t4fvxv.bar Open in urlscan Pro
2606:4700:3034::681c:993  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://5xr3x1.bar/zp/?|=en&x=1 Page URL
2. https://t4fvxv.bar/zp/l.php?l=en&x=1 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response 5xr3x1.bar/zp/	705 B 916 B	69ms 36ms	Document text/html	2606:4700:3032::ac43:bafa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://5xr3x1.bar/zp/?|=en&x=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:bafa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e58a7a328fdacf3c6480702267c5f0b5c928611423c6b1dea816e6ca0de9535 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority 5xr3x1.bar :scheme https :path /zp/?|=en&x=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT content-type text/html;charset=UTF-8 set-cookie __cfduid=df137a1cb070b2be41b76e6ea1c4b96e71607003297; expires=Sat, 02-Jan-21 13:48:17 GMT; path=/; domain=.5xr3x1.bar; HttpOnly; SameSite=Lax vary Accept-Encoding access-control-allow-origin * strict-transport-security max-age=31536000 cf-cache-status DYNAMIC cf-request-id 06ca756f11000005f16f24e000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mUMHo7hU4ctQocf06wM%2BBNgtSHMdUTeTYbaB8sZa17kIEjE4JAeH7dnDD3nvM5VlaolOkG%2BY7khzSt0GRnBtTTXj71NLftf1rQn%2FLok%2FliJkfVv1FWv%2B"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5fbdbe91bc2805f1-FRA content-encoding br
GET H2	200	Primary Request l.php Show response t4fvxv.bar/zp/	30 KB 9 KB	122ms 88ms	Document text/html	2606:4700:3034::681c:993 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t4fvxv.bar/zp/l.php?l=en&x=1 Requested by Host: 5xr3x1.bar URL: https://5xr3x1.bar/zp/?|=en&x=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681c:993 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9aef95e945b22b9a41c8d85ba869d4ab45e7cbcb8b445c0caf70f53f6253ad3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority t4fvxv.bar :scheme https :path /zp/l.php?l=en&x=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://5xr3x1.bar/zp/?|=en&x=1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://5xr3x1.bar/zp/?|=en&x=1 Response headers date Thu, 03 Dec 2020 13:48:17 GMT content-type text/html;charset=UTF-8 set-cookie __cfduid=d15c0f1bb329a9ff7598b35fb96b21ca31607003297; expires=Sat, 02-Jan-21 13:48:17 GMT; path=/; domain=.t4fvxv.bar; HttpOnly; SameSite=Lax vary Accept-Encoding access-control-allow-origin * strict-transport-security max-age=31536000 cf-cache-status DYNAMIC cf-request-id 06ca756f66000018e519a7a000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=97O%2Fe9knwbRYdfsA2udeIEUDpJJu%2BGp2XUG%2FNOL3%2B8ghdX2Wj1BB6klZhQMeVIwj4q8e%2FEsYmoBr1%2FxlDO45F19%2FuSwzxjfRiy1Se1Y%2FGoj%2FfdGC1yKg"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5fbdbe923f9018e5-FRA content-encoding br
GET H2	200	zp.css lb.href.style/zp/	11 KB 3 KB	62ms 24ms	Stylesheet text/css	2606:4700:3036::ac43:b429 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lb.href.style/zp/zp.css?8888112314 Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:b429 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 657f9ff16bfb91df2b41e286a3fdcad6124b2cf8048027699eb5a20aee99ed78 Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 42831 cf-polished origSize=17069 cf-bgj minify cf-request-id 06ca756fe70000c2e53b34d000000001 last-modified Wed, 02 Dec 2020 06:04:14 GMT server cloudflare etag W/"5fc72e5e-42ad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n%2BU%2BRjYCZ4hwJiuFbNVtOnCE%2BYAGyr2T%2BETypMnqRTcOV7rG4TIkSY0KjaSXVLZa68IomLw0dpQuFfHZur7DXy6XVp4abX6hBBg1bKo0WYFv5S%2FLiGNcD%2Fll"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 5fbdbe930f3dc2e5-FRA expires Thu, 03 Dec 2020 13:54:26 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.7.2/	93 KB 33 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:820::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 11:20:12 GMT content-encoding gzip x-content-type-options nosniff age 8885 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33845 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 03 Dec 2021 11:20:12 GMT
