mysteriousscreenshare.com Open in urlscan Pro
2606:4700:20::681a:fe8  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mysteriousscreenshare.com/	2 KB 1 KB	228ms 118ms	Document text/html	2606:4700:20::681a:fe8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mysteriousscreenshare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fe8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b30ebc33b5d44d839dec020d247b9f3d27a5f8cf55e931cf56df40bafc5dc57e Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 896b09d19e1c3a78-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 20 Jun 2024 10:22:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ERNxbL7n9NsPwvJbCM71QZmutNRMlm34skIAmS%2BRTjQjiWnFsyCIDEkq7r09WzMn2M%2BpY%2BgaLpBk9L7XrHJU5w8qQRCsvb0SKArhfP3Rlq7Yn4%2F65QtR3snfw08iILgrRIE0b0iWDiNMsHZHNeuvzZkPaFao8O4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	css2 fonts.googleapis.com/	2 KB 986 B	161ms 49ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Bricolage+Grotesque:opsz,wght@12..96,200..800&display=swap Requested by Host: mysteriousscreenshare.com URL: https://mysteriousscreenshare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 57467deb373351f56089eec84b102c78f5c3bf9cb592403806c42e545afb63a9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Thu, 20 Jun 2024 10:22:33 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 20 Jun 2024 10:22:33 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 20 Jun 2024 10:22:33 GMT
GET H2	200	index-oNFtaUn1.js Show response mysteriousscreenshare.com/assets/	859 KB 256 KB	207ms 204ms	Script application/javascript	2606:4700:20::681a:fe8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mysteriousscreenshare.com/assets/index-oNFtaUn1.js Requested by Host: mysteriousscreenshare.com URL: https://mysteriousscreenshare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fe8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dcb39ca8647bc0ab564842a000c91f19a40c2474718d8d1d4396e555ff42be38 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Origin https://mysteriousscreenshare.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 10:22:33 GMT content-encoding br cf-cache-status MISS last-modified Thu, 20 Jun 2024 10:22:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HY0JVNQOXKzpF%2BLhcu5pd%2F9864ZKsjWwX7aHHZkNKgd9zmabbl5myO9CaE8ZeMIBWmTU6lIDwcl7kRduVl%2Fz1mxlCYlk64Jxnc8bPGAnpYQGazJBoYUYNUBKf7bpNfIymi7mqkdHd7MYfE0ViiLj1653RLdnspo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 896b09d29f7d3a78-FRA alt-svc h3=":443"; ma=86400
GET H2	200	index-CSeDjF6Q.css mysteriousscreenshare.com/assets/	52 KB 9 KB	171ms 170ms	Stylesheet text/css	2606:4700:20::681a:fe8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mysteriousscreenshare.com/assets/index-CSeDjF6Q.css Requested by Host: mysteriousscreenshare.com URL: https://mysteriousscreenshare.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fe8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a8ccd11c1a455b986ed6819946fa14f87c91e88af0d13f039e42314b82d38c5 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Origin https://mysteriousscreenshare.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 10:22:33 GMT content-encoding br cf-cache-status MISS last-modified Thu, 20 Jun 2024 10:22:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQ5pKQB7ClxpbY4vMk7kO3JPjryKqDIAkW%2Ba3L3G5wTEvpB2nuGuICkYWnVRdoTh5Y7qtYtzckFIELSX75CbORv0qFEye9wULSFvJxXWjFQtDoRR6L7dPWPesiyZXEzJcYr4jqL7ONveu9m6IoFbk9UPc5sRcOQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 896b09d29f783a78-FRA alt-svc h3=":443"; ma=86400
GET H3	200	l.js Show response client.crisp.chat/	8 KB 3 KB	151ms 69ms	Script application/javascript	104.18.28.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/l.js Requested by Host: mysteriousscreenshare.com URL: https://mysteriousscreenshare.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c4124bbde924ca47d9d2fcfc4e4abf1281a280dbba32445c34f95b2a112221d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 10:22:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 69105 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Thu, 24 Aug 2023 11:12:52 GMT server cloudflare etag W/"64e73b34-21a9" access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 access-control-allow-credentials false vary Accept-Encoding cf-ray 896b09d43c513bcf-WAW access-control-allow-headers Content-Type, Origin expires Fri, 21 Jun 2024 10:22:33 GMT
