voice-chat-e42b.gzklq0kj.workers.dev Open in urlscan Pro
172.67.216.190  Malicious Activity! Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response voice-chat-e42b.gzklq0kj.workers.dev/	1006 KB 497 KB	742ms 679ms	Document text/html	172.67.216.190 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.216.190 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce2de9e0f154af31f981ac4ad378b870b9821f597ff40949fa5f84de06dcd4f7 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8abe26af6c6465e0-FRA content-encoding br content-type text/html date Wed, 31 Jul 2024 14:06:48 GMT last-modified Thu, 27 Oct 2022 16:36:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9kNo93txHj5Htbyn0G7Z%2F%2B2OthBsVQfcgoAmxpqLtZBDgR%2BpJ7VHiHyHq%2B3kgf3yavaxnBnrBfTdUQjyLMftoUy%2FZINRVe%2BhP6RZRZE%2FQfiuMuLxLRzaOIdYt1kNnTebgauk5%2F1Vn41Ti6zrYaJIrVa9JRrSLKs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=63072000 vary Accept-Encoding x-amz-id-2 aNXs0iGIIOXwzFDZOMftkrTLEMsE4B2Gr x-amz-meta-src_last_modified_millis 1666888148063 x-amz-request-id d654d9874b864ecc x-amz-version-id 4_z05b43b7943c611ad8242081a_f115fdc8d6d463277_d20221027_m163634_c004_v0402012_t0040_u01666888594670
GET H2	200	jquery-3.4.1.min.js Show response code.jquery.com/	86 KB 30 KB	161ms 57ms	Script application/javascript	2a04:4e42:600::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.min.js Requested by Host: voice-chat-e42b.gzklq0kj.workers.dev URL: https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers Referer https://voice-chat-e42b.gzklq0kj.workers.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 14:06:49 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 2528546 x-cache HIT, HIT content-length 30638 x-served-by cache-lga21965-LGA, cache-mxp6933-MXP last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1722434809.019174,VS0,VE0 etag W/"28feccc0-15851" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 147878, 12096
GET BLOB	200 OK	a258374e-3183-40f1-bbe9-4f47c6274c73 Show response https://voice-chat-e42b.gzklq0kj.workers.dev/	754 KB 0		Document text/html
General Check archive.org Show headers Download Go to Full URL blob:https://voice-chat-e42b.gzklq0kj.workers.dev/a258374e-3183-40f1-bbe9-4f47c6274c73 Requested by Host: voice-chat-e42b.gzklq0kj.workers.dev URL: https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 219cf19c5e6c612ba689a3e788d58e5387d8764aa4112402a7a39c432e3eb52e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Length 771762 Content-Type text/html
GET		favicon.ico voice-chat-e42b.gzklq0kj.workers.dev/	0 0
GET H3	200	css api.rename-service0.workers.dev/	7 KB 1 KB	260ms 185ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/css?family=PT+Sans:400 Requested by Host: voice-chat-e42b.gzklq0kj.workers.dev URL: https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb39af57479f04518b464a917a20921f9f25739ec733cba0e5f1d5b7315a4a57 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 14:06:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 142299 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"css.1da7928062" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0QUtJ3PteQslStN1OEJmvj%2F%2BPHbaacQ8cocNfQVXluC0RY%2FOG9%2Bmk6prG5iXeleUrnSmY1SPkFFGSvP71l%2BeAvIxJPWdmMxcCwE0Qsa8%2BfYSciyj5nT8b8Myuw8BJdVrutKokrQ47bUrs%2B6YPRGOQMv8"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8abe26baf95d5b3e-FRA
GET H3	200	css api.rename-service0.workers.dev/	7 KB 1 KB	261ms 186ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/css?family=PT+Sans:700 Requested by Host: voice-chat-e42b.gzklq0kj.workers.dev URL: https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb39af57479f04518b464a917a20921f9f25739ec733cba0e5f1d5b7315a4a57 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 14:06:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 142299 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"css.1da7928062" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EUIFKPmIxuHPdUCaJyaA%2F3CoJN7nAsT5wwfS33z3UcryOZSwC2vP3%2Fx5SXIPhrXFgv1Zko0k1F8TAQCcCbjnikwMhZpYhCVdShH4gLBjetLB%2FcKW9oSXlunKecx5EKgaCyZGMPn0940quaGJv0tYRnr3"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8abe26baf9615b3e-FRA
GET H3	200	css api.rename-service0.workers.dev/	7 KB 1 KB	260ms 186ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/css?family=PT+Sans:400italic Requested by Host: voice-chat-e42b.gzklq0kj.workers.dev URL: https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb39af57479f04518b464a917a20921f9f25739ec733cba0e5f1d5b7315a4a57 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 14:06:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 142299 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"css.1da7928062" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pea9lK7cQ0ObeR48K2j5dOXK08JPDcwDkrzCCxSd0PVj%2Fa0%2FrR6FWx5ekmi21s7e4H66cYjlEWMYs9jn6lzYrB8u5gsFtggRuSs2w%2FlIzExFnx69uD531IBtzdrsaHZ9aWVpYs3jE4A3%2FSzbgxwzChxi"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8abe26baf9605b3e-FRA
