zikarutcostume.live Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe
Effective URL:
https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
Submission: On August 28 via api (August 28th 2023, 4:08:17 pm UTC) from US — Scanned from FR

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 16 domains to perform 44 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is zikarutcostume.live.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 13th 2023. Valid for: a year.

This is the only time zikarutcostume.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Orange (Telecommunication) Customer Survey Spam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
2	107.22.69.35 107.22.69.35	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700:10:... 2606:4700:10::ac43:5d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	44.240.69.193 44.240.69.193	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	130.211.29.114 130.211.29.114	15169 (GOOGLE) (GOOGLE)
2	35.241.15.240 35.241.15.240	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 1	52.33.207.7 52.33.207.7	16509 (AMAZON-02) (AMAZON-02)
1	141.98.5.122 141.98.5.122	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
1	3.248.161.234 3.248.161.234	16509 (AMAZON-02) (AMAZON-02)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
44	18

2 107.22.69.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-69-35.compute-1.amazonaws.com

www.pickleballtournaments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:5d8 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.240.69.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-69-193.us-west-2.compute.amazonaws.com

www.adplugg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.29.114 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 114.29.211.130.bc.googleusercontent.com

cdn.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.15.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com

cas.avalon.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.33.207.7 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-207-7.us-west-2.compute.amazonaws.com

gmx000.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.98.5.122 (Bulgaria)

ASN8100 (ASN-QUADRANET-GLOBAL, US)

staturemuscle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.161.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-161-234.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

touristbarn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

zikarutcostume.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	zikarutcostume.live zikarutcostume.live	309 KB
3	perfdrive.com cdn.perfdrive.com — Cisco Umbrella Rank: 20197 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 8765	9 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37 region1.google-analytics.com — Cisco Umbrella Rank: 2412	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	216 B
2	adplugg.com www.adplugg.com — Cisco Umbrella Rank: 83198	71 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	87 KB
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 5855 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 5212	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 ajax.googleapis.com — Cisco Umbrella Rank: 366	31 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 334	47 KB
2	pickleballtournaments.com www.pickleballtournaments.com — Cisco Umbrella Rank: 552668	75 KB
1	touristbarn.com 1 redirects touristbarn.com	665 B
1	staturemuscle.com staturemuscle.com	443 B
1	gmx000.de 1 redirects gmx000.de	284 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	79 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 93	356 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 736	30 KB
44	16

	Domain	Requested by
20	zikarutcostume.live	staturemuscle.com zikarutcostume.live
2	www.facebook.com	www.pickleballtournaments.com
2	cas.avalon.perfdrive.com	cdn.perfdrive.com
2	www.google-analytics.com	www.pickleballtournaments.com www.google-analytics.com
2	www.adplugg.com	www.pickleballtournaments.com www.adplugg.com
2	connect.facebook.net	www.pickleballtournaments.com connect.facebook.net
2	cdn.jsdelivr.net	www.pickleballtournaments.com
2	www.pickleballtournaments.com	www.pickleballtournaments.com
1	ajax.googleapis.com	zikarutcostume.live
1	touristbarn.com	1 redirects
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	staturemuscle.com
1	gmx000.de	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.perfdrive.com	www.pickleballtournaments.com
1	rum-static.pingdom.net	www.pickleballtournaments.com
1	code.jquery.com	www.pickleballtournaments.com
1	fonts.googleapis.com	www.pickleballtournaments.com
44	20

This site contains no links.

Subject Issuer	Validity	Valid
*.pickleballtournaments.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2022-11-13` - `2023-11-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-07` - `2023-09-05`	3 months	crt.sh
*.adplugg.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-06` - `2024-01-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2022-09-20` - `2023-09-26`	a year	crt.sh
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2023-07-24` - `2024-08-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
staturemuscle.com R3	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.pingdom.net Amazon RSA 2048 M01	`2023-02-10` - `2023-12-20`	10 months	crt.sh

This page contains 1 frames:

Primary Page: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
Frame ID: E0A523252F9D041259E9196C3D011570
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lots destinés aux membres de Orange

Page URL History Show full URLs

https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe Page URL
http://gmx000.de/ HTTP 307
https://staturemuscle.com/0/0/0/58cef7d96d313f6ac26bf8c3cd23d706/gg Page URL
https://touristbarn.com/index2.php?s1=350344&s2=1043682912&s3=2792&ow=60&p=fr5org1a HTTP 302
https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

44
Requests

100 %
HTTPS

65 %
IPv6

16
Domains

20
Subdomains

18
IPs

6
Countries

764 kB
Transfer

1872 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe Page URL
http://gmx000.de/ HTTP 307
https://staturemuscle.com/0/0/0/58cef7d96d313f6ac26bf8c3cd23d706/gg Page URL
https://touristbarn.com/index2.php?s1=350344&s2=1043682912&s3=2792&ow=60&p=fr5org1a HTTP 302
https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

http://gmx000.de/ HTTP 307
https://staturemuscle.com/0/0/0/58cef7d96d313f6ac26bf8c3cd23d706/gg

