adrlfw.cfd Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://gnemof.cfd/8WwWgwhE?s=11&t=wa Page URL
2. https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	8WwWgwhE Show response gnemof.cfd/	3 KB 1 KB	324ms 244ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gnemof.cfd/8WwWgwhE?s=11&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 700985b6aa0037ac0547cd776a3ae113e907f66c346398938e1bbf0b4455d026 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 81464b0d8fc466c4-AMS content-encoding br content-type text/html; charset=UTF-8 date Wed, 11 Oct 2023 10:06:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqTrF%2FG3tl%2Bfs4vWCTaSk751q%2FABKHsgNtw33%2BFEp2B6S74kzrlN9YeJmwujtxzvwIPxC%2B6oFa4eI2JVCn7bn99xGfd8qP%2FzWcj2B0pPtVXorRBqOU0sHU3pNz3t8l523F9ovd7A4to%2F"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.1/	94 KB 33 KB	182ms 58ms	Script text/javascript	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Requested by Host: gnemof.cfd URL: https://gnemof.cfd/8WwWgwhE?s=11&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gnemof.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 07 Oct 2023 18:17:51 GMT content-encoding gzip x-content-type-options nosniff age 316144 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33434 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 06 Oct 2024 18:17:51 GMT
GET		jquery.min.js yrhfxu.cfd/js/	0 0
GET H2	200	jquery.min.js adrlfw.cfd/js/	29 B 550 B	145ms 71ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adrlfw.cfd/js/jquery.min.js?1697018815&_=1697018816095 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://gnemof.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 10:06:56 GMT cf-cache-status MISS last-modified Wed, 11 Oct 2023 05:39:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65263529-1d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgAgXzw49kD4u%2B9gAnv2NXRYAZTkZajYtUbci2sO53QtvePcjrL7IjopRtQYUJQFAW3k57bEanaoiNf6q9sU%2Fd4caqrSO8VAh9JZGHEQhMFYDhk9NM07qjeuCzbFoGDd%2B%2BaYeqRHNP4q"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 accept-ranges bytes cf-ray 81464b113e275c4c-AMS alt-svc h3=":443"; ma=86400 content-length 29 expires Wed, 11 Oct 2023 22:06:56 GMT
GET		jquery.min.js hqefzo.cfd/js/	0 0
GET H2	200	Primary Request 8WwWgKF4 Show response adrlfw.cfd/	79 KB 17 KB	59ms 59ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Requested by Host: gnemof.cfd URL: https://gnemof.cfd/8WwWgwhE?s=11&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e285e562071b323473301704680e0659f76ab0ed850cd0debdb830c87b7ec23e Request headers Referer https://gnemof.cfd/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 81464b11ae815c4c-AMS content-encoding br content-type text/html; charset=UTF-8 date Wed, 11 Oct 2023 10:06:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2hTSZq%2Ffzn5wd5cmFuBGPzYZCgdQUkayGM4Bo7HzovHI8HvQdwLiiCsJSaqpKvAvpa2xPyxdqTZgw9KuNQfCgep5KOgLOdy8zvFj1XvOO34CwKaHzPsOkrsq0e66zdonmYvb7H2J8MF"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.1/	94 KB 33 KB	58ms 58ms	Script text/javascript	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Requested by Host: adrlfw.cfd URL: https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 07 Oct 2023 18:17:51 GMT content-encoding gzip x-content-type-options nosniff age 316145 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33434 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 06 Oct 2024 18:17:51 GMT