GET H3	200	css api.rename-service0.workers.dev/	7 KB 1 KB	259ms 185ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/css?family=PT+Sans:700italic Requested by Host: voice-chat-e42b.gzklq0kj.workers.dev URL: https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb39af57479f04518b464a917a20921f9f25739ec733cba0e5f1d5b7315a4a57 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 14:06:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 142299 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"css.1da7928062" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7GvS%2FY3jETTKKYEk4wMV2FBceZHh4ROVMhe57KUhV4XW8e5a%2Bo3TTHRY52y9yGUceYI3YQBRp%2B1xnQVCobk%2FV7gXAcNwjkHQqpRsGDMJN2Fv6eDxDjpt8VuPqJwvZM8vrCUBkHbxQmyLjiMmVnXrA%2FeH"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8abe26baf9625b3e-FRA
GET H3	200	font-1.2.css api.rename-service0.workers.dev/	2 KB 778 B	260ms 185ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/font-1.2.css Requested by Host: voice-chat-e42b.gzklq0kj.workers.dev URL: https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cdc08c78d317a7163dcdd852e85319c477d5272897a250d28e562f699f9d6e4 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 14:06:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 142299 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"font-1.2.c193dd3ef6.css" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CHQINYg3anJCqdDwFVNpU2eKtm7yPF69nEi1XDVw1ObfWQ6RTwP11OM2%2FqDvgRHjsL7iKocey%2Bm8P%2BSXMsO0riwYm4jqoYctMDiBkq%2F481%2BhwUfMvv%2FJ4bolG6l7x3SAfSelw1dVhlaaxv3aiMkHtTuF"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8abe26baf95e5b3e-FRA
GET H3	200	redesign_fonts.css api.rename-service0.workers.dev/	5 KB 966 B	136ms 62ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/redesign_fonts.css Requested by Host: voice-chat-e42b.gzklq0kj.workers.dev URL: https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc15754d44e7ee5a41927be3ef6b902cae28014d57ae6f591eb576f221bd237c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 14:06:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 142299 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"redesign_fonts.ab1e65f9f5.css" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9tBko4t4bfFEx8pQfqSsBnX48vRAjetAsNF5VFNTNUnAn3R5E2yps6PlHBU0WXWsWzxHZcZ6D9vc%2F3836iym677OJTixXq4FHXYGDAcJe9ghxe1LmwWcR1C32iN4JFtUw4oaE8tFNqzQAl2ZCUWJGMlU"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8abe26baf9595b3e-FRA
GET H3	200	base_external.css api.rename-service0.workers.dev/	30 KB 6 KB	219ms 144ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/base_external.css Requested by Host: voice-chat-e42b.gzklq0kj.workers.dev URL: https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 891410621746b2ff6d1e4830eb0d819521c9b01e9e213257fcd4d2f554ff1a61 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 14:06:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 142299 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"base_external.4e102eeb51.css" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y04dihCJvisSMnqUsDFiH4x4mB8VQ0ABBnvnR2kV43%2FCwffobgZgfQ8ngsSog60n4%2F%2FOOBQeWQ%2BZB%2FXrtr9ofDgOkxj%2BFGhd5SVBwXiG9EwRjWwIZpieON146zcHsieRtGCs6Yb9SL4Uzz1wdvj%2F%2Bf7C"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8abe26baf95b5b3e-FRA
GET H3	200	166.css api.rename-service0.workers.dev/	428 B 731 B	180ms 106ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/166.css Requested by Host: voice-chat-e42b.gzklq0kj.workers.dev URL: https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c98d3a9b8c08a5813b773e49994d1ada4cb43a72f655c71b8efa33dbacc3f60 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 14:06:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 142299 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"166.32916c6d57.css" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XUVz2UUKYQopZH4BU0Wg24uXwLmsipOk9kbWX2nSj0YovCHVbsFY5fePINHCHFoLR0j7zBvVYH07iGBaNoV5BprBgH8yvKW5CdPxgyeul1L5PtO%2BMSyyTQER%2F01xDtvIfSDKRvupksPD7A4SLJbmIjSh"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8abe26baf9585b3e-FRA
GET H3	200	theme.css api.rename-service0.workers.dev/	37 KB 8 KB	140ms 67ms	Stylesheet text/css	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/theme.css Requested by Host: voice-chat-e42b.gzklq0kj.workers.dev URL: https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92023afd6feb8f5fe2ab0b2622ddae9e26d5027996df15fe0b33714c7f3dba37 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 14:06:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 106163 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"theme.5cf2c65f5e.css" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dnmr55GjovTbBBnHRUtVumdPYKR2zESgTYzhRb8NkS8jKfK9CBtWhx%2BqPPN%2FsIH1RX0Tzy4HVMGUFi%2Fkij5k2qkMaRPRAOvzzEC9ysnsYOIcAoi7pi4gdG7XSzuuUwGFh7tM4Chaf5qrDamT6PH8ZeVU"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8abe26baf9575b3e-FRA
GET H3	200	jquery-3.5.1.min.js Show response api.rename-service0.workers.dev/	87 KB 32 KB	178ms 105ms	Script application/javascript	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/jquery-3.5.1.min.js Requested by Host: voice-chat-e42b.gzklq0kj.workers.dev URL: https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 31 Jul 2024 14:06:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 160147 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"jquery-3.5.1.min.76bb118f46.js" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ZsxKCN%2FAD5kr6Sb8kqDYKGpHsTmorpxbXiKx5VXhI0GSkFF7xnm4jBR%2B5gpPJ6G9x4UG0gNDZBmn2naLoUMV6ofVw9QZiozeC4WN%2B3GHmy6%2BJecBe3Xqm2j5GmrX46Ly%2FtKpHD4%2FWaT2JlKiaFDOqsx"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8abe26baf95a5b3e-FRA
