urlscan.io logo urlscan.io
SecurityTrails logo

wossupport.rf.gd Open in urlscan Pro
185.27.134.57  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://smarttoday.live/dating/rd/index.php
Effective URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Submission: On July 05 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 57 HTTP transactions. The main IP is 185.27.134.57, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is wossupport.rf.gd.
TLS certificate: Issued by GoGetSSL RSA DV CA on June 9th 2023. Valid for: 3 months.
This is the only time wossupport.rf.gd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.69.121 13335 (CLOUDFLAR...)
1 25 185.27.134.57 34119 (WILDCARD-...)
10 13.33.174.117 16509 (AMAZON-02)
1 142.250.207.42 15169 (GOOGLE)
1 69.16.175.10 20446 (STACKPATH...)
2 104.18.10.207 13335 (CLOUDFLAR...)
1 104.26.8.174 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 151.101.65.229 54113 (FASTLY)
1 172.217.175.8 15169 (GOOGLE)
6 34.107.203.234 396982 (GOOGLE-CL...)
1 142.251.42.131 15169 (GOOGLE)
1 151.139.128.10 20446 (STACKPATH...)
1 216.239.32.178 15169 (GOOGLE)
4 185.17.186.162 60781 (LEASEWEB-...)
57 15
1    104.21.69.121 (None, )

ASN13335 (CLOUDFLARENET, US)
smarttoday.live
25    185.27.134.57 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
wossupport.rf.gd
10    13.33.174.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-174-117.nrt57.r.cloudfront.net
tools.luckyorange.com
1    142.250.207.42 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f10.1e100.net
fonts.googleapis.com
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    104.26.8.174 (None, )

ASN13335 (CLOUDFLARENET, US)
errors.infinityfree.net
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    151.101.65.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    172.217.175.8 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s18-in-f8.1e100.net
www.googletagmanager.com
6    34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com
settings.luckyorange.com
api-preview.luckyorange.com
1    142.251.42.131 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f3.1e100.net
fonts.gstatic.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.mouseflow.com
1    216.239.32.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    185.17.186.162 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
o2.mouseflow.com
Apex Domain
Subdomains		 Transfer
25 rf.gd
wossupport.rf.gd
3 MB
16 luckyorange.com
tools.luckyorange.com — Cisco Umbrella Rank: 12054
settings.luckyorange.com — Cisco Umbrella Rank: 11934
api-preview.luckyorange.com — Cisco Umbrella Rank: 15697
426 KB
5 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 7488
o2.mouseflow.com — Cisco Umbrella Rank: 44316
57 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1032
72 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
255 B
1 gstatic.com
fonts.gstatic.com
48 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
82 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
23 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 274
5 KB
1 infinityfree.net
errors.infinityfree.net
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 749
29 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
2 KB
1 smarttoday.live
smarttoday.live
508 B
57 13
Domain Requested by
25 wossupport.rf.gd 1 redirects wossupport.rf.gd
10 tools.luckyorange.com wossupport.rf.gd
tools.luckyorange.com
4 api-preview.luckyorange.com tools.luckyorange.com
4 o2.mouseflow.com cdn.mouseflow.com
2 settings.luckyorange.com tools.luckyorange.com
2 maxcdn.bootstrapcdn.com wossupport.rf.gd
maxcdn.bootstrapcdn.com
1 www.google-analytics.com www.googletagmanager.com
1 cdn.mouseflow.com wossupport.rf.gd
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com wossupport.rf.gd
1 cdn.jsdelivr.net wossupport.rf.gd
1 cdnjs.cloudflare.com wossupport.rf.gd
1 errors.infinityfree.net wossupport.rf.gd
1 code.jquery.com wossupport.rf.gd
1 fonts.googleapis.com wossupport.rf.gd
1 smarttoday.live 1 redirects
57 16

This site contains no links.

Subject Issuer Validity Valid
wossupport.rf.gd
GoGetSSL RSA DV CA		 2023-06-09 -
2023-09-07		 3 months crt.sh
luckyorange.com
Amazon RSA 2048 M01		 2023-02-27 -
2024-01-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
settings.luckyorange.com
R3		 2023-06-21 -
2023-09-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.mouseflow.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-24 -
2023-09-24		 a year crt.sh
api-preview.luckyorange.com
R3		 2023-06-21 -
2023-09-19		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Frame ID: AD72B239A0DCA471053A8DA20C1D6D2C
Requests: 43 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/core.js?v=11aa352
Frame ID: 881D2B3A6AC48AC454B10B1A2A97E3E2
Requests: 3 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=11aa352
Frame ID: 7B89A29C8FD10A45C76C291BC986D888
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

セキュリティセンターコード0x268d3サービス

Page URL History Show full URLs

  1. https://smarttoday.live/dating/rd/index.php HTTP 302
    https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582 Page URL
  2. https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