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK clickthru.pl Show response
www.pickleballtournaments.com/ 4 KB
5 KB 688ms
339ms Document
text/html 107.22.69.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.69.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-69-35.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 0e78eac543e214e1c69c896c7e6a533456bfede8ec3842b5572ec0514e581fe4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: public, no-transform, must-revalidate
Connection: close
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Aug 2023 16:08:11 GMT
Expires: Sun, 27 Aug 2023 16:08:12 GMT
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 157 KB
25 KB 83ms
32ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: www.pickleballtournaments.com
URL: https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pickleballtournaments.com/
Origin: https://www.pickleballtournaments.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13552577
x-jsd-version: 4.5.3
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230071-FRA, cache-bma1663-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e94Vouo%2FasEGhH10BCWYwveFNpHMFh4I%2Bxiy5ESsvTmRlO7b8fXfHjXh1z8Wvt0HUHhfRoRfemNs5MPy4m2Zk1iiZA4raK0n3WuZhQaBO7nzpg%2B0i%2BvTS6KfsX%2FOwceb2%2F4HnPOvZKJbCn7vxKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7fddcfc49da6f8cd-CDG

GET
H/1.1 200
OK style.css
www.pickleballtournaments.com/css/ 70 KB
71 KB 304ms
101ms Stylesheet
text/css 107.22.69.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pickleballtournaments.com/css/style.css?v=202302152
Requested by: Host: www.pickleballtournaments.com
URL: https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.69.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-69-35.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 72f3913e0967d0b19d1e0bb63d155dd7fd2cccabad731000a87f996d28e33fe1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 28 Aug 2023 16:08:12 GMT
Server: Apache
Content-Type: text/css
Cache-Control: max-age=2592000, public, no-transform, must-revalidate
Connection: close
Accept-Ranges: bytes
Content-Length: 71939
Expires: Wed, 27 Sep 2023 16:08:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
993 B 100ms
37ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fjalla+One|Nunito:400,600,700,800

Requested by

Host: www.pickleballtournaments.com
URL: https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65345ea727461d1fd721610ec7252cad627988f11874561ff58f268018fc3c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pickleballtournaments.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Aug 2023 16:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 28 Aug 2023 16:08:12 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 84ms
38ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.pickleballtournaments.com
URL: https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pickleballtournaments.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:12 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15d84"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1693238892.cdn4-pxy218-cdg02.pa1.evs,1693238892.cds214.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 30879

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
23 KB 79ms
29ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: www.pickleballtournaments.com
URL: https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pickleballtournaments.com/
Origin: https://www.pickleballtournaments.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16184075
x-jsd-version: 4.5.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA, cache-yyz4562-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ky8Wg%2F5yo8gD2Qs23utLsJ1dDlJGQXJGSAOR0fZIAogGfvCg%2BKnZt0G%2Fms24NXReaunXHpaauH6PWuVfp%2FcY%2FNpJRsX7YOzmN9if4hMdkcEOfF3yoomvi%2FcgU2xC2xOWAQZb1Njw5JqbDkb9cX8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7fddcfc49da7f8cd-CDG

GET
H2 200 pa-5c0570169a3f8300160000dd.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 106ms
49ms Script
application/javascript 2606:4700:10::ac43:5d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5c0570169a3f8300160000dd.js
Requested by: Host: www.pickleballtournaments.com
URL: https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:5d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 360cf3ed328e9d6ed33e6d1d614cb33e82ae1f62aaefa10e87fdbff23e2fe105

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pickleballtournaments.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:12 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
server: cloudflare
etag: W/"63490024-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7fddcfc54e673d0b-CDG
expires: Mon, 28 Aug 2023 16:13:12 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 193 KB
52 KB 75ms
25ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.pickleballtournaments.com
URL: https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pickleballtournaments.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Aug 2023 16:08:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52127
x-xss-protection: 0
pragma: public
x-fb-debug: bnW4V+n4WULMypw65H1GoTX2Qnf3FXzleRvu/kNn/1C7Fn2RZ+B/gdfNGXAlzX24/xCniWh8Dw0c9QNxd3KAXA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK ad.js Show response
www.adplugg.com/serve/A48222106/js/1.1/ 257 KB
70 KB 841ms
330ms Script
text/javascript 44.240.69.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adplugg.com/serve/A48222106/js/1.1/ad.js
Requested by: Host: www.pickleballtournaments.com
URL: https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.69.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-69-193.us-west-2.compute.amazonaws.com
Software: nginx/1.15.5 /
Resource Hash: d60ddadb370266b9fc6b293d89a499ef673e25c9595a2f8bd88cfd9d9229b430

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pickleballtournaments.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 28 Aug 2023 16:08:13 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Server: nginx/1.15.5
Age: 9
ETag: W/"2.155"
Vary
X-Cache: HIT
Content-Type: text/javascript;charset=UTF-8
X-Varnish: 48492540 48492428
Cache-Control: max-age=60, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71366

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 87ms
25ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.pickleballtournaments.com
URL: https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pickleballtournaments.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 28 Aug 2023 15:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1109
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 28 Aug 2023 17:49:43 GMT

GET
H2 200 aperture.js Show response
cdn.perfdrive.com/aperture/ 26 KB
8 KB 69ms
20ms Script
application/javascript 130.211.29.114
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.perfdrive.com/aperture/aperture.js
Requested by: Host: www.pickleballtournaments.com
URL: https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.29.114 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 114.29.211.130.bc.googleusercontent.com
Software: nginx/1.24.0 /
Resource Hash: 9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pickleballtournaments.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 15:09:05 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 21 Jul 2023 07:03:08 GMT
server: nginx/1.24.0
age: 3547
etag: W/"64ba2dac-6844"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7938

