urlscan.io logo urlscan.io
SecurityTrails logo

ihate.citrik.design Open in urlscan Pro
172.67.220.83  Public Scan

Go To Rescan Add Verdict Report
URL: https://ihate.citrik.design/
Submission Tags: @phishunt_io
Submission: On October 13 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 20 domains to perform 54 HTTP transactions. The main IP is 172.67.220.83, located in United States and belongs to CLOUDFLARENET, US. The main domain is ihate.citrik.design.
TLS certificate: Issued by E1 on October 5th 2023. Valid for: 3 months.
This is the only time ihate.citrik.design was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 172.67.220.83 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
12 139.45.197.242 9002 (RETN-AS)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 139.45.195.8 9002 (RETN-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 139.45.197.250 9002 (RETN-AS)
3 139.45.197.245 9002 (RETN-AS)
2 139.45.197.243 9002 (RETN-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 139.45.195.254 9002 (RETN-AS)
5 139.45.197.151 9002 (RETN-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
54 18
4    172.67.220.83 (United States)

ASN13335 (CLOUDFLARENET, US)
ihate.citrik.design
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
alwingulla.com
12    139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)
ophoacit.com
veepteero.com
soumehoo.net
eedsaung.net
2    2606:4700:3034::ac43:b1b3 (United States)

ASN13335 (CLOUDFLARENET, US)
hitwebcounter.com
www.hitwebcounter.com
1    2606:4700:20::ac43:4b95 (United States)

ASN13335 (CLOUDFLARENET, US)
www.termsfeed.com
4    2606:4700:3032::6815:5e40 (United States)

ASN13335 (CLOUDFLARENET, US)
ihate.citrik.design
1    2606:4700:3037::6815:5b3f (United States)

ASN13335 (CLOUDFLARENET, US)
inklinkor.com
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)
ibrapush.com
3    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
ossmightyenar.net
2    139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)
hazoopso.net
1    2606:4700:3036::6815:644 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
1    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
fleraprt.com
5    139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)
interstitial-08.com
1    2606:4700:10::6816:20ac (United States)

ASN13335 (CLOUDFLARENET, US)
offerimage.com
4    2606:4700:10::6816:1974 (United States)

ASN13335 (CLOUDFLARENET, US)
littlecdn.com
Apex Domain
Subdomains		 Transfer
9 ibrapush.com
ibrapush.com — Cisco Umbrella Rank: 190896
41 KB
8 citrik.design
ihate.citrik.design
213 KB
7 eedsaung.net
eedsaung.net — Cisco Umbrella Rank: 29952
149 KB
5 interstitial-08.com
interstitial-08.com — Cisco Umbrella Rank: 154903
158 KB
4 littlecdn.com
littlecdn.com — Cisco Umbrella Rank: 13943
35 KB
3 soumehoo.net
soumehoo.net — Cisco Umbrella Rank: 48370
33 KB
3 ossmightyenar.net
ossmightyenar.net — Cisco Umbrella Rank: 97412
36 KB
2 hazoopso.net
hazoopso.net
1 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9763
1 KB
2 hitwebcounter.com
hitwebcounter.com — Cisco Umbrella Rank: 173153
www.hitwebcounter.com — Cisco Umbrella Rank: 184447
4 KB
1 offerimage.com
offerimage.com — Cisco Umbrella Rank: 25417
79 KB
1 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 16383
489 B
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 17690
8 KB
1 gstatic.com
fonts.gstatic.com
14 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
999 B
1 veepteero.com
veepteero.com — Cisco Umbrella Rank: 204456
2 KB
1 inklinkor.com
inklinkor.com — Cisco Umbrella Rank: 74335
27 KB
1 termsfeed.com
www.termsfeed.com — Cisco Umbrella Rank: 80483
57 KB
1 ophoacit.com
ophoacit.com — Cisco Umbrella Rank: 89095
1 alwingulla.com
alwingulla.com — Cisco Umbrella Rank: 210475
23 KB
54 20
Domain Requested by
9 ibrapush.com alwingulla.com
ibrapush.com
ihate.citrik.design
8 ihate.citrik.design ihate.citrik.design
7 eedsaung.net alwingulla.com
eedsaung.net
5 interstitial-08.com eedsaung.net
interstitial-08.com
4 littlecdn.com interstitial-08.com
3 soumehoo.net alwingulla.com
soumehoo.net
3 ossmightyenar.net alwingulla.com
ossmightyenar.net
2 hazoopso.net inklinkor.com
2 my.rtmark.net alwingulla.com
ihate.citrik.design
1 offerimage.com ihate.citrik.design
1 fleraprt.com tzegilo.com
1 tzegilo.com ossmightyenar.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com ihate.citrik.design
1 veepteero.com alwingulla.com
1 inklinkor.com ihate.citrik.design
1 www.termsfeed.com ihate.citrik.design
1 www.hitwebcounter.com ihate.citrik.design
1 hitwebcounter.com 1 redirects
1 ophoacit.com ihate.citrik.design
1 alwingulla.com ihate.citrik.design
54 21

This site contains links to these domains. Also see Links.

