urlscan.io logo urlscan.io
SecurityTrails logo

ci5zjlh.com Open in urlscan Pro
2606:4700::6812:ec2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dw26o.cc/
Effective URL: https://ci5zjlh.com/download?&from=dw26o.cc
Submission: On November 11 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 52 HTTP transactions. The main IP is 2606:4700::6812:ec2, located in United States and belongs to CLOUDFLARENET, US. The main domain is ci5zjlh.com.
TLS certificate: Issued by WE1 on November 3rd 2024. Valid for: 3 months.
This is the only time ci5zjlh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700::68... 13335 (CLOUDFLAR...)
27 104.18.15.194 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
6 104.18.27.31 13335 (CLOUDFLAR...)
52 7
8    2606:4700::6812:fc2 (United States)

ASN13335 (CLOUDFLARENET, US)
dw26o.cc
27    104.18.15.194 (None, )

ASN13335 (CLOUDFLARENET, US)
dw26o.cc
ci5zjlh.com
7    2606:4700::6812:ec2 (United States)

ASN13335 (CLOUDFLARENET, US)
ci5zjlh.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6812:5e29 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
6    104.18.27.31 (None, )

ASN13335 (CLOUDFLARENET, US)
api.n-t-v-w.com
Apex Domain
Subdomains		 Transfer
23 ci5zjlh.com
ci5zjlh.com
907 KB
19 dw26o.cc
dw26o.cc
264 KB
6 n-t-v-w.com
api.n-t-v-w.com
1 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
challenges.cloudflare.com — Cisco Umbrella Rank: 3443
98 KB
52 4
Domain Requested by
23 ci5zjlh.com dw26o.cc
ci5zjlh.com
19 dw26o.cc dw26o.cc
6 api.n-t-v-w.com ci5zjlh.com
2 challenges.cloudflare.com 1 redirects ci5zjlh.com
2 cdnjs.cloudflare.com ci5zjlh.com
cdnjs.cloudflare.com
52 5

This site contains no links.

Subject Issuer Validity Valid
dw26o.cc
WE1		 2024-11-09 -
2025-02-07		 3 months crt.sh
ci5zjlh.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
n-t-v-w.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ci5zjlh.com/download?&from=dw26o.cc
Frame ID: 5D0792364D39E4F786525B61BD09E475
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://dw26o.cc/ Page URL
  2. https://ci5zjlh.com/download?&from=dw26o.cc Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

52
Requests

96 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

7
IPs

2
Countries

1270 kB
Transfer

4576 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dw26o.cc/ Page URL
  2. https://ci5zjlh.com/download?&from=dw26o.cc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
dw26o.cc/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Nuxt
Resource Hash
940424bf0b79c8e250390bb0c50222e822b1e8c81683d8eddbca2b5984312d8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8e0a6d4eb8f37144-YUL
content-encoding
br
content-type
text/html;charset=utf-8
date
Mon, 11 Nov 2024 01:14:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pkMKMvud0FWBneySn%2B1uGDcyNayLPnF7BbmX17ubs6%2FYMrVMefzAtEnWy3ZNi0PZrTNRP7K6eGQJ7SPMNsKLv8SGVo0OCaXX3%2FANETA3r80WVwKNXnw8nQHSWFHshhi0TivVsigF2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=20740&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4006&recv_bytes=2337&delivery_rate=208543&cwnd=254&unsent_bytes=0&cid=0ecbf9ec86641231&ts=870&x=0"
vary
Accept-Encoding
x-powered-by
Nuxt
Cu0HX_AA.js
dw26o.cc/_nuxt/ 		96 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/Cu0HX_AA.js
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c318e6914f231dbdbc65dfadbce972eb471d1a6f1b6235750b88984ddcfdad0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"d4c4f32e8934c0d86765ba10d777675a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lUiUu0p8CPCsc3Fu8FsR3lYZ4Z%2F%2Bkx%2BH33awL50O6R1zDSkESZ8tZtNSuGAR95wGHIAzNCjyjsjUpU0%2B320xk5JQO29e28Nlkv15jVDTlhv4ATRMFDs0rrWmF9be%2FumlqVzz%2FnUiqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d53ae3c7144-YUL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=19872&sent=16&recv=23&lost=0&retrans=0&sent_bytes=6860&recv_bytes=2999&delivery_rate=356965&cwnd=257&unsent_bytes=0&cid=0ecbf9ec86641231&ts=1001&x=0"
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
YEsMPfrR-legacy.js
dw26o.cc/_nuxt/ 		89 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/YEsMPfrR-legacy.js
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06190daf3e538daeef217f28691ae6eddccf709cc513e43d8eff1013f0a18862
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"43743563a28103bcae897aac89c4dc0b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xWAUGN6ZoII8HYp5oA9HTIMJM01HM2zVu1mjxc55FZFYk%2FA2mBCl2HdFZ%2B0wHk3bUxH9%2FkTFFkA2RcF2m45kvc4wWz%2Bn9bsQb%2FXwVtdnnAtsTPJxoL9Ig5UOFmIcNhtd3pY3syU0bA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d53ae407144-YUL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=19872&sent=83&recv=23&lost=0&retrans=0&sent_bytes=66170&recv_bytes=2999&delivery_rate=356965&cwnd=257&unsent_bytes=26137&cid=0ecbf9ec86641231&ts=1012&x=0"
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
BpHzTSm_-legacy.js
dw26o.cc/_nuxt/ 		154 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/BpHzTSm_-legacy.js
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c196f801ba1d18837279526b9f118930f94e8d8c2d54aa22321c92c9495d85a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"cd86f65c2a8137dd2269402bdd8e7a7d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nlh%2Frg1kwHd2U3lEmqO3PZT638ZDFDvu%2B4lcaPgrZgFCwC7alXtSqLGq5AZi5fefOZDTGzkNR%2FlaFL9MThXnZOj2p%2BtbwEncQlH9MfKCJq66K073qWX3GO1YckYQ0EscAxtUxY1R1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d53ae447144-YUL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=19872&sent=82&recv=23&lost=0&retrans=0&sent_bytes=65701&recv_bytes=2999&delivery_rate=356965&cwnd=257&unsent_bytes=0&cid=0ecbf9ec86641231&ts=1011&x=0"
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
aICu0AXk.js
dw26o.cc/_nuxt/ 		158 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/aICu0AXk.js
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed4f6dad41ae25e9ed007f23a32449ec63008235363e5cad680768a4e99b12ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"0efb6bcd72325523035fd3c025350f4d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ye3hQP29QkHMAi%2FbK252Vxitsq6vja5MfRqm07kCGxo%2BdUR%2BB65tlB2lgL6VVK4WbffEA408AbbbCnp6PHzjymQDLwF5UouXLGSBNAyXCDcsRrqx9Faln35QJXwVwD4WDk6zBBCyPw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d53ae457144-YUL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=19660&sent=87&recv=24&lost=0&retrans=0&sent_bytes=70988&recv_bytes=2999&delivery_rate=356965&cwnd=257&unsent_bytes=32425&cid=0ecbf9ec86641231&ts=1019&x=0"
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
GGfah0dn.js
dw26o.cc/_nuxt/ 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/GGfah0dn.js
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a18be61e193719c44ea1d26f8173df15d630a3e581b5b97231590283f06b55
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"32a4be07fb364257203ad81af7542c3c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWx8RgC4QdQnGsxEckpK4DIbO9OylEBj9Ar02Ho9xRmLs%2BQX6ngKJWwgXaQTvD4Qs89OPPQixZptcywmOjPM5ceuzddti%2FDKTBu%2FyOxkGMLbqkxdsh3TZB72UaalNUOSKA0QmpjPCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d53ae467144-YUL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=19872&sent=68&recv=23&lost=0&retrans=0&sent_bytes=54880&recv_bytes=2999&delivery_rate=356965&cwnd=257&unsent_bytes=0&cid=0ecbf9ec86641231&ts=1010&x=0"
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
CMQg-MuX.js
dw26o.cc/_nuxt/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/CMQg-MuX.js
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7c8e0a60afd5191f348e1de02c091cd885b076875b581a8a6a8bf86b8726f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"965c5a65ddd194e1510fd4c3894b9813"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mnsEnOAhSSARqX3Y5jAQPy9GTzmf%2FMjIQZHmWiZF4ee0yU%2BSOuH0cVWHnsM9ZqIVVyUrIAHEO1AdKEC6hH8R1JZwCwHsbyOZgildMWpvRkPluds%2BcS4wP%2FDllc3WEZCcI0%2BSmULQjg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d53be497144-YUL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=19872&sent=61&recv=23&lost=0&retrans=0&sent_bytes=48660&recv_bytes=2999&delivery_rate=356965&cwnd=257&unsent_bytes=0&cid=0ecbf9ec86641231&ts=1009&x=0"
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
Cj862xVT.js
dw26o.cc/_nuxt/ 		384 B
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/Cj862xVT.js
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15842fe1091a48fce474adc7a25380c2bd5326a9d5a5f5c789f8e9bcc023b947
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"46e0ad9d11e5e50d3c8c373d295a84b3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFSaBjvfv9du7WE%2FAHxISCuGal94Ox%2Bst9wREC1QIGWPcC5mTdPuLtoyPzhimmkru2FA5rw74O2XZVh04h6S66M5UH0yHtKAFlv8ffphEdzyRvMu7GZOga%2Fpgpb6Sty1Px2iKPCggA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d53be4b7144-YUL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=19872&sent=79&recv=23&lost=0&retrans=0&sent_bytes=64901&recv_bytes=2999&delivery_rate=356965&cwnd=257&unsent_bytes=0&cid=0ecbf9ec86641231&ts=1011&x=0"
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
B_Wqv3ta-legacy.js
dw26o.cc/_nuxt/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/B_Wqv3ta-legacy.js
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