GET H2	200	lazyload.js Show response cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/	6 KB 2 KB	20ms 6ms	Script application/javascript	2a04:4e42:3::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/lazyload.js Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 1207338 x-cache HIT cross-origin-resource-policy cross-origin content-length 1652 etag W/"162a-+bHVRc9Mhd3adT/5YJ7eVp2Ssx8" x-served-by cache-fra19122-FRA date Thu, 03 Dec 2020 13:48:17 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	js Show response www.googletagmanager.com/gtag/	132 KB 51 KB	16ms 15ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-VLP9ZRYVD3 Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 35d825b9a14993afb3a1229e6c45589dd12582b117d4271a0f36c24f4eda3f78 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51846 x-xss-protection 0 expires Thu, 03 Dec 2020 13:48:17 GMT
GET H2	200	QxVdIpk.png i.imgur.com/	11 KB 11 KB	114ms 47ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/QxVdIpk.png Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 65ba7a3af22c2d04ba311cf4ca9ebb08402602c3735d9d695988e89c2df29aee Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 3649991 x-cache HIT, HIT content-length 11099 x-served-by cache-bwi5148-BWI, cache-hhn4062-HHN last-modified Thu, 08 Oct 2020 21:09:36 GMT server cat factory 1.0 x-timer S1607003298.882593,VS0,VE0 etag "04e39b1285b9e03ee2c234df9a11d1b4" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 120227
GET H2	200	onWPk80.png i.imgur.com/	4 KB 5 KB	98ms 31ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/onWPk80.png Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 9efe7d99c3e0c64ac6110538e24e2fb4b5ba1060df42ec5ac68347bc237cb9ae Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 3651115 x-cache HIT, HIT content-length 4426 x-served-by cache-bwi5132-BWI, cache-hhn4062-HHN last-modified Thu, 08 Oct 2020 21:09:51 GMT server cat factory 1.0 x-timer S1607003298.882574,VS0,VE0 etag "88ca33535639bc0189d81baf4f5f8f11" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 119795
GET H2	200	srQqDaB.png i.imgur.com/	36 KB 36 KB	121ms 54ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/srQqDaB.png Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 45e67aaf90fc21d90b8a8028cc9fba85263bc189a6dde6b9221720f883bde1d3 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 4861642 x-cache HIT, HIT content-length 36941 x-served-by cache-bwi5127-BWI, cache-hhn4062-HHN last-modified Mon, 05 Oct 2020 13:44:54 GMT server cat factory 1.0 x-timer S1607003298.882869,VS0,VE0 etag "5f88d43a02709b15d8f2a6b36d420ec9" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1390, 120696
GET H2	200	yueEctU.png i.imgur.com/	7 KB 7 KB	98ms 31ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/yueEctU.png Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash d34d6f457782920c55a29892a3b2b784265f3c8c477edcdf4854d89c03f77c26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 4811882 x-cache HIT, HIT content-length 7358 x-served-by cache-bwi5128-BWI, cache-hhn4062-HHN last-modified Thu, 08 Oct 2020 21:10:14 GMT server cat factory 1.0 x-timer S1607003298.882845,VS0,VE0 etag "9272f53af67f64716c4a5f611fe012c2" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 119991
GET H2	200	4iVeLcI.png i.imgur.com/	7 KB 7 KB	117ms 51ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/4iVeLcI.png Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash d34d6f457782920c55a29892a3b2b784265f3c8c477edcdf4854d89c03f77c26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 3651112 x-cache HIT, HIT content-length 7358 x-served-by cache-bwi5142-BWI, cache-hhn4062-HHN last-modified Thu, 08 Oct 2020 21:10:30 GMT server cat factory 1.0 x-timer S1607003298.882845,VS0,VE0 etag "9272f53af67f64716c4a5f611fe012c2" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 120124
