urlscan.io logo urlscan.io
SecurityTrails logo

carnivorousnutty.xyz Open in urlscan Pro
2606:4700:3034::6815:412c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://h6q6b.com/SOmNijqWCI
Effective URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8...
Submission: On October 20 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 5 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3034::6815:412c, located in United States and belongs to CLOUDFLARENET, US. The main domain is carnivorousnutty.xyz.
TLS certificate: Issued by E1 on September 30th 2022. Valid for: 3 months.
This is the only time carnivorousnutty.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
23 2606:4700:303... 13335 (CLOUDFLAR...)
5 2606:4700:e4:... 13335 (CLOUDFLAR...)
30 3
1    2606:4700:3031::ac43:b9dd (United States)

ASN13335 (CLOUDFLARENET, US)
h6q6b.com
3    2606:4700:3033::6815:309 (United States)

ASN13335 (CLOUDFLARENET, US)
phantomoff.com
1    2606:4700:3035::6815:8b7 (United States)

ASN13335 (CLOUDFLARENET, US)
sugaryspecials.com
23    2606:4700:3034::6815:412c (United States)

ASN13335 (CLOUDFLARENET, US)
carnivorousnutty.xyz
5    2606:4700:e4::ac40:a903 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-consulatu.com
event.trk-consulatu.com
Apex Domain
Subdomains		 Transfer
23 carnivorousnutty.xyz
carnivorousnutty.xyz
148 KB
5 trk-consulatu.com
trk-consulatu.com — Cisco Umbrella Rank: 27714
event.trk-consulatu.com — Cisco Umbrella Rank: 63664
3 KB
3 phantomoff.com
phantomoff.com
2 KB
1 sugaryspecials.com
sugaryspecials.com
763 B
1 h6q6b.com
h6q6b.com
645 B
30 5
Domain Requested by
23 carnivorousnutty.xyz carnivorousnutty.xyz
4 event.trk-consulatu.com trk-consulatu.com
3 phantomoff.com 1 redirects
1 trk-consulatu.com carnivorousnutty.xyz
1 sugaryspecials.com 1 redirects
1 h6q6b.com 1 redirects
30 6

This site contains links to these domains. Also see Links.

Domain
sugaryspecials.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-30 -
2023-06-29		 a year crt.sh
*.carnivorousnutty.xyz
E1		 2022-09-30 -
2022-12-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Frame ID: F95523C008F24DC28537986EAFF4FE8A
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Survey Rewards

Page URL History Show full URLs

  1. http://h6q6b.com/SOmNijqWCI HTTP 302
    https://phantomoff.com/click.php?key=6j44bhhrn88616czjx5o HTTP 302
    https://phantomoff.com/nlp/index.php?key=nxUfcetiUw&cid=7ed87wf1nb7pm9eb&campid=2391&duplication=1&... Page URL
  2. https://phantomoff.com/nlp/index.php?key=nxUfcetiUw&cid=7ed87wf1nb7pm9eb&campid=2391&url_bnm_redire... Page URL
  3. https://sugaryspecials.com/click.php?key=nxUfcetiUw&cid=7ed87wf1nb7pm9eb&campid=2391 HTTP 302
    https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

3
IPs

1
Countries

152 kB
Transfer

245 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://h6q6b.com/SOmNijqWCI HTTP 302
    https://phantomoff.com/click.php?key=6j44bhhrn88616czjx5o HTTP 302
    https://phantomoff.com/nlp/index.php?key=nxUfcetiUw&cid=7ed87wf1nb7pm9eb&campid=2391&duplication=1&url_bnm_redirect=https://sugaryspecials.com/click.php Page URL
  2. https://phantomoff.com/nlp/index.php?key=nxUfcetiUw&cid=7ed87wf1nb7pm9eb&campid=2391&url_bnm_redirect=https%3A%2F%2Fsugaryspecials.com%2Fclick.php Page URL
  3. https://sugaryspecials.com/click.php?key=nxUfcetiUw&cid=7ed87wf1nb7pm9eb&campid=2391 HTTP 302
    https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://h6q6b.com/SOmNijqWCI HTTP 302
  • https://phantomoff.com/click.php?key=6j44bhhrn88616czjx5o HTTP 302
  • https://phantomoff.com/nlp/index.php?key=nxUfcetiUw&cid=7ed87wf1nb7pm9eb&campid=2391&duplication=1&url_bnm_redirect=https://sugaryspecials.com/click.php