57
Requests

95 %
HTTPS

0 %
IPv6

13
Domains

16
Subdomains

15
IPs

4
Countries

3410 kB
Transfer

5133 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://smarttoday.live/dating/rd/index.php HTTP 302
    https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582 Page URL
  2. https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://smarttoday.live/dating/rd/index.php HTTP 302
  • https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582
Request Chain 8
  • https://wossupport.rf.gd/chat2.css HTTP 302
  • https://errors.infinityfree.net/errors/403/

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.php
wossupport.rf.gd/
Redirect Chain
  • https://smarttoday.live/dating/rd/index.php
  • https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582
899 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
38a4631325053d2848d947f0af0e23ed2d86efc143d9811becec972a9ad61f9b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 05 Jul 2023 08:50:43 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7e1e5ca3e9d0af37-NRT
content-type
text/html; charset=UTF-8
date
Wed, 05 Jul 2023 08:50:42 GMT
location
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kr1wE6AubMaedZusRgGl2L0Zh2a2kRDuuuRsieb3ZTJXe1e5af8b5fUazxJ8nYFKtcJ1L5goFgdab4bOAhGBLHCWahnrfeSbbDtvzZzblzLdW3YA4%2BlVyuAyTcKsbcdIOYw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
aes.js
wossupport.rf.gd/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wossupport.rf.gd/aes.js
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:43 GMT
last-modified
Sat, 08 Aug 2015 08:10:59 GMT
server
nginx
accept-ranges
bytes
etag
"55c5b993-79e6"
content-length
31206
content-type
application/javascript
Primary Request index.php
wossupport.rf.gd/ 		40 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
c85d73fc047c17a081f3da69eb9885ae5c142b7418aef114a93d43c63ae89a72

Request headers

Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

cache-control
max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 05 Jul 2023 08:50:44 GMT
expires
Wed, 05 Jul 2023 08:50:44 GMT
server
nginx
vary
Accept-Encoding
lo.js
tools.luckyorange.com/core/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/core/lo.js?site-id=ab023d5f
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-117.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33db97809bc63a2e2c8163155ad1ee0657d50c00584d5e3d50f8683212ec95c8

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 07:54:47 GMT
content-encoding
gzip
via
1.1 091f316f3a7097e8e99dcd660a6b7926.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C2
age
3358
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4501
last-modified
Sat, 13 May 2023 00:32:37 GMT
server
AmazonS3
etag
"49463a8e124c9c95f154de145ed0c33c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
IzBN-FyjgDmo4vOyBjQfn3roiaTPhPJXeJtsAkEXD7nJ9X84UfiLQg==
bootstrap.css
wossupport.rf.gd/ 		205 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wossupport.rf.gd/bootstrap.css
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
10a99594267aa4bd3ea83586bbc93bea00f127ac756526763bdf856b437e413c

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:44 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 22:59:41 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
expires
Fri, 04 Aug 2023 08:50:44 GMT
css2
fonts.googleapis.com/ 		34 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f10.1e100.net
Software
ESF /
Resource Hash
3b50116c3101a511d2559c79c005b6cf57fd89fd52dac1d3566ebaeaf53f1dec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Jul 2023 08:50:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 08:45:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jul 2023 08:50:45 GMT
jquery-2.2.4.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e4a"
vary
Accept-Encoding
x-hw
1688547045.dop209.la3.t,1688547045.cds267.la3.hn,1688547045.cds238.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29811
main.css
wossupport.rf.gd/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wossupport.rf.gd/main.css
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
fe7622e5cee2bcdd0d9e6dcd28d0199d4962db0dbfec9c5917a8e1194d819ffd

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:44 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 22:59:34 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
expires
Fri, 04 Aug 2023 08:50:44 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
753, 617, 617
age
12213818
cdn-cachedat
2021-06-19 03:25:59
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
275513b65ecaee506859e09f13a72b9f
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7e1e5cbb8d08e04f-NRT
cdn-requestpullsuccess
True
/
errors.infinityfree.net/errors/403/
Redirect Chain
  • https://wossupport.rf.gd/chat2.css
  • https://errors.infinityfree.net/errors/403/
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://errors.infinityfree.net/errors/403/
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Server
104.26.8.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Redirect headers

location
https://errors.infinityfree.net/errors/403/
date
Wed, 05 Jul 2023 08:50:44 GMT
cache-control
max-age=2592000
content-type
text/html; charset=iso-8859-1
server
nginx
content-length
227
expires
Fri, 04 Aug 2023 08:50:44 GMT
7a-bg.png
wossupport.rf.gd/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wossupport.rf.gd/7a-bg.png
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
0e5b6ff49c863112f692e1af6be1e95b615b2fc21d18ad849a61219ed1078375