Domain
dsc.gg
www.hitwebcounter.com
Subject Issuer Validity Valid
citrik.design
E1		 2023-10-05 -
2024-01-03		 3 months crt.sh
alwingulla.com
GTS CA 1P5		 2023-09-17 -
2023-12-16		 3 months crt.sh
ophoacit.com
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
termsfeed.com
Cloudflare Inc ECC CA-3		 2023-04-26 -
2024-04-25		 a year crt.sh
inklinkor.com
GTS CA 1P5		 2023-08-25 -
2023-11-23		 3 months crt.sh
veepteero.com
R3		 2023-07-27 -
2023-10-25		 3 months crt.sh
rtmark.net
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
ibrapush.com
R3		 2023-08-25 -
2023-11-23		 3 months crt.sh
ossmightyenar.net
R3		 2023-09-10 -
2023-12-09		 3 months crt.sh
soumehoo.net
R3		 2023-09-13 -
2023-12-12		 3 months crt.sh
eedsaung.net
R3		 2023-08-13 -
2023-11-11		 3 months crt.sh
hazoopso.net
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
tzegilo.com
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-01-14		 a year crt.sh
interstitial-08.com
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ihate.citrik.design/
Frame ID: F79E7BDD9C51DD9E29EDDA3DAC037D1B
Requests: 39 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D2488897198%26z%3D6349168%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3Dfpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D6c497dc5-d486-4700-86b7-3b539a42bbb9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fihate.citrik.design%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Frame ID: A72CCD0A2FB831039007086C2191DA24
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jordan's Math Work | Home

Page Statistics

54
Requests

98 %
HTTPS

56 %
IPv6

20
Domains

21
Subdomains

18
IPs

3
Countries

882 kB
Transfer

1630 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://hitwebcounter.com/counter/counter.php?page=8133209&style=0036&nbdigits=9&type=page&initCount=14623 HTTP 301
  • https://www.hitwebcounter.com/counter/counter.php?page=8133209&style=0036&nbdigits=9&type=page&initCount=14623

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ihate.citrik.design/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ihate.citrik.design/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef448357c96d9b9e7e55220e6d1bd83928769a4a35f1f75f9893cd0099d05914

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8156a8b10df8bba1-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 09:47:03 GMT
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
replit-cluster
global
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfJm4X97ZIaQ1FZrbNhEwJiutH2D1jXHNe%2FPXKzvZITY266zBzW3Of2YrE1K3gGAtD9dAnSXhX0jLgwuE0KH9JsWqlnl0NDG%2F2oJd90gZpPiTqNiWzXpi7QPNWIVwAMV9fVSQBr0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
alwingulla.com/88/ 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://alwingulla.com/88/tag.min.js
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38beae666a0a5a66bdcdf86c98658bd01ac05904a92fde9d664d61e889ec10ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50213
alt-svc
h3=":443"; ma=86400
x-trace-id
4bc66e2ec156c1c3cacf6eef00bd1cf2
pragma
no-cache
last-modified
Thu, 12 Oct 2023 08:17:20 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4Eg5rJ3ZdfWB8OHfTbFUeQkywCdMIfBfQYD3XEUCpwjj1d3aYVkZ6sZMHSA3kw7EzQLLdvcpm7rRFEnQtywApfHPpYUE3i0qjWBlNlBHN%2FMJFs%2BdXO7Lz3kbBN7PJzaFhIQqjatfllDP25MlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
8156a8b57c6037de-FRA
expires
Fri, 13 Oct 2023 19:50:10 GMT
1
ophoacit.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ophoacit.com/1?z=5963020
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-trace-id
0e41469c556de7859db4b2ddae7389f2
date
Fri, 13 Oct 2023 09:47:03 GMT
x-sc
4KdnrdofxFOHMlcU
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers
X-Sc
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length
7
darkMode.css
ihate.citrik.design/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ihate.citrik.design/css/darkMode.css
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a6c4e2683fe9df7e4fc6347396f046f9d5d069c3d0d59e8d4bc525d97cb34f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 13 Oct 2023 09:47:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmckrkHIuURl0HWKnk1kuF%2FDhzcQ16iUA1VSHx%2BEhmy7Q0fP%2FCWgXP4fkYvWTOOsw%2F1oT3NiZvIFtjuV%2FnWxeIx%2Ffs6ffVM%2F4v6A0KybGoPPv5YP2WivXhpTE2gsogsxKc%2FLM1SB"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
replit-cluster
global
cf-ray
8156a8b4cb95bba1-FRA
alt-svc
h3=":443"; ma=86400
change.js
ihate.citrik.design/ 		563 B
622 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ihate.citrik.design/change.js
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d7e8c9c72e0b8692211fc9fc5d42b5579b7845307b2e89f4fa31ac39867e23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 13 Oct 2023 09:47:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hJsrfVi6mUh%2BIHHrly1crozX9xbFcdPZL2EaFjjfhjNSWtJP%2BkJosJpqluuc2BqdShKgNVhQ0tCTEHsMvgMhrGdj4iKyTiBXBAh619EkdabeJM5j8uuAgl1X4YgMBY6htpSgqWy"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
replit-cluster
global
cf-ray
8156a8b4cb96bba1-FRA
alt-svc
h3=":443"; ma=86400
JMW.png
ihate.citrik.design/img/ 		202 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ihate.citrik.design/img/JMW.png
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5264d1cca497b1cc4197daa7ef59ea6cb6c44c5a6ea1bf28d069051ce82faa67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:04 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
replit-cluster
global
alt-svc
h3=":443"; ma=86400
content-length
206899
last-modified
Fri, 13 Oct 2023 09:47:04 GMT
server
cloudflare
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKt6XqmQr3fMXIODbu0C3aCYzmcJBk49QUNHen4puZ7vSkjOknrDFlupJNlDdDHDNkvt6ailUS9Nr%2BBX1%2Bi2xgQhb9IDRkcQUP1r0WsDU74wtSfo%2Fl4IT34o%2BEL7dZlnMwJcPMBR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8156a8b4cb97bba1-FRA
counter.php
www.hitwebcounter.com/counter/
Redirect Chain
  • https://hitwebcounter.com/counter/counter.php?page=8133209&style=0036&nbdigits=9&type=page&initCount=14623
  • https://www.hitwebcounter.com/counter/counter.php?page=8133209&style=0036&nbdigits=9&type=page&initCount=14623
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hitwebcounter.com/counter/counter.php?page=8133209&style=0036&nbdigits=9&type=page&initCount=14623
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H2
Server
2606:4700:3034::ac43:b1b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c02ce0b2b0fd1b525b20a50710b548a4800e8addb1aae81b508933467b59281