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.php
phantomoff.com/nlp/
Redirect Chain
  • http://h6q6b.com/SOmNijqWCI
  • https://phantomoff.com/click.php?key=6j44bhhrn88616czjx5o
  • https://phantomoff.com/nlp/index.php?key=nxUfcetiUw&cid=7ed87wf1nb7pm9eb&campid=2391&duplication=1&url_bnm_redirect=https://sugaryspecials.com/click.php
151 B
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://phantomoff.com/nlp/index.php?key=nxUfcetiUw&cid=7ed87wf1nb7pm9eb&campid=2391&duplication=1&url_bnm_redirect=https://sugaryspecials.com/click.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bfde7ba37456eda08255234405bbf6838e81069c2db7b08f3553d91ff309e59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75d41424ad878c17-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 19:14:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KE%2ByDVMrbV%2BhUZ1ZXFkiKrrgA9aKz9MTK6WRV8DQa99i8FeOPnShLsd1vlCsRMSECic7xwfCebI78m1y%2BBvWf63JOIdp5qI%2F%2F9Zj6nV01fHFtSO7SWEa6eMiY6bmNwqD20LJtATrwDng7enQyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75d414233a1b8c17-EWR
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 19:14:49 GMT
location
https://phantomoff.com/nlp/index.php?key=nxUfcetiUw&cid=7ed87wf1nb7pm9eb&campid=2391&duplication=1&url_bnm_redirect=https://sugaryspecials.com/click.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1ChjRYkmg6LGkEaSQgWQdJTJ5onU3Udhn3Iyiu57ZD9bLtsEV2c0hx15iI%2BbqnLKGTk0k7JrR1AloD4X2Lx96ab%2BF8ADfam%2F9pbmagl%2F7%2F3ysemY5h71eH76IwCSvoi%2FAabFCbgfeCBkoMvyA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
index.php
phantomoff.com/nlp/ 		129 B
584 B 		Document
General
Check archive.org
Download Go to
Full URL
https://phantomoff.com/nlp/index.php?key=nxUfcetiUw&cid=7ed87wf1nb7pm9eb&campid=2391&url_bnm_redirect=https%3A%2F%2Fsugaryspecials.com%2Fclick.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://phantomoff.com/nlp/index.php?key=nxUfcetiUw&cid=7ed87wf1nb7pm9eb&campid=2391&duplication=1&url_bnm_redirect=https://sugaryspecials.com/click.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75d41425af6c18f2-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 19:14:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUoMf15f%2BIITgynTAump4FmrL4K8Pgn%2Fd0OI%2F0Po8HBLm1D2KRYv3ugoEA7FldS%2FqVIGBFJbBTObT754gF%2F5M5TJAWjmMeDdVwCNFtAnKM1xjtes2ruxoShPAYWh5ZPkABG73k3Dzpb3%2BPJ1SA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
Primary Request /
carnivorousnutty.xyz/xtd2/
Redirect Chain
  • https://sugaryspecials.com/click.php?key=nxUfcetiUw&cid=7ed87wf1nb7pm9eb&campid=2391
  • https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
27 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f39d9b2f6b7bcfe92ad810deb3eb95eb3a4d964305eb2ab78cb0f193ecb1f98b