GET H3	200	general Show response stores-api.billgang.com/shops/mysteriousscreenshare.com/	452 B 743 B	178ms 109ms	Fetch application/json	172.67.68.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stores-api.billgang.com/shops/mysteriousscreenshare.com/general Requested by Host: mysteriousscreenshare.com URL: https://mysteriousscreenshare.com/assets/index-oNFtaUn1.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f50039616e2e96ca15f0d18b026fab3f95a3befa4c31ed1d2491bd3f60671d6c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 10:22:33 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-response-time-ms 16 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ctb8O7WqP%2Bf%2FaGQ7aruRVpr%2BDmrwo%2Ftl7Y1Tw4gwU%2BN6AHhctlHvetO%2FjA9FYfFQUmaZiVUISrmQwCJ1YgJcn9ymdxF0%2Bu2QeLVuyFC5qVIg%2F1W3yQEZbiFFy%2B3vNqrigzn87hiz52Wy"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 896b09d568501cb9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	settings Show response stores-api.billgang.com/shops/mysteriousscreenshare.com/	3 KB 1 KB	175ms 107ms	Fetch application/json	172.67.68.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stores-api.billgang.com/shops/mysteriousscreenshare.com/settings Requested by Host: mysteriousscreenshare.com URL: https://mysteriousscreenshare.com/assets/index-oNFtaUn1.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f64fa59ad2b71c9b9200be20cef537a2eb134219a4fe770b349a9b7c5ea5db40 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 10:22:33 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-response-time-ms 17 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ft6UQHrTnFM34%2BZO%2FuE%2B68uLAakEdIPcGTXklWNT4rQFY0B20EM5jlYViEq3HUc0Nm0DlHHTqj9l3WbVRcn0c5AFWQp6s5dXkIaJc802wIpO02bCd6yUeGkOZfCp9Qds4%2BctKK%2Fu2LKF"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 896b09d568521cb9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	client.js Show response client.crisp.chat/static/javascripts/	449 KB 109 KB	133ms 129ms	Script application/javascript	104.18.28.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/static/javascripts/client.js?21df3bd Requested by Host: client.crisp.chat URL: https://client.crisp.chat/l.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea77872c36ee9fa39a4cfadf9fe2cc962485deb337e258f97bd4aab15566f3c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 10:22:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 69104 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Thu, 24 Aug 2023 11:12:52 GMT server cloudflare etag W/"64e73b34-702c9" access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=315360000 access-control-allow-credentials false vary Accept-Encoding cf-ray 896b09d53d8a3bcf-WAW access-control-allow-headers Content-Type, Origin expires Sun, 18 Jun 2034 10:22:33 GMT
GET H3	200	client_default.css client.crisp.chat/static/stylesheets/	113 KB 14 KB	82ms 78ms	Stylesheet text/css	104.18.28.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/static/stylesheets/client_default.css?21df3bd Requested by Host: client.crisp.chat URL: https://client.crisp.chat/l.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5386c00ada94d50b403e9a31e6eb44b7f603cbe48cdb5f426c73970dd5ca608f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 10:22:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 69105 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Wed, 19 Jun 2024 15:09:27 GMT server cloudflare etag W/"6672f4a7-1c503" access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type text/css access-control-allow-origin * cache-control public, max-age=315360000 access-control-allow-credentials false vary Accept-Encoding cf-ray 896b09d53d8d3bcf-WAW access-control-allow-headers Content-Type, Origin expires Sun, 18 Jun 2034 10:22:33 GMT