GET H2	200	jCpzF7r.png i.imgur.com/	7 KB 7 KB	137ms 70ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/jCpzF7r.png Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash d0dc08e4a208955b42de0c08d4269b49b875ababa485caa2bf9a8fd9c086974d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 1278995 x-cache HIT, HIT content-length 7070 x-served-by cache-bwi5147-BWI, cache-hhn4062-HHN last-modified Thu, 08 Oct 2020 21:10:45 GMT server cat factory 1.0 x-timer S1607003298.882834,VS0,VE0 etag "c1ebdc12ac294d85d550ba80c576286c" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 120096
GET H2	200	eqtMSAx.png i.imgur.com/	7 KB 7 KB	41ms 41ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/eqtMSAx.png Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash d0dc08e4a208955b42de0c08d4269b49b875ababa485caa2bf9a8fd9c086974d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 1293937 x-cache HIT, HIT content-length 7070 x-served-by cache-bwi5138-BWI, cache-hhn4062-HHN last-modified Thu, 08 Oct 2020 21:11:01 GMT server cat factory 1.0 x-timer S1607003298.914846,VS0,VE0 etag "c1ebdc12ac294d85d550ba80c576286c" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 119772
GET H2	200	bnr.php Show response uprimp.com/	372 B 626 B	149ms 49ms	Script application/javascript	185.66.200.220 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL https://uprimp.com/bnr.php?section=General&pub=518855&format=300x50&ga=g Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS Software nginx / Resource Hash ed045807f9482bb6fcaefab894ccf870536a5c8fcbaa6b9a3b0de993aeba68af Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 03 Dec 2020 13:48:17 GMT last-modified Thu, 03 Dec 2020 13:48:17 GMT server nginx content-type application/javascript cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-robots-tag noindex, nofollow, noarchive, nosnippet expires Thu, 03 Dec 2020 13:48:17 GMT
GET H2	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	8 KB 3 KB	32ms 16ms	Script application/javascript	2606:4700::6812:e134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051 Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT content-encoding gzip cf-cache-status HIT server cloudflare age 2028 etag W/"af07e3bccd7885748057bb532c526ac5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=43200 cf-ray 5fbdbe935a872b29-FRA cf-request-id 06ca75701a00002b292601c000000001 expires Fri, 04 Dec 2020 01:48:17 GMT
GET H2	200	bnr_xload.php uprimp.com/ Frame 7BA8	0 0	60ms 60ms	Document text/html	185.66.200.220 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL https://uprimp.com/bnr_xload.php?section=General&pub=518855&format=300x50&ga=g&xt=160700329758936&xtt=9954476 Requested by Host: uprimp.com URL: https://uprimp.com/bnr.php?section=General&pub=518855&format=300x50&ga=g Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS Software nginx / Resource Hash Request headers :method GET :authority uprimp.com :scheme https :path /bnr_xload.php?section=General&pub=518855&format=300x50&ga=g&xt=160700329758936&xtt=9954476 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://t4fvxv.bar/zp/l.php?l=en&x=1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 Response headers server nginx date Thu, 03 Dec 2020 13:48:17 GMT content-type text/html; charset=UTF-8 expires Thu, 03 Dec 2020 13:48:17 GMT last-modified Thu, 03 Dec 2020 13:48:17 GMT cache-control no-store, no-cache, must-revalidate post-check=0, pre-check=0 pragma no-cache x-robots-tag noindex, nofollow, noarchive, nosnippet
GET H2	200	dojo.js Show response ajax.googlescdn.com/aj+f%C2%81p%C2%92%C2%92%C3%ACU%C3%AF%C2%9Fjo/1.13.1/dojo/	0 624 B	72ms 23ms	Script text/html	2606:4700:3035::6812:3918 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ajax.googlescdn.com/aj+f%C2%81p%C2%92%C2%92%C3%ACU%C3%AF%C2%9Fjo/1.13.1/dojo/dojo.js?1607004 Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6812:3918 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 31 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ADkiBK3v%2FRRw9Q6aVjFN326snBxUx8INWly4dSs%2F8xcvxNKJKUKizyq3L0G4vQ%2FmfEnC4Hc0%2FMYWF82Pwi2ZQvfoxabI6xO10V1%2BYoKJa2V9wGVJm8d7sfD3SmbAf5Cg"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 5fbdbe943ebe176e-FRA cf-request-id 06ca7570a60000176e1aa43000000001