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
last-modified
Thu, 08 Jun 2023 22:59:36 GMT
server
nginx
content-type
image/png
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
accept-ranges
bytes
content-length
2197768
expires
Fri, 04 Aug 2023 08:50:45 GMT
bg2.jpeg
wossupport.rf.gd/ 		358 KB
359 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wossupport.rf.gd/bg2.jpeg
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
40dd8a184408b9c6f376673ffd39c74611f4ef9ff0a1daa8b3760015d801883d

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
last-modified
Thu, 08 Jun 2023 22:59:40 GMT
server
nginx
content-type
image/jpeg
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
accept-ranges
bytes
content-length
366853
expires
Fri, 04 Aug 2023 08:50:45 GMT
minimize.png
wossupport.rf.gd/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wossupport.rf.gd/minimize.png
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
dfcc16fd49167f62d2acb07ed991fb0535f5ca863c5c15cfa20cfd76c1b1cfbe

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
last-modified
Thu, 08 Jun 2023 22:59:50 GMT
server
nginx
content-type
image/png
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
accept-ranges
bytes
content-length
1443
expires
Fri, 04 Aug 2023 08:50:45 GMT
microsoft.png
wossupport.rf.gd/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wossupport.rf.gd/microsoft.png
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
last-modified
Thu, 08 Jun 2023 22:59:49 GMT
server
nginx
content-type
image/png
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
accept-ranges
bytes
content-length
1045
expires
Fri, 04 Aug 2023 08:50:45 GMT
setting.png
wossupport.rf.gd/ 		364 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wossupport.rf.gd/setting.png
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
last-modified
Thu, 08 Jun 2023 22:59:53 GMT
server
nginx
content-type
image/png
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
accept-ranges
bytes
content-length
364
expires
Fri, 04 Aug 2023 08:50:45 GMT
que.png
wossupport.rf.gd/ 		349 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wossupport.rf.gd/que.png
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
last-modified
Thu, 08 Jun 2023 22:59:52 GMT
server
nginx
content-type
image/png
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
accept-ranges
bytes
content-length
349
expires
Fri, 04 Aug 2023 08:50:45 GMT
virus-scan.png
wossupport.rf.gd/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wossupport.rf.gd/virus-scan.png
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
last-modified
Thu, 08 Jun 2023 22:59:54 GMT
server
nginx
content-type
image/png
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
accept-ranges
bytes
content-length
25871
expires
Fri, 04 Aug 2023 08:50:45 GMT
bell.png
wossupport.rf.gd/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wossupport.rf.gd/bell.png
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
last-modified
Thu, 08 Jun 2023 22:59:39 GMT
server
nginx
content-type
image/png
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
accept-ranges
bytes
content-length
1108
expires
Fri, 04 Aug 2023 08:50:45 GMT
pc.png
wossupport.rf.gd/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wossupport.rf.gd/pc.png
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
last-modified
Thu, 08 Jun 2023 22:59:51 GMT
server
nginx
content-type
image/png
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
accept-ranges
bytes
content-length
4949
expires
Fri, 04 Aug 2023 08:50:45 GMT
def.png
wossupport.rf.gd/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wossupport.rf.gd/def.png
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
last-modified
Thu, 08 Jun 2023 22:59:44 GMT
server
nginx
content-type
image/png
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
accept-ranges
bytes
content-length
3834
expires
Fri, 04 Aug 2023 08:50:45 GMT
cross.png
wossupport.rf.gd/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wossupport.rf.gd/cross.png
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
13ee09efef992ec899ca28dea08d00886fce5e8b3ad6c19e6c753a899bcfdaea

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
last-modified
Thu, 08 Jun 2023 22:59:43 GMT
server
nginx
content-type
image/png
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
accept-ranges
bytes
content-length
8350
expires
Fri, 04 Aug 2023 08:50:45 GMT
new-img.png
wossupport.rf.gd/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wossupport.rf.gd/new-img.png
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
b2901f408265c7a9d8d5cfe0c8865e27289949848862945f8a3eda85898100be

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
last-modified
Thu, 08 Jun 2023 22:59:34 GMT
server
nginx
content-type
image/png
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
accept-ranges
bytes
content-length
17558
expires
Fri, 04 Aug 2023 08:50:45 GMT
modernizr.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4963416
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3980
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-2b4c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wU8EjZygFajN36bsFLekdW1%2FD3I23ylmyejnZJcl%2FX4sZmitZTpf1CRJK4iuPndkfbnjrteTvvL%2FXIwg%2BVcTLy7Hf0otuddLBkvcG3YOwJ0bS0Xb8mibTBiu5p9eeP%2BXCQtmdfFo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e1e5cbbdedee362-NRT
expires
Mon, 24 Jun 2024 08:50:45 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wossupport.rf.gd/
Origin
https://wossupport.rf.gd
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 05 Jul 2023 08:50:45 GMT
x-content-type-options
nosniff
content-encoding
br
age
9661860
x-jsd-version
4.6.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23377
x-served-by
cache-fra-eddf8230133-FRA, cache-nrt-rjtf7700022-NRT
x-jsd-version-type
version
etag
W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
fullscreen.js
wossupport.rf.gd/ 		245 B
410 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wossupport.rf.gd/fullscreen.js
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
43703d37b8fe2769cb2e12db7aa281dbcca175124d05ff4b0cc3d152534698a4

