urlscan.io logo urlscan.io
SecurityTrails logo

nidiver.com Open in urlscan Pro
104.21.71.211  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/02f1d6bb4f13f4f/309401fd831da62#cl/0_mt/1/1642/1753/0/0
Effective URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Submission: On October 02 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 34 HTTP transactions. The main IP is 104.21.71.211, located in and belongs to CLOUDFLARENET, US. The main domain is nidiver.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 16th 2021. Valid for: a year.
This is the only time nidiver.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 216.58.212.176 15169 (GOOGLE)
1 13 185.154.53.96 210079 (EUROBYTE ...)
1 142.250.184.202 15169 (GOOGLE)
1 104.26.6.173 13335 (CLOUDFLAR...)
1 195.133.83.244 49392 (ASBAXETN)
1 1 104.21.41.184 13335 (CLOUDFLAR...)
17 104.21.71.211 13335 (CLOUDFLAR...)
1 142.250.186.42 15169 (GOOGLE)
34 7
1    216.58.212.176 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f176.1e100.net
storage.googleapis.com
13    185.154.53.96 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: mail.service-customers.xyz
appcert.xyz
1    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
1    104.26.6.173 (United States)

ASN13335 (CLOUDFLARENET, US)
code.ionicframework.com
1    195.133.83.244 (Czech Republic)

ASN49392 (ASBAXETN, RU)
PTR: 195-133-83-244.globaltelecomllc.com
calmxplaces.com
1    104.21.41.184 (None, )

ASN13335 (CLOUDFLARENET, US)
jibbyjab.com
17    104.21.71.211 (None, )

ASN13335 (CLOUDFLARENET, US)
nidiver.com
1    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
ajax.googleapis.com
Domain Requested by
17 nidiver.com calmxplaces.com
nidiver.com
13 appcert.xyz 1 redirects storage.googleapis.com
appcert.xyz
1 ajax.googleapis.com nidiver.com
1 jibbyjab.com 1 redirects
1 calmxplaces.com appcert.xyz
1 code.ionicframework.com appcert.xyz
1 fonts.googleapis.com appcert.xyz
1 storage.googleapis.com
34 8

This site contains no links.

Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
calmxplaces.com
R3		 2021-09-22 -
2021-12-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-04-16 -
2022-04-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Frame ID: BC992616B756E79F3B352EB6D5106652
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lowes-Shopper

Page URL History Show full URLs

  1. https://storage.googleapis.com/02f1d6bb4f13f4f/309401fd831da62 Page URL
  2. http://appcert.xyz/ Page URL
  3. http://appcert.xyz/cl/0_mt/1/1642/1753/0/0 HTTP 302
    https://calmxplaces.com/0/2/2534/16da072a934cfa609baafe023e5f8eef/1/0_0/0_0_1642_84420_mt Page URL
  4. https://jibbyjab.com/c-6v13g-2/index_2.php?s1=350859&s2=614162758&s3=1468&s4=1447D&ow=37&p=6-c-6v... HTTP 302
    https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

59 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

4
Countries

977 kB
Transfer

1187 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/02f1d6bb4f13f4f/309401fd831da62 Page URL
  2. http://appcert.xyz/ Page URL
  3. http://appcert.xyz/cl/0_mt/1/1642/1753/0/0 HTTP 302
    https://calmxplaces.com/0/2/2534/16da072a934cfa609baafe023e5f8eef/1/0_0/0_0_1642_84420_mt Page URL
  4. https://jibbyjab.com/c-6v13g-2/index_2.php?s1=350859&s2=614162758&s3=1468&s4=1447D&ow=37&p=6-c-6v13g-2 HTTP 302
    https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://appcert.xyz/cl/0_mt/1/1642/1753/0/0 HTTP 302
  • https://calmxplaces.com/0/2/2534/16da072a934cfa609baafe023e5f8eef/1/0_0/0_0_1642_84420_mt

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
309401fd831da62
storage.googleapis.com/02f1d6bb4f13f4f/ 		99 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/02f1d6bb4f13f4f/309401fd831da62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.176 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f176.1e100.net
Software
UploadServer /
Resource Hash
d31fcf8f432a69d531000db259cb3508d0219ce8294054b6e0ae3e13a99c8b51