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	39 KB 14 KB	1137ms 555ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?20bb72bea340db011fea4bd376043246 Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash c3113eebf60b25a2642ea9c336809d42a5d910c5cc5826f2dda5bf02e93289a9 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 03 Dec 2020 13:48:18 GMT Content-Encoding gzip Server apache Etag 93f7cf09e593d60372ce4542bb41c73d Strict-Transport-Security max-age=172800 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control max-age=0, must-revalidate Content-Type application/javascript Content-Length 14039
POST H2	204	collect www.google-analytics.com/g/	0 69 B	13ms 13ms	Other text/plain	2a00:1450:4001:824::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-VLP9ZRYVD3&gtm=2oeb41&_p=1795602547&sr=1600x1200&ul=en-us&cid=757912303.1607003298&_s=1&dl=https%3A%2F%2Ft4fvxv.bar%2Fzp%2Fl.php%3Fl%3Den%26x%3D1&dr=https%3A%2F%2F5xr3x1.bar%2Fzp%2F%3F%7C%3Den%26x%3D1&dt=%F0%9F%94%A5Big%20Billion%20Days%F0%9F%8D%80&sid=1607003297&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VLP9ZRYVD3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 03 Dec 2020 13:48:17 GMT server Golfe2 content-type text/plain access-control-allow-origin https://t4fvxv.bar cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	k51iYls.jpg i.imgur.com/	10 KB 10 KB	34ms 31ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/k51iYls.jpg Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 3f2c38e4844457a4889509e9caf115fbde22aed99e16a37f00773825a438bca4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 1377579 x-cache HIT, HIT content-length 10063 x-served-by cache-bwi5149-BWI, cache-hhn4062-HHN last-modified Mon, 05 Oct 2020 13:52:50 GMT server cat factory 1.0 x-timer S1607003298.948538,VS0,VE0 etag "548e724cd8252d6ced8ff104f0e926fc" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 119595
GET H2	200	gg3teDe.jpg i.imgur.com/	14 KB 14 KB	33ms 31ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/gg3teDe.jpg Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash c314c9ded65009bbf012ec917e356c9090f18734ff11a0c0f1d8c7bedb589e8f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 1511519 x-cache HIT, HIT content-length 14559 x-served-by cache-bwi5151-BWI, cache-hhn4062-HHN last-modified Mon, 05 Oct 2020 13:53:34 GMT server cat factory 1.0 x-timer S1607003298.948536,VS0,VE0 etag "bbd54540aa28f028266c656711209a08" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 119754
GET H2	200	jXhB4c6.jpg i.imgur.com/	9 KB 9 KB	37ms 35ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/jXhB4c6.jpg Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 5dcf7385228096087f2f9bbe83f358547ababb0c7953fa90556923a9eda52f00 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 1279010 x-cache MISS, HIT content-length 9015 x-served-by cache-bwi5124-BWI, cache-hhn4062-HHN last-modified Mon, 05 Oct 2020 13:54:09 GMT server cat factory 1.0 x-timer S1607003298.948867,VS0,VE0 etag "8403bd67531444d816902747ae97ec29" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 0, 119577
GET H2	200	1H2Gelw.jpg i.imgur.com/	9 KB 10 KB	37ms 35ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/1H2Gelw.jpg Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 12e4190c220a33dd8e35dceb7f9f41b606a18be2799b2534d357ac0c57d5ec32 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 5097207 x-cache HIT, HIT content-length 9578 x-served-by cache-bwi5123-BWI, cache-hhn4062-HHN last-modified Mon, 05 Oct 2020 13:54:50 GMT server cat factory 1.0 x-timer S1607003298.948818,VS0,VE0 etag "c2bd534720bed1a72194b1351cb43ba2" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 2, 119626