POST
H2 200 jsdata Show response
cas.avalon.perfdrive.com/ 316 B
470 B 91ms
27ms XHR
text/plain 35.241.15.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash: f1658e1c0cf855209e9bff1062c796dde0b336139ad62af4459dddb5105d0164

Request headers

Referer: https://www.pickleballtournaments.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
x-response-time: 0ms
date: Mon, 28 Aug 2023 16:08:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
content-type: text/plain; charset=UTF-8

POST
H2 200 jsdata Show response
cas.avalon.perfdrive.com/ 211 B
277 B 89ms
28ms XHR
text/plain 35.241.15.240
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 28f78190745ed952807d0dbaadccea01e90ff11920f997d92ffd9761db8d7544

Request headers

Referer: https://www.pickleballtournaments.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
x-response-time: 1ms
date: Mon, 28 Aug 2023 16:08:12 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211
content-type: text/plain; charset=UTF-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
232 B 34ms
33ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=175085767&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pickleballtournaments.com%2Fclickthru.pl%3Flink%3Dgmx000.d%25cd%258fe&ul=en-us&de=UTF-8&dt=PickleballTournaments.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=484819291&gjid=537210733&cid=1545626290.1693238893&tid=UA-82207385-1&_gid=889451645.1693238893&_r=1&_slc=1&z=1354084029

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

cb656b543d15b9e0b7b545a204f509e8c0f607e84454dc6a8e734cf0c1ad1124

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pickleballtournaments.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 16:08:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pickleballtournaments.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 504416290304798 Show response
connect.facebook.net/signals/config/ 137 KB
35 KB 87ms
86ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/504416290304798?v=2.9.125&r=stable&domain=www.pickleballtournaments.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bdfae7d6ca18919ded93b0c4537c2a17cc2233dd272ac5e96a42588b57f6ca82

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pickleballtournaments.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Aug 2023 16:08:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 7EaT49QEB9gIcv2FhUW8l9yL1lVllULeUjkpFnh/nEgESqYOxYhl1/zDDUnaaijgtclakvRqEHAjji5Iv2eJ2A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
356 B 72ms
24ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-82207385-1&cid=1545626290.1693238893&jid=484819291&gjid=537210733&_gid=889451645.1693238893&_u=IEBAAEAAAAAAACAAI~&z=235606886

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pickleballtournaments.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Aug 2023 16:08:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pickleballtournaments.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
79 KB 105ms
43ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0H4MBYX4GB&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c73c6c4472adcd281d0b84758f208bc47827bf7128e0fc195901a69cdbc9b4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pickleballtournaments.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80593
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 28 Aug 2023 16:08:12 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 76ms
23ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=504416290304798&ev=PageView&dl=https%3A%2F%2Fwww.pickleballtournaments.com%2Fclickthru.pl%3Flink%3Dgmx000.d%25cd%258fe&rl=&if=false&ts=1693238893009&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693238893007.1889117185&it=1693238892889&coo=false&rqm=GET

Requested by

Host: www.pickleballtournaments.com
URL: https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pickleballtournaments.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Aug 2023 16:08:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
264 B 70ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0H4MBYX4GB&gtm=45je38n0&_p=175085767&ul=en-us&sr=1600x1200&cid=1545626290.1693238893&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.pickleballtournaments.com%2Fclickthru.pl%3Flink%3Dgmx000.d%25cd%258fe&dt=PickleballTournaments.com&sid=1693238893&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0H4MBYX4GB&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pickleballtournaments.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 16:08:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pickleballtournaments.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 24ms
23ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=504416290304798&ev=Microdata&dl=https%3A%2F%2Fwww.pickleballtournaments.com%2Fclickthru.pl%3Flink%3Dgmx000.d%25cd%258fe&rl=&if=false&ts=1693238893512&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22PickleballTournaments.com%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22PickleballTournaments.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd19tk3kcca881p.cloudfront.net%2Flogos%2Fpt.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1693238893007.1889117185&it=1693238892889&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.pickleballtournaments.com
URL: https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pickleballtournaments.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Aug 2023 16:08:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK jsonp.js
www.adplugg.com/apusers/autoins/A48222106/js/1.0/ 641 B
613 B 169ms
168ms Script
application/javascript 44.240.69.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adplugg.com/apusers/autoins/A48222106/js/1.0/jsonp.js?hn=www.pickleballtournaments.com&bu=%2Fclickthru.pl%3Flink%3Dgmx000.d%25cd%258fe
Requested by: Host: www.adplugg.com
URL: https://www.adplugg.com/serve/A48222106/js/1.1/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.69.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-69-193.us-west-2.compute.amazonaws.com
Software: nginx/1.15.5 /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pickleballtournaments.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 28 Aug 2023 16:08:13 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Tue, 22 Aug 2023 18:10:29 GMT
Server: nginx/1.15.5
Age: 0
ETag: W/"1.2.0"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript;charset=UTF-8
X-Varnish: 68969577
Cache-Control: public, max-age=60
Connection: keep-alive
Content-Length: 228

GET
H/1.1

200
OK

gg
staturemuscle.com/0/0/0/58cef7d96d313f6ac26bf8c3cd23d706/
Redirect Chain

http://gmx000.de/
https://staturemuscle.com/0/0/0/58cef7d96d313f6ac26bf8c3cd23d706/gg

