lessfeesendgas.com Open in urlscan Pro
2606:4700:3031::6815:2f18  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response lessfeesendgas.com/	14 KB 4 KB	186ms 83ms	Document text/html	2606:4700:3031::6815:2f18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lessfeesendgas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:2f18 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f66af83eaf306f4f3dff1d2abdb0d945bc6cb0e55e91550eda7761772c8f5452 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 83ef98df6d083831-FRA content-encoding br content-type text/html; charset=utf-8 date Tue, 02 Jan 2024 02:33:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzQ3zN1%2F9TmkqSy2Ts8AppSqnOM4vboOk9GB7ZbxSEBfLYc1NGUcY4vRwkFTEJp0eG7ZZSvFdicKppa1OorB6hX6SVT1dh1XFgUyyHEWp2naLFBJoJV%2BH9LjoXsKqYy3CGAupxaBaBF3UlMdkPkXACo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	axios.min.js Show response cdn.jsdelivr.net/npm/axios/dist/	33 KB 13 KB	131ms 50ms	Script application/javascript	2606:4700::6810:5614 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js Requested by Host: lessfeesendgas.com URL: https://lessfeesendgas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a08df88bf98ff7398eddb4aacf63b7a2ceef99b7ea7d756b00591390b1f08a5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://lessfeesendgas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 02:33:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 31720 x-jsd-version 1.6.3 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-etou8220107-FRA, cache-lga21977-LGA x-jsd-version-type version server cloudflare etag W/"8357-tE4xW4fxjijLipbMKv8jkI+s5F4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBO5mq6BOtBQFajurEP%2FcUztFiDtjLr3mLe%2Fr1CcqnSPEytud%2FGQyzBbPM%2FP0FDsrJTurnfvybyAnPfif6cCWxoXN3bVhf3TFQtOnTiHKMjNWju1ho8Swq7%2BBWVBPlbM6mwMj3LAejwQDVhSm4w%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 83ef98e07b38bb3e-FRA
GET H2	200	crypto-js.min.js Show response cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/	59 KB 20 KB	127ms 45ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js Requested by Host: lessfeesendgas.com URL: https://lessfeesendgas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://lessfeesendgas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 02:33:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2104618 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 19621 last-modified Tue, 24 Oct 2023 23:03:52 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "65384d58-4ca5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lM9JOCWTf3BGCnqGHeBhbn2%2F0XDUdeQ1qWE6YIOPG2RQPZZbT%2BDWEIC8pmmJNGufJe1DzrmINUSFF4ZvWKCHLOqvdl1lI%2BAop1hpNOF0qfOlqRnLgAepwDtIyLeVJqWzKtWzXL3390zrFOx4QgA8HdS%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 83ef98e078705b62-FRA expires Sun, 22 Dec 2024 02:33:25 GMT
GET H2	200	solana.js Show response lessfeesendgas.com/	799 KB 165 KB	169ms 168ms	Script application/javascript	2606:4700:3031::6815:2f18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lessfeesendgas.com/solana.js Requested by Host: lessfeesendgas.com URL: https://lessfeesendgas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:2f18 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b41044c8ed8f9794940019de4d174e298485d530bc315f3e9f433c02d4ba114 Request headers accept-language de-DE,de;q=0.9 Referer https://lessfeesendgas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 02:33:25 GMT content-encoding br cf-cache-status MISS last-modified Sat, 30 Dec 2023 18:17:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"c7cbf-18cbbf1b0a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3zjsXtRt8BFy4sbH2QBh85eNqxljezg1YSXuLmTUIbDNNacnRRiBBzrqsULoazwVuV6Zc76pYAw0wLKe8L%2Fb2b4rL3PJnuUn3nRSEuDjnr2wfSCk8Lpf443AbYjFdaqdBxy6YL0B%2BayteIlXDXh4gY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 83ef98dffd463831-FRA alt-svc h3=":443"; ma=86400
