img.lockercodes.io Open in urlscan Pro
2606:4700:20::681a:903 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://img.lockercodes.io/
Submission: On July 02 via api (July 2nd 2024, 6:29:47 am UTC) from US — Scanned from DE

Summary HTTP 62 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 11 domains to perform 62 HTTP transactions. The main IP is 2606:4700:20::681a:903, located in United States and belongs to CLOUDFLARENET, US. The main domain is img.lockercodes.io.
TLS certificate: Issued by WE1 on July 1st 2024. Valid for: 3 months.

This is the only time img.lockercodes.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	2606:4700:20:... 2606:4700:20::681a:903	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.18.3.78 104.18.3.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a04:4e42:200... 2a04:4e42:200::720	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	216.58.206.36 216.58.206.36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:276... 2600:9000:2761:cc00:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:249... 2600:9000:2491:3e00:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	13.224.186.120 13.224.186.120	16509 (AMAZON-02) (AMAZON-02)
1	35.244.144.25 35.244.144.25	15169 (GOOGLE) (GOOGLE)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.206.70 216.58.206.70	15169 (GOOGLE) (GOOGLE)
1	18.245.31.9 18.245.31.9	16509 (AMAZON-02) (AMAZON-02)
62	18

30 2606:4700:20::681a:903 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

img.lockercodes.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.3.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:200::720 (United States)

ASN54113 (FASTLY, US)

lockercodesio.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2761:cc00:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2491:3e00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.144.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.144.244.35.bc.googleusercontent.com

tracker.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

consent.nitrocnct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.70 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-9.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	lockercodes.io 1 redirects img.lockercodes.io	188 KB
7	nitropay.com s.nitropay.com — Cisco Umbrella Rank: 28166 tracker.nitropay.com — Cisco Umbrella Rank: 25297	299 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 357 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 746	81 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 1087 api.btloader.com — Cisco Umbrella Rank: 1198	29 KB
4	geoedge.be wrappers.geoedge.be — Cisco Umbrella Rank: 18333 rumcdn.geoedge.be — Cisco Umbrella Rank: 3325	202 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 ad.doubleclick.net — Cisco Umbrella Rank: 164	176 KB
4	imgix.net lockercodesio.imgix.net	13 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1092	1 KB
2	nitrocnct.com consent.nitrocnct.com — Cisco Umbrella Rank: 52806	113 KB
1	google.com www.google.com — Cisco Umbrella Rank: 5
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1073	7 KB
62	11

	Domain	Requested by
30	img.lockercodes.io	1 redirects img.lockercodes.io s.nitropay.com static.cloudflareinsights.com
6	s.nitropay.com	img.lockercodes.io s.nitropay.com
4	lockercodesio.imgix.net	img.lockercodes.io
3	api.btloader.com	btloader.com
3	c.amazon-adsystem.com	s.nitropay.com c.amazon-adsystem.com
3	rumcdn.geoedge.be	s.nitropay.com rumcdn.geoedge.be
2	ad-delivery.net	img.lockercodes.io
2	consent.nitrocnct.com	s.nitropay.com
2	securepubads.g.doubleclick.net	s.nitropay.com
1	config.aps.amazon-adsystem.com	s.nitropay.com
1	ad.doubleclick.net	img.lockercodes.io
1	tracker.nitropay.com	s.nitropay.com
1	btloader.com	s.nitropay.com
1	wrappers.geoedge.be	s.nitropay.com
1	www.google.com	img.lockercodes.io
1	stats.g.doubleclick.net	img.lockercodes.io
1	static.cloudflareinsights.com	img.lockercodes.io
62	17

This site contains links to these domains. Also see Links.

Domain
www.nba2klab.com
nitropay.com

Subject Issuer	Validity	Valid
img.lockercodes.io WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh
nitropay.com GTS CA 1P5	`2024-05-14` - `2024-08-12`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
btloader.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.nitropay.com WR3	`2024-06-03` - `2024-09-01`	3 months	crt.sh
nitrocnct.com WE1	`2024-06-18` - `2024-09-16`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-06-04` - `2024-09-02`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://img.lockercodes.io/
Frame ID: BCBE5A09519B3E4B98E123EBA8FAD51A
Requests: 62 HTTP requests in this frame

Frame: https://img.lockercodes.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
Frame ID: 34ADF56A436BD2573279366DF4469809
Requests: 2 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 788CCB186A0501FAE9F6793A7C75EE95
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Frame ID: 0E1A8A55614850272441D25BAFDF6D41
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

62
Requests

98 %
HTTPS

47 %
IPv6

11
Domains

17
Subdomains

18
IPs

4
Countries

1110 kB
Transfer

4582 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nba2klab.com/?fpr=locker20
Title: NBA2KLab

Search URL Search Domain Scan URL

URL: https://nitropay.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://img.lockercodes.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://img.lockercodes.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

62 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
img.lockercodes.io/ 42 KB
11 KB 79ms
48ms Document
text/html 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f280d6436f72b5e204b7b49ba75daa485010a5c556e97f608a9c899fed6ace

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 15475
cf-cache-status: HIT
cf-ray: 89cc9531c97737fb-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 02 Jul 2024 06:29:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EdPyUhhEjSVKEwq%2F%2F25jbSoH4Jtzdi3mz1fu8IXGCkKVZ5k8QW9CX0Hk%2BfOqzQQc00m6zRrU7040O9JUNJpk7DPIqlYvlHHa%2BoXUUTAYvs%2FRImLF5Vm4mVQSyzUCZrEKtzpZjPU94MRhjaPppCzbWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 ads-764.js Show response
s.nitropay.com/ 829 KB
242 KB 78ms
48ms Script
text/javascript 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ads-764.js

Requested by

Host: img.lockercodes.io
URL: https://img.lockercodes.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60893ef76a057ce6603059cf51a17c213d9d13feb2035ad2143086b3f5cda2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:40 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1719421011
age: 37453
x-guploader-uploadid: ACJd0NqihY-LCwoFqqnYe-B96FliLZmkYi9uFyRfmWz4I9lim8t86PI3IJo1KoY1fMAo2FxQKbo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 01 Jul 2024 20:04:46 GMT
server: cloudflare
etag: W/"a7b8af7683ba45cb19602592d899cfc0:1719864286000"
vary: Accept-Encoding
x-goog-generation: 1719421710164278
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=QHvNnw==, md5=p7ivdoO6RcsZYCWS2JnPwA==
access-control-expose-headers: Content-Type
cache-control: private, max-age=600
x-goog-stored-content-length: 844239
cf-ray: 89cc95325be19bc8-FRA
expires: Tue, 01 Jul 2025 20:05:27 GMT

GET
H2 200 lockercodes.jpg
lockercodesio.imgix.net/21/ 6 KB
6 KB 51ms
8ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lockercodesio.imgix.net/21/lockercodes.jpg?auto=format&fit=crop&crop=top&ixlib=react-9.8.1&w=336&h=190&dpr=1&q=75

Requested by

Host: img.lockercodes.io
URL: https://img.lockercodes.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cc3d88b0f7a337265fc6900883d797bab826b8d2548aec39b2d1ad0c060db3fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:40 GMT
x-content-type-options: nosniff
age: 626950
x-cache: HIT, HIT
x-imgix-id: 18b19043644b6f116c74ca0a3abac8a23e036ef8
cross-origin-resource-policy: cross-origin
content-length: 5858
x-served-by: cache-sjc10055-SJC, cache-fra-eddf8230040-FRA
last-modified: Tue, 25 Jun 2024 00:20:30 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 controls.jpg
lockercodesio.imgix.net/21/ 6 KB
7 KB 52ms
9ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lockercodesio.imgix.net/21/controls.jpg?auto=format&fit=crop&crop=top&ixlib=react-9.8.1&w=336&h=190&dpr=1&q=75