GET H2	200	sweetalert2@11 Show response cdn.jsdelivr.net/npm/	68 KB 19 KB	93ms 37ms	Script application/javascript	2606:4700::6810:5614 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/sweetalert2@11 Requested by Host: adrlfw.cfd URL: https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e40bead9cdb36412578196519d28035ee67c47d109d18e7e216f0da55be1e3a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 10:06:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 95 x-jsd-version 11.7.32 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230029-FRA, cache-jnb7026-JNB x-jsd-version-type version server cloudflare etag W/"110ad-1vwpTWZ+mHiuDTzQ9wZKrTHZo2Q" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5G8bewrmP3q%2Bxc5fNZyLZ49d%2B2MZId1n3iciBRIxMjhZ6cX4qFiK8lsEm7O5elE9EMhOFUOnJO1TWANeijzykZZghPyksOzmbkZQWfWzEjAbhOuJziCeSvLDmuVmXfPDoC%2B0tAPN3P4KPlcsjp0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 81464b126a8f6723-AMS
GET H2	200	5DH5zvB.jpg i.imgur.com/	51 KB 51 KB	112ms 35ms	Image image/jpeg	146.75.116.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/5DH5zvB.jpg Requested by Host: adrlfw.cfd URL: https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash d6c853fb5f4353dcdbed13947a829c0e4b7d2b3688ddcd3cd32cefe0725d82de Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 10:06:56 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop MIA3-P5 age 718136 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT, HIT content-length 51915 x-served-by cache-iad-kjyo7100109-IAD, cache-fra-eddf8230112-FRA last-modified Sun, 09 Apr 2023 21:41:08 GMT server cat factory 1.0 x-timer S1697018816.495003,VS0,VE2 etag "4c47fc8db1d8cde97f8d50161be394fa" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id eoIm60l9s6aUD9yWZtYyhH3GvfBWgsOFwNwVON1w4ihZWkmL7kyuow== x-cache-hits 28, 1
GET H2	200	ettte.jpg 1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/	34 KB 35 KB	134ms 33ms	Image image/jpeg	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/ettte.jpg Requested by Host: adrlfw.cfd URL: https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 6db87b82ec9f8123a70efd7a43fae49cfee29fa186c512e31f022615bf185395 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 07:06:16 GMT x-content-type-options nosniff age 10840 content-disposition inline;filename="ettte.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35100 x-xss-protection 0 server fife etag "v771" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Thu, 12 Oct 2023 07:06:16 GMT
GET H2	200	WechatIMG101.jpeg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkPHVmrPTgJbR1AIql97gXDjruWaNoUA0OnwI8u9GW6dMA8mfo2B_SAyTpbAkhKGKaw2JsHTn7kKzsr1LOxya6XKsp9aZ4YK9lOvaEhvxVZx8EcRyYN8Qp1EYAMXeLokFPRQZt4WUxlKi-RnrV...	19 KB 19 KB	300ms 213ms	Image image/jpeg	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkPHVmrPTgJbR1AIql97gXDjruWaNoUA0OnwI8u9GW6dMA8mfo2B_SAyTpbAkhKGKaw2JsHTn7kKzsr1LOxya6XKsp9aZ4YK9lOvaEhvxVZx8EcRyYN8Qp1EYAMXeLokFPRQZt4WUxlKi-RnrVnlIdzMGnkqnAbrBlTLmZZW-2PNdSh5nh15e4370ohQ/s200/WechatIMG101.jpeg Requested by Host: adrlfw.cfd URL: https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 62fc8e840163bc0625649a8702d0b12d2ca67c27cd6bfad0d6a364fbbe77f8d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 10:06:56 GMT x-content-type-options nosniff server fife etag "v7f" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="WechatIMG101.jpeg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19316 x-xss-protection 0 expires Thu, 12 Oct 2023 10:06:56 GMT