GET H2	200	spl.js Show response lessfeesendgas.com/	434 KB 111 KB	127ms 127ms	Script application/javascript	2606:4700:3031::6815:2f18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lessfeesendgas.com/spl.js Requested by Host: lessfeesendgas.com URL: https://lessfeesendgas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:2f18 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3a0120670fe2200a0605c73cf2bbb1c93c159c2abea70ca7f209237e5092c41 Request headers accept-language de-DE,de;q=0.9 Referer https://lessfeesendgas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 02:33:25 GMT content-encoding br cf-cache-status MISS last-modified Sat, 30 Dec 2023 18:17:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6c887-18cbbf1b488" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9SaLaTHjJvyyT4H58YKJwFnk4vEapzKPm9lSpcBL9nSEaTy3YfpBl0XdQkoRHFi2xTfJDSncaCJH3ljpQdJFDatuP7mU4i2meQyRCk9vm7gNS1wPvchjkwB9EPOtaRHnd36tIpVqTOSjRrCcsPFHWU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 83ef98dffd483831-FRA alt-svc h3=":443"; ma=86400
GET H3	200	node.js Show response lessfeesendgas.com/	132 KB 31 KB	101ms 100ms	Script application/javascript	2606:4700:3031::6815:2f18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lessfeesendgas.com/node.js Requested by Host: lessfeesendgas.com URL: https://lessfeesendgas.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:2f18 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6982a7aec057bd73cda71a4700919f7dd8b9568c50d3bdde5845dec81cf49092 Request headers accept-language de-DE,de;q=0.9 Referer https://lessfeesendgas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 02:33:26 GMT content-encoding br cf-cache-status MISS last-modified Mon, 01 Jan 2024 21:10:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"21038-18cc6dd4498" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCe3bV6lRo0NUjRNt1s%2B5xDEa4myPLQbyIUQOE1EDYNYrLy%2BYsNdxHB70Z9NmN0UDNYjfIj9OADZ9MCj%2FUBZ2vo7MQOPqY%2FzRkOJ95qvy%2FVc6drPIOe7LsHOm8YWxoQz4gmwxXX%2BA4PPysCXz%2B2dEVg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 83ef98e159a21c3c-FRA alt-svc h3=":443"; ma=86400
GET H2	200	logo.svg lessfeesandgas.org/static/images/	4 KB 2 KB	145ms 41ms	Image image/svg+xml	2600:9000:243d:6000:b:2ee9:640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://lessfeesandgas.org/static/images/logo.svg Requested by Host: lessfeesendgas.com URL: https://lessfeesendgas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:243d:6000:b:2ee9:640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 71b93bdf8b6319d9b3786757d8d2716891d024776f97930753ab8ca129723f5d Request headers accept-language de-DE,de;q=0.9 Referer https://lessfeesendgas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 22:22:00 GMT content-encoding br via 1.1 c9f5cfb4434d1ba72b6232f7ef6eeb0e.cloudfront.net (CloudFront) last-modified Thu, 28 Dec 2023 22:09:47 GMT server AmazonS3 x-amz-cf-pop DUS51-P4 age 15086 etag W/"2847a29e3a630eb1e2e58da2a2ff14d5" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml x-amz-cf-id 9V7mis6TKCB5bPNmV3nJ2g5I3Y_U1fke5scrVxrAYvrOf91zdEo0YQ==
GET H2	200	card.jpg lessfeesandgas.org/static/images/	184 KB 185 KB	153ms 48ms	Image image/jpeg	2600:9000:243d:6000:b:2ee9:640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://lessfeesandgas.org/static/images/card.jpg?1703614011 Requested by Host: lessfeesendgas.com URL: https://lessfeesendgas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:243d:6000:b:2ee9:640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3bcbc96bb7335d3d44ae222a12619e02de3e396dbd4efb2dbc985c3f6154adee Request headers accept-language de-DE,de;q=0.9 Referer https://lessfeesendgas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 22:22:00 GMT via 1.1 c9f5cfb4434d1ba72b6232f7ef6eeb0e.cloudfront.net (CloudFront) last-modified Thu, 28 Dec 2023 22:09:46 GMT server AmazonS3 x-amz-cf-pop DUS51-P4 age 15086 etag "90a51b6a05e45f36752cbd882251379a" x-cache Hit from cloudfront content-type image/jpeg content-length 188788 x-amz-cf-id 3oiJ20De_7Xm2CrkYblVSZME6wWtSi5Z-vYAWj4OnY4q5JBXmHurEw==
