www54.davisonbarker.pro Open in urlscan Pro
104.21.92.39 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fd...
Effective URL:
https://www54.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=25467909&pci=6911692765&t=1683306231&dest...
Submission: On May 05 via manual (May 5th 2023, 5:40:14 pm UTC) from US — Scanned from DE

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 40 HTTP transactions. The main IP is 104.21.92.39, located in and belongs to CLOUDFLARENET, US. The main domain is www54.davisonbarker.pro.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.

This is the only time www54.davisonbarker.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 12	104.21.92.39 104.21.92.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.222.250.225 52.222.250.225	16509 (AMAZON-02) (AMAZON-02)
4	172.64.198.35 172.64.198.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	13.225.78.121 13.225.78.121	16509 (AMAZON-02) (AMAZON-02)
8	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	54.162.51.18 54.162.51.18	14618 (AMAZON-AES) (AMAZON-AES)
2	54.230.163.121 54.230.163.121	16509 (AMAZON-02) (AMAZON-02)
40	8

12 104.21.92.39 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www91.davisonbarker.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www14.davisonbarker.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www88.davisonbarker.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www25.davisonbarker.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www54.davisonbarker.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.250.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-225.fra60.r.cloudfront.net

dc5k8fg5ioc8s.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.198.35 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.78.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-121.fra2.r.cloudfront.net

kultingecauyuksehinkitw.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

workhovdiminatedi.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.162.51.18 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-51-18.compute-1.amazonaws.com

ndandinter.hair	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.163.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-121.ewr53.r.cloudfront.net

ablesasmetotr.monster	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	davisonbarker.pro 2 redirects www91.davisonbarker.pro www14.davisonbarker.pro www88.davisonbarker.pro www25.davisonbarker.pro www54.davisonbarker.pro	123 KB
8	workhovdiminatedi.info workhovdiminatedi.info	3 KB
6	kultingecauyuksehinkitw.info kultingecauyuksehinkitw.info	8 KB
5	cloudfront.net dc5k8fg5ioc8s.cloudfront.net	103 KB
4	ndandinter.hair ndandinter.hair — Cisco Umbrella Rank: 195371	74 B
4	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 25168	202 KB
2	ablesasmetotr.monster ablesasmetotr.monster	1 KB
40	7

	Domain	Requested by
8	workhovdiminatedi.info	www91.davisonbarker.pro dc5k8fg5ioc8s.cloudfront.net www88.davisonbarker.pro
6	kultingecauyuksehinkitw.info	dc5k8fg5ioc8s.cloudfront.net
5	dc5k8fg5ioc8s.cloudfront.net	www91.davisonbarker.pro kultingecauyuksehinkitw.info www88.davisonbarker.pro www54.davisonbarker.pro
4	www88.davisonbarker.pro	1 redirects www88.davisonbarker.pro
4	ndandinter.hair	www91.davisonbarker.pro www88.davisonbarker.pro
4	pogothere.xyz	dc5k8fg5ioc8s.cloudfront.net
4	www91.davisonbarker.pro	1 redirects www91.davisonbarker.pro
2	www54.davisonbarker.pro	www54.davisonbarker.pro
2	ablesasmetotr.monster	www91.davisonbarker.pro www88.davisonbarker.pro
1	www25.davisonbarker.pro	www88.davisonbarker.pro
1	www14.davisonbarker.pro	www91.davisonbarker.pro
40	11

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-26`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
kultingecauyuksehinkitw.info Amazon RSA 2048 M01	`2023-04-27` - `2024-05-25`	a year	crt.sh
workhovdiminatedi.info E1	`2023-04-27` - `2023-07-26`	3 months	crt.sh
ndandinter.hair R3	`2023-05-04` - `2023-08-02`	3 months	crt.sh
ablesasmetotr.monster Amazon RSA 2048 M02	`2023-02-28` - `2023-09-01`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://www54.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit
Frame ID: D75438A7789B522FF7B1BD055772F388
Requests: 36 HTTP requests in this frame