GET H2	200	WechatIMG100.jpeg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPUn58QK13XCZ4yp6b5H05SQgRSVpDwRpO1RIARD5MvH1t1vIJ8Ly3uvNuZJKdPQ8kjqB8mIWvjdzFNmLA5ca7qMHULzmQqViP_b1oQ3IbvIE9q-fy1BsxpzxJ_PBwy70nuJ1w-1L0QhTzojr7...	23 KB 23 KB	332ms 245ms	Image image/jpeg	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPUn58QK13XCZ4yp6b5H05SQgRSVpDwRpO1RIARD5MvH1t1vIJ8Ly3uvNuZJKdPQ8kjqB8mIWvjdzFNmLA5ca7qMHULzmQqViP_b1oQ3IbvIE9q-fy1BsxpzxJ_PBwy70nuJ1w-1L0QhTzojr77sVdL1cV3Beg_GrV3lkvQHU3uyZnfVviriAcmNCI_g/s374/WechatIMG100.jpeg Requested by Host: adrlfw.cfd URL: https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash b1eeeda8e1938e92fbd93a6d12f320a63d8311e3d63738a6b4d4ee7d305a3085 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 10:06:56 GMT x-content-type-options nosniff server fife etag "v7f" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="WechatIMG100.jpeg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23391 x-xss-protection 0 expires Thu, 12 Oct 2023 10:06:56 GMT
GET H2	200	1679643128398.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLdR_2PQqB59BLBJszfUC5NPs2Y3aiVmK9ECpdzSwTNxMSdDnUEzcyVFRn4tO0OyWI4Yue0fhU6i3g0z7CU4ECbFwxvQ0Z2lGyQjWurvMRWWgksF58WYrXRvjzKCm-sdO1QRKC131vTHwOEC_o...	119 KB 119 KB	505ms 418ms	Image image/jpeg	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLdR_2PQqB59BLBJszfUC5NPs2Y3aiVmK9ECpdzSwTNxMSdDnUEzcyVFRn4tO0OyWI4Yue0fhU6i3g0z7CU4ECbFwxvQ0Z2lGyQjWurvMRWWgksF58WYrXRvjzKCm-sdO1QRKC131vTHwOEC_oQXBu18kymC70yDuwtz9f3PVCOGTRkH3JiHyxVskh9g/s958/1679643128398.jpg Requested by Host: adrlfw.cfd URL: https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 4d0e5c5b3b22f96ac996c3526221306e2fdb55c4395139c70906b69ce0f9f805 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 10:06:56 GMT x-content-type-options nosniff server fife etag "v256e7" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="1679643128398.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 122018 x-xss-protection 0 expires Thu, 12 Oct 2023 10:06:56 GMT
GET H2	200	Whatsapp%2BDP%2BGirl%2B%252812%2529.jpg 1.bp.blogspot.com/-M9UfqNnbCLg/XjZcNnlB6sI/AAAAAAAANf4/QzxPat0qhac_W7sZu9BxzkEFYiwZPwjSgCLcBGAsYHQ/s1600/	21 KB 21 KB	170ms 71ms	Image image/jpeg	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-M9UfqNnbCLg/XjZcNnlB6sI/AAAAAAAANf4/QzxPat0qhac_W7sZu9BxzkEFYiwZPwjSgCLcBGAsYHQ/s1600/Whatsapp%2BDP%2BGirl%2B%252812%2529.jpg Requested by Host: adrlfw.cfd URL: https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash ddd79e024592b5ecf9edac3c1bb0bb33cb1c42124af3169b634b912885f3b625 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 09:23:24 GMT x-content-type-options nosniff age 2612 content-disposition inline;filename="Whatsapp DP Girl (12).jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21272 x-xss-protection 0 server fife etag "v3623" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Thu, 12 Oct 2023 09:23:24 GMT
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	996ms 417ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?75118d5c4d5d256293ab29d578dc7b5f Requested by Host: adrlfw.cfd URL: https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 742b3428f58e1802eed2899b601089ff2724109ef1d5b076bf6c2a1b23c1ee3c Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Wed, 11 Oct 2023 10:06:57 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 51404fd8365f0f592090b4a3263da727 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11253
