urlscan.io logo urlscan.io
SecurityTrails logo

llevacdicin.top Open in urlscan Pro
104.27.160.27  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ejky.osunpomcau.top/voamuapyahi1-bueanao-itp
Effective URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&s...
Submission: On October 15 via manual from LU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 26 HTTP transactions. The main IP is 104.27.160.27, located in United States and belongs to CLOUDFLARENET, US. The main domain is llevacdicin.top.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 23rd 2020. Valid for: a year.
This is the only time llevacdicin.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
2 4 172.67.144.101 13335 (CLOUDFLAR...)
2 2 104.28.24.66 13335 (CLOUDFLAR...)
18 104.27.160.27 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 157.230.127.24 14061 (DIGITALOC...)
3 2a00:1450:400... 15169 (GOOGLE)
26 6
4    172.67.144.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ejky.osunpomcau.top
2    104.28.24.66 (United States)

ASN13335 (CLOUDFLARENET, US)
aked.kieraaro.com
18    104.27.160.27 (United States)

ASN13335 (CLOUDFLARENET, US)
llevacdicin.top
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    157.230.127.24 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
megafastpush.com
3    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
18 llevacdicin.top ejky.osunpomcau.top
llevacdicin.top
4 ejky.osunpomcau.top 2 redirects
3 fonts.gstatic.com llevacdicin.top
2 aked.kieraaro.com 2 redirects
1 megafastpush.com llevacdicin.top
1 www.gstatic.com llevacdicin.top
1 ajax.googleapis.com llevacdicin.top
26 7

This site contains links to these domains. Also see Links.

Domain
ai-redirect.link
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-10 -
2021-08-10		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
megafastpush.com
Let's Encrypt Authority X3		 2020-08-06 -
2020-11-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Frame ID: F27343B865826C65DBC5B8FC092BA24A
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ejky.osunpomcau.top/voamuapyahi1-bueanao-itp Page URL
  2. http://ejky.osunpomcau.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2... HTTP 301
    https://ejky.osunpomcau.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2... Page URL
  3. https://ejky.osunpomcau.top/adz?p=4mask&b=b00&s=s03&of=de2&n=sep16de-musk-066 HTTP 302
    https://aked.kieraaro.com/4mask?n=sep16de-musk-066&sub_id_1=s03&sub_id_2=sep16de-musk-066&sub_id_3=4ma... HTTP 302
    https://aked.kieraaro.com/de2?sub_id_1=s03&sub_id_2=sep16de-musk-066&sub_id_3=4mask&sub_id_4=b00&sub_i... HTTP 302
    https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/(?:([\d.]+)\/)?firebase(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

26
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

585 kB
Transfer

1064 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ejky.osunpomcau.top/voamuapyahi1-bueanao-itp Page URL
  2. http://ejky.osunpomcau.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2Fkej9wPTRtYXNrJmI9YjAwJnM9czAzJm9mPWRlMiZuPXNlcDE2ZGUtbXVzay0wNjYifQ.tzzs4WwpdxKctaoFYvML6ew3XnyRhu0TrJaPHT8QQJQ HTTP 301
    https://ejky.osunpomcau.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2Fkej9wPTRtYXNrJmI9YjAwJnM9czAzJm9mPWRlMiZuPXNlcDE2ZGUtbXVzay0wNjYifQ.tzzs4WwpdxKctaoFYvML6ew3XnyRhu0TrJaPHT8QQJQ Page URL
  3. https://ejky.osunpomcau.top/adz?p=4mask&b=b00&s=s03&of=de2&n=sep16de-musk-066 HTTP 302
    https://aked.kieraaro.com/4mask?n=sep16de-musk-066&sub_id_1=s03&sub_id_2=sep16de-musk-066&sub_id_3=4mask&sub_id_4=b00&of=de2 HTTP 302
    https://aked.kieraaro.com/de2?sub_id_1=s03&sub_id_2=sep16de-musk-066&sub_id_3=4mask&sub_id_4=b00&sub_id_5=4mask&n=4mask-sep16de-musk-066&pr=4mask HTTP 302
    https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://ejky.osunpomcau.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2Fkej9wPTRtYXNrJmI9YjAwJnM9czAzJm9mPWRlMiZuPXNlcDE2ZGUtbXVzay0wNjYifQ.tzzs4WwpdxKctaoFYvML6ew3XnyRhu0TrJaPHT8QQJQ HTTP 301
  • https://ejky.osunpomcau.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2Fkej9wPTRtYXNrJmI9YjAwJnM9czAzJm9mPWRlMiZuPXNlcDE2ZGUtbXVzay0wNjYifQ.tzzs4WwpdxKctaoFYvML6ew3XnyRhu0TrJaPHT8QQJQ

