urlscan.io logo urlscan.io
SecurityTrails logo

dieselemissionsclaim.com Open in urlscan Pro
2606:4700:3030::6815:3a3  Public Scan

Go To Rescan Add Verdict Report
URL: https://dieselemissionsclaim.com/
Submission: On June 18 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 12 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3030::6815:3a3, located in United States and belongs to CLOUDFLARENET, US. The main domain is dieselemissionsclaim.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 18th 2021. Valid for: a year.
This is the only time dieselemissionsclaim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    2606:4700:3030::6815:3a3 (United States)

ASN13335 (CLOUDFLARENET, US)
dieselemissionsclaim.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:dd1d (United States)

ASN13335 (CLOUDFLARENET, US)
static.getclicky.com
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    65.9.77.94 (United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    52.217.198.0 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s3.amazonaws.com
1    198.145.13.11 (Portland, United States)

ASN2044 (IINET-2044, US)
PTR: getclicky.com
in.getclicky.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    65.9.77.5 (United States)

ASN16509 (AMAZON-02, US)
script.hotjar.com
1    65.9.77.37 (United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    34.226.23.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
app.provely.io
1    2606:4700:3033::ac43:b021 (United States)

ASN13335 (CLOUDFLARENET, US)
www.trkr.bid
Domain Requested by
8 dieselemissionsclaim.com dieselemissionsclaim.com
3 www.gstatic.com www.google.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com dieselemissionsclaim.com
2 connect.facebook.net dieselemissionsclaim.com
connect.facebook.net
2 www.google.com dieselemissionsclaim.com
www.gstatic.com
2 ajax.googleapis.com dieselemissionsclaim.com
s3.amazonaws.com
2 fonts.googleapis.com dieselemissionsclaim.com
1 www.trkr.bid
1 app.provely.io ajax.googleapis.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 in.getclicky.com static.getclicky.com
1 s3.amazonaws.com dieselemissionsclaim.com
1 static.hotjar.com www.googletagmanager.com
1 www.googletagmanager.com dieselemissionsclaim.com
1 static.getclicky.com dieselemissionsclaim.com
33 17

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-18 -
2022-06-17		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-24 -
2021-08-16		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-08-04 -
2021-08-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.getclicky.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-03 -
2022-08-03		 2 years crt.sh
provely.io
Amazon		 2020-10-29 -
2021-11-28		 a year crt.sh

This page contains 3 frames:

Primary Page: https://dieselemissionsclaim.com/
Frame ID: A7B77C76F1D9E689B214E62760BCB09A
Requests: 29 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdANLEZAAAAAIrdMOrUwtslclDxY5fU6-EU1ybR&co=aHR0cHM6Ly9kaWVzZWxlbWlzc2lvbnNjbGFpbS5jb206NDQz&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=invisible&cb=80qi31lfklz7
Frame ID: EF48D7D34D7DCD1A72984F0C610AF690
Requests: 3 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 96E90986CA796492F69F8DE2F8CCEE90
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /static\.getclicky\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

33
Requests

100 %
HTTPS

67 %
IPv6

12
Domains

17
Subdomains

18
IPs

2
Countries

1113 kB
Transfer

2455 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dieselemissionsclaim.com/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dieselemissionsclaim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:3a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32bc3653d685d8f3ff750655f343ff7dca6bc1e7f141b1e5a3846a04a4dc0cf4

Request headers

:method
GET
:authority
dieselemissionsclaim.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:12:23 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
cf-request-id
0ac1b516220000175a29a15000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZcYPitiHamMcyMMJ%2B8CbHVrkp%2F80JKXy1BSBkuWgxvU2ZGKENuJMIeYHmEIwy1fkUM8oe9oeWo8y7jeVA%2BI%2FdctwiyyeJsRfBzketZ9mO7HrVnmix0M7DANkYUPi8CGOivwAWhfE7VX2IqTtpAbIQwaP"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66162469cf39175a-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
bootstrap.min.css
dieselemissionsclaim.com/vendor/bootstrap/css/ 		157 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dieselemissionsclaim.com/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Request headers