GET H3	200	iconSprite.svg mysteriousscreenshare.com/	21 KB 7 KB	148ms 147ms	Other image/svg+xml	172.67.72.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mysteriousscreenshare.com/iconSprite.svg Requested by Host: mysteriousscreenshare.com URL: https://mysteriousscreenshare.com/assets/index-oNFtaUn1.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.72.91 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f94547f911fafb348945a99d496d0c0a030b21d689ca9bffa8a1767359c039bf Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 10:22:34 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 19 Jun 2024 19:06:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OcoXuyyRf2FzfnamwLJpi44kBizC7Mit0b22mHRWUhyYZepv8ZzARY4Tq27c5M2vdddeE2zA0wDBAnbCByvm2FgHNOZon7BEuKEknvFc2OYbGdMGFw23rop5QI70zDYaLk2bA%2Fc6DELbc9c%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 896b09d63b3565c5-FRA alt-svc h3=":443"; ma=86400
GET H3	200	%2F Show response stores-api.billgang.com/shops/mysteriousscreenshare.com/	10 KB 3 KB	260ms 260ms	Fetch application/json	172.67.68.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stores-api.billgang.com/shops/mysteriousscreenshare.com/%2F Requested by Host: mysteriousscreenshare.com URL: https://mysteriousscreenshare.com/assets/index-oNFtaUn1.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48801e062a22b9d7cbfdfeaa2f38b3bcb854e28827332aac6c2ff0718464372d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 10:22:34 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-response-time-ms 183 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4LMoZ0VQatCuX0CRA5wjm6MNStjSX7PqP5kpYimzX9BC6sZlJxKFWVsYDKCf6cZyWF3y%2Bp%2BcqkemVpBZW%2FCYLZrH1x8MLsDrK2qvUEa0ykG%2FLjeyk3ST85y177l2ngE2LHraEq1l%2BacE"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 896b09d649a41cb9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	%2F Show response stores-api.billgang.com/shops/mysteriousscreenshare.com/	10 KB 3 KB	327ms 66ms	Fetch application/json	172.67.68.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stores-api.billgang.com/shops/mysteriousscreenshare.com/%2F Requested by Host: mysteriousscreenshare.com URL: https://mysteriousscreenshare.com/assets/index-oNFtaUn1.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48801e062a22b9d7cbfdfeaa2f38b3bcb854e28827332aac6c2ff0718464372d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 10:22:34 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-response-time-ms 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T26ia6piREPTgSiSgVZKJej3JZ3dnApvG6kPtHhH8iwOeUquabYqxVxUvei0q6NuhhdNOoqIT3H2GqjuhQTq3%2F129CKYiJv%2FTUyVKiGbIO8HNf9CINX3WSVt3ql1rxyBN813pIdeseAd"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 896b09d7ebd41cb9-FRA alt-svc h3=":443"; ma=86400
POST H3	200	p Show response t-api.billgang.com/e425fa01-8a7b-46c1-bc49-5ba7469ae33b/t/	54 B 469 B	127ms 114ms	Fetch application/json	172.67.68.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t-api.billgang.com/e425fa01-8a7b-46c1-bc49-5ba7469ae33b/t/p Requested by Host: mysteriousscreenshare.com URL: https://mysteriousscreenshare.com/assets/index-oNFtaUn1.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 252691b832859435e4256e9fe8bfa83056219bbf25c2bbe5de16c3ad30c46e68 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 10:22:34 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eg6LRSs7JSFOt6v9%2FgmL7adqw4Xit7ADn6TmJ9EDHfPUnojFkzbyiiKgcr7Fb%2Fn5vJjmIAyuSmQnVZ8Vqwha5rZfEgOxw0XbvxqwoQ%2FjBv4Znjb0Z%2BCN0PLLn4B4pprCsV%2Bz6A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 896b09d659ca1cb9-FRA alt-svc h3=":443"; ma=86400
GET H2	200	3y9K6as8bTXq_nANBjzKo3IeZx8z6up5BeSl9D4dj_x9PpZBMlGIInE.woff2 fonts.gstatic.com/s/bricolagegrotesque/v2/	77 KB 78 KB	434ms 40ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/bricolagegrotesque/v2/3y9K6as8bTXq_nANBjzKo3IeZx8z6up5BeSl9D4dj_x9PpZBMlGIInE.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Bricolage+Grotesque:opsz,wght@12..96,200..800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87dd7a40f7e7b3a454c2936f4c657a8c64cb8eabf626b2a96c130f537100fd0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://mysteriousscreenshare.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 14:57:40 GMT x-content-type-options nosniff age 156294 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 78872 x-xss-protection 0 last-modified Tue, 12 Sep 2023 21:32:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 14:57:40 GMT