146 B
443 B

979ms
504ms

Document
text/html

141.98.5.122
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://staturemuscle.com/0/0/0/58cef7d96d313f6ac26bf8c3cd23d706/gg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 141.98.5.122 , Bulgaria, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.pickleballtournaments.com/clickthru.pl?link=gmx000.d%cd%8fe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: fr-FR,fr;q=0.9

Response headers

content-length: 146
content-type: text/html; charset=UTF-8
date: Mon, 28 Aug 2023 16:08:15 GMT
server: Apache

Redirect headers

Connection: keep-alive
Content-Length: 168
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Aug 2023 16:08:14 GMT
Location: https://staturemuscle.com/0/0/0/58cef7d96d313f6ac26bf8c3cd23d706/gg
Server: openresty
X-Frame-Options: sameorigin

GET
H/1.1 200
OK beacon.gif
rum-collector-2.pingdom.net/img/ 0
213 B 155ms
29ms XHR
text/plain 3.248.161.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5c0570169a3f8300160000dd&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=50&cE=349&dLE=50&dLS=1&fS=0&hS=148&rE=-1&rS=-1&reS=349&resS=689&resE=699&uEE=-1&uES=-1&dL=693&dI=1244&dCLES=1244&dCLEE=1244&dC=2436&lES=2436&lEE=2441&s=nt&title=PickleballTournaments.com&path=https%3A%2F%2Fwww.pickleballtournaments.com%2Fclickthru.pl&ref=&sId=z2ddq81h&sST=1693238893&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5c0570169a3f8300160000dd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.161.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-161-234.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.pickleballtournaments.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 28 Aug 2023 16:08:14 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2

200

Primary Request / Show response
zikarutcostume.live/
Redirect Chain

https://touristbarn.com/index2.php?s1=350344&s2=1043682912&s3=2792&ow=60&p=fr5org1a
https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

24 KB
6 KB

528ms
343ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Requested by

Host: staturemuscle.com
URL: https://staturemuscle.com/0/0/0/58cef7d96d313f6ac26bf8c3cd23d706/gg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33dd9f6024808cd82e124e978608f6a0d6f6e94563b3e038131c849a4ae6dc0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://staturemuscle.com/0/0/0/58cef7d96d313f6ac26bf8c3cd23d706/gg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fddcfdd699b3c77-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 28 Aug 2023 16:08:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyw50b8BtBlHEQTnlBX%2BdB4J7nSMHNDVneE6hvIunbhGxXrULAvdpHA7VxjKfQ7spOe0MxjMTQx%2FTLS7OYYoQ48j%2BlLI7l7gqdUnTjOZKQl%2FlZWm%2B1AqbbkooSRTrVusiPviInNmfaZgJu4z0ke%2BOtiZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7fddcfda0a550078-CDG
content-type: text/html; charset=UTF-8
date: Mon, 28 Aug 2023 16:08:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6X2wOtk3B9U7mdUvlifdQVIPlc4pVcz9f7Tv27RePBQfP%2BSgWhazEI2IOxffNGaRAPLYDMCRvZL5WbQV6vrAwaUqzu4eZ3CqXZVOxaVkPLsK3fcwhs1Z5icvpOz%2BNPsysKsowOIhCpGN2x9bvo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
zikarutcostume.live/master/org/css/ 118 KB
20 KB 34ms
32ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zikarutcostume.live/master/org/css/bootstrap.min.css

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f47180c6e4934bb9f79c525552b6e7c1f23cb4313abcd698cf308b7fa693274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4729
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 03:16:24 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5So%2BGSGG2%2FUU%2FIHLpgeyV3flw6gfEu4N%2BTM4hGGv8Pc9kyRmcqUvSbVrYRLdLf1x7gdBH2jrLfQpCjsR6PR0ncfdrKEK77tcRCGFSHv%2BMk4SmSl4hFImJE7FKiMNGsuU0jBMsxPGdfESDSVQXVKXYE8r"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 7fddcfdfac4b3c77-CDG
expires: Mon, 04 Sep 2023 14:49:27 GMT

GET
H2 200 bundle_fr.css
zikarutcostume.live/master/org/css/ 42 KB
7 KB 32ms
30ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zikarutcostume.live/master/org/css/bundle_fr.css

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a28cbc1a26c8e8a7f0d724944c0bf7f06151be8dd2d876d15f4efaa889a9e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4729
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 03:16:24 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ex0ldQa24CtH0m6efmztWS%2Fi%2FXhLpUFWagipQ7yW%2BI93Q3UDmpKK0vGbgVCCOh0zY%2B34C27R%2B%2BS4qozGqAk5LlLqnbE7hBRa%2FbHQGSY78P0sHb8%2BaqDZmZIEDewUzQt2FNgTuJ7PG2F3IcaWiUqWWf19"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 7fddcfdfac4c3c77-CDG
expires: Mon, 04 Sep 2023 14:49:27 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
30 KB 97ms
26ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sun, 27 Aug 2023 18:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Aug 2024 18:16:20 GMT

GET
H2 200 custome1.js Show response
zikarutcostume.live/master/org/js/ 3 KB
1 KB 36ms
34ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zikarutcostume.live/master/org/js/custome1.js