content-encoding
br
etag
W/"110f248784c37700e96ac00c0a38f299"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yktrq%2Fj0PjKVu5gTVhX2KkX3%2BeNR0o5V%2BFD8Vy4fUvQg%2FD9R6WTFZ94uwfw6D3t0%2Bkd9zItxyjhI6MffYhyUirgkw7%2Bu3h42Phd8dRNQKj0u4sKt1dixOO8qzg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25897&sent=14&recv=13&lost=0&retrans=0&sent_bytes=4316&recv_bytes=6319&delivery_rate=523&cwnd=12000&unsent_bytes=0&cid=6104e545a3662767&ts=317&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d557e1136cf-YYZ
access-control-allow-origin
*
server
cloudflare
BFfI4Gjz-legacy.js
dw26o.cc/_nuxt/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/BFfI4Gjz-legacy.js
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

content-encoding
br
etag
W/"61fe9c0e130d333d955077fc9541d8b3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ZKU0wKUOenYmXejV6BkGJwoQ1fXLBTmg0jimsUrddVxQrttPb85ZKg2BiVvd3cWfy3ty687w8LfP3%2BzRYvw1a0mnX8RtpOSbssq7lg%2BM745LiX2uJ6f9TuAsw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25897&sent=41&recv=26&lost=0&retrans=0&sent_bytes=30739&recv_bytes=9885&delivery_rate=236416&cwnd=14400&unsent_bytes=0&cid=6104e545a3662767&ts=357&x=1", cfExtPri, cfHdrFlush;dur=23
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d55be6036cf-YYZ
access-control-allow-origin
*
server
cloudflare
6igjDNGO-legacy.js
dw26o.cc/_nuxt/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/6igjDNGO-legacy.js
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

content-encoding
br
etag
W/"fec42302af708ae628c1e1aeb479b787"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuXznMzoRP1Lyadn3CPDOncqQTyG0WCXn6dDgg%2F85dsTXC0LNxpRYkS8AuQXmB2WAtzw16Cq5%2BZ%2FavQ0udqhyoztGeoSwbzmFfB5rmQaW%2B2ZO3dHbnITZJhC2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25897&sent=41&recv=26&lost=0&retrans=0&sent_bytes=30739&recv_bytes=9885&delivery_rate=236416&cwnd=14400&unsent_bytes=0&cid=6104e545a3662767&ts=359&x=1", cfExtPri, cfHdrFlush;dur=21
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d55be6236cf-YYZ
access-control-allow-origin
*
server
cloudflare
BzIRJCKp-legacy.js
dw26o.cc/_nuxt/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/BzIRJCKp-legacy.js
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