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	997ms 418ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?cb4e35413cbb8dec1d1e47b6d40f5baf Requested by Host: adrlfw.cfd URL: https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 164eabbebdc1dac4d09a00d32dc09bf61667d16a6d6b0c9cd912b72251d69ec4 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Wed, 11 Oct 2023 10:06:57 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 20be6f17a3272a1f301ece7a27df9e42 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11254
GET H3	200	8WwWgKF4 Show response adrlfw.cfd/	79 KB 17 KB	79ms 79ms	Script text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Requested by Host: adrlfw.cfd URL: https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b094e314b162fa58c2be714ebfa5e13d311aba464e88fa39135ea36b60d3d49 Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/8WwWgKF4?st=11&t=wa User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 10:06:56 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzPXUSonmDgbJ56zW%2Fsh2mVfhqd2NYGwX1KfhssU%2FpSEi8PAD1eQOTMCZnSkKIp684ldJXRsaP3wtYWg1%2B6iRoGNIKNoi7ogxn7k0NNMg5iItlUbY04BA74iElvBwYMcy7VOIf%2FP206P"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 81464b12ad950b81-AMS alt-svc h3=":443"; ma=86400
GET H2	200	jquery.min.js Show response hfeudj.cfd/js/	29 B 551 B	312ms 235ms	Script application/javascript	2606:4700:3031::6815:3df7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hfeudj.cfd/js/jquery.min.js?1697018816&_=1697018816398 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:3df7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92b98afb1032fda85be6aaa0c0973e08e4befcf31a2dd86858005005d039114e Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 10:06:56 GMT cf-cache-status MISS last-modified Wed, 11 Oct 2023 05:39:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65263529-1d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVtAB85wm8AKhtJVfKpGpLU1r9%2Fokv2mYEf1M7jSxdxFJxotV04YU9TBEMK2oJ5iCxvkLcKF9TZiZjECMs%2BuTxxFJDMP95%2BHmRixthAI7HxprQcLKH6WNJHxQo8yoY3VxR8DEEXbZCKB"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 accept-ranges bytes cf-ray 81464b13d8880bdc-AMS alt-svc h3=":443"; ma=86400 content-length 29 expires Wed, 11 Oct 2023 22:06:56 GMT
GET H2	200	jquery.min.js Show response xokius.cfd/js/	29 B 549 B	156ms 77ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xokius.cfd/js/jquery.min.js?1697018816&_=1697018816399 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92b98afb1032fda85be6aaa0c0973e08e4befcf31a2dd86858005005d039114e Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 10:06:56 GMT cf-cache-status MISS last-modified Wed, 11 Oct 2023 05:39:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65263529-1d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mx4Q8g%2B40qrgghMKw6e4xTD9tmJ4vSRh0dvBBC7nBVEZeY08sNQlMyDJEmIjr5Y8DZcJjmzVkWhC7%2FNFIngrMXLCYKkfLwC3VLnxswBx0QvuR8RKnaPWsaFjpfi6QqJpVBfnAYm7tq7q"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 accept-ranges bytes cf-ray 81464b13dfb90c39-AMS alt-svc h3=":443"; ma=86400 content-length 29 expires Wed, 11 Oct 2023 22:06:56 GMT