Requested by

Host: img.lockercodes.io
URL: https://img.lockercodes.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

9ead1e3af48827110d46210e1ef05450f9b146f698b09bceb0781521e3bdb1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:40 GMT
x-content-type-options: nosniff
age: 4224044
x-imgix-original-url: /21/controls.jpg?auto=format&fit=crop&crop=top&ixlib=react-9.8.1&w=336&h=190&dpr=1&q=75
x-imgix-vary: Accept, User-Agent
x-cache: HIT, HIT, HIT
x-imgix-id: 92dcd7d32b4bbf2f37d4f94a4478520e047dee60
cross-origin-resource-policy: cross-origin
x-imgix-cache: HIT
content-length: 6481
x-served-by: cache-sjc1000139-SJC, cache-ams12725-AMS, cache-fra-eddf8230040-FRA
last-modified: Tue, 14 May 2024 09:08:56 GMT
server: imgix
x-imgix-deployment-datestamp: Wed May 22, 2024 08:14:24 PM UTC
x-imgix-shield-host: shield-1e18b00eaf9238d60435d15e2853d1dc641874f3.imgix.net
x-imgix-normalized-params: ?fit=crop&crop=top&w=336&h=190&q=75&fm=avif
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-original-host: lockercodesio.imgix.net
vary: Accept, User-Agent
x-imgix-host-chain: cache-man4134_lockercodesio.imgix.net|recv,cache-man4127_shield-1e18b00eaf9238d60435d15e2853d1dc641874f3.imgix.net|miss,cache-ams12725_shield-1e18b00eaf9238d60435d15e2853d1dc641874f3.imgix.net|recv,cache-ams12725_lockercodesio.imgix.net|reset,cache-ams12764_shield-1e18b00eaf9238d60435d15e2853d1dc641874f3.imgix.net|miss,cache-sjc1000139_shield-1e18b00eaf9238d60435d15e2853d1dc641874f3.imgix.net|recv,cache-sjc1000139_lockercodesio.imgix.net|reset
x-imgix-deployment-timestamp: 1716408864
x-imgix-deployment-hash: 1440
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 webpack-runtime-e149775b991537d7dd74.js Show response
img.lockercodes.io/ 10 KB
4 KB 109ms
108ms Script
application/javascript 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/webpack-runtime-e149775b991537d7dd74.js
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a98fbf50e710f2518a1c1e41610bccfd5dae34021b9ad27f709d30bfc95209b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lpIDCqD60vM2i8aOi9PArtaRckgHFB0WsK9cIevaIioGeY8DDUMaY%2BYD83UWV677nyolHUncten81zsSGZC47g%2FOuWSPtmaCcs3YQYpUta6QcEbo231Rdd8X%2Ft5Pv2ahMAp2CoHOtfIziJdOjkOxfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 89cc953239cd37fb-FRA

GET
H2 200 framework-fba7828ab8a9b1e7e652.js Show response
img.lockercodes.io/ 137 KB
46 KB 108ms
108ms Script
application/javascript 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/framework-fba7828ab8a9b1e7e652.js
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bc941602104b2eee04df86d2ef69744431e3597bbaa8599aeee72c8840f9c67

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lrQO5Rt2VoN1pTAH1E%2BKWVlapDKh1sXnHqncP6ohI7uDXD0j3FpfkGYzELYrLctePykfzzPBR2dJwbqw01UP%2BCdb%2FrlgsSGJhJ7IBB7moI0zbriE0lVf0Dnr%2Bk%2BNy9E6pBGK2ugHP4tsF5jLcvb6Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 89cc953239ce37fb-FRA

GET
H2 200 app-61e157fbb0454a997552.js Show response
img.lockercodes.io/ 77 KB
25 KB 102ms
101ms Script
application/javascript 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/app-61e157fbb0454a997552.js
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1534fa0799d9afa473245e3720479c7b62fb52a2f62c8cb40e7267b9738e4f12

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jvtc9D%2Fmkb2dyruepIcLlOWzieKQkT9WMmpf2ykXwFNSeF4IihFMqBeValu9xK714w8tmpvw1IAda%2BtMNUAxbkG9Jb14YCm9sJcbtsBzhZnfovzQ0QWE%2BcoYy7Lce%2Fqn2ItBpFtD822uMyYudukqWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 89cc953239cf37fb-FRA

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 87ms
60ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Origin: https://img.lockercodes.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:40 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 89cc95325e221e60-FRA

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecd04bbadd7de5eccdc26071bb133779c01c7470bad01234e6cdd2addc1c98ef

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 332 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fa069c77c9cee7d76e7b1cc5eddc18480b493cb8b880fcf17ab6dbc3c3528dd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lockercodesiologo.webp
img.lockercodes.io/static/9ec50c8f4c27034afb1ccfd9fdcdd733/a8691/ 4 KB
4 KB 96ms
96ms Image
image/webp 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.lockercodes.io/static/9ec50c8f4c27034afb1ccfd9fdcdd733/a8691/lockercodesiologo.webp
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 714aec65539ebf789ecde4b321108971efa0e4e0e963574a6a15f35f6b5a9796

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: static/9ec50c8f4c27034afb1ccfd9fdcdd733/a8691/lockercodesiologo.0ad2a8b8b9.webp
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SYqKQ8MgORpCXo9yuy%2FQk%2FEOjL3GtOUO328Emk3jbmd9exiBga2vOuX1ers1ABOrCuLbTpnQT%2B2PBjR6h%2BvZUrhoEu2grcPfRVdvN8R1Ju2pN37xRKqCm%2FqVZ0En0XxzK3UL1swYmj7sMFApGWm8eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 89cc953259f537fb-FRA
content-length: 3724

GET
H2

200

main.js Show response
img.lockercodes.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/ Frame 34AD
Redirect Chain

https://img.lockercodes.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://img.lockercodes.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

8 KB
4 KB

21ms
18ms

Script
application/javascript

2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://img.lockercodes.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

Requested by

Host: img.lockercodes.io
URL: https://img.lockercodes.io/

Protocol

Server

2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f8424ee72ee7b158ea101ea87777d3e375d7a65d57ba444c0ba8d05c14aa22c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 02 Jul 2024 06:29:40 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p4LVJ%2FYjoPAQs7H4oT5f3GXPmJTa2vxoJ06duZjdT%2FCeK1RhQh0Oh3J4icNYESgJ1BWPuWetZJ4JehhsjEGUXptLYvfUOxeoe2sJAchOnU%2Bku4R2%2BTaNsW2Jjsm4JC6rU%2Bi8j6rbFiZH1aCznWzHSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 89cc9532fa8d37fb-FRA

Redirect headers

date: Tue, 02 Jul 2024 06:29:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hLxju8g2a6Ng0MY3mzH7xEsS%2FAiVPYgcoT%2F6a8MK%2BQ%2FucJm4sd9Es2XrlvF8vgx3RmLo2BrLR8NzZ3%2FY3awYFuN8RleWET6YKiCojFPLgF3v5sH2IcsLLk2GFOoaXcL%2F4Q86ZpNsf1gctep%2F7hgwXg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 89cc9532ca6e37fb-FRA
content-length: 0