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
voamuapyahi1-bueanao-itp
ejky.osunpomcau.top/ 		344 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ejky.osunpomcau.top/voamuapyahi1-bueanao-itp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.144.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27418acfec3221f6b5452b999cfe0a92bd772ab0da8f308ddef3a90cb9763707
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
ejky.osunpomcau.top
:scheme
https
:path
/voamuapyahi1-bueanao-itp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 15 Oct 2020 07:05:59 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d2277c006eaab57f399dc0df682e691a01602745559; expires=Sat, 14-Nov-20 07:05:59 GMT; path=/; domain=.osunpomcau.top; HttpOnly; SameSite=Lax; Secure _subid=unj6op2hnpk;Expires=Sunday, 15-Nov-2020 07:05:58 GMT;Max-Age=2678400;Path=/ d97fb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjg2MzBcIjoxNjAyNzQ1NTU4fSxcImNhbXBhaWduc1wiOntcIjQzMTRcIjoxNjAyNzQ1NTU4fSxcInRpbWVcIjoxNjAyNzQ1NTU4fSJ9.PHnGQ5HcWEGiKJi_cvYjauvD7oZ9_QVzSwuYWy7vXrg;Expires=Sunday, 15-Nov-2020 07:05:58 GMT;Max-Age=2678400;Path=/
cache-control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires
0
last-modified
Thu, 15 Oct 2020 07:05:58 GMT
pragma
no-cache
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
05ccad833800000c5d6918d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=20&lkg-time=1602745560"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e27b1e52eec0c5d-AMS
content-encoding
br
gateway.php
ejky.osunpomcau.top/
Redirect Chain
  • http://ejky.osunpomcau.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2Fkej9wPTRtYXNrJmI9YjAwJnM9czAzJm9mPWRlMiZuPXNlcDE2ZGUtbXVzay0wNjYifQ.tzzs4WwpdxKctaoFYvML6ew3X...
  • https://ejky.osunpomcau.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2Fkej9wPTRtYXNrJmI9YjAwJnM9czAzJm9mPWRlMiZuPXNlcDE2ZGUtbXVzay0wNjYifQ.tzzs4WwpdxKctaoFYvML6ew3...
314 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ejky.osunpomcau.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2Fkej9wPTRtYXNrJmI9YjAwJnM9czAzJm9mPWRlMiZuPXNlcDE2ZGUtbXVzay0wNjYifQ.tzzs4WwpdxKctaoFYvML6ew3XnyRhu0TrJaPHT8QQJQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.144.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.15
Resource Hash
df74633dfee4fe9c2b3a6d776cc0362617a2fa1ce0d3fd23da6da38b4790acb1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
ejky.osunpomcau.top
:scheme
https
:path
/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2Fkej9wPTRtYXNrJmI9YjAwJnM9czAzJm9mPWRlMiZuPXNlcDE2ZGUtbXVzay0wNjYifQ.tzzs4WwpdxKctaoFYvML6ew3XnyRhu0TrJaPHT8QQJQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d2277c006eaab57f399dc0df682e691a01602745559; _subid=unj6op2hnpk; d97fb=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjg2MzBcIjoxNjAyNzQ1NTU4fSxcImNhbXBhaWduc1wiOntcIjQzMTRcIjoxNjAyNzQ1NTU4fSxcInRpbWVcIjoxNjAyNzQ1NTU4fSJ9.PHnGQ5HcWEGiKJi_cvYjauvD7oZ9_QVzSwuYWy7vXrg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ejky.osunpomcau.top/voamuapyahi1-bueanao-itp

Response headers

status
200
date
Thu, 15 Oct 2020 07:06:01 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.15
last-modified
Thu, 15 Oct 2020 07:05:59 GMT
cache-control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
pragma
no-cache
expires
0
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
05ccad87d500000c5d5c2c0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=20&lkg-time=1602745561"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e27b1ec8bbc0c5d-AMS
content-encoding
br