Request headers

:method
GET
:authority
storage.googleapis.com
:scheme
https
:path
/02f1d6bb4f13f4f/309401fd831da62
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-guploader-uploadid
ADPycduQ0GveMNhiKA5MpfpSrYZUIyqfFgiXjuUMMTIDpPE-_C8wu1Tt4eoaodF4mRpM5dVvx7zhDK_DRcBqNq3rruyQebYPOg
expires
Sat, 02 Oct 2021 21:51:14 GMT
date
Sat, 02 Oct 2021 20:51:14 GMT
last-modified
Sun, 26 Sep 2021 13:56:57 GMT
etag
"133064de894f9832080dea5d14e104af"
x-goog-generation
1632664617678517
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
99
content-type
text/html
x-goog-hash
crc32c=qIhaEA== md5=EzBk3olPmDIIDepdFOEErw==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
99
server
UploadServer
cache-control
public, max-age=3600
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
appcert.xyz/ 		16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://appcert.xyz/
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/02f1d6bb4f13f4f/309401fd831da62
Protocol
HTTP/1.1
Server
185.154.53.96 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
mail.service-customers.xyz
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33
Resource Hash

Request headers

Host
appcert.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sat, 02 Oct 2021 20:52:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By
PHP/7.1.33
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Lato:400,300,700
Requested by
Host: appcert.xyz
URL: http://appcert.xyz/
Protocol
HTTP/1.1
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://appcert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 20:51:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Sat, 02 Oct 2021 20:51:15 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Report-To
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
Expires
Sat, 02 Oct 2021 20:51:15 GMT
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: appcert.xyz
URL: http://appcert.xyz/
Protocol
HTTP/1.1
Server
104.26.6.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://appcert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Fastly-Request-ID
c9cd64dfe992c153a7ce0c5a1957462e558bec6f
Date
Sat, 02 Oct 2021 20:51:15 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
89761
X-Cache
HIT
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
8313
X-Served-By
cache-fra19163-FRA
Access-Control-Allow-Origin
*
Last-Modified
Thu, 29 Apr 2021 18:50:21 GMT
Server
cloudflare
X-GitHub-Request-Id
2886:A85E:24A7CF:28F293:615699F1
X-Timer
S1633118115.676098,VS0,VE1
ETag
W/"608affed-c854"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXkQTghqJFdaaPAJbHMuAlpmGH%2BFm%2FXoNTGkbBEDS4ytGoOwOp4%2B8dBnDgRcMcEqop9bY8C5f3TOZSbyYVA96mhrKlthi1V%2F1sufU%2FgSxHrd6smpKnEu58L7C0vJc52yLhpVEq6j8n3f"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Via
1.1 varnish
expires
Fri, 01 Oct 2021 05:27:37 GMT
Cache-Control
max-age=31536000
x-proxy-cache
MISS
Accept-Ranges
bytes
CF-RAY
6980cec32f1427b4-PRG
x-origin-cache
HIT
X-Cache-Hits
1
bootstrap.min.css
appcert.xyz/css/ 		111 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://appcert.xyz/css/bootstrap.min.css
Requested by
Host: appcert.xyz
URL: http://appcert.xyz/
Protocol
HTTP/1.1
Server
185.154.53.96 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
mail.service-customers.xyz
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
appcert.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://appcert.xyz/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://appcert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 20:52:05 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"1bd5b-539c3812a6b00"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
114011
font-awesome.min.css
appcert.xyz/css/ 		21 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://appcert.xyz/css/font-awesome.min.css
Requested by
Host: appcert.xyz
URL: http://appcert.xyz/
Protocol
HTTP/1.1
Server
185.154.53.96 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
mail.service-customers.xyz
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
appcert.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://appcert.xyz/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://appcert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 20:52:05 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"55e0-539c3812a6b00"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
21984
owl.carousel.css
appcert.xyz/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://appcert.xyz/css/owl.carousel.css
Requested by
Host: appcert.xyz
URL: http://appcert.xyz/
Protocol
HTTP/1.1
Server
185.154.53.96 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
mail.service-customers.xyz
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
appcert.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://appcert.xyz/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://appcert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 20:52:05 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"1206-539c3812a6b00"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4614
animate.css
appcert.xyz/css/ 		73 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://appcert.xyz/css/animate.css
Requested by
Host: appcert.xyz
URL: http://appcert.xyz/
Protocol
HTTP/1.1
Server
185.154.53.96 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
mail.service-customers.xyz
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
appcert.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://appcert.xyz/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://appcert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 20:52:05 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"12279-539c3812a6b00"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
74361
main.css
appcert.xyz/css/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://appcert.xyz/css/main.css