:path
/vendor/bootstrap/css/bootstrap.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
dieselemissionsclaim.com
referer
https://dieselemissionsclaim.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:12:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 14 Jul 2020 13:19:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=stl9e2lWXUuEEpPOk2hx3xIUrbg7qM0NdwZqwmUcyI7Vv3uHKbpKDlfxH5epOQGUiMs1bg9yeiozzrTBgSKMVjBq5HiZMi5BmkoGW9lHh3rlpXnLVS7F7g5vVtmlu%2F31MR1ImAtKUk9k9s8KwY%2BDDruc"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=5184000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6616246a5a2016f2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ac1b51677000016f2e421e000000001
expires
Tue, 17 Aug 2021 17:12:23 GMT
css2
fonts.googleapis.com/ 		1 KB
479 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89f695af44ee1895cbeb94a67688064ba35d17a1988a5184eed30960fa27ba36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Jun 2021 15:23:57 GMT
server
ESF
date
Fri, 18 Jun 2021 17:12:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Jun 2021 17:12:23 GMT
css2
fonts.googleapis.com/ 		408 B
418 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Orbitron:wght@600&display=swap
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6267b900e71ed306278b970100747c328562b4c45a11c3f496667cb24cd1edcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Jun 2021 17:12:23 GMT
server
ESF
date
Fri, 18 Jun 2021 17:12:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Jun 2021 17:12:23 GMT
style.css
dieselemissionsclaim.com/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dieselemissionsclaim.com/style.css
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eccca1c550bd4a644e3f44af14938172aab41f5bad88fe18ac35e9bcd931a3ef

Request headers

:path
/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
dieselemissionsclaim.com
referer
https://dieselemissionsclaim.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:12:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=11737
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ac1b51677000016f21313a000000001
last-modified
Sat, 05 Dec 2020 16:20:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JoRkRxAQBWxf%2FKCW4W8bdMTGOfQBc%2BV0T2fIvh08PaE2eHVBXFPYcFq8Lr%2BRghPxHporr74qOCM72iQSvbBYJG3No2oRzPtyEdQ6hkS2QN2J%2F8%2FDqbVVXEo1tF1v4zjU8mJabjK%2Bjr6%2FvCOoqwsio2ys"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=5184000
cf-ray
6616246a5a1c16f2-FRA
expires
Sat, 07 Aug 2021 11:42:25 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 16:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jun 2022 16:06:53 GMT
js
static.getclicky.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.getclicky.com/js
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0db02fa8ce349e5c3629825f3cb63deed4803ba6b383f81eb2a882be89e4e07

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:12:23 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
43047
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 25 Jun 2021 17:12:23 GMT
cache-control
public, max-age=604800
cf-ray
6616246afb490746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ac1b516e000000746b7ae3000000001
x-proxy-cache
HIT
jquery.min.js
dieselemissionsclaim.com/vendor/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dieselemissionsclaim.com/vendor/jquery/jquery.min.js
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

:path
/vendor/jquery/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dieselemissionsclaim.com
referer
https://dieselemissionsclaim.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:12:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 14 Jul 2020 13:19:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mzf4DQvno9JMzMZe%2FTWvSOYo25MDeZp7WPtjzurF0eLYTv0CJXvlDPGNh1HNEJwmE9N%2B0AlEAqUwO9Gy%2Fks5cqgX5z4PEO0kZOI32ZdP2GnwcnNIZE7pepiu2WXTqO7PZ%2BZetcPGa0GrBZEHwCvkAwUR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=5184000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6616246a5a1a16f2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ac1b51676000016f2552db000000001
expires
Tue, 17 Aug 2021 17:12:23 GMT
bootstrap.bundle.min.js
dieselemissionsclaim.com/vendor/bootstrap/js/ 		79 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dieselemissionsclaim.com/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24