Redirect headers

Date
Thu, 15 Oct 2020 07:06:01 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Thu, 15 Oct 2020 08:06:01 GMT
Location
https://ejky.osunpomcau.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2Fkej9wPTRtYXNrJmI9YjAwJnM9czAzJm9mPWRlMiZuPXNlcDE2ZGUtbXVzay0wNjYifQ.tzzs4WwpdxKctaoFYvML6ew3XnyRhu0TrJaPHT8QQJQ
cf-request-id
05ccad87ba00009ca57c303000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=20&lkg-time=1602745561"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5e27b1ec5b989ca5-AMS
Primary Request /
llevacdicin.top/snntv/4mask/
Redirect Chain
  • https://ejky.osunpomcau.top/adz?p=4mask&b=b00&s=s03&of=de2&n=sep16de-musk-066
  • https://aked.kieraaro.com/4mask?n=sep16de-musk-066&sub_id_1=s03&sub_id_2=sep16de-musk-066&sub_id_3=4mask&sub_id_4=b00&of=de2
  • https://aked.kieraaro.com/de2?sub_id_1=s03&sub_id_2=sep16de-musk-066&sub_id_3=4mask&sub_id_4=b00&sub_id_5=4mask&n=4mask-sep16de-musk-066&pr=4mask
  • https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
21 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Requested by
Host: ejky.osunpomcau.top
URL: https://ejky.osunpomcau.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2Fkej9wPTRtYXNrJmI9YjAwJnM9czAzJm9mPWRlMiZuPXNlcDE2ZGUtbXVzay0wNjYifQ.tzzs4WwpdxKctaoFYvML6ew3XnyRhu0TrJaPHT8QQJQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62fe793b592a1e9948ce8cd385dfae84e1b59a25c2344a3c4cb603445f7e89c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
llevacdicin.top
:scheme
https
:path
/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://ejky.osunpomcau.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2Fkej9wPTRtYXNrJmI9YjAwJnM9czAzJm9mPWRlMiZuPXNlcDE2ZGUtbXVzay0wNjYifQ.tzzs4WwpdxKctaoFYvML6ew3XnyRhu0TrJaPHT8QQJQ
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ejky.osunpomcau.top/gateway.php?frm=dm&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJcL2Fkej9wPTRtYXNrJmI9YjAwJnM9czAzJm9mPWRlMiZuPXNlcDE2ZGUtbXVzay0wNjYifQ.tzzs4WwpdxKctaoFYvML6ew3XnyRhu0TrJaPHT8QQJQ

Response headers

status
200
date
Thu, 15 Oct 2020 07:06:01 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dd8988452985bb7829627a7f83ac7fed31602745561; expires=Sat, 14-Nov-20 07:06:01 GMT; path=/; domain=.llevacdicin.top; HttpOnly; SameSite=Lax; Secure
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
05ccad8aa8000033247d2c0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e27b1f10c333324-CDG
content-encoding
br