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b077ea547ebefd1a7f9188013c625568f36833267e57582a1ea67bb912b6a466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4729
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 03:16:24 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4lKNDYZLIIx9VgZKZjMBBThJ3P7nK0mi2j1OiVr5zcvcPJDULd1ZT5iRFubkSKFezkF5EU%2FWZD4nEDvHnfd0bq9w4EgZn7zD9eAvFnlLbBpHRq%2BzO8I7%2F5lZ8Jk7DA9UmD2%2Fzny85tk0oS47zH42J1v"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 7fddcfdfac4f3c77-CDG
expires: Mon, 04 Sep 2023 14:49:27 GMT

GET
H2 200 bootstrap.js Show response
zikarutcostume.live/master/org/js/ 36 KB
10 KB 33ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zikarutcostume.live/master/org/js/bootstrap.js

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8981c52fdaa5ebb95c324ec53b7fedb0149ff80f7b2d0ec81cca00b5ae02b04f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 294555
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 03:16:24 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmEWcZuk6Ws6lMWaMLlwlkEO%2FeMzuYjJ5s%2B3S1EurzL9Ina6fBdNGiF4gQ3%2Fyro9tlbGXGQt1oAhLinyLUs0O6Jx7ULVeVheVf4IYkZzGx6C%2FsmG002YA%2FkDh4uxnPrxbIN1qj5yNCdgTBvUblqT%2Bktg"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 7fddcfdfac503c77-CDG
expires: Fri, 01 Sep 2023 06:19:01 GMT

GET
H2 200 custome2.js Show response
zikarutcostume.live/master/org/js/ 73 B
378 B 36ms
35ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zikarutcostume.live/master/org/js/custome2.js

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb5645b21ae2882589314a1defc2aa5ccb64787f96b9c0cc5756bf2b6620b82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4729
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 03:16:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiyX5%2Fg6hVyupeFRg9ZlqJmdBRngIG4phR3hQTJQsgohS%2FHtMERtlRHLyd%2BNFhQECg7i5LHNmNCRUVPdS73STI6kRtuKyfPF5cu2B2hvX%2FCqcTyLFsBoaZX0iZEW54OxaExv2RykVALoJQ9m%2FIvQhO2a"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 7fddcfdfac523c77-CDG
expires: Mon, 04 Sep 2023 14:49:27 GMT

GET
H3 200 Color-Orange-Logo.jpg
zikarutcostume.live/master/org/img/ 151 KB
151 KB 37ms
35ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zikarutcostume.live/master/org/img/Color-Orange-Logo.jpg

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca701fac89264e7f4d5944c5627d5bdd04675e8d8a96bcce283222e24282ee88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20071
alt-svc: h3=":443"; ma=86400
content-length: 154431
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 03:16:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bN2mm%2BJsmBXnEEoVCB0oYWcSM2BCs5wSUWOoA4H8fjFk0guv1mWkGp6JEQksfx02xGzweeggKMRruH5KmNXGDwb7FED5MNx%2BQGI8oQK4lK6bzhq2j33qYPIEF5M9nQIg2QqKihQofTsJnSkpR6%2FhCiO8"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fddcfe06e0e0207-CDG
expires: Mon, 04 Sep 2023 10:33:45 GMT

GET
H3 200 or-ico.png
zikarutcostume.live/master/org/img/ 1 KB
2 KB 95ms
94ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zikarutcostume.live/master/org/img/or-ico.png

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f0078598b57b6b905078c2ac3b0bb2965d72a93c950aaac7ba88505c4e62dee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20071
alt-svc: h3=":443"; ma=86400
content-length: 1371
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 03:16:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woNTJCYwiYUurG7XBFaZ4lLogGW3PCMAJWa4M%2BV02zSI%2FmmWshC1km3h2MC91fOVI96E99kBZoAWNTUFIfJL8XkNs7stHCoEWchkv%2FElP7ByfnNucS%2FOT8%2Fe2vFq8tQKeYgNFg%2BUF6HWUPDdAaO%2F1OjN"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fddcfe08e270207-CDG
expires: Mon, 04 Sep 2023 10:33:45 GMT

GET
H3 200 image.php
zikarutcostume.live/ 44 KB
44 KB 465ms
463ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zikarutcostume.live/image.php?img=images/products_image/Ipad_249x168.png

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8067cdc615d23cfa9b43ebfb9bdc01c918de46319507f524725deafad23f10aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:17 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dswhmc0%2BPDNmdtsf%2BKoLc%2BSBdVGTYec86TjMQR3To%2Bxa%2B%2F02grXzPLPqObYC1eArOToi2iwMEgbJP6AaV66UehO1r%2BUNjzrrFXYoPb2aC08SaBQiAn7585fOPspvvcZF%2FmxVy716G8gXfb0mOhvurMEQ"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 7fddcfe08e280207-CDG
alt-svc: h3=":443"; ma=86400
content-length: 44901
x-xss-protection: 1; mode=block
expires: Mon, 04 Sep 2023 16:08:16 GMT

GET
H3 200 facefr5.jpg
zikarutcostume.live/master/org/img/ 8 KB
8 KB 95ms
93ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zikarutcostume.live/master/org/img/facefr5.jpg