GET H3	200	jquery-migrate-3.3.1.min.js Show response api.rename-service0.workers.dev/	11 KB 5 KB	233ms 161ms	Script application/javascript	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/jquery-migrate-3.3.1.min.js Requested by Host: voice-chat-e42b.gzklq0kj.workers.dev URL: https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90a8d6a27a26f746b4b263102f4fe120e956d99e3789325aafc7d6b7ca0ff0e4 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 31 Jul 2024 14:06:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 61080 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"jquery-migrate-3.3.1.min.4a9b3d1a73.js" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TcGtjZwvtqDQTxwP7G34pTn97m1l1GHAdV3%2Bw5CGGoYEJZJvUETTDY6XN2FUOqaJOMF2K4m1v%2FNErWiJwj63KU%2F0WXajIKe%2FZwKDqMR2keVHto7kxs0yNtXanBXsPix1zGVJd0FLRz5LXcwlcKcnnXKv"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8abe26baf95c5b3e-FRA
GET H3	200	moment.min.js Show response api.rename-service0.workers.dev/	18 KB 7 KB	138ms 66ms	Script application/javascript	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.rename-service0.workers.dev/moment.min.js Requested by Host: voice-chat-e42b.gzklq0kj.workers.dev URL: https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a52005e60e92f39a0744fe733d45496ad3769634edbbbc74df1267f9639f522 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 31 Jul 2024 14:06:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 61080 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"moment.min.7f22d534a7.js" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k3LAYtew7CE8obwLeRmQmkxNWdvmPBH0vYW2kByFg3ucQxihZ7xqFp06OZvVl1xZ1IdsImlp8oyWgBwwcj49pV5p4A34P7XRQjxwlj7JA29e9beAaqUxewjnvwC65qkTTqehqd2bB%2BIVGf5HXuRHNZFn"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8abe26baf9545b3e-FRA
GET H3	200	heagregauwe.png api.rename-service0.workers.dev/	2 KB 2 KB	57ms 56ms	Image image/png	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://api.rename-service0.workers.dev/heagregauwe.png Requested by Host: voice-chat-e42b.gzklq0kj.workers.dev URL: https://voice-chat-e42b.gzklq0kj.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7248b8c4a08b8a45d4add928a459a98f12d61c02f5a7886f14bec7084e8ffdcb Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 14:06:50 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 142296 alt-svc h3=":443"; ma=86400 content-length 1737 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag "heagregauwe.b2def557d4.png" vary Accept-Encoding x-frame-options DENY content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8SJqixsxH5VO8IWx%2FUA94afrtsoe2d85%2FShximM6%2FQ5rZBgUEjywgyZmdTCXvyOPFyEGIP9huvKXOCiSUuluT2dH6FHC7vvLhw9wvfuCp124Shv9o1%2BSU9AX6UUI1vjlgagttOs4phSNG3gEO%2FylNLZb"}],"group":"cf-nel","max_age":604800} feature-policy none accept-ranges bytes cf-ray 8abe26bc3a815b3e-FRA
GET		PTSans-Regular.ttf api.rename-service0.workers.dev/PTSans/	0 0
GET H2	200	jizaRExUiTo99u79D0KExcOPIDU.woff2 fonts.gstatic.com/s/ptsans/v16/	11 KB 12 KB	128ms 42ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExcOPIDU.woff2 Requested by Host: api.rename-service0.workers.dev URL: https://api.rename-service0.workers.dev/css?family=PT+Sans:400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ce74486e1edf5e3a7f3d0235aff5fd17b7fa0c7832648ab170a516bb1b804a8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://api.rename-service0.workers.dev/css?family=PT+Sans:400 Origin https://voice-chat-e42b.gzklq0kj.workers.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 00:48:57 GMT x-content-type-options nosniff age 47873 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11340 x-xss-protection 0 last-modified Wed, 26 Jan 2022 18:57:49 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 31 Jul 2025 00:48:57 GMT
GET H3	200	782yfuiha4398.ico imgs.rename-service0.workers.dev/	1 KB 870 B	116ms 87ms	Other image/vnd.microsoft.icon	172.67.209.83 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://imgs.rename-service0.workers.dev/782yfuiha4398.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.209.83 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ca433acb452f6a2c1459ce7f85b17da882d347b13990a275d55e2b15130116d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 31 Jul 2024 14:06:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 48692 alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy unsafe-url server cloudflare etag W/"782yfuiha4398.49f6f302d9.ico" vary Accept-Encoding x-frame-options DENY content-type image/vnd.microsoft.icon report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MUTnrU8LNErgyMgGOKAls79sXXtWClmICMa7Z1aTORFzEsx5tcnsSYWxeY4W95GBZTnCBL%2BMp6Xi93LwcZbG9yfsXGY2wbcyT9QtL8Xu0HTln%2Fb%2F0QytnNN3KoHGjporGcseq5bzoMwvUTEY6Rp%2BiP%2FUlg%3D%3D"}],"group":"cf-nel","max_age":604800} feature-policy none cf-ray 8abe26be0bd55b3e-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