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 22:59:45 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
expires
Fri, 04 Aug 2023 08:50:45 GMT
before.js
wossupport.rf.gd/ 		366 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wossupport.rf.gd/before.js
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
31681779c6f394370dad146169896e9ec2b8f7c716c4b1db78c459033e48bf95

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 22:59:38 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
expires
Fri, 04 Aug 2023 08:50:45 GMT
main.js
wossupport.rf.gd/ 		2 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wossupport.rf.gd/main.js
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
2583d8751556269beb23406aa81e71d3157e3b60a52c27474b49a954d28a79ee

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 22:59:48 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
expires
Fri, 04 Aug 2023 08:50:45 GMT
light.js
wossupport.rf.gd/ 		503 B
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wossupport.rf.gd/light.js
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
content-encoding
gzip
last-modified
Thu, 08 Jun 2023 22:59:47 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
expires
Fri, 04 Aug 2023 08:50:45 GMT
js
www.googletagmanager.com/gtag/ 		232 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3TR7PMS9YS
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c0e7be4528cf4d58de02bb42cfbd4f9fcf78189e411e8847f6604fdddd32479f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83467
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 05 Jul 2023 08:50:45 GMT
ab023d5f
settings.luckyorange.com/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.com/ab023d5f
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=ab023d5f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash
a64809b121a623f12b805aae55047b721691ef0b2093ef940ad4f3d1ada63aa8

Request headers

Referer
https://wossupport.rf.gd/
accept-language
jp-jp,jp;q=0.9
x-lucky-uid
undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
x-lucky-referrer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582

Response headers

date
Wed, 05 Jul 2023 08:50:46 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wossupport.rf.gd
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ab023d5f
settings.luckyorange.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.com/ab023d5f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method
GET
Origin
https://wossupport.rf.gd
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://wossupport.rf.gd
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 05 Jul 2023 08:50:46 GMT
via
1.1 google
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f3.1e100.net
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wossupport.rf.gd
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 17:25:52 GMT
x-content-type-options
nosniff
age
55494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jul 2024 17:25:52 GMT
core.js
tools.luckyorange.com/core/ Frame 881D 		206 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/core/core.js?v=11aa352
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=ab023d5f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-117.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aeca40d7d9c38b0e118e2c7abd082a7e609284396b20c89a38b2cb5844c61ef4

Request headers

Referer
Origin
https://wossupport.rf.gd
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:32:18 GMT
content-encoding
gzip
via
1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C2
age
1109
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
63873
last-modified
Sat, 13 May 2023 00:32:37 GMT
server
AmazonS3
etag
"c9d2702569efb29cd2662edb885d7c60"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
RJmpGn7sjpFm2RSOLjcq-AqVtrSwbB3QR4UDQqabzXfFfzaAV96e1A==
0wa0rni0ng0.mp3
wossupport.rf.gd/ 		2 KB
3 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://wossupport.rf.gd/0wa0rni0ng0.mp3
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

pragma
no-cache
date
Wed, 05 Jul 2023 08:50:46 GMT
last-modified
Thu, 08 Jun 2023 22:59:34 GMT
server
nginx
content-type
audio/mpeg
Content-Range
bytes 0-2456/2457
cache-control
no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform
accept-ranges
bytes
Content-Length
2457
expires
Wed, 05 Jul 2023 08:50:46 GMT
0d36df93-4be4-4945-a372-1272a8dd9452.js
cdn.mouseflow.com/projects/ 		192 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/0d36df93-4be4-4945-a372-1272a8dd9452.js
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Mouseflow /
Resource Hash
4a5bcf47e0ad55e1760ae95932886ce0424772f5105efed5a4177747cc169508
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 05 Jul 2023 08:39:52 GMT
server
Mouseflow
etag
W/"6bff76441cafd91:0"
x-cache-status
MISS
x-hw
1688547046.cds202.tk2.hn,1688547046.cds221.tk2.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
57543
collect
www.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3TR7PMS9YS&gtm=45je36s0&_p=353333465&cid=2009213529.1688547047&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688547046&sct=1&seg=0&dl=https%3A%2F%2Fwossupport.rf.gd%2Findex.php%3Fs9j7pn5bkb%3D16885470420234fcf607c0603aa4f130aa2dfa94b685477582%26i%3D1&dr=https%3A%2F%2Fwossupport.rf.gd%2Findex.php%3Fs9j7pn5bkb%3D16885470420234fcf607c0603aa4f130aa2dfa94b685477582&dt=%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BC%E3%82%B3%E3%83%BC%E3%83%890x268d3%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3TR7PMS9YS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Jul 2023 08:50:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wossupport.rf.gd
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
beep.mp3
wossupport.rf.gd/ 		8 KB
9 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://wossupport.rf.gd/beep.mp3
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
e5cf7987f8eda377da9ce7bb1aed3144eccc244cac88c225d3c3d2f7a1226494