GET H2	200	IhePd0v.jpg i.imgur.com/	17 KB 17 KB	39ms 38ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/IhePd0v.jpg Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash d9189296254447b3d055a8d624396c6a2c05df5dc22a28423eb93a6d161f7a4c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 1970644 x-cache HIT, HIT content-length 17280 x-served-by cache-bwi5133-BWI, cache-hhn4062-HHN last-modified Mon, 05 Oct 2020 13:55:57 GMT server cat factory 1.0 x-timer S1607003298.948929,VS0,VE0 etag "a3bd26d7ab55bd2c63b07879f9def803" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 119808
GET H2	200	AAKwzHS.jpg i.imgur.com/	11 KB 11 KB	39ms 37ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/AAKwzHS.jpg Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash c60a754068772d330b2ce02afe54129c3a72c09471d15e223be8e3c5fc41ce42 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 1273334 x-cache MISS, HIT content-length 11015 x-served-by cache-bwi5130-BWI, cache-hhn4062-HHN last-modified Mon, 05 Oct 2020 13:56:27 GMT server cat factory 1.0 x-timer S1607003298.949022,VS0,VE0 etag "8a4d937871a9fe4b8caa30f064c838b5" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 0, 119605
GET H2	200	SMfvBNU.jpg i.imgur.com/	10 KB 10 KB	43ms 42ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/SMfvBNU.jpg Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash ad029c0d7856a48c5c8ba4c7b783055d3d25db886ef58cd3c24b3ffb967578c7 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 1254091 x-cache HIT, HIT content-length 9786 x-served-by cache-bwi5146-BWI, cache-hhn4062-HHN last-modified Mon, 05 Oct 2020 13:57:17 GMT server cat factory 1.0 x-timer S1607003298.949012,VS0,VE0 etag "3e155c97556d208a78ec25d7efa64121" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 119468
GET H2	200	sQZsRZH.jpg i.imgur.com/	9 KB 9 KB	43ms 42ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/sQZsRZH.jpg Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 2ec2570de9af766d00e2f649ed5b1a6e7dcd3a566a911d769a98bbd4c0c70156 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 1278994 x-cache HIT, HIT content-length 9308 x-served-by cache-bwi5150-BWI, cache-hhn4062-HHN last-modified Mon, 05 Oct 2020 13:58:30 GMT server cat factory 1.0 x-timer S1607003298.949011,VS0,VE0 etag "24aadcb98a8f33258a431da6ca1d0ef2" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 119366
GET H2	200	T5yM1yR.jpg i.imgur.com/	15 KB 15 KB	49ms 48ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/T5yM1yR.jpg Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash b9683fb397cdbd5c41c2b5a8cc570bef5a0525a64e92e997b69e13b285d7e806 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 3651111 x-cache HIT, HIT content-length 15604 x-served-by cache-bwi5130-BWI, cache-hhn4062-HHN last-modified Mon, 05 Oct 2020 13:59:07 GMT server cat factory 1.0 x-timer S1607003298.949144,VS0,VE0 etag "826c1f4c50471b9a624aaa00ce4e540c" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 119527
GET H2	200	rWJaWux.jpg i.imgur.com/	10 KB 10 KB	43ms 42ms	Image image/jpeg	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/rWJaWux.jpg Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash c3877f4d82c7e960621c8c21a4ce37f9da762a5e401adcff5cee9d0f3dd171d2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Dec 2020 13:48:17 GMT x-content-type-options nosniff age 3653077 x-cache HIT, HIT content-length 10423 x-served-by cache-bwi5150-BWI, cache-hhn4062-HHN last-modified Mon, 05 Oct 2020 13:59:51 GMT server cat factory 1.0 x-timer S1607003298.949119,VS0,VE0 etag "eff6c3d7960e7449c63b5c00518301f5" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 119382