Request headers

Referer
https://phantomoff.com/nlp/index.php?key=nxUfcetiUw&cid=7ed87wf1nb7pm9eb&campid=2391&url_bnm_redirect=https%3A%2F%2Fsugaryspecials.com%2Fclick.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75d41429ac418c6f-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 19:14:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QL%2FX9MuynAXa2yBfi6YCCPEpr56%2FGrzoQU8umbCpGrDqiMxmHDyH7EVfzKZJMglEd3PIfcOl7eJ4z3LiEzqE7YxKDucfcqGep39F8w9S6ePt1%2FfO4fQCO7edSjXkyJeKkH3G2fzKRhGXwrxn4IPY7kTvfg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75d414270b371a03-EWR
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 19:14:50 GMT
location
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eA9sFvkb%2BecEbMe7nl4Oku%2F11oNcXg8IyfrKNAE05pFeTGOUDPEv%2FzY2wnSocfKB1KMUTmAsD4RMllhE0bJrgrBTtWaNyMkBSgPxUyvmMvn6zoV8A5VFH1agrgHMH9zWfDxWcGKtjOz2OvSjYn27ssw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
jquery.min.js
carnivorousnutty.xyz/xtd2/index_files/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/jquery.min.js
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2745
etag
W/"1762e-5dcc8a0985a14-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKAq4hYmo%2B7acUG68qpaqQ5BWhqO0ZLUF62LdSew6ai7plbErP2LLJ4D2r5S5Q66R4S7DRjr%2Fzfhu9XOTcOKhBFu5JpDYBcnqQkoI3F45%2FcIH1eFYNl9kHVNPljzlfCn61SDo3FFAGBFPeCGgScdn%2Fjf5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75d4142b4dfa8cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
customredisp2.css
carnivorousnutty.xyz/xtd2/index_files/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/customredisp2.css
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e4778d67af01fff1ac82f76c845fe08d7d0617d214464cdcb11b2b73393b0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2745
etag
W/"4075-5dcc8a0650550-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXMoWMAUgMH%2FF21hz%2BeTKR5C%2F8Yx%2FvFyRPNDObtmiXwFLSO9vBMYuAs7PtfMLV0uL0%2Ft8U1JDavzg7PORgGYMw8ED363CbMbmy3JPAav%2FxNTX%2BDQXUIymML7NUx9JEs0rau252ThivQ0iPDlgGva0rHgCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
75d4142b4dfd8cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
domain.js
carnivorousnutty.xyz/scripts/ 		640 B
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://carnivorousnutty.xyz/scripts/domain.js
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b25a9111f56c00feb8e3b53ecae0365546939819187e48e2d632a7c71a2486e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:09:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2745
etag
W/"280-5dcc89885ec75-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uj%2FZtgkncdFcjO1KHDCc%2BrP97Wo%2BKfkHdZdDtpG%2FYpidlC6ko76h03lHDZwqc7fg2bTpKPOeF%2FXzy4U4avhNETht9Je8WwBnHhDzSEYA3pCMh8m5vUDrXfpsfFUe%2B41ApmSejxXwu8trbVtzOpRog0gzHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75d4142b4dff8cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
back.js
carnivorousnutty.xyz/scripts/ 		583 B
760 B 		Script
General
Check archive.org
Download Go to
Full URL
https://carnivorousnutty.xyz/scripts/back.js
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f18f4b5b6eb5e4f2902c34cf80f50e28eefa95fa6197d367a95857b07fe0bf0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 02 Oct 2022 02:12:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2745
etag
W/"247-5ea03c1d10628-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W53eGVspsq8EfwR%2Foh5BZ7K%2BZuaS2ufB5UaT0Bm5LFgldETl8mCaAh7W7k2EM0ON9th5rejsVzkaRERcbUhRBZ1d8uMfZGs%2FDnvYJOEmY6mBF95a9580%2BhDuITK2hAbOWdfmYQRHcpbjeRVy6bnwG4qhpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75d4142b4df88cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
notify.js
carnivorousnutty.xyz/scripts/ 		426 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
https://carnivorousnutty.xyz/scripts/notify.js
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f935adcbb4c8edfe805a0c8d15f557e6a79ea9ad9d5a5c697e39dd94a5793692