GET H3	200	w=500 imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/f03155b9-17c5-4299-77a4-2766b191d800/	36 KB 36 KB	3077ms 3009ms	Image image/avif	104.18.2.36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/f03155b9-17c5-4299-77a4-2766b191d800/w=500 Requested by Host: mysteriousscreenshare.com URL: https://mysteriousscreenshare.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.2.36 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8795c248977770d727cc9e6de367fbc81b8d71c68fe166660738d6032ede8639 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers cf-images internal=ok/- q=0 n=2193+150 c=31+528 v=2024.6.0 l=37018 date Thu, 20 Jun 2024 10:22:37 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status MISS alt-svc h3=":443"; ma=86400 content-length 37018 cf-bgj imgq:85,h2pri server cloudflare etag "cf6MgUEhOCJlQL7RIRJoYdqq39hi8yaH7pEf2-gNpVDQ" vary Accept, Accept-Encoding content-type image/avif access-control-allow-origin * cache-control public,max-age=172800,stale-while-revalidate=7200 accept-ranges bytes cf-ray 896b09d6f8b4bfbe-WAW
GET H3	200	w=150 imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/f03155b9-17c5-4299-77a4-2766b191d800/	9 KB 9 KB	2733ms 2666ms	Image image/avif	104.18.2.36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/f03155b9-17c5-4299-77a4-2766b191d800/w=150 Requested by Host: mysteriousscreenshare.com URL: https://mysteriousscreenshare.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.2.36 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a6441bc45a919b459b40c46b4196dd4df4e1e78e70d432eb62555b3ae5c2846 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers cf-images internal=ok/- q=0 n=2421+0 c=28+124 v=2024.6.0 l=8945 date Thu, 20 Jun 2024 10:22:36 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status MISS alt-svc h3=":443"; ma=86400 content-length 8945 cf-bgj imgq:85,h2pri server cloudflare etag "cf6MgUEhOCJlQL7RIRJoYdqq39r3a4R_Tyycf9pL2QDQ" vary Accept, Accept-Encoding content-type image/avif access-control-allow-origin * cache-control public,max-age=172800,stale-while-revalidate=7200 accept-ranges bytes cf-ray 896b09d6f8b7bfbe-WAW
POST H3	200	s Show response t-api.billgang.com/e425fa01-8a7b-46c1-bc49-5ba7469ae33b/t/p/07fef12d-e1c9-4466-bfc4-f3c5e2ecdcc6/	54 B 467 B	67ms 66ms	Fetch application/json	172.67.68.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t-api.billgang.com/e425fa01-8a7b-46c1-bc49-5ba7469ae33b/t/p/07fef12d-e1c9-4466-bfc4-f3c5e2ecdcc6/s Requested by Host: mysteriousscreenshare.com URL: https://mysteriousscreenshare.com/assets/index-oNFtaUn1.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c09c2114578c2075c8ce505148f5f2dddf3b1627948d998ea88f9650be75f65 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 10:22:34 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IcLFh53vKbp8KcrancpMJzpGEakKioo5giWxR3ZYlGmpR0HG7E3%2BCNvkAtZOZeMqU%2FreYn8m6FzPIlGK%2BbwERPYmso%2B%2F62i5mRDza4DrB4gt4Y%2FGGaLWR0FWSahCAOC2TlFVqw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 896b09d71ad81cb9-FRA alt-svc h3=":443"; ma=86400
GET H3	200	/ Show response client.crisp.chat/settings/website/b8d001ee-c0f9-4e74-8046-2e55767126dd/prelude/	214 B 505 B	157ms 157ms	Script application/javascript	104.18.28.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/settings/website/b8d001ee-c0f9-4e74-8046-2e55767126dd/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2024-5-20-12-22 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/static/javascripts/client.js?21df3bd Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47a65c5426039ea7d4e6d0136565293a9c42e3cedf20d43f1567c93030953d74 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 10:22:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Thu, 20 Jun 2024 10:22:34 GMT server cloudflare access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 access-control-allow-credentials false vary Accept-Encoding cf-ray 896b09d748833bcf-WAW access-control-allow-headers Content-Type, Origin expires Thu, 20 Jun 2024 14:22:34 GMT