Redirect headers

status
302
date
Thu, 15 Oct 2020 07:06:01 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires
0
last-modified
Thu, 15 Oct 2020 07:06:00 GMT
location
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
pragma
no-cache
set-cookie
_subid=unj6op43287;Expires=Sunday, 15-Nov-2020 07:06:00 GMT;Max-Age=2678400;Path=/ 7d8e9=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIwMlwiOjE2MDI3NDU1NjAsXCIzODZcIjoxNjAyNzQ1NTYwfSxcImNhbXBhaWduc1wiOntcIjg3XCI6MTYwMjc0NTU2MCxcIjY3XCI6MTYwMjc0NTU2MH0sXCJ0aW1lXCI6MTYwMjc0NTU2MH0ifQ.XfMbUqpzBw_3EK_IE8PyurgMGTBKCUdFeD3-uy3k4nY;Expires=Sunday, 15-Nov-2020 07:06:00 GMT;Max-Age=2678400;Path=/
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-request-id
05ccad89a60000ee2b57b88000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e27b1ef6f39ee2b-CDG
bootstrap.min.css
llevacdicin.top/snntv/4mask/ 		119 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://llevacdicin.top/snntv/4mask/bootstrap.min.css
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce73e0b7673fe802be78c6e47b507bd415ad88d5768e6e94e961d79cdb42def1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
05ccad8b4a000033245089a000000001
last-modified
Wed, 22 Jul 2020 20:29:39 GMT
server
cloudflare
etag
W/"5f18a1b3-1da98"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=864000
cf-ray
5e27b1f20e5c3324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
font-awesome.css
llevacdicin.top/snntv/4mask/ 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://llevacdicin.top/snntv/4mask/font-awesome.css
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc08fd6ff155de6997e6de400a8f008a6d9b1d7bced0d4ea3bd769e80ecf432
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
05ccad8b50000033245a327000000001
last-modified
Wed, 22 Jul 2020 20:29:40 GMT
server
cloudflare
etag
W/"5f18a1b4-91a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=864000
cf-ray
5e27b1f20e5e3324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
main.css
llevacdicin.top/snntv/4mask/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://llevacdicin.top/snntv/4mask/main.css
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53adac8847f77b5b72b3e9854aec655babaef178a420acef7263449a46e1816c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
05ccad8b4b0000332460026000000001
last-modified
Wed, 22 Jul 2020 20:29:41 GMT
server
cloudflare
etag
W/"5f18a1b5-2070"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=864000
cf-ray
5e27b1f20e603324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
comments.css
llevacdicin.top/snntv/4mask/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://llevacdicin.top/snntv/4mask/comments.css
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d291a99807a8821c97bd0ec0f0fac20c8191bba4e92ec6de9fbe5debaaa47a2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
05ccad8b4900003324ac19d000000001
last-modified
Wed, 22 Jul 2020 20:29:39 GMT
server
cloudflare
etag
W/"5f18a1b3-f8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=864000
cf-ray
5e27b1f20e623324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 06:41:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1455
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Oct 2021 06:41:46 GMT
firebase.js
www.gstatic.com/firebasejs/3.6.8/ 		294 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/3.6.8/firebase.js
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca61695b1a98fdb8cbea99e37de798d43723408c4ced92b6a34725f8958d1074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 13:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 31 Jan 2017 23:21:35 GMT
server
sffe
age
237158
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98841
x-xss-protection
0
expires
Tue, 12 Oct 2021 13:13:23 GMT
firebase_subscribe.js
megafastpush.com/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://megafastpush.com/js/firebase_subscribe.js
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.230.127.24 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
7e9e4f90f03b2f453d368920b3c02bff1e29f0adf180618a68b1229e41362dfe