Requested by
Host: appcert.xyz
URL: http://appcert.xyz/
Protocol
HTTP/1.1
Server
185.154.53.96 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
mail.service-customers.xyz
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
appcert.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://appcert.xyz/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://appcert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 20:52:05 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"4452-539c3812a6b00"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
17490
responsive.css
appcert.xyz/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://appcert.xyz/css/responsive.css
Requested by
Host: appcert.xyz
URL: http://appcert.xyz/
Protocol
HTTP/1.1
Server
185.154.53.96 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
mail.service-customers.xyz
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
appcert.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://appcert.xyz/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://appcert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 20:52:05 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"80f-539c3812a6b00"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2063
logo.png
appcert.xyz/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://appcert.xyz/images/logo.png
Requested by
Host: appcert.xyz
URL: http://appcert.xyz/
Protocol
HTTP/1.1
Server
185.154.53.96 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
mail.service-customers.xyz
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
appcert.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://appcert.xyz/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://appcert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 20:52:05 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"b67-539c3812a6b00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2919
logo-2.png
appcert.xyz/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://appcert.xyz/images/logo-2.png
Requested by
Host: appcert.xyz
URL: http://appcert.xyz/
Protocol
HTTP/1.1
Server
185.154.53.96 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
mail.service-customers.xyz
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
appcert.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://appcert.xyz/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://appcert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 20:52:05 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"c30-539c3812a6b00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3120
1.jpg
appcert.xyz/images/about/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://appcert.xyz/images/about/1.jpg
Requested by
Host: appcert.xyz
URL: http://appcert.xyz/
Protocol
HTTP/1.1
Server
185.154.53.96 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
mail.service-customers.xyz
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
appcert.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://appcert.xyz/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://appcert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 20:52:05 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"c8c7-539c3812a6b00"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
51399
2.jpg
appcert.xyz/images/about/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://appcert.xyz/images/about/2.jpg
Requested by
Host: appcert.xyz
URL: http://appcert.xyz/
Protocol
HTTP/1.1
Server
185.154.53.96 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
mail.service-customers.xyz
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
appcert.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://appcert.xyz/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://appcert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 20:52:05 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"889e-539c3812a6b00"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
34974
3.jpg
appcert.xyz/images/about/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://appcert.xyz/images/about/3.jpg
Requested by
Host: appcert.xyz
URL: http://appcert.xyz/
Protocol
HTTP/1.1
Server
185.154.53.96 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
mail.service-customers.xyz
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
appcert.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://appcert.xyz/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://appcert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 20:52:05 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"4c50-539c3812a6b00"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
19536
0_0_1642_84420_mt
calmxplaces.com/0/2/2534/16da072a934cfa609baafe023e5f8eef/1/0_0/
Redirect Chain
  • http://appcert.xyz/cl/0_mt/1/1642/1753/0/0
  • https://calmxplaces.com/0/2/2534/16da072a934cfa609baafe023e5f8eef/1/0_0/0_0_1642_84420_mt
165 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://calmxplaces.com/0/2/2534/16da072a934cfa609baafe023e5f8eef/1/0_0/0_0_1642_84420_mt
Requested by
Host: appcert.xyz
URL: http://appcert.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.133.83.244 , Czech Republic, ASN49392 (ASBAXETN, RU),
Reverse DNS
195-133-83-244.globaltelecomllc.com
Software
Apache /
Resource Hash

Request headers

Host
calmxplaces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://appcert.xyz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://appcert.xyz/#cl/0_mt/1/1642/1753/0/0

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
content-type
text/html; charset=UTF-8
server
Apache
set-cookie
uid1468=614162758-20211002165116-51cd74691425c8c2de45052cead6d772-1447; domain=; expires=Mon, 01-Nov-2021 20:51:16 GMT; path=/; SameSite=None; Secure
content-encoding
gzip
transfer-encoding
chunked
vary
Accept-Encoding