Frame: https://kultingecauyuksehinkitw.info/SE9ERGopLScpVSlyJmIfOiN5YVgOanYCDit6L3wML3otKwlwPGonBic6ICIYJyEwagQtO2F2LDIsAAoQKyEdEDIKfxEXOxouAnRTBx4jICIaGhITPRkOIAMrCQAGLAURBygVWgEbfQ4MLzwlChIBCBIVMwUJBXEuHg0rFjIaHRQRKB4rAQFTABkoDTINCjABLBksBwM4OwAGLB0bCRIRCwANCREsGRYQFxJ5LAcWGSkHAg49GQsGAiIdARwWLwktBgYZEQkCMy8JGQoHKzB/AxFaAQsVLyARHgYeKwUJCgcrPx4mAy8RBxIvL3gZFQIuCyQGAS0kYh4FOCAJAAUSfBsGdTMaCBZ8Lw4kAXQ7eAIBHD8ODhIVLAwYLHQzGjdwIT94BTMSAQoIDAIFEQl1CikJNxUcLBo7JxMGLAoVAisqDgYvDh4jHgUnDQoHFSwwCBwjMA4dERYPChoGHDgNDQUBAhkXBSgaHx4ABiwJChYnOB0WEgYBcQdiLhknITR5HyAhKiMtGwZ9CRIgDiZx
Frame ID: 3DAD0DCB96FB69658DBCA64EF7E596F2
Requests: 2 HTTP requests in this frame

Frame: https://kultingecauyuksehinkitw.info/cmhxZE0TChIJchNVE0I4AARMQX80TUMiKRFdGlwrFV0YCy5KG18HIR0dFQI/HQYFSiMXHFRWCxY6CzIZEAMkDxoYWDgBJzwLP1UDSwwgIiMlMCsMFQspMy83ESE+Ay4hLhYpBTkfNDAMCyEQJTo8AhU2IldaNy06GgIiJyYfPws2GSsROwYANCZBPRsjWzUsJQgtCAcoOQEGLQcVKRktIT9eMCcMGC0IPR0XKwEFBiMLAS98IFopJQMLL0MqARZbEgAHMwsDLXwdAzkzD0MqJVQsKyAkIhQeXQMANTAPPSMPQyoiNQU5WzQmKR5YOT0qFgI3CgMIIDlJFxEMIj4LOx84AwA0KQkmHgUSNCMIHQs5NQ4UPkAeFBUMGzYkRh4gMHkxMTkyfxYECVUGQx9FJ38wWTMwHD4iGBwsFwMFVylDMUYsDh0ZJCwXESlCPQgrLTNVLCMqHTMVFhgwVg8+DEIACj8PFg8DJBBDPAw8ETMJHzMMHyEZOAQ/VGsYGx4KPU8BGDMcRDw0IBlEGQUiCSQ
Frame ID: 37E23912B40E47E54C6D47F897E70171
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&... Page URL
https://www14.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=69116927... Page URL
https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&... HTTP 302
https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=69116927... Page URL
https://www25.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=2&ppi=25467909&pci=69116927... Page URL
https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=69116927... HTTP 302
https://www54.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=25467909&pci=69116927... Page URL

Page Statistics

40
Requests

98 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

8
IPs

3
Countries

438 kB
Transfer

880 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Page URL
https://www14.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Page URL
https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit HTTP 302
https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Page URL
https://www25.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=2&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Page URL
https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit HTTP 302
https://www54.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit HTTP 302
https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit

40 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response www91.davisonbarker.pro/pushredirect/	5 KB 3 KB	320ms 247ms	Document text/html	104.21.92.39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash `2ba01500193395d33cc81dc8737f8bf11519c63db556a8735a92651661648437` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 cf-cache-status DYNAMIC cf-ray 7c2ac456988a1909-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 05 May 2023 17:40:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KH%2FSmEmsCb0FBu%2Bwp0aCpoHP8hv%2BMk95WKQ7zmsKDDuEETsvZLn05HWfWihP%2BTSzx7a9aJv8%2FqmC4agFZckOtEOx0JSHiDAiiQyn9AUNw2StyAxwohPCwdutBP0mjqDCT7ZCPNz6ozOB9g%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.3.27 x-turbo-charged-by LiteSpeed
GET H2	200	/ Show response dc5k8fg5ioc8s.cloudfront.net/	180 KB 51 KB	225ms 171ms	Script text/plain	52.222.250.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Requested by Host: www91.davisonbarker.pro URL: https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.250.225 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-250-225.fra60.r.cloudfront.net Software / Resource Hash `35c6b77759f8a17b624a083b7a64434b452a5827fe513f2ceb7bbe3e17e738c7` Request headers accept-language de-DE,de;q=0.9 Referer https://www91.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers pragma no-cache date Fri, 05 May 2023 17:40:09 GMT content-encoding gzip via 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 51555 x-amz-cf-id Xszt7pbf_XXnILopPorkGBgS2yincWKHmHWMXhwDBZJjKVIaXxP0YA==
GET H2	200	logo.png www91.davisonbarker.pro/static/image/	10 KB 11 KB	28ms 28ms	Image image/png	104.21.92.39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www91.davisonbarker.pro/static/image/logo.png Requested by Host: www91.davisonbarker.pro URL: https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a` Request headers accept-language de-DE,de;q=0.9 Referer https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2214 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10726 last-modified Tue, 10 Nov 2020 09:44:06 GMT server cloudflare etag "29e6-5faa60e6-b4021a56880f53fc;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYJhOiSTnac6LXPxsmPx14d9QuFT8KBUhTQIlUpG5Fhlqykcrk7wVQmw7S20d%2Fqt%2BGlv6AzLROOMbKURZRDVyFkgNDTYmACLGxFwAa1XX6lMPmXK5yW5gYIuQavCpbgeu6qLyys%2BY7Muwg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 7c2ac4582a841909-FRA expires Fri, 12 May 2023 17:03:15 GMT
GET H2	200	am-push-cps.js Show response www91.davisonbarker.pro/	101 KB 39 KB	234ms 233ms	Script application/x-javascript	104.21.92.39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www91.davisonbarker.pro/am-push-cps.js?puid=25467909&clickid=25467909_4712061&allb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit&ob=https%3A%2F%2Fwww14.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&clb=https%3A%2F%2Fwww14.