GET
H2 200 s.js Show response
img.lockercodes.io/cdn-cgi/zaraz/ 6 KB
4 KB 25ms
25ms Script
text/javascript 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyTkJBMkslMjBMb2NrZXIlMjBDb2RlcyUyMGFuZCUyMEluZm8lMjIlMkMlMjJ4JTIyJTNBMC42MDk3MTQ0MTU5ODM5MjQxJTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZpbWcubG9ja2VyY29kZXMuaW8lMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQS0xMjAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e66f0930e17719328fd6cb526823d7c2d5686787a7a6b0a793b47855b1a21247

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://img.lockercodes.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zpkXDox%2FrTVHle46TTyTX8yqFo5KG3M38LiFqKrYdlpiEn5Kh3HatzbxxNnCqDwcu38qUNOVgSVHSluahcE3vlmqVfbustL%2F9LEEu26ZVHyMKQdWIH3wLNReasThbhPGt4OoHdODCX%2Fxn3XNE0cgbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-credentials: true
x-robots-tag: none
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
cf-ray: 89cc9532ca6f37fb-FRA

GET
H2 200 app-data.json Show response
img.lockercodes.io/page-data/ 50 B
366 B 109ms
109ms XHR
application/json 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/page-data/app-data.json
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/app-61e157fbb0454a997552.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66aece35b2f03e7e14ffaf8b9a39c96285df8d7e22e71ced3e0db2eea5ef0763

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jXAYYx1JvLdwvJ6D9Tbp7vNM825%2FaH0%2F4GdEOp537sXOHcW%2FlrH6LJqq8oSRcN5xgd1VDoL4nyiRUZjRAX0OjWoGf0bHABdvndAdFRwDZRAtvMjs4Sa%2B0P0hc7emaiiM5vm9HWgwe2GHerLJ9DyTLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 89cc95330a9b37fb-FRA

GET
H2 200 page-data.json Show response
img.lockercodes.io/page-data/index/ 2 KB
832 B 111ms
111ms XHR
application/json 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/page-data/index/page-data.json
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/app-61e157fbb0454a997552.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b19b89ccbff91cf9dd7b09c7a186607959e6a6665d046831cdde7b4503a1fb0d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zICyUPpdMuXb3BRBVO5ZBLEsH%2BXFE5kA2ubJl0H2MZh1%2Fkc7EFv6ovICrgB5%2BEJ4OYuHjx8wj%2F6SNBg3EqauYD%2BrjMQsChxFdVyu4sTBNz%2FCU6pOAqEnbEt%2FqsT%2FEWLMpElaYSW8J8zXjBW5lB416Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 89cc95330a9d37fb-FRA

GET
H2 200 lockercodesiologo.webp
img.lockercodes.io/static/9ec50c8f4c27034afb1ccfd9fdcdd733/a8691/ 4 KB
379 B 46ms
46ms Image
image/webp 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.lockercodes.io/static/9ec50c8f4c27034afb1ccfd9fdcdd733/a8691/lockercodesiologo.webp
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 714aec65539ebf789ecde4b321108971efa0e4e0e963574a6a15f35f6b5a9796

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: static/9ec50c8f4c27034afb1ccfd9fdcdd733/a8691/lockercodesiologo.0ad2a8b8b9.webp
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=usmg2vMfejCmwNj7lq73wDFrBovvmUtwUjezyGu8ZaRzHUCWRLJFMA6HB4IV1ugV9KaC%2F6JMHuZDbva%2FVlpz%2FW5tepLhNuGmIvuDvDyNyqCajwVRip4GzvYmSZ4TYaP6AfEDTZZYh9dCIWViLuedZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 89cc95332abb37fb-FRA
content-length: 3724

POST
H2 204 collect Show response
stats.g.doubleclick.net/g/ 0
256 B 81ms
18ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=G-T20FLFMEWZ&cid=6a7f8e69-e77d-4daf-a096-a45b5ad8daa8&_u=KGDAAEADQAAAAC%7E&z=989756835
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 06:29:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://img.lockercodes.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
0 54ms
34ms Fetch
image/gif 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j86&tid=G-T20FLFMEWZ&cid=6a7f8e69-e77d-4daf-a096-a45b5ad8daa8&_u=KGDAAEADQAAAAC%7E&z=989756835&slf_rd=1

Requested by

Host: img.lockercodes.io
URL: https://img.lockercodes.io/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyTkJBMkslMjBMb2NrZXIlMjBDb2RlcyUyMGFuZCUyMEluZm8lMjIlMkMlMjJ4JTIyJTNBMC42MDk3MTQ0MTU5ODM5MjQxJTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZpbWcubG9ja2VyY29kZXMuaW8lMkYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQS0xMjAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f4.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 06:29:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://img.lockercodes.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ 3 KB
4 KB 98ms
9ms Fetch
text/html 2600:9000:2761:cc00:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2761:cc00:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

x-amz-version-id: SIv.6LiuODikErkt8hGkZr.zJWI3NFp8
date: Mon, 01 Jul 2024 11:20:07 GMT
via: 1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P8
age: 68975
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3527
last-modified: Tue, 19 Dec 2023 13:15:23 GMT
server: AmazonS3
etag: "6a6d57dbabaa297544a761a67d32156f"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 8ht87Q7jfgPKkZj4mBb_bWYzwLGmKbPTAvBJTvXoiQFsW9ibJpSU0g==

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 788C 575 KB
192 KB 95ms
13ms Script
text/javascript 2600:9000:2491:3e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:3e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6bfdf4ad197b58723d44df5c3dffb2d234b40c7ab183326b48457fa5df99315

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:28:28 GMT
x-amz-version-id: M.BSID8RaYTdRZSw6I0xCLTdu0nZbqz.
content-encoding: br
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 74
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 02 Jul 2024 06:07:57 GMT
server: AmazonS3
etag: W/"1711ade7bc6dd198d3df58b928609305"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin: *
x-amz-cf-id: WGtLTz1MtJAjsil5d_f-g5rD3I1bNO5DB2-9ECncrCyjIt6e1S6ZYA==

GET
H2 200 tag Show response
btloader.com/ 101 KB
29 KB 81ms
19ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13bb65446c667a1d99586568a357796050529ef8d9de448e571d2549bb8214e1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 02 Jul 2024 05:39:16 GMT
server: cloudflare
age: 2973
etag: "34dae44d6d89a6c9a27c3a4a5a235ed6"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 89cc953558126acb-FRA
content-length: 29397

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ 15 KB
6 KB 126ms
47ms Script
application/javascript 2600:9000:2491:3e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:3e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd2ead78cad296168690d755c8811f6853cddfbf4e12e84d447df77689424967

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 05:28:28 GMT
x-amz-version-id: oiSKUHXYOzW2sr3zGVZtrRcyyhIEP1EB
content-encoding: br
last-modified: Tue, 18 Jun 2024 14:32:57 GMT
server: AmazonS3
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"bd651b41522815521a623bfe5cd3933f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 3674
x-amz-cf-id: uwBoipf2NMq-BTTyVdwxBMcRafRWQCDX0etQsjD5--sRG7C9IdxnTQ==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
31 KB 136ms
57ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

05dcd8205758d1225a9995744b141300a5de7723ae1a0e05ab98d97527197353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31482
x-xss-protection: 0
server: cafe
etag: 951 / 19906 / m202406270101 / config-hash: 8213475747824349556
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 02 Jul 2024 06:29:41 GMT