Redirect headers

Date
Sat, 02 Oct 2021 20:52:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By
PHP/7.1.33
Location
https://calmxplaces.com/0/2/2534/16da072a934cfa609baafe023e5f8eef/1/0_0/0_0_1642_84420_mt
Content-Length
163
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Primary Request /
nidiver.com/c-6v13g-2/
Redirect Chain
  • https://jibbyjab.com/c-6v13g-2/index_2.php?s1=350859&s2=614162758&s3=1468&s4=1447D&ow=37&p=6-c-6v13g-2
  • https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
42 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Requested by
Host: calmxplaces.com
URL: https://calmxplaces.com/0/2/2534/16da072a934cfa609baafe023e5f8eef/1/0_0/0_0_1642_84420_mt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff2dcc2b996f84e0e7766f8aad53539207afb0cec88c0537cb11ec2ff0f9e5af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
nidiver.com
:scheme
https
:path
/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://calmxplaces.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://calmxplaces.com/0/2/2534/16da072a934cfa609baafe023e5f8eef/1/0_0/0_0_1642_84420_mt

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
content-type
text/html; charset=UTF-8
set-cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6; path=/; secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5I8y8OUqveSfiGY0K7Rio0VIMIlrQVLLJIGmE4UEO0y3Fsff1ydfW4dszFygOZFQAuYJkifcR1rzBT6qOPzAAzmU357WsFt0gvPuBPIWGPPkxvy%2BL32AyJQwCmPrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6980ceccfc372798-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sat, 02 Oct 2021 20:51:16 GMT
content-type
text/html; charset=UTF-8
location
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
set-cookie
PHPSESSID=382ced1da0b5081a88bba5a69f7fb846; path=/; secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
User-Agent
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9saecgMaFnd3XRlJn5aGRrKDBoqEuH23w6CtKQpOY2rmVHDOQIP5FMz6OvDfJuoc%2FzjOdsaA0tXKehKlhcard3CYzC7uPvIB8MVlrR6ZoReKBrZwj8JJGWNINW%2B3ks%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6980cecc28264126-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bootstrapp.min.css
nidiver.com/c-6v13g-2/assets/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nidiver.com/c-6v13g-2/assets/css/bootstrapp.min.css
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35b735bedf07d6b66c0a9b4b82b307c9cce8b70b61b3661f2dfe87d7c1fc814c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/css/bootstrapp.min.css
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOJ9BECvFfznQ56cHbPz7QZUyTUMlnrUWrpfgLsLhM4NSW19FuEw%2BB1icl%2FoCqxMG0Juc%2BUyHRYhs0FTp%2F1D7eBiQqcFVrAtKFdrMPoQKjP3U0XK9UBLyQn3rnrWCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6980cecdac752798-PRG
expires
Wed, 06 Oct 2021 11:21:47 GMT
main006.css
nidiver.com/c-6v13g-2/assets/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nidiver.com/c-6v13g-2/assets/css/main006.css
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b9da549b1f0399024fbf7091bf50f81cc6125ec479c932ceac452a3b7908539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/css/main006.css
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fv%2FQGkYFNSHEZFK7pDsfFg6EXJJsFBr1ICMZPTlbt0DMELcj8IE12LgmLjNOOTlEn816xFVVt2VBF3330WE42pRIS6kphbe7IZ7h%2B6L407NiBNNcXnaz%2Bnca7pL1Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6980cecdac762798-PRG
expires
Wed, 06 Oct 2021 11:21:47 GMT
terms.css
nidiver.com/c-6v13g-2/assets/css/ 		1 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nidiver.com/c-6v13g-2/assets/css/terms.css
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ab151bbfbf9da9daa1bcdbf284f19d567f41301015a66084a7571eaae2fa9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/css/terms.css
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDO0uK9ljS2oWdop9EpGR9Y7SGJ9G7X3aFkC7hkq9MWbAd%2BhGeto2Z%2FuZPbpd42W3t5MQITBlNV3kvqycs4ZJ3da%2FeFOCJgZqQyxe%2FsajnbgHW4A5G%2FHDpFEeXvdzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6980cecdac782798-PRG
expires
Wed, 06 Oct 2021 11:21:47 GMT
ipad.png
nidiver.com/c-6v13g-2/assets/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nidiver.com/c-6v13g-2/assets/images/ipad.png
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e87b95d23998a3fcf71b26abdea393644e5fceaee4cb2c796aaee90a3bbfe61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/images/ipad.png
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23121
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCihtcsf2a3QYrBYeeM47pfNsUpFZQiY%2BBFGc3kE%2BJpskmTwTOHmfq%2FUZc%2FNs1lHAh8DtmAep7r%2BGIgcgfjua29HY52WpUAAjZ8aUNa0vo4%2BvwCkiu8LWGz4HhIbzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6980cecdac7c2798-PRG