Request headers

:path
/vendor/bootstrap/js/bootstrap.bundle.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dieselemissionsclaim.com
referer
https://dieselemissionsclaim.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:12:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 14 Jul 2020 13:19:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=id810OTQVfcKUjk1IepOY9V%2F%2FzJXTqzzt1rZKJXqF97Pp9miZkyF2oCXQW0Xg19bdcfxbh4Y1V5JS5JH2BsCdujqM7XFhP5sQ86ahBZdMz5uVzSJN%2B6hIGkgWUa8PrBvLpDu5Ikb9QowcNpJ11rXLpEv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=5184000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6616246a5a2316f2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ac1b51678000016f241120000000001
expires
Tue, 17 Aug 2021 17:12:23 GMT
api.js
www.google.com/recaptcha/ 		884 B
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdANLEZAAAAAIrdMOrUwtslclDxY5fU6-EU1ybR
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
67b9cd1cf4b41f3cffa458ef661f726d2964eb80f045a3baca3029d57aa1ec85
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584
x-xss-protection
1; mode=block
expires
Fri, 18 Jun 2021 17:12:23 GMT
custom.js
dieselemissionsclaim.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dieselemissionsclaim.com/js/custom.js
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51df7d533ad342eae521a77d9cec52e54893bef37ad9f377327bbcb94fc8e1f7

Request headers

:path
/js/custom.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
dieselemissionsclaim.com
referer
https://dieselemissionsclaim.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:12:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=3335
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ac1b51675000016f26f2ce000000001
last-modified
Tue, 05 Jan 2021 08:12:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=48Ge06ZZQUpe%2BgfUBQShMdhn0XEyi83qHfc%2FkdfTlKU8Ra7epRyckjL%2BGWkfErV9Pv%2BuET%2FXwoDDRF%2FgNt2JbbFPwgDgM%2FrK0tqnputKKwFh76pFtgZNvovURdDaonbZNOv3GMB3WOqA6fsaQ0lUJI%2BI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=5184000
cf-ray
6616246a5a1616f2-FRA
expires
Tue, 17 Aug 2021 02:13:11 GMT
gtm.js
www.googletagmanager.com/ 		144 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PKX8TJQ
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
40c2ed9a5038004f0fcd1603aafe55161e33282c0a81e62d36c845cf04b0f5ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:12:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52817
x-xss-protection
0
last-modified
Fri, 18 Jun 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 18 Jun 2021 17:12:23 GMT
exhaust-pipe.jpg
dieselemissionsclaim.com/images/ 		363 KB
363 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dieselemissionsclaim.com/images/exhaust-pipe.jpg
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
682296132457902b0bcd4b5116a8673dda663703eae8d95e07f8b396ae5a5102

Request headers

:path
/images/exhaust-pipe.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
dieselemissionsclaim.com
referer
https://dieselemissionsclaim.com/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dieselemissionsclaim.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:12:23 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
371262
cf-request-id
0ac1b516d0000016f2699d3000000001
last-modified
Tue, 28 Jul 2020 12:21:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ff4Fq6iRbDocOL8pecITqwseK9Fte11tW8NZXGfcOCCjpSBpHfpo4y1eIQVmFOQwbbFYizGwLjcOckgnm9K2jHGuVNeuwzuEvM7cSm9%2FU36preRaV6N1YiVPaebkvEsjBnb9VlMs2ljPQU2P6cWx2AU%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6616246aeb5316f2-FRA
expires
Sat, 18 Jun 2022 17:12:23 GMT
to-top.png
dieselemissionsclaim.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dieselemissionsclaim.com/images/to-top.png
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:3a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97c7e81b455772338d0983049b1fa017dc812d77681a3bfbb6b17ca49ef5170c