GET
H3 200 gpp-bf4f755.min.js Show response
s.nitropay.com/ 261 KB
49 KB 30ms
29ms Script
application/javascript 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/gpp-bf4f755.min.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33361bf68bdc76d93661566ef309ec2a3fa2515cbde9de1f0799343474e1aa9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
age: 480042
x-guploader-uploadid: ACJd0NrR-W6n-iOJvwdaGtleSW5Q_DGTfImJ-fEd7ST8u4eNdhI7JA8TpC1Wh0xqrmalb-EE-yA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 May 2024 05:20:26 GMT
server: cloudflare
etag: W/"30c6e780bb669ffa970e2624c9933298"
vary: Accept-Encoding
x-goog-hash: crc32c=fF0HnQ==, md5=MMbngLtmn/qXDiYkyZMymA==
x-goog-generation: 1716873626804716
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=604800
x-goog-stored-content-length: 267561
access-control-expose-headers: Content-Type
cf-ray: 89cc9534fe989bc8-FRA
expires: Wed, 03 Jul 2024 17:08:59 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 310 KB
77 KB 118ms
22ms Script
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 033ce432d750dea22adc9a6c46276b2a50976eb2b080f61cfb501d41db84a697

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:01:54 GMT
content-encoding: gzip
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 23:08:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 1668
x-amz-server-side-encryption: AES256
etag: W/"bac564afc3d66c01c2c0ef0fe11bf6b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: MBGkwVFwK_TDHgkRNDtKci0_aRenGIzGW53EN1GgPBRKVxziGuMV7g==

GET
H2 204 764
tracker.nitropay.com/a/ 0
0 188ms
120ms Fetch 35.244.144.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.nitropay.com/a/764?d=eyJocmVmIjoiaHR0cHM6Ly9pbWcubG9ja2VyY29kZXMuaW8vIiwidiI6ODQsImEiOmZhbHNlLCJzIjp0cnVlLCJjIjoiREUiLCJyIjoiTlcifQ%3D%3D
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.144.25 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 25.144.244.35.bc.googleusercontent.com
Software: nginx/1.27.0 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
via: 1.1 google
server: nginx/1.27.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 1.gif
s.nitropay.com/ 42 B
618 B 29ms
29ms Image
image/gif 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/1.gif?x=1&adslot=

Requested by

Host: img.lockercodes.io
URL: https://img.lockercodes.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 480042
x-guploader-uploadid: ACJd0NqJHWweJwCVrSPASd8hmpfOhfaDWP9DWNsv0LjtLXluJAQBX2hEQEVGf_ssUfbq0SRp5L4
x-goog-storage-class: MULTI_REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 42
x-goog-meta-
last-modified: Fri, 22 Jan 2021 08:58:45 GMT
server: cloudflare
etag: "d89746888da2d9510b64a9f031eaecd5"
vary: Accept-Encoding
x-goog-generation: 1611305925409947
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=604800
x-goog-stored-content-length: 42
accept-ranges: bytes
cf-ray: 89cc95351eb79bc8-FRA
expires: Wed, 03 Jul 2024 17:08:59 GMT

GET
H2 200 75fc9c18-43aaec1c7dc639c829cb.js Show response
img.lockercodes.io/ 60 KB
20 KB 99ms
96ms Script
application/javascript 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/75fc9c18-43aaec1c7dc639c829cb.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ecf755db04b6e1966eff06e324baf78521151cb37060e4c9a13679a253c68ae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Lq7jOwmb81T5poESbkxulrIT7kSPOLEpCcqSy9ikBwARZmZjqVsmJN3Siq1t%2B2dLujuvLTrUOef28OO2RuAWsvlXFJOeiKKw3HjhD%2FRPGcLnItNDS5QD2czDjxY15qFP3XwzLFBPCdxUT886DEMLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 89cc95356d2737fb-FRA

GET
H2 200 commons-a26c21073ed48d000f04.js Show response
img.lockercodes.io/ 58 KB
23 KB 135ms
133ms Script
application/javascript 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/commons-a26c21073ed48d000f04.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c0de5a4b45f42967a511a3f5c248effe3c8efde7853075d9d13646cd8397075

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kRh%2BXg0n1gKJ8%2FWQEAwWYgaxKwXtY3Il4XxTw%2FEBKUQKLWH5e%2FEr8%2BsNTm9tqrizMDV05G0rgBWs%2FMCTVDKFpWprN79%2F9v2yszB6R0tOL9sePo0%2BGwTSbdSj9UXHZLFZDlw7CMoy8dPTQB18%2Fw1v5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 89cc95356d2837fb-FRA

GET
H2 200 fa8ffee1c234dda1dcd153bcffc42cd8ce9d14a5-681ad174e8baacaf4fed.js Show response
img.lockercodes.io/ 56 KB
16 KB 206ms
204ms Script
application/javascript 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/fa8ffee1c234dda1dcd153bcffc42cd8ce9d14a5-681ad174e8baacaf4fed.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce9a6b4b69df189cf74f3b54657a98661fc60bc581db93087c17fecc369db140

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NXV9ZmJl5u7ijX1fQO%2BgcdcLHdlVdfTBb69aoyCZdJvH4VXKZtdD%2FBE5exYExNqiyrbJ4qC5CoGCMHxpvC9zOWtgiWn5Bf0PvnBt4JyXvGrL52cFq6o7imqMztqusK6PHQA%2FEWRUbyfzaJHvGKBxdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 89cc95356d2937fb-FRA

GET
H2 200 component---src-pages-index-js-f53fd641cf2bf159bd4b.js Show response
img.lockercodes.io/ 4 KB
2 KB 145ms
145ms Script
application/javascript 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/component---src-pages-index-js-f53fd641cf2bf159bd4b.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 246b13684d96cf8a10ce706b9b63cf9c864e082bad6fb94ae8dea6d657506a50

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yPtGB4scpJ39QmJS5xZw9ry4zeJ975A8ia1m%2BkpriXMXkDMuVJxJjWggbjOOwWQkOBmJjhu3oyP%2BCSLpQtuXv69D1dblgfQ8NNlA4pOy6SpXYXqOnD2z5lgmp5tjTPyDjc6QxKf4XAJTLorH5Kfd7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 89cc95356d2a37fb-FRA

POST
H2 200 89cc9531c97737fb Show response
img.lockercodes.io/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 34AD 0
650 B 50ms
50ms XHR
text/plain 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/cdn-cgi/challenge-platform/h/g/jsd/r/89cc9531c97737fb
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89cc95365e2237fb-FRA
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YJTYHWGc2e6edWCg8wRqGiQAGt8Wn6Npx5aebdhgr9R3fIUj6Szn25J3oh64By%2F4pOVlh7TvRlMmAv2aaCp%2BM3%2FhgFjfUNOzZx1qTq9czrl2N%2BHcmmu69u58nrqLOKDPcB7EMiBCO2q4f6D3qbeS%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H3 200 additional-consent-providers.csv Show response
consent.nitrocnct.com/ 116 KB
36 KB 165ms
64ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.nitrocnct.com/additional-consent-providers.csv
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-bf4f755.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ACJd0NplyX7oD89VUMojkz1OalRafySqAQ-eEXwpw9j9AyhXBTp-3NeEuaVBpxv8JR5uSy1jdw
x-goog-storage-class: STANDARD
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 07:31:30 GMT
server: cloudflare
etag: W/"81f96867523b7ea4a2f05a62b9fdf1c7"
vary: Accept-Encoding
x-goog-hash: crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
x-goog-generation: 1689147090287559
content-type: text/plain
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zq3Ijq3ajYSwRYADllFXUz9O2ao9sNQ2WqjQwu9nmVSRd%2FzZxmmxqwmXVhUgvItLNJQDp2j2oh2rAH4zXNbrO1na0k%2BwTvOhcmmRpdoJeqSozmL%2BahQFiJSweg5brwnIVO9iuZBDIVU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 119221
cf-ray: 89cc9537580f5bf5-FRA
expires: Tue, 09 Jul 2024 05:32:44 GMT