GET H2	200	jquery.min.js Show response cloefg.cfd/js/	29 B 552 B	617ms 541ms	Script application/javascript	2606:4700:3037::ac43:cfbd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cloefg.cfd/js/jquery.min.js?1697018816&_=1697018816400 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:cfbd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92b98afb1032fda85be6aaa0c0973e08e4befcf31a2dd86858005005d039114e Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 10:06:57 GMT cf-cache-status MISS last-modified Wed, 11 Oct 2023 05:39:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65263529-1d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xU1gUAtf4PIsEM%2FdlRxjte6yyEhPppSjm1EoH4SegRDitNgZ%2B%2FVJzpOUe0rDSBNSfJFnoZRytFSUIOzwG%2FNn6eSde3u6gxKk%2FZyx46bXd28dBlYNefGIhZrOzcx7DxG2u9o0f44pBfKf"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 accept-ranges bytes cf-ray 81464b13df5b6673-AMS alt-svc h3=":443"; ma=86400 content-length 29 expires Wed, 11 Oct 2023 22:06:57 GMT
GET H2	200	bootstrap.min.js Show response ajax.googleapix.com/bootstrap/libs/	1 KB 1 KB	401ms 331ms	Script text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapix.com/bootstrap/libs/bootstrap.min.js?_=1697018816401 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a25c4bd3e6b542e9dfd1fa9d565b9324d9fab60b6e88afbd916d40a6d3aec7ca Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 10:06:56 GMT content-encoding br cf-cache-status MISS last-modified Wed, 11 Oct 2023 10:06:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqQqsvxVZyDdkCEB8JvDxGYNLqBhQMGS4h8S0wMJX0vuHM9Jv5cYn7SeeEhjoYC0et%2BJWmcbz7ktNSAfA2e07JmdiU71FD7Cps6roa1Yjwc9LZTJr2rOMMj9dTrNreNf6WQCkbV%2B%2BD2HjJmwaUX%2BJdip"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 81464b142e1b66be-AMS alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	393ms 393ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2117588393&si=75118d5c4d5d256293ab29d578dc7b5f&su=https%3A%2F%2Fgnemof.cfd%2F&v=1.3.0&lv=1&sn=55528&r=0&ww=1600&u=https%3A%2F%2Fadrlfw.cfd%2F8WwWgKF4%3Fst%3D11%26t%3Dwa%231697018817021&tt=De%20uitbetalingen%20van%20financi%C3%ABle%20hulp%20beginnen Requested by Host: adrlfw.cfd URL: https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Pragma no-cache Date Wed, 11 Oct 2023 10:06:58 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	389ms 388ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=15965464&si=cb4e35413cbb8dec1d1e47b6d40f5baf&su=https%3A%2F%2Fgnemof.cfd%2F&v=1.3.0&lv=1&sn=55528&r=0&ww=1600&u=https%3A%2F%2Fadrlfw.cfd%2F8WwWgKF4%3Fst%3D11%26t%3Dwa%231697018817021&tt=De%20uitbetalingen%20van%20financi%C3%ABle%20hulp%20beginnen Requested by Host: adrlfw.cfd URL: https://adrlfw.cfd/8WwWgKF4?st=11&t=wa Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Pragma no-cache Date Wed, 11 Oct 2023 10:06:58 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 11 KB	388ms 387ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?6fa809bf645b77705eb42935c3b09b08 Requested by Host: gnemof.cfd URL: https://gnemof.cfd/8WwWgwhE?s=11&t=wa Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash c48a56924d5756d0d72ade817eab437a88b4bc27ad133f18745e52430204ac19 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Wed, 11 Oct 2023 10:07:02 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag fb3522b4f920cc7f2a94e31760491b83 Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11256
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	426ms 402ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=195183924&si=6fa809bf645b77705eb42935c3b09b08&su=https%3A%2F%2Fgnemof.cfd%2F&v=1.3.0&lv=1&sn=55533&r=0&ww=1600&u=https%3A%2F%2Fadrlfw.cfd%2F8WwWgKF4%3Fst%3D11%26t%3Dwa%231697018817021&tt=De%20uitbetalingen%20van%20financi%C3%ABle%20hulp%20beginnen Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://adrlfw.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Pragma no-cache Date Wed, 11 Oct 2023 10:07:03 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