voice-chat-e42b.gzklq0kj.workers.dev

URL

https://voice-chat-e42b.gzklq0kj.workers.dev/favicon.ico

Domain

api.rename-service0.workers.dev

URL

https://api.rename-service0.workers.dev/PTSans/PTSans-Regular.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ourtime.com (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| s string| m string| _0xodl number| _0xodl_ object| _0x4434 function| _0x5621 function| jQuery function| $jq string| _0xodk number| _0xodk_ object| _0x5e8d function| _0x462f function| moment function| unlockPage

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/jquery-3.5.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/jquery-3.5.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/jquery-migrate-3.3.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.rename-service0.workers.dev/moment.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: blob:https://voice-chat-e42b.gzklq0kj.workers.dev/a258374e-3183-40f1-bbe9-4f47c6274c73 Message: Access to font at 'https://api.rename-service0.workers.dev/PTSans/PTSans-Regular.ttf' from origin 'https://voice-chat-e42b.gzklq0kj.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rename-service0.workers.dev/PTSans/PTSans-Regular.ttf Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.rename-service0.workers.dev
code.jquery.com
fonts.gstatic.com
imgs.rename-service0.workers.dev
voice-chat-e42b.gzklq0kj.workers.dev
api.rename-service0.workers.dev
voice-chat-e42b.gzklq0kj.workers.dev

172.67.209.83
172.67.216.190
2a00:1450:4001:80b::2003
2a04:4e42:600::649
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c98d3a9b8c08a5813b773e49994d1ada4cb43a72f655c71b8efa33dbacc3f60
1ce74486e1edf5e3a7f3d0235aff5fd17b7fa0c7832648ab170a516bb1b804a8
219cf19c5e6c612ba689a3e788d58e5387d8764aa4112402a7a39c432e3eb52e
2cdc08c78d317a7163dcdd852e85319c477d5272897a250d28e562f699f9d6e4
3ca433acb452f6a2c1459ce7f85b17da882d347b13990a275d55e2b15130116d
5a52005e60e92f39a0744fe733d45496ad3769634edbbbc74df1267f9639f522
7248b8c4a08b8a45d4add928a459a98f12d61c02f5a7886f14bec7084e8ffdcb
891410621746b2ff6d1e4830eb0d819521c9b01e9e213257fcd4d2f554ff1a61
90a8d6a27a26f746b4b263102f4fe120e956d99e3789325aafc7d6b7ca0ff0e4
92023afd6feb8f5fe2ab0b2622ddae9e26d5027996df15fe0b33714c7f3dba37
cc15754d44e7ee5a41927be3ef6b902cae28014d57ae6f591eb576f221bd237c
ce2de9e0f154af31f981ac4ad378b870b9821f597ff40949fa5f84de06dcd4f7
eb39af57479f04518b464a917a20921f9f25739ec733cba0e5f1d5b7315a4a57
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b