content-encoding
br
etag
W/"c70010cb0e49cb95d12da89b4dbe8d67"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2FCQwGhy2ZSayOU%2B8UjsgN79xQrENLs03B5fTBN%2F6GHR6JDw3ihNd7jBt3TZRv%2FsP9JB3iSxGFbi9K6APCaak4Qp1AblmojrwGH4%2FIKFq%2Fr0%2BmsexNcHKeBaoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25897&sent=33&recv=26&lost=0&retrans=0&sent_bytes=22000&recv_bytes=9885&delivery_rate=236416&cwnd=14400&unsent_bytes=0&cid=6104e545a3662767&ts=356&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d55be6336cf-YYZ
access-control-allow-origin
*
server
cloudflare
DUbMBqg6-legacy.js
dw26o.cc/_nuxt/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/DUbMBqg6-legacy.js
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

content-encoding
br
etag
W/"d1851cc0d47d606bad6c18deb36f024c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WASeYMpZUUpjRrqS0h57DfQQo%2BQ0RbO4%2FpNQ3xkMuBJYxeWXxNPPtWuXqNE8uAr5rXcWZi69Qv8CbzdiWFxi9rM2o44AnKGY11hU4Sj00POKw4acF6pQxN21jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25897&sent=41&recv=26&lost=0&retrans=0&sent_bytes=30739&recv_bytes=9885&delivery_rate=236416&cwnd=14400&unsent_bytes=0&cid=6104e545a3662767&ts=356&x=1", cfExtPri, cfHdrFlush;dur=24
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d55be6436cf-YYZ
access-control-allow-origin
*
server
cloudflare
uso_ElAT-legacy.js
dw26o.cc/_nuxt/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/uso_ElAT-legacy.js
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

content-encoding
br
etag
W/"f9e91ff589e6ad8973be05fec6f6b176"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H7Ce%2FYRZEx3siVtA8buiN7YalHGRysl3czaJmqS1qTjPuLHi3ng4JhzbRkEK%2B3f0KMAVwdjBhsgXdV63WTlPboeCxuI5O0zDZ2pk9PkqM7EZ7jiXPxviDgIAOA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25897&sent=30&recv=26&lost=0&retrans=0&sent_bytes=18909&recv_bytes=9885&delivery_rate=236416&cwnd=14400&unsent_bytes=0&cid=6104e545a3662767&ts=355&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d55be6536cf-YYZ
access-control-allow-origin
*
server
cloudflare
7G5qPtoe.js
dw26o.cc/_nuxt/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/7G5qPtoe.js
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

content-encoding
br
etag
W/"0f129817c56731f9a45918be3c39a144"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AvIUSKihWjhVo1E3spLZ%2FGLXarJA480sukiOFY5DhRDfO%2B9CVLqXmUHQn5bmj8UQl%2BFcoHWT4PKfLj8s9nGB1%2B9%2BRiIbzPkkSeqQVa4s5yfhBstvCn%2Bige99GA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25897&sent=41&recv=26&lost=0&retrans=0&sent_bytes=30739&recv_bytes=9885&delivery_rate=236416&cwnd=14400&unsent_bytes=0&cid=6104e545a3662767&ts=362&x=1", cfExtPri, cfHdrFlush;dur=18
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d55be6736cf-YYZ
access-control-allow-origin
*
server
cloudflare
DBwpRuPD.js
dw26o.cc/_nuxt/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/DBwpRuPD.js
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

content-encoding
br
etag
W/"915da2f3d273ce4410ca512c13eb3c1d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SKnUZLuLB8F%2BxG1tnJ5%2Bw4oa6F%2BN9Ppe3%2F46wAAg50U%2Fn4S08sB6CWHX4d%2FFsY2zPGNOKdD%2FwQ1I2qn5WApSRNfM%2B4fRTkGyArqhb9j0NpiqUFAWp533NoBr6w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25897&sent=27&recv=26&lost=0&retrans=0&sent_bytes=16433&recv_bytes=9885&delivery_rate=236416&cwnd=14400&unsent_bytes=0&cid=6104e545a3662767&ts=355&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d55be6836cf-YYZ
access-control-allow-origin
*
server
cloudflare
index.DokOj3jQ.css
dw26o.cc/_nuxt/ 		494 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/index.DokOj3jQ.css
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/_nuxt/aICu0AXk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a3f23956c2a665cf8f8bf36d7b7dea28d04e3ceed26cdf8a3db8e56f8fb3ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dw26o.cc
Referer
https://dw26o.cc/

Response headers

content-encoding
br
etag
W/"92471d573f769267c7bbed4a3016bb5e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=55ZJiSmiws%2BnZY%2FpXuWtnGgPJ%2BbwxP2329nSKninGrV17sxDS92tilBu%2BEd%2B1%2FdfY2cl5%2F62P2ZToPSgoPzHWxS78YNEqZJiN%2B%2Br6E05X7qLLrnVAeffewVWxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25897&sent=24&recv=13&lost=0&retrans=0&sent_bytes=15207&recv_bytes=6319&delivery_rate=523&cwnd=12000&unsent_bytes=0&cid=6104e545a3662767&ts=318&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d558e2436cf-YYZ
access-control-allow-origin
*
server
cloudflare
d3ec52eb-952b-4a60-88b8-faf365e41df5.json
dw26o.cc/_nuxt/builds/meta/ 		139 B
845 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/_nuxt/builds/meta/d3ec52eb-952b-4a60-88b8-faf365e41df5.json
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/_nuxt/aICu0AXk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dw26o.cc/

Response headers

content-encoding
br
etag
W/"4e57ec6d4afbf1b252abd9706dfffb79"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eTwQP1Th35%2BEbMhMUL%2FkPjPA%2FU6P%2F9KOmkO49mODlphw%2BzlRAPuIcnPkUkUyu8aNuzUeMxxChVpDkuLVK1EHMQBtqND%2Fbw95oJ%2BgVTpVNIxtxjhMrpUVvLiQ%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27374&sent=70&recv=55&lost=0&retrans=0&sent_bytes=55156&recv_bytes=11963&delivery_rate=668341&cwnd=26400&unsent_bytes=0&cid=6104e545a3662767&ts=410&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=31536000, immutable, public, max-age=1, immutable, public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d561ebb36cf-YYZ
access-control-allow-origin
*
server
cloudflare
favicon.ico
dw26o.cc/ 		4 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dw26o.cc/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dw26o.cc/