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df91cd843f42ad524624c097d0553ec4cb46a871d28b2e537f361f393a7cc127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 456697
alt-svc: h3=":443"; ma=86400
content-length: 7971
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 03:16:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dcako7AieUgT4T69eg%2Fv8DJZOiPxA8VJgqW6WBLMBE2T4tEbCQ4KxeASIt5Vp0Z6QFy9YxnIAyCIU2rOApdFaSeLXIgtKnUfmBzmXSU%2FLPWawPNISxAugYSSMzVN8e%2BJe1qaDAdOPOe1OH6cno30eRZs"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fddcfe08e2a0207-CDG
expires: Wed, 30 Aug 2023 09:16:39 GMT

GET
H3 200 facefr2.jpg
zikarutcostume.live/master/org/img/ 10 KB
10 KB 96ms
94ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zikarutcostume.live/master/org/img/facefr2.jpg

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21c1b31eca7945eededcc831b27b321d64348e06ed68b076e46b0c350fb8d5a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20071
alt-svc: h3=":443"; ma=86400
content-length: 9757
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 03:16:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgiDp4GEe0X22ME0JYzYr3CCrq2pJQyREU6GYaWK29Ddx2pHBTM%2FwfTRsBInYn5GwIEgR80whVr9WczPdHa6ws8yyn8Cadgsvtru4ijC3SuAI8kBDyK7poQXfC%2FfM26H%2FDVfap4tJcI1wc%2BPVGzSSgb8"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fddcfe08e2b0207-CDG
expires: Mon, 04 Sep 2023 10:33:45 GMT

GET
H3 200 facefr3.jpg
zikarutcostume.live/master/org/img/ 9 KB
10 KB 105ms
103ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zikarutcostume.live/master/org/img/facefr3.jpg

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36f7ca2744784d6ab870204186c251b4b9a092c63f2afc997439f384537809c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20071
alt-svc: h3=":443"; ma=86400
content-length: 9583
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 03:16:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0ZiwSnmuNBjZO115U7zOx6uwPBe%2FRCGDpNLz3shHQvkBSvBpEFWw3V7fpAFkWZjtxdSEMaexQWdzboJcsF0%2FWGVuDqcrgr%2FPqOly6dZx%2B85QpGjfw5d1tyyoAbOAMG0AeAKcI8H19hyMThgF8OLkkX1"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fddcfe08e2c0207-CDG
expires: Mon, 04 Sep 2023 10:33:45 GMT

GET
H3 200 facefr4.jpg
zikarutcostume.live/master/org/img/ 9 KB
9 KB 106ms
104ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zikarutcostume.live/master/org/img/facefr4.jpg

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31da977422a452c01ba8b24e8dda1658ebf71b5dff03e7f643d129d2cb989108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 186483
alt-svc: h3=":443"; ma=86400
content-length: 9037
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 03:16:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zIt9iArSRi2eW1zeWhcpsRxZpsop%2FEUBPan35ClUAwUQWh32a9QXu0zlwo0FUXjbQLYtySzkw2wU4ESffjRI%2F81at3Bb%2B93OcK74J9C03KcVsYNq%2BJzR9YDmOc0ZpPD0U2SGbA8fFlekF97eji%2BYsv7"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fddcfe08e2d0207-CDG
expires: Sat, 02 Sep 2023 12:20:13 GMT

GET
H3 200 facefr1.jpg
zikarutcostume.live/master/org/img/ 8 KB
9 KB 107ms
106ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zikarutcostume.live/master/org/img/facefr1.jpg

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

499175a98fdc121418bb1f6376bcebe88a18b6c1de8aa078e608cc8a3c134bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20071
alt-svc: h3=":443"; ma=86400
content-length: 8524
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 03:16:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEFbTt1bgg5e7beisE6Gs7%2F%2FLjnQjJS6wLI%2F8Ys66j3CIdv1M18oP7jtCzwiVQ8k5EfE9IsmK5MitUQwkawG0KX3p5%2BLZGVe5HtwoZFMbeH8r1gEZHKOsm4jpugi6xpRo7gtFJ0WNKIdbaZKxfYNqatK"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fddcfe08e2f0207-CDG
expires: Mon, 04 Sep 2023 10:33:45 GMT

GET
H3 200 facefr6.jpg
zikarutcostume.live/master/org/img/ 7 KB
7 KB 108ms
107ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zikarutcostume.live/master/org/img/facefr6.jpg

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d300e20890903b0cd0fb8634406fd9f71929ce0a1891d7a942310ce88273216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 272414
alt-svc: h3=":443"; ma=86400
content-length: 6997
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 03:16:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xlq4fSCG8zh%2BwMoZxtrJ55K6vb%2BUBsgtu%2FCIJgARyLLoVzfOwY9jJagICCzm7X9AfBUAVf0YMP%2B0WQ49XPsfl0UUWSknMkr6Z22xQBctAuYQUlE3%2Bh4g3DQmo2cOA3tfHrMrJDuU12UWf%2FJuM5pBj8aO"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fddcfe08e300207-CDG
expires: Fri, 01 Sep 2023 12:28:02 GMT

GET
H3 200 rta.gif
zikarutcostume.live/master/org/img/ 2 KB
2 KB 109ms
107ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zikarutcostume.live/master/org/img/rta.gif