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTw0%2FcO6jODHMeWlXg7pU%2Bn%2BJyJYtQTGCoLEwYjbY%2FE4IoRwK8mgOZz0hC5b6Cf6CSEx1%2FXF3NybChqywLKdpCPGwEdxRVqrMwuq6RvDUq8cfH9ouxrA%2BF%2B964D35TZuIEZRM09M%2B6SVR5Yh5pmOc2lbW0I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8156a8b7be421c6d-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 13 Oct 2023 09:47:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jElIuWvttTBMfAItTotjbmFAn8sroqJ%2FlOBo7VakluXDlyGx%2B5FUF16%2BH7HXU9eNGAOTGWEvN5ntJuY4wFRjJx6nbWsYI6FGUZ6NVL970jV9kbzCRCh436HptvUiWTW40aO%2B2Cm7RMvszHRc1Kzq%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://www.hitwebcounter.com/counter/counter.php?page=8133209&style=0036&nbdigits=9&type=page&initCount=14623
cf-ray
8156a8b52b851c6d-FRA
alt-svc
h3=":443"; ma=86400
cookie-consent.js
www.termsfeed.com/public/cookie-consent/4.1.0/ 		205 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.termsfeed.com/public/cookie-consent/4.1.0/cookie-consent.js
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7380b5d376389ab29bbf7f40f39d4d1b1e7b4f4c590cfb769223309365a7962b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-priority
5/n
date
Fri, 13 Oct 2023 09:47:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29457
cf-polished
origSize=209727
x-z
3246
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 13 Oct 2023 00:24:13 GMT
server
cloudflare
etag
W/"2d97284bdb474c626bad95c5fbb210cb"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVubfJGXQOme%2BAYP0zcZxWosKURP%2B9jdUqv70%2BjXIfuxzOUoptuNRe2nQ4X5uGgucYkiMtSMnXhJU84UWd4%2BT4Yk8LvnUT6u9xZ2VQp5IkGH2lfIj%2Feo5DDK78O1p9qMq9Hx4g1vPexQIVoV8dHx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, immutable, max-age=3600
cf-ray
8156a8b7e89f9241-FRA
expires
Fri, 13 Oct 2023 02:24:13 GMT
script.js
ihate.citrik.design/ 		611 B
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ihate.citrik.design/script.js
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5e40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8920341356b382e0d283af3cd6c9759509a031219c8ef792eb5285cb05c1a09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 13 Oct 2023 09:47:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7v9EzsipoPdTgyuBsCks3HSGd2p6xYrdnAcxtpPtuoK9pGmTlTtMpUdPLXOnbXzqrTeGevZ1YdDcYP8zNVJERddP%2Fs1M5NDV5YaunwEl6vZJ99T46xBBmshFVQcCU4dr%2B0vCQjLmC6bnM8Y%2FFW82ztA"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
replit-cluster
global
cf-ray
8156a8b7997c39ec-FRA
alt-svc
h3=":443"; ma=86400
app.js
ihate.citrik.design/ 		1 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ihate.citrik.design/app.js
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5e40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a07bbc0b6954d218a72eed896268ee21061f3e09c20be0adde89bdde68bc020

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 13 Oct 2023 09:47:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YsDZdbj6ka9fN4%2FSH1bf6Sxyib8vnQvaMHIN9ZO21oaf8EBPh9tIHk%2FTTjHhw9N9ODlOMaR0MvihGMfZUs8ghYdCBc%2BAElD3h9a7%2FRAvSmhrYSyrOO3eeQj9z8MF3RK3ReS5TUDAIPai0XiAHv7QnUbO"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
replit-cluster
global
cf-ray
8156a8b7997e39ec-FRA
alt-svc
h3=":443"; ma=86400
tag.min.js
inklinkor.com/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inklinkor.com/tag.min.js
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5b3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8465bfb63900bfbdab85f62969ea3d40c41451b5b00b246f5591348ce8d7846