Request headers

:path
/images/to-top.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
dieselemissionsclaim.com
referer
https://dieselemissionsclaim.com/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://dieselemissionsclaim.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:12:23 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1467
cf-request-id
0ac1b516d1000016f27c279000000001
last-modified
Tue, 14 Jul 2020 13:19:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5HgVxiUkO7Zos7XNIfJXJq7Lr46bU0guKWEl2zlPfHx8ZjL6YNG45D4N9w0YjcSZ5z9Vgu7k1ND920%2BljOEcEoAXK0pnd8biKU3ohZz8nbIws4jJndEpGNAJ0Cb9oKkzSqt08sCh%2BkhSFWStb6hVsPoQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6616246aeb5616f2-FRA
expires
Sat, 18 Jun 2022 17:12:23 GMT
yMJMMIlzdpvBhQQL_SC3X9yhF25-T1nyxSmBoWgz.woff2
fonts.gstatic.com/s/orbitron/v17/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/orbitron/v17/yMJMMIlzdpvBhQQL_SC3X9yhF25-T1nyxSmBoWgz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Orbitron:wght@600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbfdd6688f378c691dfe99fcbe118325a6877f3766ce36fdead9463dcaf81b9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://dieselemissionsclaim.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 03:20:55 GMT
x-content-type-options
nosniff
age
568288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11752
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:50:28 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 03:20:55 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://dieselemissionsclaim.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 05:40:22 GMT
x-content-type-options
nosniff
age
559921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 05:40:22 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://dieselemissionsclaim.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 04:46:04 GMT
x-content-type-options
nosniff
age
563179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 04:46:04 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ 		343 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdANLEZAAAAAIrdMOrUwtslclDxY5fU6-EU1ybR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://dieselemissionsclaim.com
Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136998
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 22:05:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 17:02:27 GMT
hotjar-1918730.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1918730.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKX8TJQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b313ffb7e9a56c236345b36a2b2f4bb33e680db54f5eb6b372656b9bb43d2906
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:12:23 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
AMS1-C1
etag
W/b8b65e019c81db1c504510f640f4e709
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
content-length
1884
via
1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
x-amz-cf-id
EJOSyvTNOyf39s-5JlCSaJOUSuUPaKoFbUPv7Ey-1PFs5VKROAsZ_g==
fbevents.js
connect.facebook.net/en_US/ 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24515
x-xss-protection
0
pragma
public
x-fb-debug
Uz299wIWRaQeparc1XxlEzyj7uHVgOoOGTHQ50deh0Bqlw2IPJwazZS3rFfuetzfgcdtYPoxDgpIJOIuhcGPTQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 18 Jun 2021 17:12:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
provely-2.0.js
s3.amazonaws.com/provely-public/w/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/provely-public/w/provely-2.0.js
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.198.0 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fab64f27793d6106a4404c733a8744634d9f1f88cde914d7d3e14c55dd0058e6

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Jun 2021 17:12:25 GMT
Last-Modified
Fri, 28 May 2021 09:50:46 GMT
Server
AmazonS3
x-amz-request-id
Q8BXAZSV1MHKBZSH
ETag
"4edf9f0912995d0f359f485a6f3720b4"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
37922
x-amz-id-2
0T/fj5mJRnfioym1lKCkkFIVdNsD011/bB+huRvsvFj363/7lfHEG8P1iSY6qR6ROZZbRMb4RPI=
anchor
www.google.com/recaptcha/api2/ Frame EF48 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdANLEZAAAAAIrdMOrUwtslclDxY5fU6-EU1ybR&co=aHR0cHM6Ly9kaWVzZWxlbWlzc2lvbnNjbGFpbS5jb206NDQz&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=invisible&cb=80qi31lfklz7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7a9dd2496e6cc558ac3eb91c9c0b129927602629b6963ead5a6650986ab85e31
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IwlfrhMUNXZCkAtL3KHZow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdANLEZAAAAAIrdMOrUwtslclDxY5fU6-EU1ybR&co=aHR0cHM6Ly9kaWVzZWxlbWlzc2lvbnNjbGFpbS5jb206NDQz&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=invisible&cb=80qi31lfklz7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dieselemissionsclaim.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dieselemissionsclaim.com/