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 07:06:01 GMT
Last-Modified
Fri, 07 Aug 2020 12:43:48 GMT
Server
nginx/1.17.3
ETag
"5f2d4c84-b54"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2900
fintips_logo_bright@4x.png
llevacdicin.top/snntv/4mask/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://llevacdicin.top/snntv/4mask/fintips_logo_bright@4x.png
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c8871d281fe25d8ad6e8d5558025cf1b84ddd6020538fbbf23241ea47b09d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
5294
cf-request-id
05ccad8c6c00003324ac1be000000001
last-modified
Wed, 22 Jul 2020 20:29:39 GMT
server
cloudflare
etag
"5f18a1b3-14ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
5e27b1f3ea6b3324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
elon_hero.jpg
llevacdicin.top/snntv/4mask/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://llevacdicin.top/snntv/4mask/elon_hero.jpg
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d68df0af7b07aea0e12b811f623f595b73860ed69e70793b4244146abe9ba2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
137986
cf-request-id
05ccad8c700000332466bac000000001
last-modified
Wed, 22 Jul 2020 20:29:39 GMT
server
cloudflare
etag
"5f18a1b3-21b02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
5e27b1f3ea6d3324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
elon_2.jpg
llevacdicin.top/snntv/4mask/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://llevacdicin.top/snntv/4mask/elon_2.jpg
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c181393ca5c9654fbf43199d606bd79c2760b0e91d5d8d7e93b10aa45bcf71e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
61304
cf-request-id
05ccad8c6d00003324a131d000000001
last-modified
Wed, 22 Jul 2020 20:29:39 GMT
server
cloudflare
etag
"5f18a1b3-ef78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
5e27b1f3ea6e3324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
millionaire_secret_thumb.jpg
llevacdicin.top/snntv/4mask/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://llevacdicin.top/snntv/4mask/millionaire_secret_thumb.jpg
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d8e661ee6c6961bead620b6bdac082d49836fd2a7e2eff8c1c47e10a7e2986
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
16222
cf-request-id
05ccad8c6d000033248991d000000001
last-modified
Wed, 22 Jul 2020 20:29:41 GMT
server
cloudflare
etag
"5f18a1b5-3f5e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
5e27b1f3ea6f3324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
29yo_thumb.jpg
llevacdicin.top/snntv/4mask/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://llevacdicin.top/snntv/4mask/29yo_thumb.jpg
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a45828948140ae2a503c32314a972210a567d99f8798081643c5876bd76b93bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
18506
cf-request-id
05ccad8c6d00003324a5198000000001
last-modified
Wed, 22 Jul 2020 20:29:38 GMT
server
cloudflare
etag
"5f18a1b2-484a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
5e27b1f3ea703324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
work-from-home_thumb.jpg
llevacdicin.top/snntv/4mask/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://llevacdicin.top/snntv/4mask/work-from-home_thumb.jpg
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3e4b089d70c29544cc71899286e1df077a4205f47e83586f57dfc4e18231f1e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
19193
cf-request-id
05ccad8c6d000033248d9c7000000001
last-modified
Wed, 22 Jul 2020 20:29:42 GMT
server
cloudflare
etag
"5f18a1b6-4af9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
5e27b1f3ea713324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
avatar.png
llevacdicin.top/snntv/4mask/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://llevacdicin.top/snntv/4mask/avatar.png
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c45e52b0991d6818b6289fb3a0fffd2b4c42a7d783d93663daa24250814cd59c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
2717
cf-request-id
05ccad8c6d0000332483371000000001
last-modified
Wed, 22 Jul 2020 20:29:38 GMT
server
cloudflare
etag
"5f18a1b2-a9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
5e27b1f3ea723324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
fintips_logo_dark@4x.png
llevacdicin.top/snntv/4mask/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://llevacdicin.top/snntv/4mask/fintips_logo_dark@4x.png
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee46998e4527bc0c4b66819eaf54b0521e29bb3a9b41c820ceeaa563f8f9ac43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-length
5895
cf-request-id
05ccad8c6d000033245615e000000001
last-modified
Wed, 22 Jul 2020 20:29:40 GMT
server
cloudflare
etag
"5f18a1b4-1707"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
5e27b1f3ea733324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
jquery.min.js
llevacdicin.top/snntv/4mask/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://llevacdicin.top/snntv/4mask/jquery.min.js
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
05ccad8c1400003324a82da000000001
last-modified
Wed, 22 Jul 2020 20:29:41 GMT
server
cloudflare
etag
W/"5f18a1b5-15283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=864000
cf-ray
5e27b1f3590e3324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
fixto.min.js
llevacdicin.top/snntv/4mask/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://llevacdicin.top/snntv/4mask/fixto.min.js
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65018b34848eb6741d45d2b003c3aeec4c8456d9c4da4d680593c1af935c190b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
05ccad8c3c00003324489e4000000001
last-modified
Wed, 22 Jul 2020 20:29:40 GMT
server
cloudflare
etag
W/"5f18a1b4-225e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=864000
cf-ray
5e27b1f399953324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
scripts.js
llevacdicin.top/snntv/4mask/ 		1 KB
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://llevacdicin.top/snntv/4mask/scripts.js
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8196a199b4d94464d93ad792a9e48bf852c6bf2200e5f07cce96ee65d279d891
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/?c1=BE&n=ProoRevolDE-s03-b00-4mask-sep16de-musk-066&mal=sep16de-musk-066&pro=4mask&ser=s03&b=b00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
05ccad8c6c000033245a33d000000001
last-modified
Wed, 22 Jul 2020 20:29:42 GMT
server
cloudflare
etag
W/"5f18a1b6-551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=864000
cf-ray
5e27b1f3ea693324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
css.css
llevacdicin.top/snntv/4mask/ 		14 KB
966 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://llevacdicin.top/snntv/4mask/css.css
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46e31dd135f7e538c95a670fe0e8d0f71cc841048459bdc8f77c489227f918f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://llevacdicin.top/snntv/4mask/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
05ccad8bd800003324580b7000000001
last-modified
Wed, 22 Jul 2020 20:29:39 GMT
server
cloudflare
etag
W/"5f18a1b3-37a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=864000
cf-ray
5e27b1f2e8483324-CDG
expires
Sun, 25 Oct 2020 07:06:00 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://llevacdicin.top
Referer
https://llevacdicin.top/snntv/4mask/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 21:52:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:52 GMT
server
sffe
age
119609
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15908
x-xss-protection
0
expires
Wed, 13 Oct 2021 21:52:33 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v19/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v19/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93a3f8ce7cec2ac6e2e01b0a2ef0b38229b186aa7aeb0eef01a112287238811b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://llevacdicin.top
Referer
https://llevacdicin.top/snntv/4mask/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 11 Oct 2020 09:53:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2017 15:19:56 GMT
server
sffe
age
335564
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18816
x-xss-protection
0
expires
Mon, 11 Oct 2021 09:53:18 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://llevacdicin.top
Referer
https://llevacdicin.top/snntv/4mask/css.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 18:31:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:26:06 GMT
server
sffe
age
131660
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15480
x-xss-protection
0
expires
Wed, 13 Oct 2021 18:31:42 GMT
fontawesome-webfont.woff2
llevacdicin.top/snntv/4mask/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://llevacdicin.top/snntv/4mask/fontawesome-webfont.woff2
Requested by
Host: llevacdicin.top
URL: https://llevacdicin.top/snntv/4mask/font-awesome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.160.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://llevacdicin.top
Referer
https://llevacdicin.top/snntv/4mask/font-awesome.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 07:06:02 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Wed, 22 Jul 2020 20:29:41 GMT
server
cloudflare
etag
"5f18a1b5-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602745562"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
status
200
accept-ranges
bytes
cf-ray
5e27b1f3fa8e3324-CDG
content-length
77160
cf-request-id
05ccad8c7700003324a0334000000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes string| mybp function| $ function| jQuery object| firebase function| __extends function| __decorate function| __metadata function| __param function| __awaiter undefined| messaging function| subscribe function| sendTokenToServer function| isTokenSentToServer function| setTokenSentToServer object| fixto

1 Cookies

Domain/Path Name / Value
.llevacdicin.top/ Name: __cfduid
Value: dd8988452985bb7829627a7f83ac7fed31602745561

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
aked.kieraaro.com
ejky.osunpomcau.top
fonts.gstatic.com
llevacdicin.top
megafastpush.com
www.gstatic.com
104.27.160.27
104.28.24.66
157.230.127.24
172.67.144.101
2a00:1450:4001:800::200a
2a00:1450:4001:819::2003
2a00:1450:4001:81e::2003
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
25d8e661ee6c6961bead620b6bdac082d49836fd2a7e2eff8c1c47e10a7e2986
27418acfec3221f6b5452b999cfe0a92bd772ab0da8f308ddef3a90cb9763707
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dc08fd6ff155de6997e6de400a8f008a6d9b1d7bced0d4ea3bd769e80ecf432
41c8871d281fe25d8ad6e8d5558025cf1b84ddd6020538fbbf23241ea47b09d2
53adac8847f77b5b72b3e9854aec655babaef178a420acef7263449a46e1816c
5d68df0af7b07aea0e12b811f623f595b73860ed69e70793b4244146abe9ba2e
62fe793b592a1e9948ce8cd385dfae84e1b59a25c2344a3c4cb603445f7e89c5
65018b34848eb6741d45d2b003c3aeec4c8456d9c4da4d680593c1af935c190b
6c181393ca5c9654fbf43199d606bd79c2760b0e91d5d8d7e93b10aa45bcf71e
7e9e4f90f03b2f453d368920b3c02bff1e29f0adf180618a68b1229e41362dfe
8196a199b4d94464d93ad792a9e48bf852c6bf2200e5f07cce96ee65d279d891
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
93a3f8ce7cec2ac6e2e01b0a2ef0b38229b186aa7aeb0eef01a112287238811b
a45828948140ae2a503c32314a972210a567d99f8798081643c5876bd76b93bd
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8
c45e52b0991d6818b6289fb3a0fffd2b4c42a7d783d93663daa24250814cd59c
ca61695b1a98fdb8cbea99e37de798d43723408c4ced92b6a34725f8958d1074
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
ce73e0b7673fe802be78c6e47b507bd415ad88d5768e6e94e961d79cdb42def1
d291a99807a8821c97bd0ec0f0fac20c8191bba4e92ec6de9fbe5debaaa47a2a
df74633dfee4fe9c2b3a6d776cc0362617a2fa1ce0d3fd23da6da38b4790acb1
e46e31dd135f7e538c95a670fe0e8d0f71cc841048459bdc8f77c489227f918f
ee46998e4527bc0c4b66819eaf54b0521e29bb3a9b41c820ceeaa563f8f9ac43
f3e4b089d70c29544cc71899286e1df077a4205f47e83586f57dfc4e18231f1e