GET
H3 200 vendor-list-v3.json Show response
consent.nitrocnct.com/ 615 KB
77 KB 149ms
52ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.nitrocnct.com/vendor-list-v3.json
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/gpp-bf4f755.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e32bab08228f4754cfe2d63bd0259bc2f19932ace1891dbbd48e7a3203be0c36

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ACJd0NpAJidik2eFSOWoFS2U7fFD66gj_mGJ8fqCusFycOgxbA6oUOBPUU13F_g7tSr5siSPSOc
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 27 Jun 2024 16:15:04 GMT
server: cloudflare
etag: W/"5508a872de1f0859a3ba572758da34d5"
vary: Accept-Encoding
x-goog-hash: crc32c=cQNJkA==, md5=VQioct4fCFmjulcnWNo01Q==
x-goog-generation: 1719504904361546
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mSE3D%2Brlu4%2F67tsGhByVfhW6djhqUoHgLYaU3XfgfwCCaHLeW%2Ba437c2jxD0LLD%2BpzO3GGcLW028NoE6XGlF17koVnhE7BxsOgJTl3%2FMZg6PdafNblk6MIqTficuR7za6ntxMSjp5%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=604800
x-goog-stored-content-length: 629269
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cf-ray: 89cc953758105bf5-FRA
expires: Tue, 09 Jul 2024 05:57:13 GMT

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 439ms
343ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 02 Jul 2024 06:29:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
923 B 117ms
21ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457541
x-guploader-uploadid: ABPtcPrux6dlODB5e_tasWROPm5jTBdL450Xz1Wts3KrxFSKJRkUiuPhL3oKK-QLBZQzrtIKB6QwkkAwAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gX%2BEiHbJXsuXeVPmxNEk%2FnpjpZncGMyqJ%2FHOrMIcLjANTI%2F0JhPwXmy0xLUJMeII26x2eacZjgucWzrv6liturFqAycmsa03Zt%2FjFv4jEVxX%2FWUIyw74KataEe9iMmpNqPOKNFU5peTom6Vw8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 89cc95375de91da2-FRA
expires: Thu, 27 Jun 2024 00:04:41 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 109ms
13ms Image
image/x-icon 216.58.206.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: img.lockercodes.io
URL: https://img.lockercodes.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 14:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 02 Jul 2024 14:24:09 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 118ms
23ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.2858292692123632
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457541
x-guploader-uploadid: ABPtcPrux6dlODB5e_tasWROPm5jTBdL450Xz1Wts3KrxFSKJRkUiuPhL3oKK-QLBZQzrtIKB6QwkkAwAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HiDoXyru07vA4mXtkgNreowJCmRVMcCXAjYU9NEarf7rVFB%2FWpZ8xvTIxfwVfzvP3NTfXnMRhnDrFDc%2F%2FPvkv%2B4QYkj67SVZ4nC0BOSFeOyohjIuBlhNdUDbH9MivdRNcUGzcW5N4ybKo0Iwqw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 89cc95375dee1da2-FRA
expires: Thu, 27 Jun 2024 00:04:41 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/ Frame 0E1A 575 KB
0 95ms
13ms Script
text/javascript 2600:9000:2491:3e00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b0b01868-2045-4a3d-b8b0-db8e6cd0649d/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:3e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6bfdf4ad197b58723d44df5c3dffb2d234b40c7ab183326b48457fa5df99315

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:28:28 GMT
x-amz-version-id: M.BSID8RaYTdRZSw6I0xCLTdu0nZbqz.
content-encoding: br
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 74
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 02 Jul 2024 06:07:57 GMT
server: AmazonS3
etag: W/"1711ade7bc6dd198d3df58b928609305"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin: *
x-amz-cf-id: WGtLTz1MtJAjsil5d_f-g5rD3I1bNO5DB2-9ECncrCyjIt6e1S6ZYA==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406270101/ 466 KB
145 KB 9ms
9ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406270101/pubads_impl.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

0c0b0a5f015dbecef921a387c2f0f5bf42b440a271c0418279aae7c9ab8ca799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 21:59:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30613
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148622
x-xss-protection: 0
server: cafe
etag: 8151157238384872658
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 01 Jul 2025 21:59:28 GMT

GET
H2 200 da657530-03e5-4306-95bc-d4eb370426c9 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
830 B 54ms
8ms Script
application/javascript 18.245.31.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/da657530-03e5-4306-95bc-d4eb370426c9
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-9.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 99429943bd63a607e02c901c102b36ab1967d894fa247f960dc5bf45518bc60c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:28:51 GMT
via: 1.1 f99e0a5708c6297d4aa91b3e4794707e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
age: 50
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: 7HGBx8ZFjUD7-SsBpaRtqSW3_Hgm4BvqwTyQjkAhkD2yokTK0fokQA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
304 B 105ms
104ms XHR
text/plain 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fimg.lockercodes.io&pubid=da657530-03e5-4306-95bc-d4eb370426c9
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://img.lockercodes.io
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: xxqt2TFBtyUmIe2XM4Z4hqU4H02Hp1I_Zd7n-NrpxDx-CkUST-KH4A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 422ms
401ms XHR
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:42 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: FxVq88UhWdJ6ovcwPcZhNcxmMY7OpFShDRyWejMZS6ZIFb5Ck9LOnw==

GET
H2 200 lockercodes.jpg
lockercodesio.imgix.net/21/ 6 KB
0 4ms
4ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lockercodesio.imgix.net/21/lockercodes.jpg?auto=format&fit=crop&crop=top&ixlib=react-9.8.1&w=336&h=190&dpr=1&q=75

Requested by

Host: img.lockercodes.io
URL: https://img.lockercodes.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cc3d88b0f7a337265fc6900883d797bab826b8d2548aec39b2d1ad0c060db3fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:40 GMT
x-content-type-options: nosniff
age: 626950
x-cache: HIT, HIT
x-imgix-id: 18b19043644b6f116c74ca0a3abac8a23e036ef8
cross-origin-resource-policy: cross-origin
content-length: 5858
x-served-by: cache-sjc10055-SJC, cache-fra-eddf8230040-FRA
last-modified: Tue, 25 Jun 2024 00:20:30 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 controls.jpg
lockercodesio.imgix.net/21/ 6 KB
0 5ms
5ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lockercodesio.imgix.net/21/controls.jpg?auto=format&fit=crop&crop=top&ixlib=react-9.8.1&w=336&h=190&dpr=1&q=75

Requested by

Host: img.lockercodes.io
URL: https://img.lockercodes.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