yrhfxu.cfd

URL

https://yrhfxu.cfd/js/jquery.min.js?1697018815&_=1697018816094

Domain

hqefzo.cfd

URL

https://hqefzo.cfd/js/jquery.min.js?1697018815&_=1697018816096

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| set_Cookie function| get_Cookie function| $ function| jQuery object| _hmt function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| prevent function| rset_Cookie function| rget_Cookie number| st string| landingDomain string| _0xod2 object| _0xod2_ object| _0x346c function| _0x4853 object| DOMString object| objServer function| deadline function| enviar function| tip_text function| messageToSend number| counter number| counter2 number| seconds object| adsLink function| sharecount function| hh1 function| jp function| fh number| testtimeyouarefastest string| baiduid boolean| _bdhm_loaded_75118d5c4d5d256293ab29d578dc7b5f object| mini_tangram_log_whh4l5 boolean| _bdhm_loaded_cb4e35413cbb8dec1d1e47b6d40f5baf object| mini_tangram_log_gekrdp

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.gnemof.cfd/	1970-01-20 15:23:38	Name: godomainl Value: adrlfw.cfd
			adrlfw.cfd/	1970-01-20 16:06:50	Name: reg Value: 1
			.adrlfw.cfd/	1970-01-20 15:23:38	Name: godomain Value: xokius.cfd
			.hm.baidu.com/	1970-01-21 00:59:38	Name: HMACCOUNT_BFESS Value: 9BA81DFF437969B7
			.adrlfw.cfd/	1970-01-21 00:09:14	Name: Hm_lvt_75118d5c4d5d256293ab29d578dc7b5f Value: 1697018818
			.adrlfw.cfd/	1969-12-31 23:59:59	Name: Hm_lpvt_75118d5c4d5d256293ab29d578dc7b5f Value: 1697018818
			.adrlfw.cfd/	1970-01-21 00:09:14	Name: Hm_lvt_cb4e35413cbb8dec1d1e47b6d40f5baf Value: 1697018818
			.adrlfw.cfd/	1969-12-31 23:59:59	Name: Hm_lpvt_cb4e35413cbb8dec1d1e47b6d40f5baf Value: 1697018818

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
adrlfw.cfd
ajax.googleapis.com
ajax.googleapix.com
blogger.googleusercontent.com
cdn.jsdelivr.net
cloefg.cfd
gnemof.cfd
hfeudj.cfd
hm.baidu.com
hqefzo.cfd
i.imgur.com
xokius.cfd
yrhfxu.cfd
hqefzo.cfd
yrhfxu.cfd
103.235.46.191
146.75.116.193
2606:4700:3031::6815:3df7
2606:4700:3037::ac43:cfbd
2606:4700::6810:5614
2a00:1450:4001:813::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:830::200a
2a06:98c1:3120::3
164eabbebdc1dac4d09a00d32dc09bf61667d16a6d6b0c9cd912b72251d69ec4
2e40bead9cdb36412578196519d28035ee67c47d109d18e7e216f0da55be1e3a
4d0e5c5b3b22f96ac996c3526221306e2fdb55c4395139c70906b69ce0f9f805
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
62fc8e840163bc0625649a8702d0b12d2ca67c27cd6bfad0d6a364fbbe77f8d8
6b094e314b162fa58c2be714ebfa5e13d311aba464e88fa39135ea36b60d3d49
6db87b82ec9f8123a70efd7a43fae49cfee29fa186c512e31f022615bf185395
700985b6aa0037ac0547cd776a3ae113e907f66c346398938e1bbf0b4455d026
742b3428f58e1802eed2899b601089ff2724109ef1d5b076bf6c2a1b23c1ee3c
92b98afb1032fda85be6aaa0c0973e08e4befcf31a2dd86858005005d039114e
a25c4bd3e6b542e9dfd1fa9d565b9324d9fab60b6e88afbd916d40a6d3aec7ca
b1eeeda8e1938e92fbd93a6d12f320a63d8311e3d63738a6b4d4ee7d305a3085
c48a56924d5756d0d72ade817eab437a88b4bc27ad133f18745e52430204ac19
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6c853fb5f4353dcdbed13947a829c0e4b7d2b3688ddcd3cd32cefe0725d82de
ddd79e024592b5ecf9edac3c1bb0bb33cb1c42124af3169b634b912885f3b625
e285e562071b323473301704680e0659f76ab0ed850cd0debdb830c87b7ec23e