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4551bbe65d5fcbbae3d3435e661eb53c0695d7341704ca27d66a9d7f95de08c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20071
alt-svc: h3=":443"; ma=86400
content-length: 1874
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 03:16:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCwq8UvuLXc5yHEmFk1FSUZ56a9bXJb9MtWt%2BDIvIbXNhmzNslvvxoXQMECwuaS%2BmeyWPgqMXpD7%2FZV%2BMgqBGdiI5E3ynPxQfT81RvKdLMCzRen2wq3zdCSlbKo34XdyF4165SXAFWe2Ndjv%2FVuxKQM8"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fddcfe08e310207-CDG
expires: Mon, 04 Sep 2023 10:33:45 GMT

GET
H3 200 bundle_oranges.js Show response
zikarutcostume.live/master/org/js/ 11 KB
4 KB 28ms
28ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zikarutcostume.live/master/org/js/bundle_oranges.js

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

938d5358105ff714b8590ece35474901de556c620a6564fd9af928eec8782b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 199960
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 03:16:24 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1r1TQ0DjqaY%2BKeX4Tsu92NxhDHcnFZOyBmyxMgV3%2FTL%2BubG5TAkzuWc%2FfMSQv9%2BOp7wSHiiHYI%2BKXSMsbO6Ux%2BPLkwDCDEAxD%2BNUGJr%2BZ3BqKTlXuRJOmd7%2BrSVQzSaNVr2GBoJwHLW7K1T%2BeIa8fvk1"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 7fddcfdfed620207-CDG
expires: Sat, 02 Sep 2023 08:35:36 GMT

GET
H3 200 system3.js Show response
zikarutcostume.live/master/org/js/ 110 B
603 B 26ms
26ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zikarutcostume.live/master/org/js/system3.js

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f48b07e84a6a3ab3059b3c7182019c4140fc9af3ed1cab3a10f005260e7b5e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20072
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Oct 2022 04:30:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luqunPnrWXWEeIFfQS0LVi0wtNuE7xzoajWDCbWFBEXajOw37bBqmq2HKVkTCX4ysNqfvP0F2VQt%2FqR7NuQk%2BQkSNTN5u%2BfTiuAI1qY59Fda8rggbmHYZ%2FxM6kl8b%2BFVNwKbRlLvGXkq9Qlg9Gnhhh9r"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 7fddcfe01d930207-CDG
expires: Mon, 04 Sep 2023 10:33:44 GMT

GET
H3 200 x.png
zikarutcostume.live/master/img/ 5 KB
6 KB 109ms
108ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zikarutcostume.live/master/img/x.png

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38112
alt-svc: h3=":443"; ma=86400
content-length: 5389
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jun 2020 16:41:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EIqKeYlh77WFF%2B9rAJh2lJ6KNNRoRslaE6%2FQ22k6pYS0IJfXqB%2FWn4Z3i4ENdzKPKAsCfnjvkyKQsVDbECQ1L%2FEhG4%2FLkfJ7hg%2FRouEzjUfc4lBy%2Fw%2Belgrl4X26g0dYrBrAEL6%2F4fARZnm2HAw5ul8"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7fddcfe08e330207-CDG
expires: Mon, 04 Sep 2023 05:33:04 GMT

GET
H3 200 modal.js Show response
zikarutcostume.live/master/js/ 673 B
731 B 26ms
26ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zikarutcostume.live/master/js/modal.js

Requested by

Host: zikarutcostume.live
URL: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a421e3d21b620b2df12e22230e89290da9ed22a3245ab3ce6de31a6a2a661d6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zikarutcostume.live/?b7ee3092de898bfbf9983ed8ab1d328c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 28 Aug 2023 16:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35330
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Jun 2020 16:41:27 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzZch5xg676JLEUWD6bSBwAQk0igrhnqG7je7wiRSjM18NBH5QowMedVLIdQRNSppotzKHSxcUJfP5PBUqNcmYVkdJn4GYk3eciz%2FXH2BGE9jpC%2BJa6r1gkZV%2FJhOofE5JfMbUNbYDnmoZsRxYPPY6Ug"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 7fddcfe04dd10207-CDG
expires: Mon, 04 Sep 2023 06:19:26 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Orange (Telecommunication) Customer Survey Spam (Consumer)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.pickleballtournaments.com/	1970-01-20 18:39:50	Name: __uzma Value: 7e0a78ba-8ac5-471b-b9aa-771c0c875416
www.pickleballtournaments.com/	1970-01-20 18:39:50	Name: __uzmb Value: 1693238891
www.pickleballtournaments.com/	1970-01-20 18:39:50	Name: __uzmc Value: 878881087888
www.pickleballtournaments.com/	1970-01-20 18:39:50	Name: __uzmd Value: 1693238891
.pickleballtournaments.com/	1970-01-20 18:39:54	Name: __ssds Value: 2
.pickleballtournaments.com/	1970-01-20 23:56:38	Name: _ga Value: GA1.2.1545626290.1693238893
.pickleballtournaments.com/	1970-01-20 14:22:05	Name: _gid Value: GA1.2.889451645.1693238893
.pickleballtournaments.com/	1970-01-20 14:20:38	Name: _gat Value: 1
.pickleballtournaments.com/	1970-01-20 18:39:54	Name: __ssuzjsr2 Value: a9be2cd8e
.pickleballtournaments.com/	1970-01-20 18:39:54	Name: __uzmaj2 Value: 43d74352-1b32-46a0-a3d3-05b4f5b08867
.pickleballtournaments.com/	1970-01-20 18:39:54	Name: __uzmbj2 Value: 1693238892
.pickleballtournaments.com/	1970-01-20 18:39:54	Name: __uzmcj2 Value: 599351088875
.pickleballtournaments.com/	1970-01-20 18:39:54	Name: __uzmdj2 Value: 1693238892
.pickleballtournaments.com/	1970-01-20 16:30:14	Name: _fbp Value: fb.1.1693238893007.1889117185
.pickleballtournaments.com/	1970-01-20 23:56:38	Name: _ga_0H4MBYX4GB Value: GS1.2.1693238893.1.0.1693238893.0.0.0
staturemuscle.com/	1970-01-20 15:03:50	Name: uid2792 Value: 1043682912-20230828120815-db6fc712dc90cb67bfdd5c5ee5ae863d-2311
touristbarn.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2e275e81a3eaa152f286e409264eed0a
zikarutcostume.live/	1969-12-31 23:59:59	Name: PHPSESSID Value: 75ad66024ff8370159b2c98ea3c15224