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 15 Jul 2022 16:28:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2746
etag
W/"1aa-5e3da820080c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNyFi3GWeGJ7cltWL9SGV8AReegYaEhoZ6ntvG2MGTUSCAaqKQ3Wnx%2BFvzGQ0yJz0rooPahL5hy6AfKcj%2B3mtOQH4aRYnXnfLrkWk7AGlBX9NrMlJS79ETJ92IDvxnc6wu20gyC2bnTBl%2FAxpLV6tQY%2B2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75d4142b4df28cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
us-b3.png
carnivorousnutty.xyz/xtd2/index_files/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/us-b3.png
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e18ade1f87a76d993308400b8e000c8af7ae7df993527a7aeda2b5aef0e5a86

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2744
etag
"15cb-5dcc8a0941451"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAjbTgLENxGwhoz9%2B47gyzQhXAv2p%2FQzEtB1c5lLIYYq5V1SaLRsxeU2whlHc%2FF1YLceFmr4mqt%2F2jFA12LdaQ0p1YvyGI9v4fWmKnCjjdG6EtuINb0AusRnXuaZYkCd7KsSp55hl%2F%2BlVtYD1uaxQFBuyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75d4142bef628cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5579
loading.gif
carnivorousnutty.xyz/xtd2/index_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/loading.gif
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735ee02711d4d62d8cfba0c075237f227491a044441540d39f8c8203ccd54cea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2744
etag
"5b1-5dcc8a08dea2d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30666cQVPymW6d8RNYwogqsmGHanjV8CWYGIByU5cplocct7lD%2B9yXvz7tBhDoXh7BGuBe7cTrsDfFregkLJWApqYtU4TQ0xpu3kPd96ZfWfLcq60yljBXZp8BkalLxAlnGDl9yRieLOoyW2BVjQcpguug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75d4142bef728cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1457
fb-check.jpg
carnivorousnutty.xyz/xtd2/index_files/ 		646 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/fb-check.jpg
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fccb5c96c54856548fbad584f0e41f72313b94b33ec32d328985b3267f4035e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2744
etag
"286-5dcc8a08389e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y81GhJDbRnZLJkPBF7xQFrJONjArPQ5ZGC79ikxSI9wiDnVlPNjhWgEJ%2BzHnNc5vrqMgUb%2Fxt2JG4jkVj%2BqjrvSE3qnGJyw%2B0aNcafs6pKO1LiweGTAWc7EsgGhYYLl4FvpPSH6RAVjGQP%2BR00N5vzz7jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75d4142bef778cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
646
5.png
carnivorousnutty.xyz/xtd2/index_files/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/5.png
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f802d314b51ab2b5d692ee180db50de925778f5b8b1e4aa99e03ebbcc22b3f6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2744
etag
"9b6-5dcc8a04a87fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2Glabp4KPWmIGOcn9UQc0KsqKR3zgZKm702jTFeMG95Pwf5BtPz%2B8YuWXPj1mRYo7cSGE0cLPDThIDgLXZtjmT9qMqJLboMg86l2orPo9jGP3K8oYiIpu0VikhvBkFaogi9eAfX8sd1m%2BfuaXgw38fbzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75d4142bef7a8cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2486
cart.png
carnivorousnutty.xyz/xtd2/index_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/cart.png
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d894003d6071be103ca497c54461c500d2656e88003dd0afed8cdc0ed7bffe3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2744
etag
"4be-5dcc8a05620c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5V%2F6vFDn3%2Fn8Hx9FGDDbS%2FHiU0s3M74F%2B9iOJDNxfrDuj%2F4cbAQgZLKLHQjaXO%2BPu0mSBWo52SjIiZC0gGaSdrh%2B59i8WQXvd29ImWB5lO6yOxUBJ0XBrvLwx7ruqEimJFvBx04FEDnPR2Ha0Vs6DVWARA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75d4142bef7d8cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1214
cartblack.png
carnivorousnutty.xyz/xtd2/index_files/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/cartblack.png
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb640067b5d233f221c2a280bb5be089cc087a872941ae5f588f8230b60bee40