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&asb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Requested by Host: www91.davisonbarker.pro URL: https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bc4720c44ed409f268f5c7791185c5464bd750e81a4e2deb2766b6d4270b4ca8` Request headers accept-language de-DE,de;q=0.9 Referer https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:09 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 08 Aug 2022 14:16:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"19284-62f11ad4-dcbd68a41223eabf;gz" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAgCLI9k7ruTxS%2FV%2FF%2BIre5AwoqkGWATI%2FTqe60s7G28EDwk6UtVJCW8G3hQakh1pKf%2BJnGdoA9yCMAvtqltMb44vkefvR%2FuqOGjpzUTbJPqS643dQT8vRuL5gKWyDT1Bs9d1gJfMMfvqw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 7c2ac4584ac01909-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 12 May 2023 17:39:48 GMT
GET H2	200	asd100.bin Show response pogothere.xyz/	100 KB 101 KB	77ms 26ms	Fetch binary/octet-stream	172.64.198.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/asd100.bin Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.198.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16` Request headers accept-language de-DE,de;q=0.9 Referer https://www91.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1854 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 05 May 2023 17:09:15 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin https://www91.davisonbarker.pro report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FfRNIknk9ickUWynGRA3Ofo2jMUZjlqZEbdQpHDGKAzL9yc1phZDiGgsYBUsaa8H8uz8UgENFjXfMEWb6c0wmPtV%2F5PjNFxMrsEQsdtSjnEmwcxUpAIJrtVcUoqhPvO"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 access-control-allow-credentials true cf-ray 7c2ac45a0f411c1c-FRA access-control-allow-headers X-Requested-With, content-type
GET H2	200	/ Show response pogothere.xyz/	27 B 389 B	167ms 116ms	Fetch text/plain	172.64.198.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/ Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.198.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4712099780bbc8cccdee4f3fec901f0939548d64e1d4eb25086db9ea3088a62` Request headers accept-language de-DE,de;q=0.9 Referer https://www91.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:10 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5au7fIHHkCK3aOgVXYuiWirdHmv3%2Fbjp9t6JtF3tBdtc3gZUqRK2mqurGPEByDfWIjPozLlYwXj9Xesodib7s8yNFNIixaNbkAhDwIcANfiGIUeJE9PU%2B5cj0RYTX61"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET access-control-allow-origin https://www91.davisonbarker.pro content-type text/plain access-control-allow-credentials true cf-ray 7c2ac45a0f441c1c-FRA access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx Show response kultingecauyuksehinkitw.info/	0 542 B	183ms 119ms	XHR text/plain	13.225.78.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kultingecauyuksehinkitw.info/utx?cb=NABp41eMUIdw&top=www91.davisonbarker.pro&tid=824473 Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-121.fra2.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www91.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers pragma no-cache date Fri, 05 May 2023 17:40:09 GMT via 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront) server openresty/1.17.8.2 accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www91.davisonbarker.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id a2qfH98Ql6tVX6N_IEKPph_4mMJ5ioaWLsR55_-8NTwnN-PD2Rx0gQ==