Response headers

content-encoding
br
etag
W/"eb0ac4ca53d79290163968630addb1d5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2NkQG3fewvp32tuJsjfsJbnstZ8wAGJ0%2FNzkChtr%2FGU395KFE86jCe7F%2FBoqFmsjwZvouRsWvIwwqba9cEIhNkcRrdQzCH3S3XIdxmWVsfraFvCesQybLgj2Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27374&sent=71&recv=55&lost=0&retrans=0&sent_bytes=56024&recv_bytes=11963&delivery_rate=668341&cwnd=26400&unsent_bytes=0&cid=6104e545a3662767&ts=417&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:43 GMT
content-type
image/vnd.microsoft.icon
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0a6d562ecf36cf-YYZ
access-control-allow-origin
*
server
cloudflare
Primary Request download
ci5zjlh.com/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/download?&from=dw26o.cc
Requested by
Host: dw26o.cc
URL: https://dw26o.cc/_nuxt/aICu0AXk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4bcd6b26b827ce2852a33133d04d849c46ca23a85df046bb5a172f12f24c8b1

Request headers

Referer
https://dw26o.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-ray
8e0a6d5b5c2ea304-YUL
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 11 Nov 2024 01:14:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pukiRG%2B%2B7KYMQDkUNZwHpZM2HdbKREdcSMX%2Bfu0sjv07kfNHt2WNOPAqSgjnYUKB2t%2BVY97BVnaGJ0upxNG2ehqPrWUBDR69aHgeI5JyGoM7ppofRs247Wt4%2BEbe8GXl3Lpu90ilCnxS8A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=23170&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4050&recv_bytes=2333&delivery_rate=213873&cwnd=254&unsent_bytes=0&cid=5dd2dbe0f98ab7bf&ts=175&x=0"
vary
Accept-Encoding
x-from
R2
x-r2-path
v39/index.html
x-version
v39
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=dw26o.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-7918"
age
280848
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j66kpIfB5NnwbiBlobjtoo1PbbXdRj2OwXSEl5gbO3qt2tyYPaWBCGRzgAx7QGN5SfnyLvbryC87WFUdGF5XDCl2RKwmwKmovelzIdnWPyT5uBTk%2FdBXcc82LPiyli2LLkWUtFMa"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 01 Nov 2025 01:14:44 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 01:14:44 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e0a6d5cb8be5485-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5631
server
cloudflare
mini.js
ci5zjlh.com/ 		466 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/mini.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=dw26o.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4c26210c0347a902e40b557af13bc633a8950292b1e787fb3dbf2c025b2874e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=dw26o.cc

Response headers

x-version
v39
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j8EtzRXJ%2B5e0pswPfyUuNRNl2Zo4tcC9jeXyM90V%2BqDjRjIXORagvBaTVxf8XRbm44vQzot2r6gLymXHwYx3BOSxR4fECigBhuS1Vs4TW53etk5%2FLzpQ7v5uL89Hk8yanCibrhTOLDZ3vg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d5c6da0a304-YUL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=18663&sent=140&recv=82&lost=0&retrans=0&sent_bytes=125894&recv_bytes=2969&delivery_rate=3075417&cwnd=257&unsent_bytes=9691&cid=5dd2dbe0f98ab7bf&ts=316&x=0"
date
Mon, 11 Nov 2024 01:14:44 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v39/mini.js
server
cloudflare
api.js
challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js
47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=dw26o.cc
Protocol
H2
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7595c3d2e94df7416308fa2ccf5ae8832137c76d2e9a8b02e6ed2cb2d92e2f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8e0a6d6078c1a2a3-YUL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 01:14:45 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 28 Oct 2024 19:08:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location
/turnstile/v0/b/22755d9a86c9/api.js
cross-origin-resource-policy
cross-origin
cf-ray
8e0a6d60386ba2a3-YUL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 11 Nov 2024 01:14:45 GMT
vary
Accept-Encoding
server
cloudflare
adAnalytics.js
ci5zjlh.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/adAnalytics.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=dw26o.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f99592f1e1d933dd836158720ba5a971eac815767df96e234ae2303580d00b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=dw26o.cc

Response headers

x-version
v39
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1P8DRy1a%2Bb68wwBbQo7%2FqoFT3reJcSW%2F4ja1V7b4GJ8fRjoAtjP6LJR7vag6Sn0c%2Bt0L3IOVNh4wtBrNO5MC7SP%2FWrtz%2F55my6nQEPFhV8fjCv037SMrTnGN34az2VjC9sPDVebBrLsslQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d5c6d9ba304-YUL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=20385&sent=72&recv=24&lost=0&retrans=0&sent_bytes=55475&recv_bytes=2969&delivery_rate=283528&cwnd=257&unsent_bytes=0&cid=5dd2dbe0f98ab7bf&ts=291&x=0"
date
Mon, 11 Nov 2024 01:14:44 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v39/adAnalytics.js
server
cloudflare
reload.css
ci5zjlh.com/appReload/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/appReload/reload.css
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=dw26o.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
920cbdf782168b5a13073f919eb275f19884dac5599531b66389575717203046

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=dw26o.cc

Response headers

x-version
v39
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FwNj27eEd%2BbAu%2F%2FuBGmtAt7DqTDKWgE3M5sa8X1RIGXfZwQkeOTS3VaWhNwvhhSrfYTV%2B%2FJOwcsEhYjoQ%2BStRZ07vy9Dc8kfeL75NVRh5loxm9OBs5ut5IeJh7hKdfjX3rqa6PhkT%2FicKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d5c6d95a304-YUL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=20385&sent=78&recv=24&lost=0&retrans=0&sent_bytes=58443&recv_bytes=2969&delivery_rate=283528&cwnd=257&unsent_bytes=0&cid=5dd2dbe0f98ab7bf&ts=293&x=0"
date
Mon, 11 Nov 2024 01:14:44 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-r2-path
v39/appReload/reload.css
server
cloudflare
index-BNtNQx7r.js
ci5zjlh.com/assets/ 		2 MB
645 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/index-BNtNQx7r.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=dw26o.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a7e812ba99384c164477897c55e5e4dbe4f17ff534d8008da371edfde297883

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/download?&from=dw26o.cc

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I2rP8%2Bxvl9G4lT2JRSGb7UTbxgTJ%2B2UmF1hKvxB5LlX4GmSrm3tABtC5KeHCvzVysm8mUNLa712nw7PtcF10%2FWRwRUKOQGiM%2FfZ8GUkYlBI6ucfyCtS8IXCZGskSGlElQOPsnUSvMY%2B9%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d5c6d9fa304-YUL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=20385&sent=83&recv=24&lost=0&retrans=0&sent_bytes=60026&recv_bytes=2969&delivery_rate=283528&cwnd=257&unsent_bytes=0&cid=5dd2dbe0f98ab7bf&ts=295&x=0"
date
Mon, 11 Nov 2024 01:14:44 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-BNtNQx7r.js
server
cloudflare
index-9O30LjkW.css
ci5zjlh.com/assets/ 		316 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/index-9O30LjkW.css
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=dw26o.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af731f7d19c6ace6b642f99c00ec8f1c88b6b0401c407d4788d506bdd2ddce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/download?&from=dw26o.cc