Request headers

Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

pragma
no-cache
date
Wed, 05 Jul 2023 08:50:46 GMT
last-modified
Thu, 08 Jun 2023 22:59:37 GMT
server
nginx
content-type
audio/mpeg
Content-Range
bytes 0-8649/8650
cache-control
no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform
accept-ranges
bytes
Content-Length
8650
expires
Wed, 05 Jul 2023 08:50:46 GMT
alertmicrosoft.mp3
wossupport.rf.gd/ 		56 B
305 B 		Media
General
Check archive.org
Download Go to
Full URL
https://wossupport.rf.gd/alertmicrosoft.mp3
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.57 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
ecc70814d107f2a64331b496f44652d8e894b488ada04203df65b7465220de8b

Request headers

Referer
https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Accept-Encoding
identity;q=1, *;q=0
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

pragma
no-cache
date
Wed, 05 Jul 2023 08:50:46 GMT
last-modified
Thu, 08 Jun 2023 22:59:34 GMT
server
nginx
content-type
audio/mpeg
Content-Range
bytes 0-55/56
cache-control
no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform
accept-ranges
bytes
Content-Length
56
expires
Wed, 05 Jul 2023 08:50:46 GMT
bootstrap.js
tools.luckyorange.com/messenger/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/messenger/bootstrap.js
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=11aa352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-117.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3208cfa5ef112cb02b5c9b160f3f40a75961b113c5de6017416704eadc88999

Request headers

Referer
https://wossupport.rf.gd/
Origin
https://wossupport.rf.gd
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:31:15 GMT
content-encoding
gzip
via
1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C2
age
1172
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1680
last-modified
Tue, 20 Jun 2023 14:28:09 GMT
server
AmazonS3
etag
"08c1a9cf97473b31623a245f9848b9f9"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
QY4POnwW1jEfNeFksU2PFE6UObCCLtfPK7clKmZtXhIBGNvH75ky4g==
index.html
tools.luckyorange.com/messenger/ 		1 KB
912 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/messenger/index.html
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-117.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e40d3814614580ebf09dcb473a120b2baf5d429d6394dd0baaa6216d190b32df

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 06:22:31 GMT
content-encoding
gzip
via
1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Jun 2023 14:28:06 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
8896
etag
W/"495405af60a25c9190707aee1374cefc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
5rBbtblsW4z3izynygLkf4YeRvZaJY9XfNBhuslULScR4PYM1xzDzw==
frame.js
tools.luckyorange.com/core/ Frame 7B89 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/core/frame.js?v=11aa352
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=11aa352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-117.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8e65d2f80115c8b0fa2c26cce598b99aa247aa1f7b008cdff2bc96c2e976058

Request headers

Referer
Origin
https://wossupport.rf.gd
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:31:46 GMT
content-encoding
gzip
via
1.1 e4404fd3b1d2ac38d3124fbc6bbedc8a.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-C2
age
1141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
18440
last-modified
Sat, 13 May 2023 00:32:37 GMT
server
AmazonS3
etag
"b3d1c6c873ef9f674472f6df74babf46"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Qdsgxjrk8kJHVz3gtMPJaILeBVvHssbs_iZbVJuVXGxUc8rtJf1hQw==
app.51149f0e.css
tools.luckyorange.com/messenger/css/ Frame 7B89 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/messenger/css/app.51149f0e.css
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-117.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87365b52e61ce1f1e536bc9d68df10c54806618a91165bfec69a25c2e65ddacd

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 04:17:22 GMT
content-encoding
gzip
via
1.1 091f316f3a7097e8e99dcd660a6b7926.cloudfront.net (CloudFront)
last-modified
Tue, 20 Jun 2023 14:28:12 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
880404
etag
"2eec34d69660ac29976523d6c79d37ef"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1478
x-amz-cf-id
9007dR5vRNekUDkVglsvCPCdX5a8PrMhpcyK4m2xU7dpVjFwmfRwUw==
chunk-vendors.f7467ed3.css
tools.luckyorange.com/messenger/css/ Frame 7B89 		497 B
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/messenger/css/chunk-vendors.f7467ed3.css
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-117.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac9859cce1a917e02aed963bf1351b847bd893cab6229204f03af99d71713048