GET H2	200	YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2 fonts.gstatic.com/s/kalam/v16/	22 KB 22 KB	168ms 83ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2 Requested by Host: lessfeesendgas.com URL: https://lessfeesendgas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 252063af6ade8b9a744cde4ddad0fc21ea53b8ba711eed121a0c2e8610ea9c93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://lessfeesendgas.com/ Origin https://lessfeesendgas.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 19:57:09 GMT x-content-type-options nosniff age 23777 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22144 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 31 Dec 2024 19:57:09 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	134ms 48ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: lessfeesendgas.com URL: https://lessfeesendgas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://lessfeesendgas.com/ Origin https://lessfeesendgas.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 26 Dec 2023 08:53:59 GMT x-content-type-options nosniff age 581967 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 25 Dec 2024 08:53:59 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	124ms 38ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: lessfeesendgas.com URL: https://lessfeesendgas.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://lessfeesendgas.com/ Origin https://lessfeesendgas.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 01 Jan 2024 17:28:03 GMT x-content-type-options nosniff age 32723 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 31 Dec 2024 17:28:03 GMT
POST H2	200	nigger Show response ontoptherest.xyz/	962 B 1 KB	60ms 60ms	XHR application/json	2606:4700:3035::6815:2103 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ontoptherest.xyz/nigger Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:2103 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a9db874f92a43b137933483c5a79c8d585e125fb8cc84a012f2d9ebc117b8ce Request headers Accept application/json, text/plain, */* Referer https://lessfeesendgas.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Content-Type application/json Response headers date Tue, 02 Jan 2024 02:33:26 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3c2-69qMkyO1psh/EfEkc5UMoVw7zZw" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74Be7IuAfo4zCYP8TXKFgVXVVMaAf7sv7onDJ3vH4YgU93vnQDPeOniOdhC3OwHlpVdHRs6n5K1aVwlg%2B2CAaAI3R1lIB6zb%2F1net0sjJk2K0yh9DlutN7Pn0J71vnlRHCzHNc5G2FpsfIFtATCN"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 83ef98e3eb120a6c-AMS alt-svc h3=":443"; ma=86400
OPTIONS H2	204	nigger ontoptherest.xyz/	0 0	178ms 66ms	Preflight	2606:4700:3035::6815:2103 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ontoptherest.xyz/nigger Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:2103 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://lessfeesendgas.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 83ef98e37ac20a6c-AMS content-length 0 date Tue, 02 Jan 2024 02:33:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlPyz1l6a4DR%2FqAQanOMMrq7xFH1yYdxEy%2Bt30Z6iotROtRtDUCRwxDqy6XUtpALGNmYNNRH0rEn9B9EY0zwzKk15UAfCaaNRngvC9W7AfIfWNRoMC5NJAt3ID5Q2PVz%2BDbkVXiZDCZCDX%2BQvmQX"}],"group":"cf-nel","max_age":604800} server cloudflare vary Access-Control-Request-Headers