Response headers

content-security-policy
script-src 'report-sample' 'nonce-IwlfrhMUNXZCkAtL3KHZow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
content-encoding
gzip
date
Fri, 18 Jun 2021 17:12:23 GMT
expires
Fri, 18 Jun 2021 17:12:23 GMT
cache-control
private, max-age=0
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1044
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
338292333416126
connect.facebook.net/signals/config/ 		261 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/338292333416126?v=2.9.41&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1b0e9e4016ddb8cbbfa7d0bed302eb71ec9719511dff6a491734a70d6c0025a6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
wxw5+W9+7ujaUHSDiDps6mfoaB8QbQk5bxDH+33oQOzp6mdjRiJugxI4BmcZI4ZY5MD8ylG6oYb/PWYCmHmq1w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 18 Jun 2021 17:12:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ Frame EF48 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdANLEZAAAAAIrdMOrUwtslclDxY5fU6-EU1ybR&co=aHR0cHM6Ly9kaWVzZWxlbWlzc2lvbnNjbGFpbS5jb206NDQz&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=invisible&cb=80qi31lfklz7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 16:52:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 22:05:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 16:52:27 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ Frame EF48 		343 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdANLEZAAAAAIrdMOrUwtslclDxY5fU6-EU1ybR&co=aHR0cHM6Ly9kaWVzZWxlbWlzc2lvbnNjbGFpbS5jb206NDQz&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=invisible&cb=80qi31lfklz7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:02:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136998
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 22:05:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 17:02:27 GMT
in.php
in.getclicky.com/ 		139 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.getclicky.com/in.php?site_id=101268329&type=pageview&href=%2F&title=Tilbern%20%7C%20Dieselgate&res=1600x1200&lang=en&jsuid=3033314249&mime=js&x=0.5188699647823216
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.145.13.11 Portland, United States, ASN2044 (IINET-2044, US),
Reverse DNS
getclicky.com
Software
nginx /
Resource Hash
3820b2719bd30284b5915d1feb4a5832093a60dfe35b0e32c89a3d01b825c7f0

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:12:24 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=338292333416126&ev=PageView&dl=https%3A%2F%2Fdieselemissionsclaim.com%2F&rl=&if=false&ts=1624036343934&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1624036343932.38753566&it=1624036343812&coo=false&rqm=GET
Requested by
Host: dieselemissionsclaim.com
URL: https://dieselemissionsclaim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:12:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 18 Jun 2021 17:12:23 GMT
modules.f9b798f7869d8d925c50.js
script.hotjar.com/ 		219 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.f9b798f7869d8d925c50.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1918730.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d47ae7a2d6d439a1ca81303eeb9e45e90983297e10c6c51d888a1e090c6d2e7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 15:10:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
93739
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59019
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 15:09:29 GMT
etag
"8f6a52185f0af327bfd3cc0fec3d9a30"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 362b298821815168614ba932732916eb.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
HQxNfCmzn-NKeA8pi2qn_aT9zGRzSrJZLFVYf9B69RksWnQVv_MfNA==
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 96E9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1918730.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dieselemissionsclaim.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://dieselemissionsclaim.com/

Response headers

content-type
text/html
content-length
1044
date
Thu, 03 Jun 2021 10:15:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 03 Jun 2021 10:14:54 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
27u9nfoi4AhXda0OzRvObuwv7Xv_4EJ3DXFAQxI0xQ6nTaGpFJ3D4Q==
age
1321039
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/provely-public/w/provely-2.0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 16:12:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jun 2022 16:12:22 GMT
campaign
app.provely.io/api/campaigns/22159/ 		497 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.provely.io/api/campaigns/22159/campaign
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.23.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
eabc521e81989f88e8dfb4fd0273a2ec2d484ce647571b25a363b9c9a7f00ed1

Request headers

Accept
*/*
Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 18 Jun 2021 17:12:24 GMT
content-encoding
gzip
server
nginx
x-ratelimit-remaining
59
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-ratelimit-limit
60
tokens.php
www.trkr.bid// 		43 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.trkr.bid//tokens.php?1&token1=h1%2011&token2=h2%205&token3=body%201&token4=bt%203&token5=be%202&token6=strap%203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b021 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff11de8dd53431deb0047e022373452b60b0b432a9be16ee04121a7ced084337

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Jun 2021 17:12:25 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
661624728f27649d-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AKz6HltbGl4dUjHP9QXyArDQKaG16dbkuqtLMJ9eCDk%2FgM7nC28CetAl%2FzDPuhKBV%2Fs17YW5Wgu6vDhEKHjN0ljd7idB78pUVuxpT%2FH1zMDbQ4hWOtbO4PVUvtaezMZbrqXuzkRa"}],"group":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ac1b51b920000649ded23b000000001
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=338292333416126&ev=Microdata&dl=https%3A%2F%2Fdieselemissionsclaim.com%2F&rl=&if=false&ts=1624036345449&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Tilbern%20%7C%20Dieselgate%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.41&r=stable&ec=1&o=30&fbp=fb.1.1624036343932.38753566&it=1624036343812&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dieselemissionsclaim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 17:12:25 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 18 Jun 2021 17:12:25 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| $ function| jQuery object| clicky_site_ids object| bootstrap object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager function| postscribe object| google_tag_manager_external object| clicky_obj object| clicky object| clicky_custom undefined| test object| _genericStats object| _genericStatsCustom object| google_tag_data function| hj object| _hjSettings function| getHostname function| isUrl function| filterSingleHostname function| filterHostname function| fbq function| _fbq string| ob object| provelysObj function| provelys object| d object| x object| recaptcha object| closure_lm_937751 object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| provely string| hidden string| visibilityChange function| $pv