expires
Wed, 06 Oct 2021 11:21:47 GMT
5.jpg
nidiver.com/c-6v13g-2/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nidiver.com/c-6v13g-2/assets/images/5.jpg
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856a3e25e403c4f577c63b78a2ee734deedeb7b77fdb25a600b2a5dded64f722
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/images/5.jpg
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1250
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4p5BG7J2yAC9O9kpqQpGVqB1N6Q52oZS3cM5vjoMmRjEKgyEqcv2tR1mN7J%2BqJjw9sNYViuuoVBRhfEgcgybdkJLzEoYBHNkqfLrszbM%2FENfZAKbZVg0wVgYoRBdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6980cecdac7e2798-PRG
expires
Wed, 06 Oct 2021 11:21:47 GMT
3.jpg
nidiver.com/c-6v13g-2/assets/images/ 		936 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nidiver.com/c-6v13g-2/assets/images/3.jpg
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7532d53e07de8cd28c1a4d98e284df714255ec21c86d6756fe9261ec30691cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/images/3.jpg
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
936
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQ9Jxi9ybRLlwwMIqEx%2BZwh7dG3kT5Y3ypCUCsvNSZaC4z%2Fmr%2FJomoHv5Y%2BrYfCgDp%2F4bZ7h2KBSl9uvU8fJdMmWBVpZs7areYdscRhvmm6MUhCx%2FfDdNE0DPkJwMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6980cecdac7f2798-PRG
expires
Wed, 06 Oct 2021 11:21:47 GMT
4.jpg
nidiver.com/c-6v13g-2/assets/images/ 		1005 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nidiver.com/c-6v13g-2/assets/images/4.jpg
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4475cabe931a1f71deea2db0509054d4261af226673c9450f0085b82d6d123f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/images/4.jpg
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1005
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GrJaeXNQ4Etw2iTvW7jd%2Fzyeg6AJnysOiQPcAyp6anQas%2FCGj7rhAhryfbqevEje4OSJoYtKMuJ%2BwYE8jxy2%2BGBBs5usgOd5JTIsMKBX9f%2FE2e7EPNkJqrccnGSqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6980cecdac802798-PRG
expires
Wed, 06 Oct 2021 11:21:47 GMT
2.jpg
nidiver.com/c-6v13g-2/assets/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nidiver.com/c-6v13g-2/assets/images/2.jpg
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac98de861aae4984b0d4a2eaaf03525b8a230f6645598d7951ad970eb35193a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/images/2.jpg
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1212
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1h6e4OPsujQNSbqWfaZy0kssfAsiFkCaQK9We6r8GJqkXIHuVEwlTv70%2FgGS0K94sMGUR1bdfkL6BK0SgSciYyeq5R4v%2FAGlk8GmK5Jrh9m6WxyGdKrijeGKgou4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6980cecdbc8c2798-PRG
expires
Sat, 09 Oct 2021 20:51:16 GMT
1.jpg
nidiver.com/c-6v13g-2/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nidiver.com/c-6v13g-2/assets/images/1.jpg
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
957fa9d8e22009502c40c12d830e48a28de8cfdcec5926bfb27830ef3b460611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/images/1.jpg
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1933
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B57Zil%2BEqWDFdslKfCT1dQFNbjxARihPI83QZs9Zqdvocd8nznXLdlwZ2Hg%2BubMHfDLpqEGCWgg74rNmGqZJWzuOQcRwx2eaDsG7ffaOZiI4IaCf9w8igikOU13wiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6980cecdbc8d2798-PRG
expires
Wed, 06 Oct 2021 11:21:47 GMT
download.png
nidiver.com/c-6v13g-2/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nidiver.com/c-6v13g-2/assets/images/download.png
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d43c47d081ccec81e0af4c139eb7ad18c06fd84cd5aafe96fbcb55bd4e29efb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/images/download.png
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1300
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caACMWhiycdSf5Oisdi8nbj3%2BPvRf%2FuHlcBJL0E7V485RasQ34iIERJJb43mM05wfJDwmd8%2FfEvV4Y4T5rQONpbynrEUJdoU%2BLkTI8TTiuHl4dIusj%2BX0yPeU7Cv0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6980cecdbc8f2798-PRG
expires
Sat, 09 Oct 2021 20:51:16 GMT
x.png
nidiver.com/c-6v13g-2/assets/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nidiver.com/c-6v13g-2/assets/images/x.png
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/images/x.png
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2YBLZ1LclmJzvyikRn9HgfGGl7GGQ9UcWfMastMwgrjlB8XDxpuU%2B3K1K49gTEs%2F147HEu7YgCDF8NfNyjaXFuAyuJzyrkHccrve0RGYcw97CnpDZklFwgQT3lLJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6980cecdbc902798-PRG
expires