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	373ms 372ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=276681389&si=20bb72bea340db011fea4bd376043246&su=https%3A%2F%2F5xr3x1.bar%2Fzp%2F%3F%7C%3Den%26x%3D1&v=1.2.80&lv=1&sn=19565&r=0&ww=1600&ct=!!&u=https%3A%2F%2Ft4fvxv.bar%2Fzp%2Fl.php%3Fl%3Den%26x%3D1%231607003298407&tt=%F0%9F%94%A5Big%20Billion%20Days%F0%9F%8D%80 Requested by Host: t4fvxv.bar URL: https://t4fvxv.bar/zp/l.php?l=en&x=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers Referer https://t4fvxv.bar/zp/l.php?l=en&x=1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 03 Dec 2020 13:48:19 GMT X-Content-Type-Options nosniff Server apache Strict-Transport-Security max-age=172800 Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| lazyload function| LazyLoad string| tranDomain string| daoliang_url string| alertTip string| alertTip2 string| alertTip3 string| alertTip4 string| like_str string| shareBtn string| ogDescription string| tipnstr string| share_detail string| returnUrl object| returnUrls string| appName object| google_tag_manager object| dataLayer number| qs function| spinnerAction function| startSpin function| spin2 string| tiaoban object| _0x2636 function| _0x5439 function| _0xf07c14 number| t object| _hmt function| incrementValue1 function| incrementValue_i function| fn1_i function| incrementValue_a function| fn1_a function| tipn function| set_Cookie function| get_Cookie function| getQueryString function| chooseApp function| lasthtml function| dapp function| record string| j string| banner string| theme function| hh1 function| jp function| fh function| gtag object| google_tag_data object| gaGlobal object| OneSignal function| onYouTubeIframeAPIReady boolean| _bdhm_loaded_20bb72bea340db011fea4bd376043246 object| mini_tangram_log_d0q84r

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.t4fvxv.bar/	1969-12-31 23:59:59	Name: Hm_lpvt_20bb72bea340db011fea4bd376043246 Value: 1607003300
			.t4fvxv.bar/	1970-01-19 23:08:59	Name: Hm_lvt_20bb72bea340db011fea4bd376043246 Value: 1607003300
			.t4fvxv.bar/	1970-01-19 15:06:35	Name: __cfduid Value: d15c0f1bb329a9ff7598b35fb96b21ca31607003297
			.t4fvxv.bar/	1970-01-20 07:54:35	Name: _ga_VLP9ZRYVD3 Value: GS1.1.1607003297.1.0.1607003297.0
			.t4fvxv.bar/	1970-01-20 07:54:35	Name: _ga Value: GA1.1.757912303.1607003298
			t4fvxv.bar/	1970-01-19 14:23:23	Name: sp Value: sp
			t4fvxv.bar/	1970-01-19 14:23:23	Name: null Value: null

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5xr3x1.bar
ajax.googleapis.com
ajax.googlescdn.com
cdn.jsdelivr.net
cdn.onesignal.com
hm.baidu.com
i.imgur.com
lb.href.style
t4fvxv.bar
uprimp.com
www.google-analytics.com
www.googletagmanager.com
103.235.46.191
151.101.112.193
185.66.200.220
2606:4700:3032::ac43:bafa
2606:4700:3034::681c:993
2606:4700:3035::6812:3918
2606:4700:3036::ac43:b429
2606:4700::6812:e134
2a00:1450:4001:806::2008
2a00:1450:4001:820::200a
2a00:1450:4001:824::200e
2a04:4e42:3::621
12e4190c220a33dd8e35dceb7f9f41b606a18be2799b2534d357ac0c57d5ec32
2ec2570de9af766d00e2f649ed5b1a6e7dcd3a566a911d769a98bbd4c0c70156
35d825b9a14993afb3a1229e6c45589dd12582b117d4271a0f36c24f4eda3f78
3e58a7a328fdacf3c6480702267c5f0b5c928611423c6b1dea816e6ca0de9535
3f2c38e4844457a4889509e9caf115fbde22aed99e16a37f00773825a438bca4
45e67aaf90fc21d90b8a8028cc9fba85263bc189a6dde6b9221720f883bde1d3
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
5dcf7385228096087f2f9bbe83f358547ababb0c7953fa90556923a9eda52f00
657f9ff16bfb91df2b41e286a3fdcad6124b2cf8048027699eb5a20aee99ed78
65ba7a3af22c2d04ba311cf4ca9ebb08402602c3735d9d695988e89c2df29aee
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
9efe7d99c3e0c64ac6110538e24e2fb4b5ba1060df42ec5ac68347bc237cb9ae
ad029c0d7856a48c5c8ba4c7b783055d3d25db886ef58cd3c24b3ffb967578c7
b9683fb397cdbd5c41c2b5a8cc570bef5a0525a64e92e997b69e13b285d7e806
c3113eebf60b25a2642ea9c336809d42a5d910c5cc5826f2dda5bf02e93289a9
c314c9ded65009bbf012ec917e356c9090f18734ff11a0c0f1d8c7bedb589e8f
c3877f4d82c7e960621c8c21a4ce37f9da762a5e401adcff5cee9d0f3dd171d2
c60a754068772d330b2ce02afe54129c3a72c09471d15e223be8e3c5fc41ce42
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0dc08e4a208955b42de0c08d4269b49b875ababa485caa2bf9a8fd9c086974d
d34d6f457782920c55a29892a3b2b784265f3c8c477edcdf4854d89c03f77c26
d9189296254447b3d055a8d624396c6a2c05df5dc22a28423eb93a6d161f7a4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed045807f9482bb6fcaefab894ccf870536a5c8fcbaa6b9a3b0de993aeba68af
f9aef95e945b22b9a41c8d85ba869d4ab45e7cbcb8b445c0caf70f53f6253ad3
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051