6 Cookies

Domain/Path Name / Value
.dieselemissionsclaim.com/ Name: _hjFirstSeen
Value: 1
.dieselemissionsclaim.com/ Name: _hjid
Value: 91e7264a-abe3-4f8f-ae5a-c8f76aaef112
.dieselemissionsclaim.com/ Name: _gcl_au
Value: 1.1.797490123.1624036344
.dieselemissionsclaim.com/ Name: _jsuid
Value: 3033314249
.dieselemissionsclaim.com/ Name: _fbp
Value: fb.1.1624036343932.38753566
.dieselemissionsclaim.com/ Name: _first_pageview
Value: 1

1 Console Messages

Source Level URL
Text
console-api log URL: https://s3.amazonaws.com/provely-public/w/provely-2.0.js(Line 196)
Message:
Binding fields ..

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.provely.io
connect.facebook.net
dieselemissionsclaim.com
fonts.googleapis.com
fonts.gstatic.com
in.getclicky.com
s3.amazonaws.com
script.hotjar.com
static.getclicky.com
static.hotjar.com
vars.hotjar.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.trkr.bid
198.145.13.11
2606:4700:3030::6815:3a3
2606:4700:3033::ac43:b021
2606:4700::6810:dd1d
2a00:1450:4001:810::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::2008
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:831::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.226.23.119
52.217.198.0
65.9.77.37
65.9.77.5
65.9.77.94
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b0e9e4016ddb8cbbfa7d0bed302eb71ec9719511dff6a491734a70d6c0025a6
32bc3653d685d8f3ff750655f343ff7dca6bc1e7f141b1e5a3846a04a4dc0cf4
3820b2719bd30284b5915d1feb4a5832093a60dfe35b0e32c89a3d01b825c7f0
388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5
40c2ed9a5038004f0fcd1603aafe55161e33282c0a81e62d36c845cf04b0f5ca
457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51
51df7d533ad342eae521a77d9cec52e54893bef37ad9f377327bbcb94fc8e1f7
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6267b900e71ed306278b970100747c328562b4c45a11c3f496667cb24cd1edcf
67b9cd1cf4b41f3cffa458ef661f726d2964eb80f045a3baca3029d57aa1ec85
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
682296132457902b0bcd4b5116a8673dda663703eae8d95e07f8b396ae5a5102
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7a9dd2496e6cc558ac3eb91c9c0b129927602629b6963ead5a6650986ab85e31
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89f695af44ee1895cbeb94a67688064ba35d17a1988a5184eed30960fa27ba36
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
97c7e81b455772338d0983049b1fa017dc812d77681a3bfbb6b17ca49ef5170c
b313ffb7e9a56c236345b36a2b2f4bb33e680db54f5eb6b372656b9bb43d2906
c0db02fa8ce349e5c3629825f3cb63deed4803ba6b383f81eb2a882be89e4e07
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
d47ae7a2d6d439a1ca81303eeb9e45e90983297e10c6c51d888a1e090c6d2e7f
dbfdd6688f378c691dfe99fcbe118325a6877f3766ce36fdead9463dcaf81b9d
eabc521e81989f88e8dfb4fd0273a2ec2d484ce647571b25a363b9c9a7f00ed1
eccca1c550bd4a644e3f44af14938172aab41f5bad88fe18ac35e9bcd931a3ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fab64f27793d6106a4404c733a8744634d9f1f88cde914d7d3e14c55dd0058e6
ff11de8dd53431deb0047e022373452b60b0b432a9be16ee04121a7ced084337