GET H2	200	script.js Show response userstatics.com/get/	133 B 703 B	178ms 79ms	Script text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://userstatics.com/get/script.js?referrer=https://lessfeesendgas.com/ Requested by Host: lessfeesendgas.com URL: https://lessfeesendgas.com/spl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.1 Resource Hash df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26 Request headers accept-language de-DE,de;q=0.9 Referer https://lessfeesendgas.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 02:33:27 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.1 vary Accept-Encoding access-control-allow-methods GET, POST content-type text/html; charset=utf-8 access-control-allow-origin https://lessfeesendgas.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlSoIXqg%2BBHFvkeP2%2BAw%2FQOHOXnFOgYKtwpPPOvAGToPG3fbm6Hy6q5adJTjSdXxvyCPjv6sEGjbTzgJpiVy4ZrxT2oWkaWtTI5aaSW0Isn04sbOYVE20VYWUWeBvgaYkJE%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 83ef98e86c371903-FRA access-control-allow-headers X-Requested-With,content-type alt-svc h3=":443"; ma=86400

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| axios object| CryptoJS object| regeneratorRuntime object| solanaWeb3 object| splToken object| node$7ju2rk object| node$h8fzsl number| node$q8t7i object| node$qw1sdh function| node$qq7fnp object| node$xe178 function| node$t844g8 function| node$7kxwva undefined| node$nnv21l function| node$xi0b5f function| node$83pdlh function| node$hse3xu function| node$0znu8k string| node$ea8sfm string| node$3bdnki string| node$juypue string| node$togc0t string| node$72l0qy string| node$kjeb1x string| node$dbj3ep string| node$afr1tg string| node$8odof string| node$x7mz8d object| node$dfcpsw object| node$f5ezvf string| node$yl0vzr object| node$gqfs3 object| node$bi176i object| node$44gk0n object| node$bjtutl function| node$z181ur function| node$b7lemt number| node$vudrp object| node$c1kumd object| node$cub0fg function| node$8f221a function| node$t4xt1a function| node$w564i1 function| node$x5nxgc function| node$mawi81 function| node$y5vvz3y function| node$5duox7 string| node$6458l string| node$5ikiier function| node$aewfei object| node$ani2kf object| node$ey91hs boolean| node$3w8qwp boolean| node$yqvgup object| node$fravwi boolean| node$x3xn3r object| node$3kerym function| node$937457 function| node$yhxv5 function| node$je4sm function| node$bgm58 function| node$wnmi9k function| node$apmmeg function| node$u1vjxi function| node$bic5i function| node$cq6sr function| node$e2p35 function| node$4r2ll function| node$s3cr7 function| node$5owwhl

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lessfeesendgas.com/	1970-01-20 17:23:22	Name: PHPREFS Value: full

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.gstatic.com
lessfeesandgas.org
lessfeesendgas.com
ontoptherest.xyz
userstatics.com
188.114.96.3
2600:9000:243d:6000:b:2ee9:640:93a1
2606:4700:3031::6815:2f18
2606:4700:3035::6815:2103
2606:4700::6810:5614
2606:4700::6811:190e
2a00:1450:4001:802::2003
252063af6ade8b9a744cde4ddad0fc21ea53b8ba711eed121a0c2e8610ea9c93
3a08df88bf98ff7398eddb4aacf63b7a2ceef99b7ea7d756b00591390b1f08a5
3bcbc96bb7335d3d44ae222a12619e02de3e396dbd4efb2dbc985c3f6154adee
6982a7aec057bd73cda71a4700919f7dd8b9568c50d3bdde5845dec81cf49092
6b41044c8ed8f9794940019de4d174e298485d530bc315f3e9f433c02d4ba114
71b93bdf8b6319d9b3786757d8d2716891d024776f97930753ab8ca129723f5d
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
8a9db874f92a43b137933483c5a79c8d585e125fb8cc84a012f2d9ebc117b8ce
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
f3a0120670fe2200a0605c73cf2bbb1c93c159c2abea70ca7f209237e5092c41
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f66af83eaf306f4f3dff1d2abdb0d945bc6cb0e55e91550eda7761772c8f5452
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615