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 22:49:32 GMT
content-encoding
gzip
via
1.1 091f316f3a7097e8e99dcd660a6b7926.cloudfront.net (CloudFront)
last-modified
Tue, 20 Jun 2023 14:28:12 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
900075
etag
"33cc0e352cc89ef8f4b327f30fb0d595"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
236
x-amz-cf-id
DWi0u52sDd-HSyvSeBBiWSpMgmgXtP6ibczzC5tE_tKK24HP7wztNA==
app.58dfd0a5.js
tools.luckyorange.com/messenger/js/ Frame 7B89 		125 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/messenger/js/app.58dfd0a5.js
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-117.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc42ff6262c121035b412fdc45b304ca56ed0353704f77702a4c2b50162da702

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 16:06:28 GMT
content-encoding
gzip
via
1.1 091f316f3a7097e8e99dcd660a6b7926.cloudfront.net (CloudFront)
last-modified
Tue, 20 Jun 2023 14:28:12 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
837859
etag
"4a7a15ca42915c90e85d83de38046e62"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
29090
x-amz-cf-id
FhuB2sMHRlSQuo1OHSGtljKV0AFaIxxhK5peGdl7HKMJMN-XNyyAwA==
chunk-vendors.94b4a82e.js
tools.luckyorange.com/messenger/js/ Frame 7B89 		1 MB
302 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/messenger/js/chunk-vendors.94b4a82e.js
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-117.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0677c7ddbe1d514f886fed6dae932c05293389be7acee88601c473fdc86f6ac1

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 14:28:37 GMT
content-encoding
gzip
via
1.1 091f316f3a7097e8e99dcd660a6b7926.cloudfront.net (CloudFront)
last-modified
Tue, 20 Jun 2023 14:28:12 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
1275729
etag
"561f369642e8b452a65ca6f5cd0a9733"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
308280
x-amz-cf-id
FML8zvARyrpnVNsLMuPaW1k7VPuimXc21S_nXDHMfumerWWzuGVTtA==
init
o2.mouseflow.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o2.mouseflow.com/init?v=17.91&p=0d36df93-4be4-4945-a372-1272a8dd9452&s=cec04657b46c996f0b6f85e97f9cc0bb&page=07054649eb09d94e0ad785b9a225797fcfd3aa9d&ret=0&u=c8a3afdaf6bece75f8e231e4f786ebbb&href=https%3A%2F%2Fwossupport.rf.gd%2Findex.php%3Fs9j7pn5bkb%3D16885470420234fcf607c0603aa4f130aa2dfa94b685477582%26i%3D1&url=%2Findex.php&ref=https%3A%2F%2Fwossupport.rf.gd%2Findex.php%3Fs9j7pn5bkb%3D16885470420234fcf607c0603aa4f130aa2dfa94b685477582&title=%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BC%E3%82%B3%E3%83%BC%E3%83%890x268d3%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9&res=1600x1200&tz=0&to=0&dnt=0&ori=&dw=1600&dh=1200&time=1637&pxr=1&gdpr=0
Requested by
Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/0d36df93-4be4-4945-a372-1272a8dd9452.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.17.186.162 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
Mouseflow /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://wossupport.rf.gd/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
text/plain

Response headers

date
Wed, 05 Jul 2023 08:50:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
Mouseflow
x-recorder
rec-04-eu
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wossupport.rf.gd
access-control-allow-credentials
true
content-length
0
a7d70021-c164-4412-a772-adbefe45863c
https://wossupport.rf.gd/ Frame 881D 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://wossupport.rf.gd/a7d70021-c164-4412-a772-adbefe45863c
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
0
Content-Type
9f1b284d-eee2-4fe5-afe3-f9bf914a6400
https://wossupport.rf.gd/ Frame 881D 		22 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://wossupport.rf.gd/9f1b284d-eee2-4fe5-afe3-f9bf914a6400
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4c4018aaeb57c171f6ee7406708949e8596491a2bc04dfb2595c45351d9c90c

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
22873
Content-Type
search
api-preview.luckyorange.com/conversations/threads/ Frame 7B89 		21 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-preview.luckyorange.com/conversations/threads/search
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/js/chunk-vendors.94b4a82e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
89d6f64fc4b6b092d092522cfbfcdcb2c6df75832018868995c3b3422ee1c68e