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1kVaZ2TcjlyAQgg7p7%2F%2FVJaHj4TXsqUFvUY%2B7Uv0PoX1cthhvZrYzdX4yKyehAPMlCcvLteCRrWZQFHDThX4pWdLNvrUkZ8GoOJ7lLV9xazn44cMnz2cKtuyMORS4vngFIN8PEEroUTZ7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d5c6d99a304-YUL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=20385&sent=16&recv=24&lost=0&retrans=0&sent_bytes=7320&recv_bytes=2969&delivery_rate=283528&cwnd=257&unsent_bytes=0&cid=5dd2dbe0f98ab7bf&ts=283&x=0"
date
Mon, 11 Nov 2024 01:14:44 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-9O30LjkW.css
server
cloudflare
version-polling.min.js
ci5zjlh.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/version-polling.min.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=dw26o.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9faf673113292d24752db2af256ce2cf2de78bb2c65498675ca7898f7c077b35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=dw26o.cc

Response headers

x-version
v39
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fioodma9PgXYS01229QRVIjYESBD%2FWzGUBQfy70VcxNYhEc3Huu8TIH04XYhR0phhsQi4VT75YYlsVMlm0gulkhOgvsbRPldeoPbHkgbvPDLcxyD8OYpefiwvWh97jXZgFtO6QfbTl9Ujw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d5cbe03a304-YUL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=18636&sent=254&recv=115&lost=0&retrans=0&sent_bytes=269893&recv_bytes=2969&delivery_rate=5304269&cwnd=301&unsent_bytes=64850&cid=5dd2dbe0f98ab7bf&ts=332&x=0"
date
Mon, 11 Nov 2024 01:14:44 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v39/version-polling.min.js
server
cloudflare
index.js
ci5zjlh.com/appReload/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/appReload/index.js?v=20241103
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=dw26o.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b2529c653f216397e16fe2519f773a1fe204db22cbbbda5b410e6a9d0047527

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=dw26o.cc

Response headers

x-version
v39
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B2Mx4RqGNqWrfhqwc8Psa%2Fa%2FOQagkXfvlZwbSf7gFf0fpnyZ5BhZIP45%2FHAGZW0XwPdmLIqxhONMXRdbRtj1WbzyT77jS4dFYaiWOsaGyMi61BEMLgkJ441KFFB%2BJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d5d2d3b39fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27941&sent=23&recv=11&lost=0&retrans=0&sent_bytes=16264&recv_bytes=5326&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=bc426e8405089764&ts=208&x=1", cfHdrFlush;dur=32
date
Mon, 11 Nov 2024 01:14:44 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v39/appReload/index.js
server
cloudflare
webPushSdk.produce.min.2.1.6.js
ci5zjlh.com/ 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/webPushSdk.produce.min.2.1.6.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=dw26o.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ee4947bae28f87f22e0f400ac7ae540d0162c4102402eaafe7d3aa6a3420c7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=dw26o.cc

Response headers

x-version
v39
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Dr5EkPHhhgYUp149D9lIQxKTK1nLJMKi7VhMZo6ramB7B2q25WVfWBn2sj%2FheU5tAd98gh0oNHZL5v1BhBnkp3vUAjzQ7H2%2FmaHMCisrpdDZAH0XGDYNA5ZuyCBcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d5d2d4239fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27941&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4264&recv_bytes=5326&delivery_rate=602&cwnd=12000&unsent_bytes=0&cid=bc426e8405089764&ts=206&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:44 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v39/webPushSdk.produce.min.2.1.6.js
server
cloudflare
version.js
ci5zjlh.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/version.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/version-polling.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=dw26o.cc

Response headers

x-version
v39
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"7283b8ef06d8e6491f20c0a56e971163"
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o9zUivPDf5NG8E9b8r3CT3uqzkBK8f0M2OkyoMmFiXFydJnkM5tXm3BRH6T6NkOyHE8yZNWKoizR6WfNBKJ3zwCveo%2BbZO4YZAAhf7KpBqo3SmmGc8IO8UvN%2BYQuHA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d5dae1e39fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35175&sent=37&recv=26&lost=0&retrans=0&sent_bytes=32045&recv_bytes=5977&delivery_rate=449951&cwnd=24000&unsent_bytes=0&cid=bc426e8405089764&ts=287&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:44 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v39/version.js
server
cloudflare
c3865209-fa87-4586-8ef2-df6948fa0457
https://ci5zjlh.com/ 		0
0
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"5eb03e5f-12d68"
age
278431
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aNP4RpDcXhTiTOt%2FOc%2B2gwr2KzQBlHnZ9GibHkt0PGJqig4s90Z4N%2FwxiqGbUlPWKpjgV8ZyVoX%2BMGXpdgrmh5VYgDTRRvDh3U38TMFpYZDoc6JwMuKfn6C1eV4P5fjnIy3qOP7T"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 01 Nov 2025 01:14:45 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 01:14:45 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e0a6d61af06ac9c-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
server
cloudflare
index-Blkpk3gM.js
ci5zjlh.com/assets/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/index-Blkpk3gM.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cbc3b5f3bb11a18f521f05a60ee3976a356f02ae8845190675114ab0de6750a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NtEL8GdiuUibcUZ41QCmAQg68gJaIHzF3AG27gUnA6%2B20frNvEuesv4hIaW%2FMla0NiTis7M6KMYXaSNNqZtIKV5gJxHfTPg19cHQuc4C9rl0aTQXtNBaALD7%2FnXvzg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d61ca5939fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34445&sent=41&recv=33&lost=0&retrans=0&sent_bytes=33664&recv_bytes=8241&delivery_rate=5625&cwnd=24000&unsent_bytes=0&cid=bc426e8405089764&ts=929&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:45 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-Blkpk3gM.js
server
cloudflare
InstallModal-B0TtiAaF.js
ci5zjlh.com/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/InstallModal-B0TtiAaF.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66d40e7ccc24f6a2c2e19d72c05135c86333cd8667324b594a652eba68c40fd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z4KD%2B%2FyEe9620jJ9ksUTkGtaeb%2BKgFYBKZz4RZxmi%2FUxeQUjNpM6KWS95KCxfH%2FwtrA2hBPSSrrR3vKidCsjl37UCqDySskRbD0Af%2FjemLQUPFHUoKpDIkmM4gPVwA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d61ca5a39fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34445&sent=53&recv=33&lost=0&retrans=0&sent_bytes=41151&recv_bytes=8241&delivery_rate=5625&cwnd=24000&unsent_bytes=0&cid=bc426e8405089764&ts=941&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:45 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/InstallModal-B0TtiAaF.js
server
cloudflare
InstallModal-CulR4s_j.css
ci5zjlh.com/assets/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/InstallModal-CulR4s_j.css
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca85c0dc913ffde00195b8d4c2ee6b1f5067d2d136c5d2818164d5085390c12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/download?&from=dw26o.cc