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2744
etag
"407-5dcc8a059f928"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3ywgVL05ld91V5AYeGVr391gEs8uFuAwVMXrhBbZnthmt4LfIdCHDGGTDhn33EAWTtD9T%2BBsB7CXlrKZVwhh3RTNkz7DiF5LpZuE0yi%2BCn6n354LH7hcn%2F7T5sP4ddRwhJiVnQoF0nrvIVxFKkQLl%2BFTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75d4142bef808cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1031
f1.jpg
carnivorousnutty.xyz/xtd2/index_files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/f1.jpg
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b60afc8548639623f2395f3f828b2ea05d029d0218b9632ee85909ef8071f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2744
etag
"607-5dcc8a06ad1b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoWJ4W23PT52OnwGuD9Thsx3fO6LDz%2FiAR8OJMLpEMV%2FLI9xGKD6aiDXF47B3SeupWSC%2F3mKk6HQraTkrHt4gghS0LSQa65Qh0GIeW59P1yv1GbQErFmUJcuAaCjkupB%2FJRXQpjTFmjtysP6JX%2BDN8MT%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75d4142bef848cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1543
f2.jpg
carnivorousnutty.xyz/xtd2/index_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/f2.jpg
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0c81aa2f2e5fda1c499501edad4927ade4d57d5d31887c076e5769e9ea2866

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2744
etag
"43e-5dcc8a06eaa17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kojr3ZH5pkXBQ1MEi0T8kKjT447y7V0D0LODUA1Ev1P2fJco5dqHdT72XWP82zAFOmhmIYRN%2FqDcImigqOCvF9gvFlcS%2F0Jg9H9%2FzhpdUFeKi%2F0e2AGpoxaruAnWM3HkIkyIsHVbZV9tqspmO5YNZvLOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75d4142bef868cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1086
f3.jpg
carnivorousnutty.xyz/xtd2/index_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/f3.jpg
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
596505ae2d99cbcc964752ea4c998a6b51c5c829c6b8befd5ec5e90571ac6c0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2744
etag
"5f6-5dcc8a073e9da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJU58Mogyxbm1ilcmO2AunYLBSjoRdedb4Mbzb6cAMidoQFZDUVEpQk27289YsIb6aMcZhZiFgxVXS6K3zfgAosWW2CDvODb2Be1%2BcK9Ni0fD9rM33l2VHyjnPzZFym8PHJxH4koYNxIiyui%2BObHw1WzbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75d4142bef8a8cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1526
f4.jpg
carnivorousnutty.xyz/xtd2/index_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/f4.jpg
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c6c0ed2601deeefd179e1922d9f017701169372b21079f842fc67e44022a126

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2744
etag
"4a4-5dcc8a07919fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CO3uVcyHIJTJGIzKRa%2BoJhQX8W5fTwizw5nCjGhxYAaykov6TvmcZOyM0LvtSg6e2VGMO7MX4eCWrfYm7BVIVI%2FMi9J3R%2Be2repWJONSRLEyL5Kpr6Hw9KVcMMr7BL42ir3Arzbk%2Fxf39UATU0BHgSpeAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75d4142bef9f8cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1188
f5.jpg
carnivorousnutty.xyz/xtd2/index_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/f5.jpg
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a15c7fd6cff51cb3a08a1b705e578578f16f316835547063e9298a27257936b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2744
etag
"577-5dcc8a07acf7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dlHxHO%2BkYqALdUHgG6I5n5QaMMZdblBkVGH%2BSp86dpAXyl22JtGiUwK%2FSfvP9FvblHKcl9bQ1vO2BDr09Zdc9dzbgSTqPVPwoGSCAfAMcRHJiX%2B062S0tWJMjxcEXkjoT3hqxCwibGQDTz8TG6n0WMveQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75d4142befa08cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1399
cc.png
carnivorousnutty.xyz/xtd2/index_files/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/cc.png
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c54b3acd031d174f96f8b939e7636cab350422c68d197442d345594c6d243ec3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2744
etag
"266d-5dcc8a0669b91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hciR%2FLKyZQLwrHcOmYtSTFffDay2urVOXoYOxcFtr%2BHJXtqpphYLlZ75Y1%2F%2BNpf6vuiGi2tOsbrP5PH3E9%2F2of3PnJYSUGJOTy%2FFDytu4ow3nvrUnBEXKzIkBbWzJqXItGtutfPQtFej7G%2BnHcgIGTvbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75d4142befa38cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9837
logo.png
carnivorousnutty.xyz/xtd2/index_files/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/logo.png
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b06e992ce8a64600cc04f4bb64c920395239e5e4a873a2e0da9bab9b42371a45