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cas.avalon.perfdrive.com
cdn.jsdelivr.net
cdn.perfdrive.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
gmx000.de
region1.google-analytics.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
stats.g.doubleclick.net
staturemuscle.com
touristbarn.com
www.adplugg.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.pickleballtournaments.com
zikarutcostume.live
107.22.69.35
130.211.29.114
141.98.5.122
2001:4860:4802:34::36
2001:4de0:ac18::1:a:3a
2606:4700:10::ac43:5d8
2606:4700::6810:5814
2a00:1450:4001:80e::2008
2a00:1450:4001:811::200a
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::200e
2a00:1450:400c:c0c::9c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
3.248.161.234
35.241.15.240
44.240.69.193
52.33.207.7
0d300e20890903b0cd0fb8634406fd9f71929ce0a1891d7a942310ce88273216
0e78eac543e214e1c69c896c7e6a533456bfede8ec3842b5572ec0514e581fe4
0fb5645b21ae2882589314a1defc2aa5ccb64787f96b9c0cc5756bf2b6620b82
1f0078598b57b6b905078c2ac3b0bb2965d72a93c950aaac7ba88505c4e62dee
21c1b31eca7945eededcc831b27b321d64348e06ed68b076e46b0c350fb8d5a4
28f78190745ed952807d0dbaadccea01e90ff11920f997d92ffd9761db8d7544
31da977422a452c01ba8b24e8dda1658ebf71b5dff03e7f643d129d2cb989108
33dd9f6024808cd82e124e978608f6a0d6f6e94563b3e038131c849a4ae6dc0f
360cf3ed328e9d6ed33e6d1d614cb33e82ae1f62aaefa10e87fdbff23e2fe105
36f7ca2744784d6ab870204186c251b4b9a092c63f2afc997439f384537809c5
3f47180c6e4934bb9f79c525552b6e7c1f23cb4313abcd698cf308b7fa693274
4551bbe65d5fcbbae3d3435e661eb53c0695d7341704ca27d66a9d7f95de08c5
499175a98fdc121418bb1f6376bcebe88a18b6c1de8aa078e608cc8a3c134bff
4a28cbc1a26c8e8a7f0d724944c0bf7f06151be8dd2d876d15f4efaa889a9e9d
65345ea727461d1fd721610ec7252cad627988f11874561ff58f268018fc3c6e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f48b07e84a6a3ab3059b3c7182019c4140fc9af3ed1cab3a10f005260e7b5e6
72f3913e0967d0b19d1e0bb63d155dd7fd2cccabad731000a87f996d28e33fe1
8067cdc615d23cfa9b43ebfb9bdc01c918de46319507f524725deafad23f10aa
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8981c52fdaa5ebb95c324ec53b7fedb0149ff80f7b2d0ec81cca00b5ae02b04f
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
938d5358105ff714b8590ece35474901de556c620a6564fd9af928eec8782b8a
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506
a421e3d21b620b2df12e22230e89290da9ed22a3245ab3ce6de31a6a2a661d6e
b077ea547ebefd1a7f9188013c625568f36833267e57582a1ea67bb912b6a466
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
bdfae7d6ca18919ded93b0c4537c2a17cc2233dd272ac5e96a42588b57f6ca82
c73c6c4472adcd281d0b84758f208bc47827bf7128e0fc195901a69cdbc9b4e8
ca701fac89264e7f4d5944c5627d5bdd04675e8d8a96bcce283222e24282ee88
cb656b543d15b9e0b7b545a204f509e8c0f607e84454dc6a8e734cf0c1ad1124
d60ddadb370266b9fc6b293d89a499ef673e25c9595a2f8bd88cfd9d9229b430
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df91cd843f42ad524624c097d0553ec4cb46a871d28b2e537f361f393a7cc127
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1658e1c0cf855209e9bff1062c796dde0b336139ad62af4459dddb5105d0164
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

zikarutcostume.live Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

65 %IPv6

16 Domains

20 Subdomains

18 IPs

6 Countries

764 kBTransfer

1872 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zikarutcostume.live Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

65 %
IPv6

16
Domains

20
Subdomains

18
IPs

6
Countries

764 kB
Transfer

1872 kB
Size

18
Cookies

44 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!