GET H2	200	AxFaAQsVLyARHgYeKwUJCgcrPx4mAy8RBxIvL3gZFQIuCyQGAS0kYh4FOCAJAAUSfBsGdTMaCBZ8Lw4kAXQ7eAIBHD8ODhIVLAwYLHQzGjdwIT94BTMSAQoIDAIFEQl1CikJNxUcLBo7JxMGLAoVAisqDgYvDh4jHgUnDQoHFSwwCBwjMA4dERYPChoGHDgNDQUBA... Show response kultingecauyuksehinkitw.info/SE9ERGopLScpVSlyJmIfOiN5YVgOanYCDit6L3wML3otKwlwPGonBic6ICIYJyEwagQtO2F2LDIsAAoQKyEdEDIKfxEXOxouAnRTBx4jICIaGhITPRkOIAMrCQAGLAURBygVWgEbfQ4MLzwlChIBCBIVMwUJBXEuHg0rFjIa... Frame 3DAD	3 KB 2 KB	164ms 114ms	Document text/html	13.225.78.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kultingecauyuksehinkitw.info/SE9ERGopLScpVSlyJmIfOiN5YVgOanYCDit6L3wML3otKwlwPGonBic6ICIYJyEwagQtO2F2LDIsAAoQKyEdEDIKfxEXOxouAnRTBx4jICIaGhITPRkOIAMrCQAGLAURBygVWgEbfQ4MLzwlChIBCBIVMwUJBXEuHg0rFjIaHRQRKB4rAQFTABkoDTINCjABLBksBwM4OwAGLB0bCRIRCwANCREsGRYQFxJ5LAcWGSkHAg49GQsGAiIdARwWLwktBgYZEQkCMy8JGQoHKzB/AxFaAQsVLyARHgYeKwUJCgcrPx4mAy8RBxIvL3gZFQIuCyQGAS0kYh4FOCAJAAUSfBsGdTMaCBZ8Lw4kAXQ7eAIBHD8ODhIVLAwYLHQzGjdwIT94BTMSAQoIDAIFEQl1CikJNxUcLBo7JxMGLAoVAisqDgYvDh4jHgUnDQoHFSwwCBwjMA4dERYPChoGHDgNDQUBAhkXBSgaHx4ABiwJChYnOB0WEgYBcQdiLhknITR5HyAhKiMtGwZ9CRIgDiZx Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-121.fra2.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `74141148f060e9c6bb57641a79c4b752a5d21fd9bd0e0563b86aed2f3d30d87e` Request headers Referer https://www91.davisonbarker.pro/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1230 content-type text/html date Fri, 05 May 2023 17:40:09 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront) x-amz-cf-id peQ8GKhU5-vr2giHPk6SrLUtB_L4bL-vqjrI8te9--bgaFWaZRBzFQ== x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront
GET H2	204	QmRSEiIRakdQbQYjFRY+BmpFRCIbMRtfbQNqRExyW2ZaV20AakVEPwU2E196UycAFidIZkJaeEZnTFZ7TG9CVA workhovdiminatedi.info/dGJLdVdbXSgGaiY6BR40RFMxJmZFJS4tETY0IAVyRiAtIBkiMCVBcQALL0hvRlZ/	0 252 B	178ms 122ms	Image text/plain	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://workhovdiminatedi.info/dGJLdVdbXSgGaiY6BR40RFMxJmZFJS4tETY0IAVyRiAtIBkiMCVBcQALL0hvRlZ/QmRSEiIRakdQbQYjFRY+BmpFRCIbMRtfbQNqRExyW2ZaV20AakVEPwU2E196UycAFidIZkJaeEZnTFZ7TG9CVA Requested by Host: www91.davisonbarker.pro URL: https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www91.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:10 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozRY4SPqk4YIUIRv4xhwl8Nm4Fb63Cscb0lIJA4et9R5z8qDgxQcnGzpyYwUdwdwVPU6kG%2ByOQMbOHlWywqBbIDUm101QrUgeCDY2%2FklpesL3R42CJ9wfXqHAFYNj%2BG00RP%2FCO9m6fVo"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7c2ac45a3944373b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	b09rYlNAcAgRbjYlORgdKhU+JhYADQgOCigeOlNiOCg5IRI3Gk0WOgtyU1BnW3hYRCMGK1ZRYUk8HwMnGjxWUGNfeE0LPQkgVlB1GXJbTGpBfkVXdRpyWkQnHy4MX2JJPx8WP1J+XVpgXH9TVmNWd11V workhovdiminatedi.info/	0 410 B	174ms 119ms	Image text/plain	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://workhovdiminatedi.info/b09rYlNAcAgRbjYlORgdKhU+JhYADQgOCigeOlNiOCg5IRI3Gk0WOgtyU1BnW3hYRCMGK1ZRYUk8HwMnGjxWUGNfeE0LPQkgVlB1GXJbTGpBfkVXdRpyWkQnHy4MX2JJPx8WP1J+XVpgXH9TVmNWd11V Requested by Host: www91.davisonbarker.pro URL: https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www91.