GET H3	200	w=1280 imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/376e827c-5aec-4e09-9f64-b76aad461800/	92 KB 92 KB	1760ms 1759ms	Image image/avif	104.18.2.36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/376e827c-5aec-4e09-9f64-b76aad461800/w=1280 Requested by Host: mysteriousscreenshare.com URL: https://mysteriousscreenshare.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.2.36 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90b7d18e676f9c3a95b289a2c966403e39e3c5092020d350cd4671dfd1d0ad63 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers cf-images internal=ok/- q=0 n=1263+120 c=15+275 v=2024.6.0 l=93816 date Thu, 20 Jun 2024 10:22:36 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status MISS alt-svc h3=":443"; ma=86400 content-length 93816 cf-bgj imgq:85,h2pri server cloudflare etag "cfzzvjz-T4Kz0JQ3YGIKdwfXp2cqc3DLOvoRahjW0mDQ" vary Accept, Accept-Encoding content-type image/avif access-control-allow-origin * cache-control public,max-age=172800,stale-while-revalidate=7200 accept-ranges bytes cf-ray 896b09d88b0bbfbe-WAW
POST H3	200	e Show response t-api.billgang.com/e425fa01-8a7b-46c1-bc49-5ba7469ae33b/t/p/07fef12d-e1c9-4466-bfc4-f3c5e2ecdcc6/s/47eef800-a33a-4ea0-96ab-c2c78306f9e7/	54 B 467 B	117ms 116ms	Fetch application/json	172.67.68.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t-api.billgang.com/e425fa01-8a7b-46c1-bc49-5ba7469ae33b/t/p/07fef12d-e1c9-4466-bfc4-f3c5e2ecdcc6/s/47eef800-a33a-4ea0-96ab-c2c78306f9e7/e Requested by Host: mysteriousscreenshare.com URL: https://mysteriousscreenshare.com/assets/index-oNFtaUn1.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5077cc244089f248cd798d4c6c75623048745313bd4b620617bf57032c86d810 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json Response headers date Thu, 20 Jun 2024 10:22:34 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QwScCh3Nb56Crjhi0Q9M4yZr0mNioluEee1eCpDtEvcE6YmT8PPpgpr%2FHJoFt4wOT0y5esdujvOvH8ZqdL7Nm43onVjLzH%2BGW%2FZaQ573Vz0v%2FioXqh3bK8ixjTK7wY7iJd%2FH0Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 896b09d96db51cb9-FRA alt-svc h3=":443"; ma=86400
OPTIONS H3	204	e t-api.billgang.com/e425fa01-8a7b-46c1-bc49-5ba7469ae33b/t/p/07fef12d-e1c9-4466-bfc4-f3c5e2ecdcc6/s/47eef800-a33a-4ea0-96ab-c2c78306f9e7/	0 0	60ms 59ms	Preflight	172.67.68.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t-api.billgang.com/e425fa01-8a7b-46c1-bc49-5ba7469ae33b/t/p/07fef12d-e1c9-4466-bfc4-f3c5e2ecdcc6/s/47eef800-a33a-4ea0-96ab-c2c78306f9e7/e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.68.209 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://mysteriousscreenshare.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 896b09d90d2e1cb9-FRA date Thu, 20 Jun 2024 10:22:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y6vrUbQRWfY4uU%2F4Y0oYrtr5S7z3rhhZ1PKn5TEL9ejy167ZZVTssLHANyGoppR7Pzs4eXmXR3RzitDCjSKgijv%2F8SCCJvLAfQ4T88cD53LOcQjtuqYEyiN2UZatY%2BOcW4%2BFGw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	/ Show response client.crisp.chat/settings/website/b8d001ee-c0f9-4e74-8046-2e55767126dd/	1 KB 1002 B	110ms 110ms	Script application/javascript	104.18.28.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/settings/website/b8d001ee-c0f9-4e74-8046-2e55767126dd/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1715319728251 Requested by Host: client.crisp.chat URL: https://client.crisp.chat/static/javascripts/client.js?21df3bd Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d28f3f03b8e1f3c77613426498336110f6c2fd3e20b193e6e4f6738bea5675a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 10:22:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Thu, 20 Jun 2024 10:22:34 GMT server cloudflare access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 access-control-allow-credentials false vary Accept-Encoding cf-ray 896b09dc286b3bcf-WAW access-control-allow-headers Content-Type, Origin expires Thu, 20 Jun 2024 14:22:34 GMT