Wed, 06 Oct 2021 11:21:47 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:06:39 GMT
x-content-type-options
nosniff
age
35077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95931
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sun, 02 Oct 2022 11:06:39 GMT
modal.js
nidiver.com/c-6v13g-2/assets/js/ 		887 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nidiver.com/c-6v13g-2/assets/js/modal.js
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c94b3e9800d457f6d9f64d3a25c360a749c49e855c3a1f74aed1d77e86948c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/js/modal.js
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x12oPOvUVjWhl4riII7be1tOXDlz%2FRMqjXbpuyefQzANwLOWTIDt2DpIkUDhVIvFz6K4PBmzO7Tid%2FS4CmpO31ncv%2FWf%2FL8oPKQk90uXBkFJ4B10QQ4sIeBvDK8bBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6980cecdac792798-PRG
expires
Wed, 06 Oct 2021 11:21:47 GMT
bootstrap.min.js
nidiver.com/c-6v13g-2/assets/bootstrap/dist/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nidiver.com/c-6v13g-2/assets/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6ee36ce8e2826b76fd7632195831e3710b8c3bd2002af22dbb3f0b85b64f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/bootstrap/dist/js/bootstrap.min.js
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64z0bmE2ycK%2FVQ2L%2BPhsmn6NevLnEDEaJVJA%2Bqd2lG8M4%2B%2Fo6GwYSBqnyL6Zyo%2F0cU%2BgBjV9uJ5AGtSBaP9RL%2Fp3hGpTE8lURRVJBRR17JTXRnR4cDH%2BfXLDUEOnPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6980cecdac7a2798-PRG
expires
Wed, 06 Oct 2021 11:21:47 GMT
scripts-w23478e-ed5.js
nidiver.com/c-6v13g-2/assets/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nidiver.com/c-6v13g-2/assets/js/scripts-w23478e-ed5.js?v=2&cc=us
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c26baade77f0f113b4eebc060244d094ce3a3c09760bf3c85ae41798fed39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/js/scripts-w23478e-ed5.js?v=2&cc=us
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293369
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uf6SopBQ4ylMgAhuoKUmaVsXxvCQyhmFfIwmvz6GHxvIA08NE0rJb4FerOaFJ0K0GBLPpsn1f5KUNkBrtAGK0sqj2xz29INkZja394D5nPzRoEpkwViznWgmcMKwPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6980cecdac7b2798-PRG
expires
Wed, 06 Oct 2021 11:21:47 GMT
css.css
nidiver.com/c-6v13g-2/assets/css/ 		4 KB
715 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nidiver.com/c-6v13g-2/assets/css/css.css
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeeb96b92d5aeda83b7b00508324d18dedf839671918eed90f9ff83d85c196d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/css/css.css
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/?954aa08c0afd9f204310819de6f88599
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1A9eJg10jrwkpdGPUHrVUWxcGLtRBMbpTknXV6CybJTVb%2BEA%2Ba%2B4%2BiONf5kcTano9sLUMe%2BZyShBiO%2BynP6hjvIZ8FKOQ2Qrnp3BbkYAVTFhL70duXNvveT%2BJO6vRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6980cecdbc912798-PRG
expires
Sat, 09 Oct 2021 20:51:16 GMT
bg-lowes.png
nidiver.com/c-6v13g-2/assets/images/ 		429 KB
430 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nidiver.com/c-6v13g-2/assets/images/bg-lowes.png
Requested by
Host: nidiver.com
URL: https://nidiver.com/c-6v13g-2/assets/css/main006.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.71.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a6afa317abe85f156540cdddfd99ce9f3a9e4233da26f55e804f8f1c54a8db9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/c-6v13g-2/assets/images/bg-lowes.png
pragma
no-cache
cookie
PHPSESSID=fb25b20fe735444a185c68e2b6633cc6
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nidiver.com
referer
https://nidiver.com/c-6v13g-2/assets/css/main006.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nidiver.com/c-6v13g-2/assets/css/main006.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 20:51:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293368
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
439364
x-xss-protection
1; mode=block
last-modified
Tue, 06 Jul 2021 21:48:58 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMvLmOMw5GbFxOtVyEyY3PvwgHou2sUBezzPWXY0YZFgcsAyAwiroPK%2BdVAU%2BRKwQTaF4YeRAT7iNxZkiZX3rwVpdT8QlvmcaJWUaTol1giHlGeVaY949azdRa%2Bqlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6980cecddccd4132-PRG
expires
Wed, 06 Oct 2021 11:21:48 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| jQuery111208766301646534251 function| findGetParameter function| buildOfferHtml function| getRandomInt function| processQuestion number| offer_tick undefined| zz object| wall_json object| $questionsForm object| $activeQuestion object| $nextQuestion