9ead1e3af48827110d46210e1ef05450f9b146f698b09bceb0781521e3bdb1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:40 GMT
x-content-type-options: nosniff
age: 4224044
x-imgix-original-url: /21/controls.jpg?auto=format&fit=crop&crop=top&ixlib=react-9.8.1&w=336&h=190&dpr=1&q=75
x-imgix-vary: Accept, User-Agent
x-cache: HIT, HIT, HIT
x-imgix-id: 92dcd7d32b4bbf2f37d4f94a4478520e047dee60
cross-origin-resource-policy: cross-origin
x-imgix-cache: HIT
content-length: 6481
x-served-by: cache-sjc1000139-SJC, cache-ams12725-AMS, cache-fra-eddf8230040-FRA
last-modified: Tue, 14 May 2024 09:08:56 GMT
server: imgix
x-imgix-deployment-datestamp: Wed May 22, 2024 08:14:24 PM UTC
x-imgix-shield-host: shield-1e18b00eaf9238d60435d15e2853d1dc641874f3.imgix.net
x-imgix-normalized-params: ?fit=crop&crop=top&w=336&h=190&q=75&fm=avif
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-original-host: lockercodesio.imgix.net
vary: Accept, User-Agent
x-imgix-host-chain: cache-man4134_lockercodesio.imgix.net|recv,cache-man4127_shield-1e18b00eaf9238d60435d15e2853d1dc641874f3.imgix.net|miss,cache-ams12725_shield-1e18b00eaf9238d60435d15e2853d1dc641874f3.imgix.net|recv,cache-ams12725_lockercodesio.imgix.net|reset,cache-ams12764_shield-1e18b00eaf9238d60435d15e2853d1dc641874f3.imgix.net|miss,cache-sjc1000139_shield-1e18b00eaf9238d60435d15e2853d1dc641874f3.imgix.net|recv,cache-sjc1000139_lockercodesio.imgix.net|reset
x-imgix-deployment-timestamp: 1716408864
x-imgix-deployment-hash: 1440
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6731-1bc571b85f23d0435b10.js Show response
img.lockercodes.io/ 71 KB
17 KB 112ms
106ms Script
application/javascript 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/6731-1bc571b85f23d0435b10.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4364432abd341ed8da40a9b4b8dd053d7b65e5ee884ce8ca7feae0209f2de466

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XKxVTjAyuVxq2adK6Ay9EYDdO4Z2xdU2IuG8QaE%2B%2FbNi9L%2ByLpQPK1T6gPqgdInHIKrR%2FIP8C5PMHjZjykRN%2BuQN0tE5UBy1ePEVzC%2Bvg9bPPOrob6hMWOxsBs56nh7BujqJn2F9B2ELIAk1khc%2B2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 89cc9537afb337fb-FRA

GET
H3 200 lang.png
s.nitropay.com/cmp/ 2 KB
2 KB 30ms
29ms Image
image/png 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/cmp/lang.png

Requested by

Host: img.lockercodes.io
URL: https://img.lockercodes.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 912
x-guploader-uploadid: ACJd0Np1cWBig4-W293ZqZ1yaj9hlZ5zMMrNywKbn1unnPKSBhsIxZBJ8GjH7b1Gg06qvfphBHY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1887
last-modified: Fri, 21 Oct 2022 09:20:58 GMT
server: cloudflare
etag: "ca072a3965f49a2c242c45d535163a53"
vary: Accept-Encoding
x-goog-generation: 1666344058779792
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1887
accept-ranges: bytes
cf-ray: 89cc95385a099bc8-FRA
expires: Tue, 02 Jul 2024 07:14:29 GMT

GET
H3 200 cancel.png
s.nitropay.com/cmp/ 1 KB
2 KB 28ms
27ms Image
image/png 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/cmp/cancel.png

Requested by

Host: img.lockercodes.io
URL: https://img.lockercodes.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 808
x-guploader-uploadid: ACJd0No-jxxOBV1Q08UoMg2EiQgtU__lnkM3tW6c0aw_L-vVhmsVAwVcbjbEzmzxHNqQ2mjODqo
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1302
last-modified: Fri, 21 Oct 2022 09:20:58 GMT
server: cloudflare
etag: "c707b2d501a53bc2c66e98e4e5cabefb"
vary: Accept-Encoding
x-goog-hash: crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
x-goog-generation: 1666344058825998
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1302
accept-ranges: bytes
cf-ray: 89cc95385a0a9bc8-FRA
expires: Tue, 02 Jul 2024 07:16:13 GMT

GET
H3 200 logo.png
s.nitropay.com/cmp/ 3 KB
3 KB 29ms
28ms Image
image/png 104.18.3.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/cmp/logo.png

Requested by

Host: img.lockercodes.io
URL: https://img.lockercodes.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
strict-transport-security: max-age=2592000; includeSubDomains
cf-cache-status: HIT
age: 852
x-guploader-uploadid: ACJd0NrdFOdSR-1ZGOIAU3cEfMVPrrd_5NXUoI8vPdI6-A9pgeIL4PP239bSuuDVM19JCBw0quiaZGTabw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 2592
last-modified: Fri, 21 Oct 2022 09:20:58 GMT
server: cloudflare
etag: "940aa5b81e99bbb7414acc474a89bad9"
vary: Accept-Encoding
x-goog-generation: 1666344058842900
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 2592
accept-ranges: bytes
cf-ray: 89cc95385a0b9bc8-FRA
expires: Tue, 02 Jul 2024 07:15:28 GMT

GET
DATA 200
OK truncated
/ 851 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f42998ac4bc6e658f330af2e4b920cc2f1682861a4a6095b34b317928427564

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 812 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3be8dc3dc4feb0decd1667a6853eb2ce4250665e1adfe3eec57203f6bf7416a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lockercodesiologo.webp
img.lockercodes.io/static/9ec50c8f4c27034afb1ccfd9fdcdd733/a8691/ 4 KB
354 B 89ms
88ms Image
image/webp 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.lockercodes.io/static/9ec50c8f4c27034afb1ccfd9fdcdd733/a8691/lockercodesiologo.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 714aec65539ebf789ecde4b321108971efa0e4e0e963574a6a15f35f6b5a9796

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: static/9ec50c8f4c27034afb1ccfd9fdcdd733/a8691/lockercodesiologo.0ad2a8b8b9.webp
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yXHC4KNh4NcHzHw5QhokCSL7G83MER%2B8AP4yW%2BESv2wACCo7qDUiGI2Ef1qr%2Bk2hb0lSKckfTMgP0NhcZsSaTTNzfpcAYC7TFNZQr4w8iPid1hWI1KZ5k7N23bvil154na9K3uaHkfG7FLw5Wf1MQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 89cc9538c8c237fb-FRA
content-length: 3724

GET
H2 200 moon.webp
img.lockercodes.io/static/b276b993ade6d8cf25a1af39ddaf104e/07b39/ 450 B
789 B 121ms
120ms Image
image/webp 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.lockercodes.io/static/b276b993ade6d8cf25a1af39ddaf104e/07b39/moon.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3002f69913d977aef3334b3e2ba84dc7bb34dcf515119a5dac6cfb7f7132e8ba

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: static/b276b993ade6d8cf25a1af39ddaf104e/07b39/moon.0739bf01da.webp
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KipsGzqwX56K%2BJc8IxJEYTSkx2R3Lz3lxu069tSYmAbr97TWy9HOLXY8S3GPhXNTWjpHLyflDgtuOwS2WIQUrAD3ZYnNNWOVNxI4VYsCT7h8hYBG47Pg%2Bld%2FYjtt5OUq0%2BAM7RY5QiQc94ighBWdpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 89cc9538c8bf37fb-FRA
content-length: 450

GET
H2 200 sun.webp
img.lockercodes.io/static/9e5c5e6fb415818d7584c9b18133ac68/07b39/ 514 B
862 B 113ms
112ms Image
image/webp 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.lockercodes.io/static/9e5c5e6fb415818d7584c9b18133ac68/07b39/sun.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f0086801bfa9a92f59e3cbb5d4eac940683eedcfac7dd7c4a9bcabf61ef86f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: static/9e5c5e6fb415818d7584c9b18133ac68/07b39/sun.99203c4ff7.webp
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RfDB%2FBa2bDgOQuVqGYaKLFP%2BVYJyILMCa5d0HLyzQy7c%2FUnIPnOm4ASvJYtbIkx4H2OyOmttm%2FcqGJQD3458Qds3ItaHU80cUm00B8pNBWbKH580dLTe7wDDnE2EDeFxWj9uJt2Q7OPF0zf6xQX1yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
accept-ranges: bytes
cf-ray: 89cc9538c8c037fb-FRA
content-length: 514