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
212
alt-svc
h3=":443"; ma=86400
x-trace-id
87ce085ba80780d59d83332c5f5efdf5
pragma
no-cache
last-modified
Fri, 13 Oct 2023 09:37:05 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQ0mTVupSmXN%2B8ks2H3QHp5ChRPjEHnKC%2BZJmtyfXIde2oGh1EcrF8G%2FAQ6pmu0%2F4hOqdIf7afJ2bYvESW4OKCJMvFR0s%2FZp0vNAhRVCUNlkYi4lTNYeqA0oJd7LYU3PMV3kexfJ5gIbbdvn"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
8156a8b7f92f35ea-FRA
expires
Sat, 14 Oct 2023 09:43:32 GMT
11529
veepteero.com/88/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://veepteero.com/88/11529
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
26b3fd27e2edef5c44176800395e022b308f1cf3aafd35051405c4c3827f703a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Fri, 13 Oct 2023 09:47:04 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://ihate.citrik.design
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
gid.js
my.rtmark.net/ 		65 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=1e06ab3c327b4685923a7ffdcf448bb4
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9469191ee52b46287c6f52b6e233dddffe02e892498816e456a8dbd2ccd468e3
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ihate.citrik.design
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
css2
fonts.googleapis.com/ 		2 KB
999 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Comfortaa&display=swap
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/css/darkMode.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8ddf5aac79c0f68a00dfe5b431ecc4256ea26aeffc588bb43886092c1a08e1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Oct 2023 09:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 09:28:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Oct 2023 09:47:04 GMT
1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2
fonts.gstatic.com/s/comfortaa/v45/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrMfIA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Comfortaa&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a60cbbc3a467d154735820b68c3840319e675c0048dd2c10a8561e92263423c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ihate.citrik.design
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 18:00:52 GMT
x-content-type-options
nosniff
age
575172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13620
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:50:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 18:00:52 GMT
tag.min.js
ibrapush.com/pfe/current/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibrapush.com/pfe/current/tag.min.js?z=6349170
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
3856ab7fa60ca0e737ddda54cccccfab865d1f81ac22ab05199685309a7296ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 09:47:04 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 11:51:57 GMT
server
nginx
etag
W/"6527dddd-33d2"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
link
<https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
6349169
ossmightyenar.net/401/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ossmightyenar.net/401/6349169
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
671d065bfcdc8ed15f3eb176a9d6e6744e6832735ad8e96d84644d1e776fa26b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
977a603048f39e9329dedfb2be291e1f
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
6349167
soumehoo.net/400/ 		80 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soumehoo.net/400/6349167
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9f88e6aada1a4b6ba2c7158f6fe46d3adfa1fa1b2941570219a7aa59c2228420
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
14824c351a57978f14ee4c984acbbf19
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
1
eedsaung.net/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eedsaung.net/1?z=6349168
Requested by
Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
94472d0bff47d6ff712819d11c39a3393483f658cf5d2a94b4d89f4601b638f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-trace-id
778b74ccaa705af335330cb10aacac72
pragma
no-cache
date
Fri, 13 Oct 2023 09:47:04 GMT
content-encoding
gzip
x-sc
RuvRJsn9SNV2S0zKeJ9vzMy03KmqCyGLidIDalNz5F3aaNFdQbiv5_j3Wk2HVrNG2v9PaSkO7GrO_li_JKszoCo9Bqg=
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
hazoopso.net/5/5963019/ 		7 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hazoopso.net/5/5963019/?oo=1&js_build=iclick-v1.606.1&branch=800
Requested by
Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
00e3fbbf542561da72fdc5ea89cfd1405c17739dd49210252e611c3122018efe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 09:47:04 GMT
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://ihate.citrik.design
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length
7
expires
Tue, 11 Jan 1994 10:00:00 GMT
zone
ibrapush.com/ 		882 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ibrapush.com/zone?pub=0&zone_id=6349170&is_mobile=false&domain=ihate.citrik.design&var=&ymid=&var_3=&tg=0
Requested by
Host: ibrapush.com
URL: https://ibrapush.com/pfe/current/tag.min.js?z=6349170
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
13c40bdec080add7e4c4787f388d1d6440ea94b5eda98870088bcde2e13be54c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-trace-id
8f52c58c62835e51c8cab81fc73e4bb5
date
Fri, 13 Oct 2023 09:47:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ihate.citrik.design
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
882
universal.min.js
ibrapush.com/pfe/current/ 		85 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ibrapush.com/pfe/current/universal.min.js?v=3.1.462
Requested by
Host: ibrapush.com
URL: https://ibrapush.com/pfe/current/tag.min.js?z=6349170
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
556877dc51fb101eedfe9819a0cc9c4ece02a83f63662d48c2b801e052517374