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vrbiYgHi4%2Bu2DaQZcsKolyS6RZbrU6W9KGGryrelACybuDTKlkQlx95chp0PsKbgDXbfYcCJaH2D9eFoOI60hjhFUKyIKNP97aytRrb5SgNxulpKV8oNM7ak%2B9IGmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d61ca5b39fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34445&sent=42&recv=33&lost=0&retrans=0&sent_bytes=34326&recv_bytes=8241&delivery_rate=5625&cwnd=24000&unsent_bytes=0&cid=bc426e8405089764&ts=931&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:45 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/InstallModal-CulR4s_j.css
server
cloudflare
index-rMm4RPd_.css
ci5zjlh.com/assets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/index-rMm4RPd_.css
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefad98c9c63780a055ddc1d0a3c206a94e3da3658a4fe5d4f1d41669d1847a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/download?&from=dw26o.cc

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wXBvOwt6hIb0Cf%2Fc4LtfmXHMmPTcgdPQUHJTQq6sj2DjaHddOAXoaOz%2B7wuOKE%2FeLL%2FIx8EK2kgPUpZ5RlsMODinNlmA7dtc6GVKEBf7CRtjIR5ugnyGlWifQMLTog%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d61ca5c39fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34445&sent=49&recv=33&lost=0&retrans=0&sent_bytes=39169&recv_bytes=8241&delivery_rate=5625&cwnd=24000&unsent_bytes=0&cid=bc426e8405089764&ts=938&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:45 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-rMm4RPd_.css
server
cloudflare
web-CjaTeccx.js
ci5zjlh.com/assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/web-CjaTeccx.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15b7e35cd404486b697343e2dc487b69f59a5129d4e794eff6cfc00ca0b7110f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/assets/index-BNtNQx7r.js

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pEIWJrmMpyqZ%2BrjOVXLe7UjE6pFRf6csVy9RBNcy0v5Oaadg5obhOroHL3MueT7P2%2FrCtVdpk%2FAHx6tdhVASyS7DmWcfrl49rvrv%2FjAm4nj%2Bm9aWklXMZwPlMr%2BMRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d62ab3339fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34235&sent=61&recv=50&lost=0&retrans=0&sent_bytes=43315&recv_bytes=10651&delivery_rate=99628&cwnd=24000&unsent_bytes=0&cid=bc426e8405089764&ts=1076&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:45 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/web-CjaTeccx.js
server
cloudflare
favicon.ico
ci5zjlh.com/ 		0
576 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=dw26o.cc

Response headers

x-version
v39
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UkpVidwM8MyZmXEeUCSBURWJ1s%2FJDdtxRXF9GH2lfM9sSsnXVdXkKYkBGZGvkCX5%2FfXye5HO1iBBE2%2Fby2Lv7zNeT6y9lnHtchu%2B6tRPs4RjW2P5FDVhDB62Hy3ahg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d62bb5539fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31356&sent=86&recv=66&lost=1&retrans=1&sent_bytes=68608&recv_bytes=11361&delivery_rate=24788&cwnd=16800&unsent_bytes=0&cid=bc426e8405089764&ts=1182&x=1", cfHdrFlush;dur=0
content-length
0
date
Mon, 11 Nov 2024 01:14:45 GMT
vary
Accept-Encoding
server
cloudflare
x-r2-path
v39/favicon.ico
pt_BR-DR4Wzu9l.js
ci5zjlh.com/assets/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/pt_BR-DR4Wzu9l.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e499518b40a1d295bcdc8952f18aae6951bd3c9bfd607a95bc015acd2e73f7c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/assets/index-BNtNQx7r.js

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbr2AhbljIe44JNZrXhbY07z9F6gTp3ypM2d2mKFmbxeOYwXqW4dkN8dY5ULCuPrrf1mLRPI1M3YccVx4kI30ZbY5PlX3rs%2BTPPLyRDQ%2FYTJ89NBVBww1Wx%2Bvk%2B3Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d62cb6639fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34235&sent=63&recv=50&lost=0&retrans=0&sent_bytes=45052&recv_bytes=10651&delivery_rate=99628&cwnd=24000&unsent_bytes=0&cid=bc426e8405089764&ts=1081&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:45 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/pt_BR-DR4Wzu9l.js
server
cloudflare
index9-kh1sIBlc.js
ci5zjlh.com/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/index9-kh1sIBlc.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff50fc10e1fd26b1cdb332fd5b4519c086059d0b925098bb9bd3879b6970f6ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/assets/index-BNtNQx7r.js

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WxJWHoKxZOoE0zxs8TP%2BaKgciLUStv20q1mqUp2uoV11fuQ8nQTVVYYuT1J7zNBuaGcDJuXJ1CvOPc90oqay%2BU1NZB5ItkYJ9JUzTN6YdR%2BlRmkIBkhmDTQZjYUPzg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d630b9c39fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32070&sent=84&recv=64&lost=1&retrans=1&sent_bytes=67079&recv_bytes=11273&delivery_rate=205842&cwnd=16800&unsent_bytes=0&cid=bc426e8405089764&ts=1118&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:45 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index9-kh1sIBlc.js
server
cloudflare
channel.info
api.n-t-v-w.com/api/frontend/trpc/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/channel.info?input=%7B%22json%22%3A%7B%22id%22%3A0%2C%22tenantId%22%3A0%2C%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,channelid,client-language,content-type,sign,tenantid,x-device-type,x-trace-id
Access-Control-Request-Method
GET
Origin
https://ci5zjlh.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
8e0a6d648cc736d0-YYZ
date
Mon, 11 Nov 2024 01:14:45 GMT
server
cloudflare
vary
Accept-Encoding
channel.info
api.n-t-v-w.com/api/frontend/trpc/ 		28 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/channel.info?input=%7B%22json%22%3A%7B%22id%22%3A0%2C%22tenantId%22%3A0%2C%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/mini.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d242137194749db304b6167388d502e8718f2491f5838c98f86b078d57b1eaa