Request headers

X-Lucky-Site-Id
ab023d5f
Accept
application/json, text/plain, */*
Referer
https://wossupport.rf.gd/
accept-language
jp-jp,jp;q=0.9
X-Lucky-Uid
ab023d5f-1688547046352-99fe8e92e256a1dd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Jul 2023 08:50:47 GMT
via
1.1 google
server
envoy
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wossupport.rf.gd
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
search
api-preview.luckyorange.com/conversations/threads/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-preview.luckyorange.com/conversations/threads/search
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-lucky-site-id,x-lucky-uid
Access-Control-Request-Method
POST
Origin
https://wossupport.rf.gd
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://wossupport.rf.gd
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 05 Jul 2023 08:50:47 GMT
server
envoy
via
1.1 google
x-envoy-upstream-service-time
0
ab023d5f-1688547046352-99fe8e92e256a1dd
api-preview.luckyorange.com/visitors/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-preview.luckyorange.com/visitors/ab023d5f-1688547046352-99fe8e92e256a1dd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lucky-site-id,x-lucky-uid
Access-Control-Request-Method
GET
Origin
https://wossupport.rf.gd
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 05 Jul 2023 08:50:47 GMT
server
envoy
via
1.1 google
x-envoy-upstream-service-time
1
ab023d5f-1688547046352-99fe8e92e256a1dd
api-preview.luckyorange.com/visitors/ Frame 7B89 		458 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-preview.luckyorange.com/visitors/ab023d5f-1688547046352-99fe8e92e256a1dd
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/messenger/js/chunk-vendors.94b4a82e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
5216faa387027ca8107dbbd952640dfb8406244baddca11706ed17cce69eefce

Request headers

Accept
application/json, text/plain, */*
Referer
https://wossupport.rf.gd/
accept-language
jp-jp,jp;q=0.9
X-Lucky-Uid
ab023d5f-1688547046352-99fe8e92e256a1dd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-Lucky-Site-Id
ab023d5f

Response headers

date
Wed, 05 Jul 2023 08:50:53 GMT
via
1.1 google
server
envoy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-envoy-upstream-service-time
5019
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
458
lo-symbol.f1058a7b.svg
tools.luckyorange.com/messenger/img/ Frame 7B89 		955 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tools.luckyorange.com/messenger/img/lo-symbol.f1058a7b.svg
Requested by
Host: wossupport.rf.gd
URL: https://wossupport.rf.gd/index.php?s9j7pn5bkb=16885470420234fcf607c0603aa4f130aa2dfa94b685477582&i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-117.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91be5e51e61355ad3d0437321595ef56d38ffb0ecd30fdc1482ecb071d18c1c0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://wossupport.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 16:07:02 GMT
via
1.1 091f316f3a7097e8e99dcd660a6b7926.cloudfront.net (CloudFront)
last-modified
Tue, 20 Jun 2023 14:28:15 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C2
age
837825
etag
"f1058a7b7f925134ff12e90f30b6927b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
content-length
955
x-amz-cf-id
3Aq9uoywfJUUG4XuMyzIHY2JKGiuBjutGy1zxkM1X_2ah0OzNrSzKg==
html
o2.mouseflow.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o2.mouseflow.com/html?website=0d36df93-4be4-4945-a372-1272a8dd9452&session=cec04657b46c996f0b6f85e97f9cc0bb&page=07054649eb09d94e0ad785b9a225797fcfd3aa9d&gz=1
Requested by
Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/0d36df93-4be4-4945-a372-1272a8dd9452.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.17.186.162 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
Mouseflow /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://wossupport.rf.gd/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://wossupport.rf.gd
date
Wed, 05 Jul 2023 08:50:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-credentials
true
server
Mouseflow
content-length
0
content-type
text/plain; charset=UTF-8
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin
https://wossupport.rf.gd
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 05 Jul 2023 08:50:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
987
age
8896
cdn-cachedat
09/13/2022 20:52:11
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
66624
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"db812d8a70a4e88e888744c1c9a27e89"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a883d3788a464946aa9e8deea925b278
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7e1e5cd62f688a6e-NRT
cdn-requestpullsuccess
True
dom
o2.mouseflow.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o2.mouseflow.com/dom?gz=1
Requested by
Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/0d36df93-4be4-4945-a372-1272a8dd9452.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.17.186.162 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
Mouseflow /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://wossupport.rf.gd/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://wossupport.rf.gd
date
Wed, 05 Jul 2023 08:50:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-credentials
true
server
Mouseflow
content-length
0
content-type
text/plain; charset=UTF-8
dom
o2.mouseflow.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o2.mouseflow.com/dom?gz=1
Requested by
Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/0d36df93-4be4-4945-a372-1272a8dd9452.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.17.186.162 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
Mouseflow /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://wossupport.rf.gd/
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://wossupport.rf.gd
date
Wed, 05 Jul 2023 08:50:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-credentials
true
server
Mouseflow
content-length
0
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend object| LO function| $ function| jQuery function| getVariableFromURl string| phone string| phone_number object| html5 object| Modernizr object| bootstrap function| addEvent object| modal object| btn undefined| span object| _mfq function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| LOQ object| _loq boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| mouseflow