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 09:47:04 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 11:51:57 GMT
server
nginx
etag
W/"6527dddd-155a7"
content-type
application/javascript
access-control-allow-origin
https://ihate.citrik.design
cache-control
no-cache
access-control-allow-credentials
true
6bb872d7a3a0718b6120c3e523394afb
eedsaung.net/27/ 		403 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eedsaung.net/27/6bb872d7a3a0718b6120c3e523394afb
Requested by
Host: eedsaung.net
URL: https://eedsaung.net/1?z=6349168
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
039d49206b2255cd6257a88545684fbcfd9bbfd751a491554c4b8ecda8812cb4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-trace-id
d18427e5627aef584524bcbc76eb0116
date
Fri, 13 Oct 2023 09:47:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
last-modified
Thu, 05 Oct 2023 08:56:03 GMT
server
nginx
content-encoding
gzip
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
max-age:290304000, public
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Thu, 04 Nov 2083 08:56:03 GMT
stattag.js
tzegilo.com/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: ossmightyenar.net
URL: https://ossmightyenar.net/401/6349169
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 08:19:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3645
etag
W/"64f987a8-4a4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqCn1Vm3oXqpH26WJ1ra1HSRDAd5lgN718Cqdwt%2B9J3aFyJZ5wQSgTEuDAJsakZJUmOh6NqM0cKPmi1xc18ApMZCi39uteggNSUYIXdIdCtGI7d9pow7FMMkkM40eFAoXzs%2BVg2HQVjqEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8156a8ba08bf2bcb-FRA
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400
9
eedsaung.net/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://eedsaung.net/9?z=6349168&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fihate.citrik.design%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=1e06ab3c327b4685923a7ffdcf448bb4
Requested by
Host: eedsaung.net
URL: https://eedsaung.net/27/6bb872d7a3a0718b6120c3e523394afb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e853dc21748d97a4ab320cde17d195c0d3d4abf4166f3001b3bdaad364177e88

Request headers

Referer
https://ihate.citrik.design/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
0c0aecdd6179e5be32cf78b6b905af89
pragma
no-cache
date
Fri, 13 Oct 2023 09:47:04 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://ihate.citrik.design
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
9
eedsaung.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eedsaung.net/9?z=6349168&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fihate.citrik.design%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=1e06ab3c327b4685923a7ffdcf448bb4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ihate.citrik.design
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ihate.citrik.design
cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Fri, 13 Oct 2023 09:47:04 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
server
nginx
add
fleraprt.com/log/ 		12 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer
https://ihate.citrik.design/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 13 Oct 2023 09:47:18 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ihate.citrik.design
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
6349169
ossmightyenar.net/500/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ossmightyenar.net/500/6349169?excludes=&oaid=1e06ab3c327b4685923a7ffdcf448bb4&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fihate.citrik.design%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&js_build=8&sw_version=v1.303.0
Requested by
Host: ossmightyenar.net
URL: https://ossmightyenar.net/401/6349169
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
83672795121ef473331310325801599db2739b8a8ada3ae1340724f8dbb27c35
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ihate.citrik.design/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 Oct 2023 09:47:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
bcd1c81dc4cf57944002d02635c6e468
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://ihate.citrik.design
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
6349169
ossmightyenar.net/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ossmightyenar.net/500/6349169?excludes=&oaid=1e06ab3c327b4685923a7ffdcf448bb4&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fihate.citrik.design%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&js_build=8&sw_version=v1.303.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ihate.citrik.design
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ihate.citrik.design
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Fri, 13 Oct 2023 09:47:04 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
6349167
soumehoo.net/500/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://soumehoo.net/500/6349167?excludes=&oaid=1e06ab3c327b4685923a7ffdcf448bb4&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fihate.citrik.design%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&js_build=8&sw_version=v1.303.0
Requested by
Host: soumehoo.net
URL: https://soumehoo.net/400/6349167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c112f1febcfe249427d855c451a52165f3e64f5ebadc0885915d52f01809878e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ihate.citrik.design/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 Oct 2023 09:47:05 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
69bde662b12a34312b8b2e3154b6cdb6
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://ihate.citrik.design
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
6349167
soumehoo.net/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://soumehoo.net/500/6349167?excludes=&oaid=1e06ab3c327b4685923a7ffdcf448bb4&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fihate.citrik.design%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&js_build=8&sw_version=v1.303.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ihate.citrik.design
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ihate.citrik.design
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Fri, 13 Oct 2023 09:47:04 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
custom
ibrapush.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ibrapush.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ihate.citrik.design
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ihate.citrik.design
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 13 Oct 2023 09:47:04 GMT
server
nginx
custom
ibrapush.com/ 		39 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ibrapush.com/custom
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ihate.citrik.design/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
3db33b2864930c45a2ce25ec5433d6ec
date
Fri, 13 Oct 2023 09:47:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ihate.citrik.design
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
sw.js
ihate.citrik.design/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ihate.citrik.design/sw.js
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5e40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89adba6ad5a507487c5ad7f2d4e0dd96a9414b9727ab4ee0dea559d722bf4ac7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 13 Oct 2023 09:47:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHqnxYFsFwhF%2BkRTPYNlKGcKJW8BtTUBgF6Xny5sc6t5SKdBrFq5%2BeawSN0lUtRHawVVP9bY3iTfO81DilmpDhPrWG3TcddgnWHGqcAeJY5JujSjpnGHhjqg4p4fl6vyQlzW43gBHE9bxbXr31Hdd286"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
replit-cluster
global
cf-ray
8156a8bb6e5939ec-FRA
alt-svc
h3=":443"; ma=86400
11
eedsaung.net/ 		0
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eedsaung.net/11?rnd=2181414727&z=6349168&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=fpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc=&ruid=6c497dc5-d486-4700-86b7-3b539a42bbb9&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fihate.citrik.design%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&ot=178
Requested by
Host: eedsaung.net
URL: https://eedsaung.net/27/6bb872d7a3a0718b6120c3e523394afb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-trace-id
c15408f552634cc4fd6209ca2a5c14c9
pragma
no-cache
date
Fri, 13 Oct 2023 09:47:04 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
https://ihate.citrik.design
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
interstitial-08.com/ Frame A72C 		21 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D2488897198%26z%3D6349168%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3Dfpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D6c497dc5-d486-4700-86b7-3b539a42bbb9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fihate.citrik.design%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Requested by
Host: eedsaung.net
URL: https://eedsaung.net/27/6bb872d7a3a0718b6120c3e523394afb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
185934adb26677d87840e7a5b4a8d6e3e7e0e882042974ce8b79a80c5f971d17