Request headers

Authorization
Bearer null
sign
354bf5553236659d3576d44bd67c4dbcfbef7e00572a
tenantId
Referer
https://ci5zjlh.com/
X-Trace-ID
YAWLVNN4
X-Device-Type
DesktopOS
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
channelId
Client-Language

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
cf-ray
8e0a6d64cd0236d0-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
28
date
Mon, 11 Nov 2024 01:14:45 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
*
tenant.domainInfo
api.n-t-v-w.com/api/frontend/trpc/ 		28 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/mini.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d242137194749db304b6167388d502e8718f2491f5838c98f86b078d57b1eaa

Request headers

Authorization
Bearer null
sign
dacdb53b7d83005f603f00227f10d274115210a9a2afb
tenantId
Referer
https://ci5zjlh.com/
X-Trace-ID
AITFFOC5
X-Device-Type
DesktopOS
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
channelId
Client-Language

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
cf-ray
8e0a6d64cd0036d0-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
28
date
Mon, 11 Nov 2024 01:14:45 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
*
tenant.domainInfo
api.n-t-v-w.com/api/frontend/trpc/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,channelid,client-language,content-type,sign,tenantid,x-device-type,x-trace-id
Access-Control-Request-Method
GET
Origin
https://ci5zjlh.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
8e0a6d648cca36d0-YYZ
date
Mon, 11 Nov 2024 01:14:45 GMT
server
cloudflare
vary
Accept-Encoding
swipe-back-lXg72rbZ.js
ci5zjlh.com/assets/ 		682 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/swipe-back-lXg72rbZ.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0965ec94918d3b71ccefd138a382e8bcc32ffd6f6abd7a67a9dc375d51b3f494

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/assets/index-BNtNQx7r.js

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EzmpPnn99uFAIChPGeYrlsLBu4WGRa7QaWuFztMD1cg6AAd1mrvkWhrhuuNwZqnbvbzeGkty%2FkBlH%2Bti5c%2FSlz%2Bwmh%2BFcGz5hp3DT1VJNdKcyBXpxa72VUHoM9MLSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d650d8239fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30492&sent=88&recv=68&lost=1&retrans=1&sent_bytes=69232&recv_bytes=11862&delivery_rate=12114&cwnd=16800&unsent_bytes=0&cid=bc426e8405089764&ts=1451&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:45 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/swipe-back-lXg72rbZ.js
server
cloudflare
tenant.domainInfo
api.n-t-v-w.com/api/frontend/trpc/ 		28 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/mini.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d242137194749db304b6167388d502e8718f2491f5838c98f86b078d57b1eaa

Request headers

Authorization
Bearer null
sign
82667308788b523c98de24c8a01591ed19318c99b2a010
tenantId
Referer
https://ci5zjlh.com/
X-Trace-ID
V8Q3UG9L
X-Device-Type
DesktopOS
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
channelId
Client-Language

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
cf-ray
8e0a6d659de336d0-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
28
date
Mon, 11 Nov 2024 01:14:46 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
*
tenant.domainInfo
api.n-t-v-w.com/api/frontend/trpc/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,channelid,client-language,content-type,sign,tenantid,x-device-type,x-trace-id
Access-Control-Request-Method
GET
Origin
https://ci5zjlh.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
8e0a6d656da836d0-YYZ
date
Mon, 11 Nov 2024 01:14:45 GMT
server
cloudflare
vary
Accept-Encoding
index-CdUROUJ-.js
ci5zjlh.com/assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/index-CdUROUJ-.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4de82b0141cb7b5e72cc34e550472a519dd74d6b16cb955960602d9fb61ac44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gdg9k94WgOVcQ%2FpsqjxUE9EUpoC%2BiuyvDybsoU1dOQOTTW1zfHq4gIGq6HmaeUE%2F6cvC3V85siEEDN2kZSJ2k27Y5HmrON3io05qFRQ6eYxwU9nweB%2F3FzuteHtz1A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d68c92d39fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29743&sent=94&recv=71&lost=1&retrans=1&sent_bytes=72602&recv_bytes=12792&delivery_rate=12866&cwnd=16800&unsent_bytes=0&cid=bc426e8405089764&ts=2047&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:46 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-CdUROUJ-.js
server
cloudflare
index-CSJWRess.css
ci5zjlh.com/assets/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/index-CSJWRess.css
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3432094bcfc8d88b093bea9f5191c099f72920065d2cef3cf8cae41b3d400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/download?&from=dw26o.cc

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B6sojDoFNaGTYkFf4Z5jd7aThwYiYkJC5NMXDKsrWzfIMeScUrqt6gTuCGn200sb6dAA6pN%2B1i86S2rhDtYk8Qk0cjMXEfZ4rRjGd9SF9YJwmhlfxWe371Ow0Qge9g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d68c93039fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29743&sent=91&recv=71&lost=1&retrans=1&sent_bytes=70415&recv_bytes=12792&delivery_rate=12866&cwnd=16800&unsent_bytes=0&cid=bc426e8405089764&ts=2046&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 01:14:46 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-CSJWRess.css
server
cloudflare
cloud-dark.svg
ci5zjlh.com/405/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ci5zjlh.com/405/cloud-dark.svg
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-CSJWRess.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e13775ee86b96fea82ede96ab5af4465d5f7a667aab005c041f443bdd3f2a0da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/assets/index-CSJWRess.css

Response headers

x-version
v39
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fb3DKc%2B8Y6IWMH9T7%2F3PPUo6IqfQ452A1hcKKcBB%2BwCRB53qVzlsXtbg%2B1YKjqdSaE249fbthAfYDiIBXzTfkEW1znnHewNQj5RZXLROwOTAMXR8X%2BGIoJW3MERQWw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d6969ca39fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28426&sent=113&recv=76&lost=1&retrans=1&sent_bytes=91130&recv_bytes=13895&delivery_rate=44177&cwnd=16800&unsent_bytes=0&cid=bc426e8405089764&ts=2149&x=1", cfHdrFlush;dur=20
date
Mon, 11 Nov 2024 01:14:46 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-r2-path
v39/405/cloud-dark.svg
server
cloudflare
limit-dark.png
ci5zjlh.com/405/ 		385 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ci5zjlh.com/405/limit-dark.png
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-CSJWRess.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/assets/index-CSJWRess.css