3 Cookies

Domain/Path Name / Value
calmxplaces.com/ Name: uid1468
Value: 614162758-20211002165116-51cd74691425c8c2de45052cead6d772-1447
jibbyjab.com/ Name: PHPSESSID
Value: 382ced1da0b5081a88bba5a69f7fb846
nidiver.com/ Name: PHPSESSID
Value: fb25b20fe735444a185c68e2b6633cc6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
appcert.xyz
calmxplaces.com
code.ionicframework.com
fonts.googleapis.com
jibbyjab.com
nidiver.com
storage.googleapis.com
104.21.41.184
104.21.71.211
104.26.6.173
142.250.184.202
142.250.186.42
185.154.53.96
195.133.83.244
216.58.212.176
1a6ee36ce8e2826b76fd7632195831e3710b8c3bd2002af22dbb3f0b85b64f16
2ac98de861aae4984b0d4a2eaaf03525b8a230f6645598d7951ad970eb35193a
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
30ab151bbfbf9da9daa1bcdbf284f19d567f41301015a66084a7571eaae2fa9a
35b735bedf07d6b66c0a9b4b82b307c9cce8b70b61b3661f2dfe87d7c1fc814c
7b9da549b1f0399024fbf7091bf50f81cc6125ec479c932ceac452a3b7908539
7c94b3e9800d457f6d9f64d3a25c360a749c49e855c3a1f74aed1d77e86948c0
7e87b95d23998a3fcf71b26abdea393644e5fceaee4cb2c796aaee90a3bbfe61
856a3e25e403c4f577c63b78a2ee734deedeb7b77fdb25a600b2a5dded64f722
957fa9d8e22009502c40c12d830e48a28de8cfdcec5926bfb27830ef3b460611
9a6afa317abe85f156540cdddfd99ce9f3a9e4233da26f55e804f8f1c54a8db9
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
d31fcf8f432a69d531000db259cb3508d0219ce8294054b6e0ae3e13a99c8b51
d43c47d081ccec81e0af4c139eb7ad18c06fd84cd5aafe96fbcb55bd4e29efb5
d7532d53e07de8cd28c1a4d98e284df714255ec21c86d6756fe9261ec30691cf
e3c26baade77f0f113b4eebc060244d094ce3a3c09760bf3c85ae41798fed39d
e4475cabe931a1f71deea2db0509054d4261af226673c9450f0085b82d6d123f
eeeb96b92d5aeda83b7b00508324d18dedf839671918eed90f9ff83d85c196d4
ff2dcc2b996f84e0e7766f8aad53539207afb0cec88c0537cb11ec2ff0f9e5af