Request headers

Referer
https://ihate.citrik.design/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 13 Oct 2023 09:47:05 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
/
hazoopso.net/5/5960343/ 		7 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hazoopso.net/5/5960343/?oo=1&js_build=iclick-v1.606.1&branch=801
Requested by
Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
00e3fbbf542561da72fdc5ea89cfd1405c17739dd49210252e611c3122018efe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 09:47:04 GMT
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://ihate.citrik.design
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
content-length
7
expires
Tue, 11 Jan 1994 10:00:00 GMT
cd86e6a8544e5ffc3d054d8566f920f2.png
offerimage.com/www/images/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offerimage.com/www/images/cd86e6a8544e5ffc3d054d8566f920f2.png
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a9038c19e55339a58f11b2ef50656bdb2c2ebef1bce773e2b9fd2cdb4c4bd46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:05 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 17:19:58 GMT
server
cloudflare
age
65889
etag
"6515b5be-13c9a"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8156a8bd48622bc3-FRA
content-length
81050
expires
Fri, 13 Oct 2023 15:28:56 GMT
manifest.json
ihate.citrik.design/ 		240 B
713 B 		Manifest
General
Check archive.org
Download Go to
Full URL
https://ihate.citrik.design/manifest.json
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:5e40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fb26d2a7eb4daa6511b03a8c5fe1ff3189957fe799159f4fe4cf8b3d0232aa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouLITdo6TAzreemBJT1WPgdvL7%2BSygJr6eQ2DvUOesUj98Hs9oNvAmkC9mVlNAHnScRj%2Bord%2BnvydjxyzR38bfGYkvoygwjjS5KZ2rLgMNdhUyjCPeg1absWxV5h0UQ%2BvhRUEK5X88J%2FiAlgpmhyvQ98"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
replit-cluster
global
cf-ray
8156a8bd0f623659-FRA
alt-svc
h3=":443"; ma=86400
style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame A72C 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D2488897198%26z%3D6349168%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3Dfpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D6c497dc5-d486-4700-86b7-3b539a42bbb9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fihate.citrik.design%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 08:12:53 GMT
server
cloudflare
age
3126
etag
W/"651e7005-30c9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
cf-ray
8156a8bdfa02904c-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame A72C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D2488897198%26z%3D6349168%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3Dfpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D6c497dc5-d486-4700-86b7-3b539a42bbb9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fihate.citrik.design%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:05 GMT
cf-cache-status
HIT
age
5150
content-length
3429
last-modified
Thu, 05 Oct 2023 08:12:53 GMT
server
cloudflare
etag
"651e7005-d65"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
8156a8bdfa04904c-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
0100657458245.jpeg
interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame A72C 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D2488897198%26z%3D6349168%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3Dfpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D6c497dc5-d486-4700-86b7-3b539a42bbb9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fihate.citrik.design%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D2488897198%26z%3D6349168%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3Dfpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D6c497dc5-d486-4700-86b7-3b539a42bbb9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fihate.citrik.design%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:05 GMT
last-modified
Thu, 31 Jan 2019 11:14:34 GMT
server
nginx
etag
"5c52d89a-d0e0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
53472
0933414948049.jpeg
interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame A72C 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D2488897198%26z%3D6349168%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3Dfpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D6c497dc5-d486-4700-86b7-3b539a42bbb9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fihate.citrik.design%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D2488897198%26z%3D6349168%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3Dfpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D6c497dc5-d486-4700-86b7-3b539a42bbb9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fihate.citrik.design%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:05 GMT
last-modified
Wed, 15 Aug 2018 10:56:50 GMT
server
nginx
etag
"5b7406f2-393b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
14651
0350025199145.jpeg
interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame A72C 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D2488897198%26z%3D6349168%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3Dfpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D6c497dc5-d486-4700-86b7-3b539a42bbb9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fihate.citrik.design%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D2488897198%26z%3D6349168%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3Dfpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D6c497dc5-d486-4700-86b7-3b539a42bbb9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fihate.citrik.design%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:05 GMT
last-modified
Tue, 17 Jul 2018 10:46:08 GMT
server
nginx
etag
"5b4dc8f0-8b17"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
35607
01289039865190.jpeg
interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame A72C 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D2488897198%26z%3D6349168%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3Dfpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D6c497dc5-d486-4700-86b7-3b539a42bbb9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fihate.citrik.design%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D2488897198%26z%3D6349168%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3Dfpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D6c497dc5-d486-4700-86b7-3b539a42bbb9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fihate.citrik.design%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:05 GMT
last-modified
Thu, 31 Jan 2019 11:14:34 GMT
server
nginx
etag
"5c52d89a-c502"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
50434
player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame A72C 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D2488897198%26z%3D6349168%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3Dfpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D6c497dc5-d486-4700-86b7-3b539a42bbb9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fihate.citrik.design%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:05 GMT
cf-cache-status
HIT
age
1295
content-length
28527
last-modified
Thu, 05 Oct 2023 08:12:53 GMT
server
cloudflare
etag
"651e7005-6f6f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
8156a8bdfa05904c-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
script.js
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame A72C 		1 KB
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D2488897198%26z%3D6349168%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3Dfpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D6c497dc5-d486-4700-86b7-3b539a42bbb9%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fihate.citrik.design%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 08:12:53 GMT
server
cloudflare
age
4443
etag
W/"651e7005-58b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
cf-ray
8156a8bdfa03904c-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
custom
ibrapush.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ibrapush.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ihate.citrik.design
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ihate.citrik.design
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 13 Oct 2023 09:47:05 GMT
server
nginx
custom
ibrapush.com/ 		39 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ibrapush.com/custom
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ihate.citrik.design/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
ac493b084e9d409342ea50cc460a5ea3
date
Fri, 13 Oct 2023 09:47:05 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ihate.citrik.design
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=1cc5e83ac7f14cfc88d7a6d4fb54c446&zoneId=6349170&checkDuplicate=true&ymid=&var=
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9469191ee52b46287c6f52b6e233dddffe02e892498816e456a8dbd2ccd468e3
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:47:05 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ihate.citrik.design
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
ibrapush.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ibrapush.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ihate.citrik.design
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ihate.citrik.design
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 13 Oct 2023 09:47:05 GMT
server
nginx
custom
ibrapush.com/ 		39 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ibrapush.com/custom
Requested by
Host: ihate.citrik.design
URL: https://ihate.citrik.design/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ihate.citrik.design/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
a339f5070b0da10b1ade4593424a0126
date
Fri, 13 Oct 2023 09:47:05 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ihate.citrik.design
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
15
eedsaung.net/ 		0
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eedsaung.net/15?rnd=419959172&z=6349168&var=&varid=0&rb=fpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc=&ruid=6c497dc5-d486-4700-86b7-3b539a42bbb9&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.186%2C%22location%22%3A%22https%3A%2F%2Fihate.citrik.design%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A3%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
Requested by
Host: eedsaung.net
URL: https://eedsaung.net/27/6bb872d7a3a0718b6120c3e523394afb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-trace-id
b271ad67435b869ab6876a5b8a8e7d76
pragma
no-cache
date
Fri, 13 Oct 2023 09:47:05 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ihate.citrik.design
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
15
eedsaung.net/ 		0
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eedsaung.net/15?rnd=419959172&z=6349168&var=&varid=0&rb=fpat_nveUzjrCfhZqIjJYOKMlVJdV0Rppw3-wcDRr5unMgoCJJkjcBJ_mvydRW3FCi4v0JQRkcFu8S9VdVjZYZF2KfeaAre3OtG8TQh0N8Wnm8btWDqQeHipiL6hLj05NLL1uEWSzsWyFdR0R1Nd9YM6izJDo5CrNohteI2EgszIddAvfV6ZLvleXl_8Z0zu7hZlU-GLBLsidPI-olrUJqx3UFgY7Cl2DN2eo7s__ZUMPcesSiDMzuRiaEknYmlkmiiZyEiyygFU_0sWb6QYoRc2p62-ooZ_VGqqk-GImtwq5wXNRo0U7r9d1Cc=&ruid=6c497dc5-d486-4700-86b7-3b539a42bbb9&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.187%2C%22location%22%3A%22https%3A%2F%2Fihate.citrik.design%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A3%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
Requested by
Host: eedsaung.net
URL: https://eedsaung.net/27/6bb872d7a3a0718b6120c3e523394afb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ihate.citrik.design/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-trace-id
3389ac99f560150e70d9440a860e3528
pragma
no-cache
date
Fri, 13 Oct 2023 09:47:07 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ihate.citrik.design
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| zfgstorage object| 5un2ggfxiu3 object| zfgformats function| onClickTrigger boolean| zfgonclickfirst object| syncCallbacks boolean| zfgloadedpopup object| title object| faviconURL object| favicon object| stylesheetFile object| stylesheet object| cookieconsent object| regeneratorRuntime boolean| zfgloadednative boolean| __lwkemfd9q__ object| webpushlogs object| sdk function| _retranber object| __ds3dcV__ boolean| installOnFly object| _nps function| ab number| __qwe33wweq__ function| showInstallPrompt boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode

9 Cookies

Domain/Path Name / Value
ophoacit.com/ Name: scm
Value: 1
my.rtmark.net/ Name: ID
Value: 1e06ab3c327b4685923a7ffdcf448bb4
eedsaung.net/ Name: scm
Value: 1
eedsaung.net/ Name: oaidts
Value: 1697190424
eedsaung.net/ Name: OAID
Value: 1e06ab3c327b4685923a7ffdcf448bb4
ossmightyenar.net/ Name: OAID
Value: 1e06ab3c327b4685923a7ffdcf448bb4
ihate.citrik.design/ Name: cookie_consent_user_consent_token
Value: tQOkPWYxQ5ap
ihate.citrik.design/ Name: cookie_consent_level
Value: %7B%22strictly-necessary%22%3Atrue%2C%22functionality%22%3Atrue%2C%22tracking%22%3Atrue%2C%22targeting%22%3Atrue%7D
soumehoo.net/ Name: OAID
Value: 1e06ab3c327b4685923a7ffdcf448bb4

3 Console Messages

Source Level URL
Text
network error URL: https://ophoacit.com/1?z=5963020
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://hazoopso.net/5/5963019/?oo=1&js_build=iclick-v1.606.1&branch=800
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://hazoopso.net/5/5960343/?oo=1&js_build=iclick-v1.606.1&branch=801
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alwingulla.com
eedsaung.net
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
hazoopso.net
hitwebcounter.com
ibrapush.com
ihate.citrik.design
inklinkor.com
interstitial-08.com
littlecdn.com
my.rtmark.net
offerimage.com
ophoacit.com
ossmightyenar.net
soumehoo.net
tzegilo.com
veepteero.com
www.hitwebcounter.com
www.termsfeed.com
139.45.195.254
139.45.195.8
139.45.197.151
139.45.197.242
139.45.197.243
139.45.197.245
139.45.197.250
172.67.220.83
2606:4700:10::6816:1974
2606:4700:10::6816:20ac
2606:4700:20::ac43:4b95
2606:4700:3032::6815:5e40
2606:4700:3034::ac43:b1b3
2606:4700:3036::6815:644
2606:4700:3037::6815:5b3f
2a00:1450:4001:81c::200a
2a00:1450:4001:829::2003
2a06:98c1:3120::3
00e3fbbf542561da72fdc5ea89cfd1405c17739dd49210252e611c3122018efe
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c
039d49206b2255cd6257a88545684fbcfd9bbfd751a491554c4b8ecda8812cb4
13c40bdec080add7e4c4787f388d1d6440ea94b5eda98870088bcde2e13be54c
185934adb26677d87840e7a5b4a8d6e3e7e0e882042974ce8b79a80c5f971d17
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
26b3fd27e2edef5c44176800395e022b308f1cf3aafd35051405c4c3827f703a
3856ab7fa60ca0e737ddda54cccccfab865d1f81ac22ab05199685309a7296ed
38beae666a0a5a66bdcdf86c98658bd01ac05904a92fde9d664d61e889ec10ef
3a07bbc0b6954d218a72eed896268ee21061f3e09c20be0adde89bdde68bc020
4a6c4e2683fe9df7e4fc6347396f046f9d5d069c3d0d59e8d4bc525d97cb34f7
4fb26d2a7eb4daa6511b03a8c5fe1ff3189957fe799159f4fe4cf8b3d0232aa1
5264d1cca497b1cc4197daa7ef59ea6cb6c44c5a6ea1bf28d069051ce82faa67
556877dc51fb101eedfe9819a0cc9c4ece02a83f63662d48c2b801e052517374
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e
55d7e8c9c72e0b8692211fc9fc5d42b5579b7845307b2e89f4fa31ac39867e23
671d065bfcdc8ed15f3eb176a9d6e6744e6832735ad8e96d84644d1e776fa26b
6a9038c19e55339a58f11b2ef50656bdb2c2ebef1bce773e2b9fd2cdb4c4bd46
6c02ce0b2b0fd1b525b20a50710b548a4800e8addb1aae81b508933467b59281
7380b5d376389ab29bbf7f40f39d4d1b1e7b4f4c590cfb769223309365a7962b
83672795121ef473331310325801599db2739b8a8ada3ae1340724f8dbb27c35
86da38693fcea056d36588a4146e85392f784c457511de416fec32034aafa4f9
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed
89adba6ad5a507487c5ad7f2d4e0dd96a9414b9727ab4ee0dea559d722bf4ac7
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568
94472d0bff47d6ff712819d11c39a3393483f658cf5d2a94b4d89f4601b638f8
9469191ee52b46287c6f52b6e233dddffe02e892498816e456a8dbd2ccd468e3
9f88e6aada1a4b6ba2c7158f6fe46d3adfa1fa1b2941570219a7aa59c2228420
a60cbbc3a467d154735820b68c3840319e675c0048dd2c10a8561e92263423c7
a8465bfb63900bfbdab85f62969ea3d40c41451b5b00b246f5591348ce8d7846
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238
c112f1febcfe249427d855c451a52165f3e64f5ebadc0885915d52f01809878e
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e853dc21748d97a4ab320cde17d195c0d3d4abf4166f3001b3bdaad364177e88
e8ddf5aac79c0f68a00dfe5b431ecc4256ea26aeffc588bb43886092c1a08e1d
ef448357c96d9b9e7e55220e6d1bd83928769a4a35f1f75f9893cd0099d05914
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d
f8920341356b382e0d283af3cd6c9759509a031219c8ef792eb5285cb05c1a09
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881