Response headers

x-version
v39
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2BzOUJ8yxQho0vVwlNWwtTsFxYUChr0me1Ukx32DqMJEPMOGc%2FHw8nwR2E0SuBrh0CT1WjtuLURetlpugoNmbwj7ix9C5dmAPzirQ7DjTFQU6XMt0cSMPLIDmozM8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a6d6969cb39fc-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28426&sent=98&recv=76&lost=1&retrans=1&sent_bytes=74330&recv_bytes=13895&delivery_rate=44177&cwnd=16800&unsent_bytes=0&cid=bc426e8405089764&ts=2144&x=1", cfHdrFlush;dur=0
content-length
527977
date
Mon, 11 Nov 2024 01:14:46 GMT
content-type
image/png
vary
Accept-Encoding
x-r2-path
v39/405/limit-dark.png
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ci5zjlh.com
URL
blob:https://ci5zjlh.com/c3865209-fa87-4586-8ef2-df6948fa0457

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isSamsungBrowser object| script object| VersionPolling object| diy object| MTpushInterface object| turnstile object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ object| CapacitorPlatforms object| Capacitor function| Pusher boolean| __VUE__ object| Ionic boolean| __vite_is_modern_browser object| _refresh_btn boolean| isOpenMainUI

2 Cookies

Domain/Path Name / Value
.dw26o.cc/ Name: __cf_bm
Value: eDbNmU6EAW9HC1xjXNN99KMAyLajAhy_olZ5twlkx.Y-1731287683-1.0.1.1-9pGxi98v.qsAMtGeyDE.jJ6GW58cYFKGDCOVaaV961N4G5e3P26ev7AiOPsGdNScDwv8v9PaqF95sK3f2RlJ6Q
.ci5zjlh.com/ Name: __cf_bm
Value: cnDs0gUP6USwgys0JfTg47CjuevB70IOZ_qSLEZbfMQ-1731287684-1.0.1.1-l9vQFTgYJKsCAQsbBbf7.W3cpdJtCqRKzvkfSeBeTJXSHMSCyCC9cVnUAPkcB7ujrvehNJTSLJwoTj3RXzcqXQ

4 Console Messages

Source Level URL
Text
network error URL: https://ci5zjlh.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.n-t-v-w.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Message:
Failed to load resource: the server responded with a status of 405 ()
network error URL: https://api.n-t-v-w.com/api/frontend/trpc/channel.info?input=%7B%22json%22%3A%7B%22id%22%3A0%2C%22tenantId%22%3A0%2C%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Message:
Failed to load resource: the server responded with a status of 405 ()
network error URL: https://api.n-t-v-w.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Message:
Failed to load resource: the server responded with a status of 405 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.n-t-v-w.com
cdnjs.cloudflare.com
challenges.cloudflare.com
ci5zjlh.com
dw26o.cc
ci5zjlh.com
104.17.25.14
104.18.15.194
104.18.27.31
2606:4700::6812:5e29
2606:4700::6812:ec2
2606:4700::6812:fc2
06190daf3e538daeef217f28691ae6eddccf709cc513e43d8eff1013f0a18862
0965ec94918d3b71ccefd138a382e8bcc32ffd6f6abd7a67a9dc375d51b3f494
15842fe1091a48fce474adc7a25380c2bd5326a9d5a5f5c789f8e9bcc023b947
15b7e35cd404486b697343e2dc487b69f59a5129d4e794eff6cfc00ca0b7110f
1b2529c653f216397e16fe2519f773a1fe204db22cbbbda5b410e6a9d0047527
1c318e6914f231dbdbc65dfadbce972eb471d1a6f1b6235750b88984ddcfdad0
1ee4947bae28f87f22e0f400ac7ae540d0162c4102402eaafe7d3aa6a3420c7e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2af731f7d19c6ace6b642f99c00ec8f1c88b6b0401c407d4788d506bdd2ddce0
2c7c8e0a60afd5191f348e1de02c091cd885b076875b581a8a6a8bf86b8726f5
2cbc3b5f3bb11a18f521f05a60ee3976a356f02ae8845190675114ab0de6750a
34a3f23956c2a665cf8f8bf36d7b7dea28d04e3ceed26cdf8a3db8e56f8fb3ce
66d40e7ccc24f6a2c2e19d72c05135c86333cd8667324b594a652eba68c40fd0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a7e812ba99384c164477897c55e5e4dbe4f17ff534d8008da371edfde297883
7ca85c0dc913ffde00195b8d4c2ee6b1f5067d2d136c5d2818164d5085390c12
8d242137194749db304b6167388d502e8718f2491f5838c98f86b078d57b1eaa
920cbdf782168b5a13073f919eb275f19884dac5599531b66389575717203046
940424bf0b79c8e250390bb0c50222e822b1e8c81683d8eddbca2b5984312d8a
95f99592f1e1d933dd836158720ba5a971eac815767df96e234ae2303580d00b
9e499518b40a1d295bcdc8952f18aae6951bd3c9bfd607a95bc015acd2e73f7c
9faf673113292d24752db2af256ce2cf2de78bb2c65498675ca7898f7c077b35
a4bcd6b26b827ce2852a33133d04d849c46ca23a85df046bb5a172f12f24c8b1
b1a18be61e193719c44ea1d26f8173df15d630a3e581b5b97231590283f06b55
b7595c3d2e94df7416308fa2ccf5ae8832137c76d2e9a8b02e6ed2cb2d92e2f7
bad3432094bcfc8d88b093bea9f5191c099f72920065d2cef3cf8cae41b3d400
c196f801ba1d18837279526b9f118930f94e8d8c2d54aa22321c92c9495d85a9
c4c26210c0347a902e40b557af13bc633a8950292b1e787fb3dbf2c025b2874e
d4de82b0141cb7b5e72cc34e550472a519dd74d6b16cb955960602d9fb61ac44
e13775ee86b96fea82ede96ab5af4465d5f7a667aab005c041f443bdd3f2a0da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed4f6dad41ae25e9ed007f23a32449ec63008235363e5cad680768a4e99b12ac
eefad98c9c63780a055ddc1d0a3c206a94e3da3658a4fe5d4f1d41669d1847a8
ff50fc10e1fd26b1cdb332fd5b4519c086059d0b925098bb9bd3879b6970f6ff