7 Cookies

Domain/Path Name / Value
wossupport.rf.gd/ Name: __test
Value: c54ff9276ed3d5f2b961d38152b70175
.rf.gd/ Name: _ga_3TR7PMS9YS
Value: GS1.1.1688547046.1.0.1688547046.0.0.0
.rf.gd/ Name: _ga
Value: GA1.1.2009213529.1688547047
.rf.gd/ Name: lo-uid
Value: ab023d5f-1688547046352-99fe8e92e256a1dd
.rf.gd/ Name: lo-visits
Value: 1
.rf.gd/ Name: mf_user
Value: c8a3afdaf6bece75f8e231e4f786ebbb|
.rf.gd/ Name: mf_0d36df93-4be4-4945-a372-1272a8dd9452
Value: cec04657b46c996f0b6f85e97f9cc0bb|07054649eb09d94e0ad785b9a225797fcfd3aa9d.2840121101.1688547046952|1688547046949||0|||0|17.91|77.81498

1 Console Messages

Source Level URL
Text
network error URL: https://errors.infinityfree.net/errors/403/
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-preview.luckyorange.com
cdn.jsdelivr.net
cdn.mouseflow.com
cdnjs.cloudflare.com
code.jquery.com
errors.infinityfree.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
o2.mouseflow.com
settings.luckyorange.com
smarttoday.live
tools.luckyorange.com
wossupport.rf.gd
www.google-analytics.com
www.googletagmanager.com
104.17.24.14
104.18.10.207
104.21.69.121
104.26.8.174
13.33.174.117
142.250.207.42
142.251.42.131
151.101.65.229
151.139.128.10
172.217.175.8
185.17.186.162
185.27.134.57
216.239.32.178
34.107.203.234
69.16.175.10
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0677c7ddbe1d514f886fed6dae932c05293389be7acee88601c473fdc86f6ac1
0e5b6ff49c863112f692e1af6be1e95b615b2fc21d18ad849a61219ed1078375
10a99594267aa4bd3ea83586bbc93bea00f127ac756526763bdf856b437e413c
13ee09efef992ec899ca28dea08d00886fce5e8b3ad6c19e6c753a899bcfdaea
2583d8751556269beb23406aa81e71d3157e3b60a52c27474b49a954d28a79ee
2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49
31681779c6f394370dad146169896e9ec2b8f7c716c4b1db78c459033e48bf95
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479
33db97809bc63a2e2c8163155ad1ee0657d50c00584d5e3d50f8683212ec95c8
38a4631325053d2848d947f0af0e23ed2d86efc143d9811becec972a9ad61f9b
3b50116c3101a511d2559c79c005b6cf57fd89fd52dac1d3566ebaeaf53f1dec
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
40dd8a184408b9c6f376673ffd39c74611f4ef9ff0a1daa8b3760015d801883d
43703d37b8fe2769cb2e12db7aa281dbcca175124d05ff4b0cc3d152534698a4
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
4a5bcf47e0ad55e1760ae95932886ce0424772f5105efed5a4177747cc169508
5216faa387027ca8107dbbd952640dfb8406244baddca11706ed17cce69eefce
598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
87365b52e61ce1f1e536bc9d68df10c54806618a91165bfec69a25c2e65ddacd
89d6f64fc4b6b092d092522cfbfcdcb2c6df75832018868995c3b3422ee1c68e
91be5e51e61355ad3d0437321595ef56d38ffb0ecd30fdc1482ecb071d18c1c0
a4c4018aaeb57c171f6ee7406708949e8596491a2bc04dfb2595c45351d9c90c
a64809b121a623f12b805aae55047b721691ef0b2093ef940ad4f3d1ada63aa8
ac9859cce1a917e02aed963bf1351b847bd893cab6229204f03af99d71713048
aeca40d7d9c38b0e118e2c7abd082a7e609284396b20c89a38b2cb5844c61ef4
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b2901f408265c7a9d8d5cfe0c8865e27289949848862945f8a3eda85898100be
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e
bc42ff6262c121035b412fdc45b304ca56ed0353704f77702a4c2b50162da702
c0e7be4528cf4d58de02bb42cfbd4f9fcf78189e411e8847f6604fdddd32479f
c85d73fc047c17a081f3da69eb9885ae5c142b7418aef114a93d43c63ae89a72
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d3208cfa5ef112cb02b5c9b160f3f40a75961b113c5de6017416704eadc88999
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
dfcc16fd49167f62d2acb07ed991fb0535f5ca863c5c15cfa20cfd76c1b1cfbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40d3814614580ebf09dcb473a120b2baf5d429d6394dd0baaa6216d190b32df
e5cf7987f8eda377da9ce7bb1aed3144eccc244cac88c225d3c3d2f7a1226494
e8e65d2f80115c8b0fa2c26cce598b99aa247aa1f7b008cdff2bc96c2e976058
ecc70814d107f2a64331b496f44652d8e894b488ada04203df65b7465220de8b
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
fe7622e5cee2bcdd0d9e6dcd28d0199d4962db0dbfec9c5917a8e1194d819ffd
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995