-modified
Mon, 13 Dec 2021 18:28:02 GMT
server
cloudflare
etag
"61b790b2-102f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcHgDAjiDtYZoqA8GkIoIi8VUIVwceHXV7W%2FDlTbqjEQlnOeuy25I4cX2%2FMsb5s80lo74pGmBz2y3vd5nYmjT6b3v%2B3yJN4nStWkkFytOvuX%2FB%2Bo6qR84K%2Bf0TusgDf52fninmmbh0fY2Us7KQMx4FN1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6bee231bb88ccb00-ARN
manager.png
ep.jah-3tectsth.xyz/static/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep.jah-3tectsth.xyz/static/img/manager.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05844bb050d4b435e2c3cce402649d18f1746d37928e9d49316fa64951cca988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ep.jah-3tectsth.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:26 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11342
last-modified
Mon, 13 Dec 2021 18:28:02 GMT
server
cloudflare
etag
"61b790b2-2c4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Et%2FFW2hVR8zCWV3HMn0MLGk6fC1rV2ppveWqsYzBOJZcve9cFYUstqceRkFkg3cRScw9w6n4%2BMGCDp5ZW9QBSx%2FHe%2FnuIZCqDb6x7cEwUuG9DIzNCfHcvM6DFhUxxxIRo%2BUSNgd%2FKdWyQFNzPQjZQip5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6bee231bb88dcb00-ARN
chat.gif
ep.jah-3tectsth.xyz/static/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep.jah-3tectsth.xyz/static/img/chat.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985b513615c9ca45b6a11beedf94ab5ec9a590375d2840161cfa5671fe4de0e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ep.jah-3tectsth.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:26 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2674
last-modified
Mon, 13 Dec 2021 18:28:02 GMT
server
cloudflare
etag
"61b790b2-a72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NIjp368qb7%2FzwFSmftbIXAfAVByeDXRrQCKyrlptrO3JbM4CcQ0w73jxS6FvaUJFPx2dTxh6x9DHCarWdmBFL6wsn5fH3dOQsW1Y78dBRLZyti1%2B7hjdpCgq84WYi1%2FqJe8WWaCYMsaI3XDs86kOFe7"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6bee231bb88ecb00-ARN
waiting.gif
ep.jah-3tectsth.xyz/static/img/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep.jah-3tectsth.xyz/static/img/waiting.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c40dafa98be0318bc1a87d359e27915755a6fafdd925b90ee6ea4981e4f89099
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ep.jah-3tectsth.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:36:27 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
79981
last-modified
Mon, 13 Dec 2021 18:28:02 GMT
server
cloudflare
etag
"61b790b2-1386d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5vL4HIoG6n1cZyM29%2BP6n9hZVlO3kCmc%2BTlXYkIjAiuxIlyVEan3NcEvvA5P9m1mxHYQ4utZ5AiVD7e0Vrl3h8n%2B09lEdlxSZau%2BZRDGIsqdLZetvq5DYExLpGYmqteOcpZsGg3P%2FicZREjEDy4PJUP"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6bee231bb890cb00-ARN
blim.0a4a5ef.mp3
ep.jah-3tectsth.xyz/static/media/ 		94 KB
95 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://ep.jah-3tectsth.xyz/static/media/blim.0a4a5ef.mp3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85f193f95e312ce87ea00b0a3553edddbe403273c9fda54d2f4e101714a9b15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://ep.jah-3tectsth.xyz/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 17 Dec 2021 06:36:27 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-96295/96296
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
96296
last-modified
Mon, 13 Dec 2021 18:28:02 GMT
server
cloudflare
etag
"61b790b2-17828"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7rOwrMAvpC9Qi4jA%2FVP29GnBUXfhvmmSAJc0Bnuar6G9lSao%2Freh5qs0ntk0VIM9Vl6%2BjQl4FVNjnkUTYcKjTOnY1h782MsPoSXO5bCQfiRbUq6eJp7a%2F0WXRrXikQ3zU%2BiwqzbLV4J27C7N036LMDC"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
max-age=14400
cf-ray
6bee231bc893cb00-ARN

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| webpackJsonp object| _0x5569 function| _0x5a6428 function| _0x174369 function| _0x22ff object| __core-js_shared__

4 Cookies

Domain/Path Name / Value
.clickl.work/ Name: __ddg1
Value: 39HpMQLKLdWSkOwja5Qo
clickl.work/ Name: PHPSESSID
Value: 3334s2hbah02q77067dfj7f5up
.promolines.art/ Name: __ddg1
Value: EyTOwtEeWVYmLVau5nYb
.promolines.art/ Name: cookieID
Value: 466918

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clickl.work
code.jquery.com
e-pay.bz
ep.jah-3tectsth.xyz
fonts.googleapis.com
fonts.gstatic.com
onlibanks.5k5.ru
promolines.art
spaysdomains.com
185.137.235.84
186.2.162.165
190.115.19.162
190.115.24.146
2001:4de0:ac18::1:a:2a
2606:4700:3031::ac43:d640
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
0055db42d953d5d190e342bb23258260350ddd4ae13ec5e566abf4357558a069
04ebfc8e8f7afe1d2ab06ea3fd9c0c6b74b17a0e2b702ecc5443624b9eb0ffb1
05844bb050d4b435e2c3cce402649d18f1746d37928e9d49316fa64951cca988
1a8162403bfffd36e97c3d0d2f07f8bdc2fc5e65b6638b0d8d951c58e7f95327
1b30a3478c30f09ba7e571a3ba527f3c9a95ddb21a87c013214e46cc7b43f7d6
4438075d35be0ec3ed53e0e4a466ec0adcfac844741e7d32e856c9d6fe3b6e1e
45ab5c8b43827e78655c61f4f06cde45fbd80a2200152ba1a7c9b27dadc224fa
5be0c6e47f9314156e902d8a2c39c5c770c867309cf5097f81665f8adc356e73
7789f84816fd8fb6685a068be6ad9927709ddd62cd4ecc74e8843c214b147676
78995452a9ec4773b1827cb20dfc34fada7abb5d5a0da648c1dda943c0dc3f03
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
915c186c42d88d0c8f7cb1b9ac823ba63a600164822aa663cbb95f14c6cf0225
9216c81149df71901ee0c0fea4e6c059d595efeb6bd4b85ea913c62b2ac845c4
985b513615c9ca45b6a11beedf94ab5ec9a590375d2840161cfa5671fe4de0e4
9e9ba40885f4a40f9d657072e6dfb51b26780f20bfd397d198b8082338541a36
af3f6a7d9d7dde724257617f4839c1a8af878205c7ccc62fc1f53cbc21be5309
af9e3d87511cc7735164dac9f7d7be1f554b03d1135658f547abbb485a8a958f
b648262c5dd3817590d4077f423a487895ac9e0b185f3e7f683e6c75b24afe1b
bb40794ffd450549f7f12fd42794d111489377d6a4358d1dd57b008513c90b9e
c40dafa98be0318bc1a87d359e27915755a6fafdd925b90ee6ea4981e4f89099
c85f193f95e312ce87ea00b0a3553edddbe403273c9fda54d2f4e101714a9b15
d14651c6e395990c9e3a434f628f1efd36acc6bf527f821c0822f7f4cdd1196c
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf