ads-manage.miracle-chain.com Open in urlscan Pro
2606:4700:3037::6815:547d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ads-manage.miracle-chain.com/
Submission: On February 26 via api (February 26th 2024, 8:58:50 pm UTC) from US — Scanned from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 5 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3037::6815:547d, located in United States and belongs to CLOUDFLARENET, US. The main domain is ads-manage.miracle-chain.com.

This is the only time ads-manage.miracle-chain.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3037::6815:547d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:824::200a	15169 (GOOGLE) (GOOGLE)
1 13	2606:4700:303... 2606:4700:3035::6815:2aaa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
19	7

1 2606:4700:3037::6815:547d (United States)

ASN13335 (CLOUDFLARENET, US)

ads-manage.miracle-chain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3035::6815:2aaa (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jebietrut.anakembok.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	anakembok.de 1 redirects jebietrut.anakembok.de	224 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	8 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 362 fonts.googleapis.com — Cisco Umbrella Rank: 32	31 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1082	31 KB
1	miracle-chain.com ads-manage.miracle-chain.com	1 KB
19	5

	Domain	Requested by
13	jebietrut.anakembok.de	1 redirects ads-manage.miracle-chain.com jebietrut.anakembok.de
2	maxcdn.bootstrapcdn.com	ads-manage.miracle-chain.com
1	fonts.googleapis.com	jebietrut.anakembok.de
1	fonts.gstatic.com	jebietrut.anakembok.de
1	www.gstatic.com	jebietrut.anakembok.de
1	ajax.googleapis.com	ads-manage.miracle-chain.com
1	ads-manage.miracle-chain.com
19	7

This site contains no links.

Subject Issuer	Validity	Valid
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
anakembok.de GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://ads-manage.miracle-chain.com/
Frame ID: 88D58ED153E92BD8294C2E5689013637
Requests: 4 HTTP requests in this frame

Frame: https://jebietrut.anakembok.de/
Frame ID: 5337D83EB838688B3463FE0548CBD6AE
Requests: 13 HTTP requests in this frame

Frame: https://jebietrut.anakembok.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Frame ID: 34384ED3A692BC1CF16A92B6BDA61630
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ADS MANAGER

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

89 %
HTTPS

100 %
IPv6

5
Domains

7
Subdomains

7
IPs

1
Countries

295 kB
Transfer

1176 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://jebietrut.anakembok.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://jebietrut.anakembok.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ads-manage.miracle-chain.com/ 1001 B
1 KB 132ms
78ms Document
text/html 2606:4700:3037::6815:547d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ads-manage.miracle-chain.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:547d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49d1bd9ac92affc2cb06634de8ffad77517078de47dd51c15affe2c0edb2909d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 85bb1ba41aab4bd2-BUF
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 26 Feb 2024 20:58:45 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytaWO9PrhwMNJbUzCtv4xV%2BZY6qiH7dpCJJT1G0b9D%2F4Ru3hhYYYSMQR09TZeaDymbnDVjT0Dqa%2BJW7JNVB7OiSOM3oeBYKZx1QKoLkDpowVKmTpwKu%2FI6OZZiNOmuMQL1T7YgmIOrDup4YTfrCxKsdzcLLKiO0bYmAc"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 107ms
42ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: ads-manage.miracle-chain.com
URL: http://ads-manage.miracle-chain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ads-manage.miracle-chain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:58:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 852
age: 8234949
cdn-cachedat: 10/31/2023 18:51:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8ba8502c6341182d0fd0b65cfda75eaf
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85bb1ba509b36aed-BUF
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 84ms
24ms Script
text/javascript 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: ads-manage.miracle-chain.com
URL: http://ads-manage.miracle-chain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ads-manage.miracle-chain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:34:24 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 108ms
43ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: ads-manage.miracle-chain.com
URL: http://ads-manage.miracle-chain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://ads-manage.miracle-chain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:58:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 899
age: 8083371
cdn-cachedat: 08/29/2023 17:26:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"5869c96cc8f19086aee625d670d741f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 53bb3e2e75fa3dccc618e76642bbc7b4
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85bb1ba509b56aed-BUF
cdn-requestpullsuccess: True

GET
H2 200 / Show response
jebietrut.anakembok.de/ Frame 5337 170 KB
25 KB 191ms
78ms Document
text/html 2606:4700:3035::6815:2aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jebietrut.anakembok.de/
Requested by: Host: ads-manage.miracle-chain.com
URL: http://ads-manage.miracle-chain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b73f858f923c23709973a28fd5906883f990a922427fe7f6707cb0b3d4d52f

Request headers

Referer: http://ads-manage.miracle-chain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85bb1ba6297b4bc0-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Feb 2024 20:58:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxRJDR2e933ahUX%2F0MjtSyMzp8z0%2FKZSvybbR6yOS6mvaEvo6k07%2FCKMxn8r2%2BZ15jZTXpRNxqEEqh83RA1ENeo9EyNTRf2sBYNc7wWSZKRahV%2F99GWd2SDoZb54%2B22DMRhgfvWEW7079muXgCj4XDMojCx7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 styles.css
jebietrut.anakembok.de/assets/ Frame 5337 10 KB
2 KB 48ms
32ms Stylesheet
text/css 2606:4700:3035::6815:2aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jebietrut.anakembok.de/assets/styles.css
Requested by: Host: jebietrut.anakembok.de
URL: https://jebietrut.anakembok.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f39266151ffccfe3a425ae17a6fb51671466df765081a6fe0738d5dab53c2bc6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jebietrut.anakembok.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:58:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Feb 2024 02:44:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 902
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58eLnMLXWyigWD3ANQSYAH62J1bB7hbovmSuioqnJyFHN4D4pEbG1rgq7mWV57drIrWLy%2B8eQwxH81HWKT3rRFlJHici8fCoP7gHtcEiRRofuYCrCIJCnaIfgFvArAeM2pnnsryKb9gusgM2lLj%2F50n%2FQdKn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85bb1ba6b9b34bc0-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 04 Mar 2024 20:43:44 GMT

GET
H2 200 chunk1.css
jebietrut.anakembok.de/assets/ Frame 5337 58 KB
13 KB 48ms
33ms Stylesheet
text/css 2606:4700:3035::6815:2aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jebietrut.anakembok.de/assets/chunk1.css
Requested by: Host: jebietrut.anakembok.de
URL: https://jebietrut.anakembok.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d059ebac9e5a7f3f7e5ae59ca137bb7224e38ad41d3ad36e1d65995b35524a22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jebietrut.anakembok.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:58:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Feb 2024 02:44:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 902
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmHgvL%2FcDWj%2FwfiZVG2FfA2yIP4SS1bFECa1t4Fwh%2FEdvgV0j1elJCt7JFrwIWV7ICcPzEr5pGybPZ0vjTeCd4JMFAGVtRXaFF71a%2FYbi1yObjQRoE%2FSuPpfRkGbK22pPAin%2BiBHtdMnDxyQfsVNFgKRjote"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85bb1ba6b9b44bc0-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 04 Mar 2024 20:43:44 GMT

GET
H2 200 main.chunk.css
jebietrut.anakembok.de/assets/ Frame 5337 494 KB
65 KB 55ms
40ms Stylesheet
text/css 2606:4700:3035::6815:2aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jebietrut.anakembok.de/assets/main.chunk.css
Requested by: Host: jebietrut.anakembok.de
URL: https://jebietrut.anakembok.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79be93baddd0b3a6e9910468295f508ff042830c5a6fa685348bbb4475766f98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jebietrut.anakembok.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:58:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Feb 2024 02:44:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 902
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hacyTxr%2BNCsSwHD%2FA%2B9CdFwilikZeDTaKloC0%2B3aLMroac91YCUUJk9xmXRJLpzji9o4RJYRbp5ogR%2BJiy%2BzpluoSeBU1PSvRvvavHtBS4it9iw2TSny55MMl1sFj%2BC4I%2Fx7hiBm1KWGndpWn5VJOlgjdVXi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85bb1ba6b9b54bc0-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 04 Mar 2024 20:43:44 GMT

GET
H2 200 jquery.min.js Show response
jebietrut.anakembok.de/assets/ Frame 5337 85 KB
31 KB 49ms
35ms Script
application/javascript 2606:4700:3035::6815:2aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jebietrut.anakembok.de/assets/jquery.min.js
Requested by: Host: jebietrut.anakembok.de
URL: https://jebietrut.anakembok.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jebietrut.anakembok.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:58:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Feb 2024 02:44:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 902
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elCuH18roFCdu1CfzmeRj44BAtjctD4gMpqakYX2ETaG1%2FIMjkrCExo9EMn6DqkcbI8H7H61erBv4HEUSWuuoBEItsWhkkzEsqNngQJ%2FHnmFmFuU17nLuEsYOMHPSFZJz%2B%2BCDVfV2yZ4KfDrnr9w754MBGwK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85bb1ba6b9b64bc0-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 04 Mar 2024 20:43:44 GMT

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/ Frame 5337 22 KB
5 KB 98ms
27ms Stylesheet
text/css 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css

Requested by

Host: jebietrut.anakembok.de
URL: https://jebietrut.anakembok.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jebietrut.anakembok.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Feb 2025 07:39:02 GMT

GET
H2 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ Frame 5337 6 KB
4 KB 83ms
25ms Image
image/svg+xml 2607:f8b0:4006:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: jebietrut.anakembok.de
URL: https://jebietrut.anakembok.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jebietrut.anakembok.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Feb 2025 19:01:09 GMT

GET
H2 200 sound-mobile.png
jebietrut.anakembok.de/assets/ Frame 5337 51 KB
52 KB 50ms
48ms Image
image/png 2606:4700:3035::6815:2aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jebietrut.anakembok.de/assets/sound-mobile.png
Requested by: Host: jebietrut.anakembok.de
URL: https://jebietrut.anakembok.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c150037ca397366d56aa0b6bba6a1dc69898a62ff25777e3a180ba56beaea0e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jebietrut.anakembok.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:58:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 902
alt-svc: h3=":443"; ma=86400
content-length: 52387
last-modified: Mon, 12 Feb 2024 02:44:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzoqQmRl7uXV1KtL8rnEvauufSITQhCiaoCWoW%2FjgzvC3fOJz%2Bcbaw8sciUHgWQzWO8EHqwjMJQgPexwjbUWk1TWP3G2fUOfmFynuoLpVZpoReuSL8w7Rq%2BYXqAw9wFtqHdrvbW7jh2MT83tRD7M3USmIVJN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85bb1ba6d9c54bc0-BUF
expires: Mon, 04 Mar 2024 20:43:44 GMT

GET
H2 200 Lock.png
jebietrut.anakembok.de/assets/ Frame 5337 3 KB
3 KB 50ms
48ms Image
image/png 2606:4700:3035::6815:2aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jebietrut.anakembok.de/assets/Lock.png
Requested by: Host: jebietrut.anakembok.de
URL: https://jebietrut.anakembok.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc2fe17fa35dc50cbac42366d82e564d0a6e29a6b18f966ba78641b92850514

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jebietrut.anakembok.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:58:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 902
alt-svc: h3=":443"; ma=86400
content-length: 2987
last-modified: Tue, 13 Feb 2024 03:23:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAqllCF1FS4M%2F37B0F6kDqB6dtyhS9HyZU7jeo0BJWhhInyvpYEFEEJi9EKRuCJIO3%2BFoP%2FudSc04j3tu77mr4XAooCfCuy2Fdqc%2Bce8V7QDEIOtqZFKeufFbvy%2BCLyq%2FCkk9nAsAzqalPyknwDDAgIYZdE3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85bb1ba6d9c64bc0-BUF
expires: Mon, 04 Mar 2024 20:43:44 GMT

GET
H3 200 metalock.png
jebietrut.anakembok.de/assets/ Frame 5337 25 KB
26 KB 43ms
43ms Image
image/png 2606:4700:3035::6815:2aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jebietrut.anakembok.de/assets/metalock.png
Requested by: Host: jebietrut.anakembok.de
URL: https://jebietrut.anakembok.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0800a9ba4e13276927f4b3e2c4e2df4f30b9c4350c241b4a6ff963591f518176

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jebietrut.anakembok.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:58:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 902
alt-svc: h3=":443"; ma=86400
content-length: 25775
last-modified: Tue, 13 Feb 2024 03:23:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJ%2BPbpTF1T0etsrz%2BtnAizPFkAvQIF4EV6i4jFdPnuUeINWlZl0MCu3TMaR9kUAW1S%2BX3ekqRRXRAGEK8klEOHK1AnA6c6GS9FizllvA3nu8248Hdq%2FmvFoX3UP%2B8Deu3mzySufQMIMhidvJqatOuGmSIPjR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85bb1ba7685b4bcd-BUF
expires: Mon, 04 Mar 2024 20:43:44 GMT

GET
H3 200 sound-mobile.svg
jebietrut.anakembok.de/assets/ Frame 5337 2 KB
2 KB 41ms
41ms Image
image/svg+xml 2606:4700:3035::6815:2aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jebietrut.anakembok.de/assets/sound-mobile.svg
Requested by: Host: jebietrut.anakembok.de
URL: https://jebietrut.anakembok.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jebietrut.anakembok.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:58:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Feb 2024 02:44:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 902
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdOlYPadOLBBkhfbrwFr7399fViA0JdHRwHntU0kqRfJZZRmuxKdEo8J8dEANSqSEeRE5sTDGC4dZpmwxkaPMmZNKcmKj7WQB2DayDgYPD3KciZq1w%2Fa86%2Bx6NBIjIkAiHugwLwdTGF3HPyU7%2F1N%2Fjvg3bjL"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85bb1ba7685c4bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 04 Mar 2024 20:43:44 GMT

GET
H3 200 load.js Show response
jebietrut.anakembok.de/assets/ Frame 5337 1 KB
877 B 38ms
38ms Script
application/javascript 2606:4700:3035::6815:2aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jebietrut.anakembok.de/assets/load.js
Requested by: Host: jebietrut.anakembok.de
URL: https://jebietrut.anakembok.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 186c9530c90453f18f9d001a221c5c17ed497b925e93f30d34cb0dd1721a042c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jebietrut.anakembok.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:58:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Feb 2024 02:44:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 902
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1I8y%2ByDjtVO2YrLikQRSvCOqSFYyKmQu4J6y1RebihhNQ71CJOhJ2Qmao5HVXQemPXRmG9GPXM3o%2B37zvy0atxJAzi4I88zkyl5Y0pTpbDdSWAmti8O%2BNedE6mocye9B9RWgU4djBV8izWc5DrQiDBw5YfLV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85bb1ba7a86a4bcd-BUF
alt-svc: h3=":443"; ma=86400
expires: Mon, 04 Mar 2024 20:43:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5337 1 KB
859 B 108ms
39ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Khula&display=swap&.css

Requested by

Host: jebietrut.anakembok.de
URL: https://jebietrut.anakembok.de/assets/main.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e627768b9350ad0509bb233351092ffccae12ca7d9c70733a178b132c638e98b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jebietrut.anakembok.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 20:58:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 20:58:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 20:58:46 GMT

GET
H3

200

main.js Show response
jebietrut.anakembok.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/ Frame 3438
Redirect Chain

https://jebietrut.anakembok.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://jebietrut.anakembok.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

8 KB
4 KB

36ms
36ms

Script
application/javascript

2606:4700:3035::6815:2aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jebietrut.anakembok.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

Protocol

Server

2606:4700:3035::6815:2aaa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be905db4ef7eea5643cf839a8348e172d7dc70087d4bf3dc74395fbe96fe2e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:58:46 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6JUt7NmVASUVmR1T6ANcI37xZWF2k6SjDaTtpyQs1rEk%2BeE9wzcolW8mapYWfX4238KiCCMERcz7QhlReavl15KHN3BTgcspFrVEWIO0lMMb0eLfhMQtzORG4cDyDLP27fnPJnHLziI9zOde2OkyWK1v8gx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 85bb1ba898ab4bcd-BUF
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 26 Feb 2024 20:58:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lVtJ5BuoWSQVCIjDzMpRPpdmrZk234ZAbiscBlB5rcMywMD34XTdO2nF6jTx1Z8u1E1j6o3XGms4eAD5aoR7ZyZb0mPfiRqxZp3cLoPHtpGYcRjwV18xZX7lgBNHSD0GnyP8Dgwr90aZQEP7ev22J7KeI4G"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 85bb1ba8689f4bcd-BUF
alt-svc: h3=":443"; ma=86400

POST
H3 200 85bb1ba6297b4bc0 Show response
jebietrut.anakembok.de/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 3438 0
603 B 48ms
47ms XHR
text/plain 2606:4700:3035::6815:2aaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jebietrut.anakembok.de/cdn-cgi/challenge-platform/h/b/jsd/r/85bb1ba6297b4bc0
Requested by: Host: jebietrut.anakembok.de
URL: https://jebietrut.anakembok.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2aaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Feb 2024 20:58:46 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39Q%2BAryvXognoe0kCCkp9yJxTthMHmdaY4uesGZe0xsJYjyLKTXhkQ3ybzgGEwaLzlfLjtOj3FDPslai%2BEBXneXvR%2B2gi9XQ5hsGbIiqeOSBcYKcYd2MX%2BlA6tPQ8AMFVB888IodB0RsD%2BJHJPLP4cFt1CO1"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 85bb1ba989124bcd-BUF
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.anakembok.de/	1970-01-21 03:28:37	Name: cf_clearance Value: yEAiv7Cc6xkTZbiM0gEXrj38.sYeobogOllNdi7LRI0-1708981126-1.0-AdcYHxjHq1V9WMEe9SCZNCgMbi4RQqw4Ffwvs3L02/wS0YDVsq/bFNAqlpc2wG4QULhPIqzfAy0/TNwjt9cw0z0=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://ads-manage.miracle-chain.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads-manage.miracle-chain.com
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
jebietrut.anakembok.de
maxcdn.bootstrapcdn.com
www.gstatic.com
2606:4700:3035::6815:2aaa
2606:4700:3037::6815:547d
2606:4700::6812:bcf
2607:f8b0:4006:80a::2003
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::2003
2607:f8b0:4006:824::200a
0800a9ba4e13276927f4b3e2c4e2df4f30b9c4350c241b4a6ff963591f518176
186c9530c90453f18f9d001a221c5c17ed497b925e93f30d34cb0dd1721a042c
49d1bd9ac92affc2cb06634de8ffad77517078de47dd51c15affe2c0edb2909d
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
70b73f858f923c23709973a28fd5906883f990a922427fe7f6707cb0b3d4d52f
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
79be93baddd0b3a6e9910468295f508ff042830c5a6fa685348bbb4475766f98
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
9fc2fe17fa35dc50cbac42366d82e564d0a6e29a6b18f966ba78641b92850514
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
be905db4ef7eea5643cf839a8348e172d7dc70087d4bf3dc74395fbe96fe2e0c
c150037ca397366d56aa0b6bba6a1dc69898a62ff25777e3a180ba56beaea0e0
d059ebac9e5a7f3f7e5ae59ca137bb7224e38ad41d3ad36e1d65995b35524a22
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e627768b9350ad0509bb233351092ffccae12ca7d9c70733a178b132c638e98b
f39266151ffccfe3a425ae17a6fb51671466df765081a6fe0738d5dab53c2bc6
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

ads-manage.miracle-chain.com Open in urlscan Pro 2606:4700:3037::6815:547d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

89 %HTTPS

100 %IPv6

5 Domains

7 Subdomains

7 IPs

1 Countries

295 kBTransfer

1176 kBSize

1 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

ads-manage.miracle-chain.com Open in urlscan Pro
2606:4700:3037::6815:547d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

100 %
IPv6

5
Domains

7
Subdomains

7
IPs

1
Countries

295 kB
Transfer

1176 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!