POST
H2 204 rum Show response
img.lockercodes.io/cdn-cgi/ 0
184 B 20ms
20ms XHR
text/plain 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://img.lockercodes.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 02 Jul 2024 06:29:41 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://img.lockercodes.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 89cc9538c8bc37fb-FRA

GET
H2 200 favicon-32x32.png
img.lockercodes.io/ 2 KB
2 KB 122ms
113ms Other
image/png 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/favicon-32x32.png?v=a6f2c126f17d5c458a31065c71ff6c3b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dc06586f68b753dd0fccdbb2d21a672bc1a50d6bf7846216652ea071ba4ea13

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:42 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: favicon-32x32.235c9a633d.png
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XYYak%2BWcQ0LK%2FCUaqX2RPSjYtZRhI5G%2B9XxKuR46Ls8lsyLHf3D6Easb8nYpZLJODlPdKVBZlJQ6aX3qdoQaBMCVAWQtwMa2nL3kU4PrenOj3uT3pSrtbqpCvfiOFEekfG0aEaljeTXLojdQPQqZIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 89cc9538f8ee37fb-FRA
content-length: 2107

GET
H2 200 country Show response
api.btloader.com/ 37 B
153 B 136ms
124ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=6278260873756672
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:42 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 132ms
127ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=7HmiLzADB&w=5200282827882496&o=6278260873756672&cv=2.1.46-1-ge6dd43d&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fimg.lockercodes.io%2F&sid=tIM3YNyx&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6278260873756672&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 02 Jul 2024 06:29:42 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 page-data.json
img.lockercodes.io/page-data/nba-2k23/ 0
454 B 111ms
110ms Other
application/json 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/page-data/nba-2k23/page-data.json
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Origin: https://img.lockercodes.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RREiMjGKw5SbfxhDrmPFqPC5S1y3GIUQqokTzmRhunl5F43tCHjVo%2FV3HTHaaz%2FQ0piIGTdYqNXTt%2B%2Fd54ztqcOFIFUwh3Z0CYDRZlyzcewEptYGlIqq1z5sKDUrSGrjCju6rEIGfiB5wiJCJbOxAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 89cc954a7d4737fb-FRA

GET
H2 200 page-data.json
img.lockercodes.io/page-data/privacy/ 0
478 B 116ms
116ms Other
application/json 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/page-data/privacy/page-data.json
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Origin: https://img.lockercodes.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nE7NGc3b5JhiPm2pk5XtHWCBZt7V1PkMlcpoFRGU0C3fzty1Cde3vQw%2Fn7Pua1%2By9uB6uH2gPl2s3yfpWQm0e10GyS3wrwV4rClKLeDyC6rbDkZlY%2Fp348ai%2B1X2qyjk9CBGD8w2pjS3LZzp%2FZkNAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 89cc954a7d4b37fb-FRA

GET
H2 200 page-data.json
img.lockercodes.io/page-data/nba-2k24-locker-codes/ 0
4 KB 124ms
123ms Other
application/json 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/page-data/nba-2k24-locker-codes/page-data.json
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Origin: https://img.lockercodes.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9iO4wv2M0BQQG11thK4rAh4%2FQMsBxmCFfW8NT4wRuWXRWV%2B%2B1tJAVd7NBye21%2FUDo7tCVmJKT7e44sOIDTf91xvzbDS875malXWxx8OKYqdGg3r2vvNmm9ioLTgSjlli7BRzP6okhb7p1rufTctAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 89cc954a7d4e37fb-FRA

GET
H2 200 page-data.json
img.lockercodes.io/page-data/about/ 0
425 B 122ms
122ms Other
application/json 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/page-data/about/page-data.json
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-764.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Origin: https://img.lockercodes.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fvQLkkf8Jl%2FkN6TH87hshUC72G3qW343gYVwetsIq4MePuDNygWSJoBvy9b6JDyfUnNfXpvjkMQSzBf6jONfSh1tiiCquS5PUG99eV3nxk6egDDs7PCWQsyrvfto9uOErTzV8YBPtGzUq0RV8TZwIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 89cc954a7d4f37fb-FRA

GET
H2 200 page-data.json Show response
img.lockercodes.io/page-data/nba-2k23/ 146 B
0 0ms
0ms XHR
application/json 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/page-data/nba-2k23/page-data.json
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/app-61e157fbb0454a997552.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63b9d095dc754fded8f494f603d3493b5f32a7683e348bd658f1bc51f13ad1c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RREiMjGKw5SbfxhDrmPFqPC5S1y3GIUQqokTzmRhunl5F43tCHjVo%2FV3HTHaaz%2FQ0piIGTdYqNXTt%2B%2Fd54ztqcOFIFUwh3Z0CYDRZlyzcewEptYGlIqq1z5sKDUrSGrjCju6rEIGfiB5wiJCJbOxAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 89cc954a7d4737fb-FRA

GET
H2 200 page-data.json Show response
img.lockercodes.io/page-data/privacy/ 142 B
0 0ms
0ms XHR
application/json 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/page-data/privacy/page-data.json
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/app-61e157fbb0454a997552.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0786c3fff2530d19451de92b5bfa3db765fb44f4d37002b2331a188e0e6687f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nE7NGc3b5JhiPm2pk5XtHWCBZt7V1PkMlcpoFRGU0C3fzty1Cde3vQw%2Fn7Pua1%2By9uB6uH2gPl2s3yfpWQm0e10GyS3wrwV4rClKLeDyC6rbDkZlY%2Fp348ai%2B1X2qyjk9CBGD8w2pjS3LZzp%2FZkNAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 89cc954a7d4b37fb-FRA

GET
H2 200 page-data.json Show response
img.lockercodes.io/page-data/about/ 138 B
0 0ms
0ms XHR
application/json 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/page-data/about/page-data.json
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/app-61e157fbb0454a997552.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d766fbbd3d417c16db9626df403b5a021a35e505f3c24f7b0d5a52bd17f839d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fvQLkkf8Jl%2FkN6TH87hshUC72G3qW343gYVwetsIq4MePuDNygWSJoBvy9b6JDyfUnNfXpvjkMQSzBf6jONfSh1tiiCquS5PUG99eV3nxk6egDDs7PCWQsyrvfto9uOErTzV8YBPtGzUq0RV8TZwIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 89cc954a7d4f37fb-FRA

GET
H2 200 page-data.json Show response
img.lockercodes.io/page-data/nba-2k24-locker-codes/ 13 KB
0 0ms
0ms XHR
application/json 2606:4700:20::681a:903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lockercodes.io/page-data/nba-2k24-locker-codes/page-data.json
Requested by: Host: img.lockercodes.io
URL: https://img.lockercodes.io/app-61e157fbb0454a997552.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:903 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 771382d18995873bb4bc8b7772570b0821b545ba0eb58a2948d9ae533d5fd2bc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://img.lockercodes.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 06:29:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9iO4wv2M0BQQG11thK4rAh4%2FQMsBxmCFfW8NT4wRuWXRWV%2B%2B1tJAVd7NBye21%2FUDo7tCVmJKT7e44sOIDTf91xvzbDS875malXWxx8OKYqdGg3r2vvNmm9ioLTgSjlli7BRzP6okhb7p1rufTctAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 89cc954a7d4e37fb-FRA