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2744
etag
"15dd-5dcc8a08ef3cd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnN1lqOYhWGMwLOl2kRLEgFkv1EVwYtehxHuQjGKqgNC4nCRSCl9dYWNH02Rjbao3Q5JLtNm%2BstSVJpKk9hQwrjLJFo2%2FhCgBslA8yWkvKimboB6pIX0ydIcppmrxbI5S2X4%2BT8yOgsDAfNnF1pH8VjkSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75d4142befa88cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5597
offer.js
carnivorousnutty.xyz/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://carnivorousnutty.xyz/scripts/offer.js
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ccecd4cce4d6c6787970bcb68be90f40c37cf4be371540b6160c1484ee21756

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Oct 2022 08:50:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2745
etag
W/"2585-5eb736a66fbb1-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thpA8Ym6NUCVB0Ho8XFM%2BsBghPP5KXzTsVIwR7RzSnh3oPumnErhxdQQVaE7jpIsCT3BDe%2B%2BFebqxlrnoJbNYlk%2FRgg3D7blv4fU97WlK%2B%2FwHU9CKipe1rI3p5uEde8o9lARqjtBFRz0YWTbo6tE%2F6jWuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75d4142bdf3e8cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
custom.js
carnivorousnutty.xyz/xtd2/index_files/ 		1 KB
873 B 		Script
General
Check archive.org
Download Go to
Full URL
https://carnivorousnutty.xyz/xtd2/index_files/custom.js
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e3a26d11e45613a399c3fcb630924bc4662c8938f0703b36e9ae12b608889a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 17:12:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2745
etag
W/"44b-5dcc8a05efa6c-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDgZWlVWR6Pj3L4CEDnPUZbLa4MRkck5c%2BNy9Xm9gcTbZ%2Fz3eiHxNfOKnvTMsWgbGA1Q7FFvJjaVaqNcWXIiBnlYG%2BcLCHDAcih73HDb3mVrJMbh4coRaShB0XB3sMWnCEadds07ixfMhIzSYzVBnKYYVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75d4142bef588cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
48epxpqd5x
trk-consulatu.com/scripts/push/script/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-consulatu.com/scripts/push/script/48epxpqd5x?url=carnivorousnutty.xyz&alturl=/xtd2/
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/scripts/notify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dd78386b21abb7c647d95a33e6c0f1ad2e4e2f169604b5bb9ee54ee786d1d36
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21chZqnjIl0ZEz757%2FAtmAahO5uRqXany8pS2oddXecO87Amr1MsUuspHenNqbB8R%2B12kqfMuuolWuGKGhzv8OXr%2BzCCWiVOM6UUQW0wXzm2b%2B7ou4B%2FpHZM7wJBbrncyPinnX1%2Fr1Je8A6BKpthUw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-ray
75d4142c897a187d-EWR
expires
0
attbg.jpg
carnivorousnutty.xyz/xtd2/images/ 		282 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carnivorousnutty.xyz/xtd2/images/attbg.jpg
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c3510b05afa9c309ea3c7192bb6759e3ae84e8615677603e8a8172d4cbf61a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
89
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nbi7L2LILzaQnbOYa0xdALGxc%2Ffr6Uyv0m%2FTfx0Qjj4hdr1wDvouHAvsXR5i4oRxElNZzkCJW4mBF%2BNUc1ffDFuLvusfM8ZcAQY1Lz1c4TXI%2FleNFhVh8WalH3pwWLre79NI3M3HOHVx6I7XnXwDbGj3Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
75d4142befaa8cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
applewatch.png
carnivorousnutty.xyz/scripts/products/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carnivorousnutty.xyz/scripts/products/applewatch.png
Requested by
Host: carnivorousnutty.xyz
URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:412c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bd2dbfd8018437f4a6ce72b9641ed80bca0cefe604f7697072c630e3308f8bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:14:50 GMT
cf-cache-status
HIT
last-modified
Mon, 03 Oct 2022 12:47:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2744
etag