GET H3	200	en.js Show response client.crisp.chat/static/javascripts/locales/	9 KB 4 KB	69ms 68ms	Script application/javascript	104.18.28.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://client.crisp.chat/static/javascripts/locales/en.js?21df3bd Requested by Host: client.crisp.chat URL: https://client.crisp.chat/static/javascripts/client.js?21df3bd Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 849323838678d3403e5d0a09649523ff73aa349817d7997e287fdc9b3b681c45 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 10:22:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 69094 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Tue, 08 Aug 2023 12:01:16 GMT server cloudflare etag W/"64d22e8c-250b" access-control-max-age 300 access-control-allow-methods HEAD, GET, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=315360000 access-control-allow-credentials false vary Accept-Encoding cf-ray 896b09dcd9693bcf-WAW access-control-allow-headers Content-Type, Origin expires Sun, 18 Jun 2034 10:22:35 GMT
GET DATA	200 OK	truncated /	881 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	w=100 imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/f03155b9-17c5-4299-77a4-2766b191d800/	4 KB 5 KB	227ms 226ms	Other image/avif	104.18.2.36 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://imagedelivery.net/A5gbiev6F8AaBvp6M146Kw/f03155b9-17c5-4299-77a4-2766b191d800/w=100 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.2.36 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d19c8a8eef51addc0b56891de12d8afe2d8926143ac028e27ba62c1a4aaa3075 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mysteriousscreenshare.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers cf-images internal=ok/- q=0 n=38+0 c=26+84 v=2024.6.0 l=4493 date Thu, 20 Jun 2024 10:22:37 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status MISS alt-svc h3=":443"; ma=86400 content-length 4493 cf-bgj imgq:85,h2pri server cloudflare etag "cf6MgUEhOCJlQL7RIRJoYdqq39NEWuYOetQxiZZywEDQ" vary Accept, Accept-Encoding content-type image/avif access-control-allow-origin * cache-control public,max-age=172800,stale-while-revalidate=7200 accept-ranges bytes cf-ray 896b09e9db9abfbe-WAW

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| $crisp string| CRISP_WEBSITE_ID object| d object| s boolean| $__CRISP_INCLUDED object| $__CRISP_INSTANCE

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mysteriousscreenshare.com/	1970-01-21 01:50:46	Name: crisp-client%2Fsession%2Fb8d001ee-c0f9-4e74-8046-2e55767126dd Value: session_7d785d90-3022-4152-af36-0cbe2f844f8b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client.crisp.chat
fonts.googleapis.com
fonts.gstatic.com
imagedelivery.net
mysteriousscreenshare.com
stores-api.billgang.com
t-api.billgang.com
104.18.2.36
104.18.28.104
172.67.68.209
172.67.72.91
2606:4700:20::681a:fe8
2a00:1450:4001:800::200a
2a00:1450:4001:82b::2003
1a8ccd11c1a455b986ed6819946fa14f87c91e88af0d13f039e42314b82d38c5
252691b832859435e4256e9fe8bfa83056219bbf25c2bbe5de16c3ad30c46e68
2a6441bc45a919b459b40c46b4196dd4df4e1e78e70d432eb62555b3ae5c2846
3d28f3f03b8e1f3c77613426498336110f6c2fd3e20b193e6e4f6738bea5675a
47a65c5426039ea7d4e6d0136565293a9c42e3cedf20d43f1567c93030953d74
48801e062a22b9d7cbfdfeaa2f38b3bcb854e28827332aac6c2ff0718464372d
4c4124bbde924ca47d9d2fcfc4e4abf1281a280dbba32445c34f95b2a112221d
5077cc244089f248cd798d4c6c75623048745313bd4b620617bf57032c86d810
5386c00ada94d50b403e9a31e6eb44b7f603cbe48cdb5f426c73970dd5ca608f
57467deb373351f56089eec84b102c78f5c3bf9cb592403806c42e545afb63a9
6c09c2114578c2075c8ce505148f5f2dddf3b1627948d998ea88f9650be75f65
849323838678d3403e5d0a09649523ff73aa349817d7997e287fdc9b3b681c45
8795c248977770d727cc9e6de367fbc81b8d71c68fe166660738d6032ede8639
87dd7a40f7e7b3a454c2936f4c657a8c64cb8eabf626b2a96c130f537100fd0e
90b7d18e676f9c3a95b289a2c966403e39e3c5092020d350cd4671dfd1d0ad63
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
b30ebc33b5d44d839dec020d247b9f3d27a5f8cf55e931cf56df40bafc5dc57e
d19c8a8eef51addc0b56891de12d8afe2d8926143ac028e27ba62c1a4aaa3075
dcb39ca8647bc0ab564842a000c91f19a40c2474718d8d1d4396e555ff42be38
ea77872c36ee9fa39a4cfadf9fe2cc962485deb337e258f97bd4aab15566f3c4
f50039616e2e96ca15f0d18b026fab3f95a3befa4c31ed1d2491bd3f60671d6c
f64fa59ad2b71c9b9200be20cef537a2eb134219a4fe770b349a9b7c5ea5db40
f94547f911fafb348945a99d496d0c0a030b21d689ca9bffa8a1767359c039bf