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nitropay.com/	1970-01-20 21:45:03	Name: __cf_bm Value: 8uYo_VA2fSD2QU8vUYCXh43lGfEFUALWz15eI9niX2E-1719901780-1.0.1.1-o4freokuekeZkN3qlQVuQ3jpRVodkVoJM0pC7CXBq6.7HfYz0U9TK0JYpW6jaajmZob_hXOw0BgCbXlxdGxKTQ
.lockercodes.io/	1969-12-31 23:59:59	Name: cfzs_google-analytics_v4 Value: %7B%22PqLa_pageviewCounter%22%3A%7B%22v%22%3A%221%22%7D%7D
.lockercodes.io/	1970-01-21 07:21:01	Name: cfz_google-analytics_v4 Value: %7B%22PqLa_engagementDuration%22%3A%7B%22v%22%3A%220%22%2C%22e%22%3A1751437780939%7D%2C%22PqLa_engagementStart%22%3A%7B%22v%22%3A%221719901780939%22%2C%22e%22%3A1751437780939%7D%2C%22PqLa_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1751437780939%7D%2C%22PqLa_ga4sid%22%3A%7B%22v%22%3A%22956295607%22%2C%22e%22%3A1719903580939%7D%2C%22PqLa_session_counter%22%3A%7B%22v%22%3A%221%22%2C%22e%22%3A1751437780939%7D%2C%22PqLa_ga4%22%3A%7B%22v%22%3A%226a7f8e69-e77d-4daf-a096-a45b5ad8daa8%22%2C%22e%22%3A1751437780939%7D%2C%22PqLa__z_ga_audiences%22%3A%7B%22v%22%3A%226a7f8e69-e77d-4daf-a096-a45b5ad8daa8%22%2C%22e%22%3A1751437780939%7D%2C%22PqLa_let%22%3A%7B%22v%22%3A%221719901780939%22%2C%22e%22%3A1751437780939%7D%7D
.lockercodes.io/	1970-01-21 06:30:37	Name: ncmp.domain Value: lockercodes.io
.lockercodes.io/	1970-01-21 06:30:37	Name: cf_clearance Value: G9Ikg1XXk2eEls2EBMGBswiCe8mVpr8jvE6Fj8zsP9M-1719901781-1.0.1.1-oqNIP2kHjY5gTB99UnHgQTfFbx3xkeMkj5vge0OWS_uA2lx4V5PZV9SW3fyV1R5_b.IfrQSbQAcJZV2xkwbHhw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
c.amazon-adsystem.com
config.aps.amazon-adsystem.com
consent.nitrocnct.com
img.lockercodes.io
lockercodesio.imgix.net
rumcdn.geoedge.be
s.nitropay.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tracker.nitropay.com
wrappers.geoedge.be
www.google.com
104.18.3.78
13.224.186.120
130.211.23.194
172.217.18.2
18.245.31.9
188.114.96.3
216.58.206.36
216.58.206.70
2600:9000:2491:3e00:4:b37b:9440:93a1
2600:9000:2761:cc00:2:d490:4d80:93a1
2606:4700:10::ac43:293c
2606:4700:20::681a:246
2606:4700:20::681a:903
2606:4700::6810:4f49
2a00:1450:400c:c00::9b
2a04:4e42:200::720
35.244.144.25
006b6d64d07be11c46ecbbff71b2a1a7ed3d408a26687241849ff1bc0d177015
033ce432d750dea22adc9a6c46276b2a50976eb2b080f61cfb501d41db84a697
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
05dcd8205758d1225a9995744b141300a5de7723ae1a0e05ab98d97527197353
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c0b0a5f015dbecef921a387c2f0f5bf42b440a271c0418279aae7c9ab8ca799
0fa069c77c9cee7d76e7b1cc5eddc18480b493cb8b880fcf17ab6dbc3c3528dd
13bb65446c667a1d99586568a357796050529ef8d9de448e571d2549bb8214e1
1534fa0799d9afa473245e3720479c7b62fb52a2f62c8cb40e7267b9738e4f12
246b13684d96cf8a10ce706b9b63cf9c864e082bad6fb94ae8dea6d657506a50
3002f69913d977aef3334b3e2ba84dc7bb34dcf515119a5dac6cfb7f7132e8ba
33361bf68bdc76d93661566ef309ec2a3fa2515cbde9de1f0799343474e1aa9a
4364432abd341ed8da40a9b4b8dd053d7b65e5ee884ce8ca7feae0209f2de466
4c0de5a4b45f42967a511a3f5c248effe3c8efde7853075d9d13646cd8397075
4dc06586f68b753dd0fccdbb2d21a672bc1a50d6bf7846216652ea071ba4ea13
60893ef76a057ce6603059cf51a17c213d9d13feb2035ad2143086b3f5cda2b2
62f280d6436f72b5e204b7b49ba75daa485010a5c556e97f608a9c899fed6ace
63b9d095dc754fded8f494f603d3493b5f32a7683e348bd658f1bc51f13ad1c3
66aece35b2f03e7e14ffaf8b9a39c96285df8d7e22e71ced3e0db2eea5ef0763
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
6f42998ac4bc6e658f330af2e4b920cc2f1682861a4a6095b34b317928427564
714aec65539ebf789ecde4b321108971efa0e4e0e963574a6a15f35f6b5a9796
771382d18995873bb4bc8b7772570b0821b545ba0eb58a2948d9ae533d5fd2bc
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8bc941602104b2eee04df86d2ef69744431e3597bbaa8599aeee72c8840f9c67
8ecf755db04b6e1966eff06e324baf78521151cb37060e4c9a13679a253c68ae
99429943bd63a607e02c901c102b36ab1967d894fa247f960dc5bf45518bc60c
9a98fbf50e710f2518a1c1e41610bccfd5dae34021b9ad27f709d30bfc95209b
9d766fbbd3d417c16db9626df403b5a021a35e505f3c24f7b0d5a52bd17f839d
9ead1e3af48827110d46210e1ef05450f9b146f698b09bceb0781521e3bdb1a7
9f8424ee72ee7b158ea101ea87777d3e375d7a65d57ba444c0ba8d05c14aa22c
a3be8dc3dc4feb0decd1667a6853eb2ce4250665e1adfe3eec57203f6bf7416a
a3f0086801bfa9a92f59e3cbb5d4eac940683eedcfac7dd7c4a9bcabf61ef86f
b19b89ccbff91cf9dd7b09c7a186607959e6a6665d046831cdde7b4503a1fb0d
bd2ead78cad296168690d755c8811f6853cddfbf4e12e84d447df77689424967
cc3d88b0f7a337265fc6900883d797bab826b8d2548aec39b2d1ad0c060db3fb
ce9a6b4b69df189cf74f3b54657a98661fc60bc581db93087c17fecc369db140
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e0786c3fff2530d19451de92b5bfa3db765fb44f4d37002b2331a188e0e6687f
e32bab08228f4754cfe2d63bd0259bc2f19932ace1891dbbd48e7a3203be0c36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66f0930e17719328fd6cb526823d7c2d5686787a7a6b0a793b47855b1a21247
e6bfdf4ad197b58723d44df5c3dffb2d234b40c7ab183326b48457fa5df99315
ecd04bbadd7de5eccdc26071bb133779c01c7470bad01234e6cdd2addc1c98ef
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

img.lockercodes.io Open in urlscan Pro 2606:4700:20::681a:903 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

47 %IPv6

11 Domains

17 Subdomains

18 IPs

4 Countries

1110 kBTransfer

4582 kBSize

5 Cookies

2 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

img.lockercodes.io Open in urlscan Pro
2606:4700:20::681a:903 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

47 %
IPv6

11
Domains

17
Subdomains

18
IPs

4
Countries

1110 kB
Transfer

4582 kB
Size

5
Cookies

62 HTTP transactions
4 data transactions