"df1f-5ea20be976840"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypzgrqvypQD%2FLaJUME8fDONqFedWthz5vNIR6rpa%2FNo7m2y%2FCUV2BSDaQlyOnS75tJZ0BZGdQZKsSexXRK0LS8EhXCmx5%2B%2B8FFccJfRwTHiPvCNsukQV50HFP%2FNbpbR9nRcX4%2F8epr3Asc%2BBG%2FaYBvDdFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75d4142c89708cb3-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57119
64d5k5ymdj
event.trk-consulatu.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/64d5k5ymdj
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/48epxpqd5x?url=carnivorousnutty.xyz&alturl=/xtd2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:a903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://carnivorousnutty.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Thu, 20 Oct 2022 19:14:52 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmkAbXoohN2hqbO8HKfBDrgh6jIHe7hyceBVG66qaxNyV%2FEXMCNUEaPIVvQMQsJtksSXjmdZmt75cmhaRdN49iXBRJyET9QAw2zlpIWayt5x2ci6nsoXANCUEc6EBFyjQgNHeMzje7kOLyMPPjO8v9qI8CnqBw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://carnivorousnutty.xyz
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-ray
75d41434fdc117e5-EWR
x-pushplatformapp-params
64d5k5ymdj
event.trk-consulatu.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/64d5k5ymdj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://carnivorousnutty.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://carnivorousnutty.xyz
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75d4143488889e02-EWR
content-length
0
date
Thu, 20 Oct 2022 19:14:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nPvFS%2B3r4ZuhF2klW7jnstXtc5wKEq6ndmeGQNZ%2Bh0tLbcSTihkiUnLZ4Yyrnd7X%2BWIN%2F%2F%2FZ3YXLoFw%2BTjR1oxoCwmndE1thhylBEqkUai85f4Z8XZM8AYgQOEuIUKRf%2BaQVLPus7n6meZUiWABPF4FWwg6AA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
64d5k5ymdj
event.trk-consulatu.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/64d5k5ymdj
Requested by
Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/48epxpqd5x?url=carnivorousnutty.xyz&alturl=/xtd2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:a903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://carnivorousnutty.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Thu, 20 Oct 2022 19:14:52 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIsOqsMODa2yG7vbzAhs%2B2ePa3dE%2Bz4Wy9RhPrt8QxCygeeF%2B%2BKV3OWoOqBnVkZcwFUUSb0k9rrlEmBR8sB2wQEUfsaPe7Q6Q3F9v2uIiAYjZW5Zr9Db8nyIKwl35EBrOP5YigsaZe7lcRsgpmgPAQt5Czs5fg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://carnivorousnutty.xyz
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-ray
75d41434fdbf17e5-EWR
x-pushplatformapp-params
64d5k5ymdj
event.trk-consulatu.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-consulatu.com/register/event_log/64d5k5ymdj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://carnivorousnutty.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://carnivorousnutty.xyz
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75d41434888d9e02-EWR
content-length
0
date
Thu, 20 Oct 2022 19:14:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9r%2BupZe22%2Bnw0lPtrzCuqYnbfIFzef0wEGE14YHMlJw4pGerPfUKo%2F1xwvw1gsikteOc8lI48lvzBbTj8cRCqKM48vw5NsXHPfe1L4vYHbP67KZ%2Bg1TKNk62lnwSieLGu9wBdaa2SpuC1lyO5EaXFrormKWxaw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| months object| days object| time object| d string| dateNow undefined| c1 function| socle function| $ function| jQuery function| getURLParameter object| x function| hidpopu function| exit5minslayer function| closeexitlayer function| nextQuestion function| drawszlider function| selectReward function| showModal object| comments number| slidewhere number| holvanszlider object| mydate number| year number| day number| month number| daym function| getUrlParameter function| getContext function| category boolean| getisp string| myisp object| getContent string| prodName string| prodImage string| prodDesc object| getprodName object| getprodImage object| getprodDesc string| productDesc function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore

4 Cookies

Domain/Path Name / Value
phantomoff.com/ Name: uclick
Value: wf1nb7pm
phantomoff.com/ Name: uclickhash
Value: wf1nb7pm-wf1nb7pm-ojj2-0-4k-e8-g6-aedb5a
sugaryspecials.com/ Name: uclick
Value: u3qd8w8w
sugaryspecials.com/ Name: uclickhash
Value: u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf

2 Console Messages

Source Level URL
Text
network error URL: https://carnivorousnutty.xyz/xtd2/images/attbg.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://carnivorousnutty.xyz/xtd2/?oid=109&dom=sugaryspecials.com&lpkey=1631664229f5350394&uclick=u3qd8w8w&uclickhash=u3qd8w8w-u3qd8w8w-tw-0-gxwj-ik3y-irbl-d6aacf
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

carnivorousnutty.xyz
event.trk-consulatu.com
h6q6b.com
phantomoff.com
sugaryspecials.com
trk-consulatu.com
2606:4700:3031::ac43:b9dd
2606:4700:3033::6815:309
2606:4700:3034::6815:412c
2606:4700:3035::6815:8b7
2606:4700:e4::ac40:a903
01e3a26d11e45613a399c3fcb630924bc4662c8938f0703b36e9ae12b608889a
15e4778d67af01fff1ac82f76c845fe08d7d0617d214464cdcb11b2b73393b0d
18b60afc8548639623f2395f3f828b2ea05d029d0218b9632ee85909ef8071f4
2b0c81aa2f2e5fda1c499501edad4927ade4d57d5d31887c076e5769e9ea2866
3c6c0ed2601deeefd179e1922d9f017701169372b21079f842fc67e44022a126
3e18ade1f87a76d993308400b8e000c8af7ae7df993527a7aeda2b5aef0e5a86
596505ae2d99cbcc964752ea4c998a6b51c5c829c6b8befd5ec5e90571ac6c0a
5bd2dbfd8018437f4a6ce72b9641ed80bca0cefe604f7697072c630e3308f8bb
5f802d314b51ab2b5d692ee180db50de925778f5b8b1e4aa99e03ebbcc22b3f6
6d894003d6071be103ca497c54461c500d2656e88003dd0afed8cdc0ed7bffe3
735ee02711d4d62d8cfba0c075237f227491a044441540d39f8c8203ccd54cea
7a15c7fd6cff51cb3a08a1b705e578578f16f316835547063e9298a27257936b
8bfde7ba37456eda08255234405bbf6838e81069c2db7b08f3553d91ff309e59
8fccb5c96c54856548fbad584f0e41f72313b94b33ec32d328985b3267f4035e
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
9ccecd4cce4d6c6787970bcb68be90f40c37cf4be371540b6160c1484ee21756
9dd78386b21abb7c647d95a33e6c0f1ad2e4e2f169604b5bb9ee54ee786d1d36
b06e992ce8a64600cc04f4bb64c920395239e5e4a873a2e0da9bab9b42371a45
b25a9111f56c00feb8e3b53ecae0365546939819187e48e2d632a7c71a2486e7
bb640067b5d233f221c2a280bb5be089cc087a872941ae5f588f8230b60bee40
c54b3acd031d174f96f8b939e7636cab350422c68d197442d345594c6d243ec3
e3c3510b05afa9c309ea3c7192bb6759e3ae84e8615677603e8a8172d4cbf61a
f18f4b5b6eb5e4f2902c34cf80f50e28eefa95fa6197d367a95857b07fe0bf0f
f39d9b2f6b7bcfe92ad810deb3eb95eb3a4d964305eb2ab78cb0f193ecb1f98b
f935adcbb4c8edfe805a0c8d15f557e6a79ea9ad9d5a5c697e39dd94a5793692