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:10 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ufn7rfMC8K50H3UlVZ9eynxSgrTo8GqkggEp%2BEleefymlSiArMt8FxT0ApNsrgXLFX%2FgGclLSxnd0YtKSTcKojEtZhbhDKZsxfNVEiD7MUriW7z3oCDSMCucLsA5wjYxxM8kQhMbi4l"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7c2ac45a3946373b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	502	OFM2RjNDcUUxbE0hWmQJGjtCMkNLaRlpRE8kD3cdXDJAL0BXPVQnQVM2RGhDSjwZJ14VI0M1WxUwRjUdUiAJNkZRNwt0BgxlAX8DAXVVKlpbOF8iDgpmAnAEAWMPGQcPYgR2BQl1VypfWm5eMkdIIBN1ch1hcGMBfjdZJUAWNFkpVFQ2GCVcVXYEAFdXMEMrVlYnE... ndandinter.hair/	0 0	374ms 131ms	Script text/plain	54.162.51.18 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ndandinter.hair/OFM2RjNDcUUxbE0hWmQJGjtCMkNLaRlpRE8kD3cdXDJAL0BXPVQnQVM2RGhDSjwZJ14VI0M1WxUwRjUdUiAJNkZRNwt0BgxlAX8DAXVVKlpbOF8iDgpmAnAEAWMPGQcPYgR2BQl1VypfWm5eMkdIIBN1ch1hcGMBfjdZJUAWNFkpVFQ2GCVcVXYEAFdXMEMrVlYnE3R1XHYEAAJLEGwvHnlhWDUAYmpjckVRGUV%2FdEgieRdWWztUdloAflEkUXUfZHB1XAFvYwF%2BNlIvRx48VHtbTCdGNRYLEhN0dR1hcDFET2ICaFdZJV81XFYxVzRYXSEYNkFXdgQAQ00gXjRWXDpEI1BMdgQAFgsVQitDHWBydxYKZVgjR088RC0WCxcFYwEOOlk1FgsXBmMBDiBfMlYdYHInV14%2FT2MBDjATdXcJdgRwQ0g6E3V3CmYCcAQBYw9jAQ4jVS8WCxcAfwIJZQ90BA5mE3QFTHYFAgIOawV1Aw5hBXcWCmVSI0BMdgUCW0wnRjUWCmYFBxYKZgQAFgpmBABXVzBFaFRXPFEqVhYwWSsWCmYEAFdXMEMrVlYnE3QGChVSYwENYXB3QHsJX2tyCj1FdWkBBgIwWnIgDwFDSRxnI1BQMQYvCxU0VCR%2BdAEAAFdqChN0BgoVUyJaTHVVKlEFO0IyQ0t2BQcWChUTdHVPJEF3BxY3VzBaSzxYJFJKOFM0HUghWWMBfiNDNVtKNlIvQV0wQmMBfnYFAEdVIxN1dwp2BHBdXSdBKUFTdgUCAB1hAC9cS3YFAgMdYQA1Wkw2E3V3WTdQKkodYQAlFgsXB2MBDiNGLxYLFwRzBw5kD3YKHWEANlBRdgUCBQFiB3AKCmQAcxYKZUJjAHxiAH4AC2MAdAAJdgRwV10gQmMAfDtCMkNLdgRzAHl2BHMBfnYEcwF%2BN1klQBY0WSlUVDYYJVxVdgRzAX43WSVGVTZYMhYKZgQAVx1hA3R1CSB1HFoVEgQoQAsJDxMHTjp8NQp%2FI0cJYl0wXiQDUWsbIVFaHnoUBX43ZB8WCmYEAFZcOkJgUksxCy5HTCNFYwB5dgQAFgoVUilQS31RKVxfP1NoUFc%2BE3R1XDxVM15dPUJjAX43E3R1CSB1HFoVEgQoQAsJDxMHTjp8NQp%2FI0cJYl0wXiQDUWsbIVFaHnoUBX43ZB8WChVTIlpMcRpkQFU1FHwCFHFFK0UaaRRyHQtxGmRHWTRpL1caaRR%2BAgBhDnARFHFFM1FnOlJ3EQJxBHMHDmQPdgoafxQ1RloMXyIBGmkUdAYMZQF%2FAwEMAnECCmMAdxEUcVcqX1pxDGRbTCdGNQkXfFIpUEt9USlcXz9TaFBXPhkiXFsmWyNdTHxSaQJLEGwvHnlhWDUAYmpjckVRGUV%2FdEgieRdWWztUdloAflEkUXUfZHB1XAFvaVZcOkJkHxo8VGQJGjtCMkNLaRlpRE8kB3IdXDJAL0BXPVQnQVM2RGhDSjwZNkZLO0QjV1EhUyVHF2xCK0MFYhAoVkwkWTRYBWAQL1xLbgZgQFEnU3tSXDVaPxVbbgdgQ0g6C3QGDGUBfwMBdUYlWgVlD3cCDmoEcQUNdUJ7Ag5rBXUDDmEFdxVcNkUyDlAnQjZAHWB3YwF%2BdgQAV1cwRWhUVzxRKlYWMFkrFgoVUilQTT5TKEcdYXAiFgoVBzVwYjobBwFWIAUcCm1nQC95S2pxNkJ3AlMlW1pjX34eXzFUC39qZXAiYWF2BABWXDpCZB8aMFokEQJxXjJHSCAMaRxPJEF3BxY3VzBaSzxYJFJKOFM0HUghWWlDTSBeNFZcOkQjUEx8CTJeSG4EYF1dJ0EpQVNuBWBaVyALdhVLOkIjDlk3UCpKHjALdxVII197AQ1nAHEKCGoQNlBRbgB%2FAgllD3QEDmYQMg4JZQ51AAhlBHUCHjdTNUcFO0IyQ0t2BQcWChUTdHVcPFU1HV88WSFfXX1VKV4dYXAiXFsmWyNdTHYEAFcdYXB3QHsJX2tyCj1FdWkBBgIwWnIgDwFDSRxnI1BQMQYvCxU0VCR%2BdAEAAFdqChN0dV03XzIRFHFXNVEaaRQuR0wjRXwcFzdZJUAWNFkpVFQ2GCVcVXxSKVBNPlMoRxc3GXdAewlfa3IKPUV1aQEGAjBaciAPAUNJHGcjUFAxBi8LFTRUJH50AQAAV2oKGSNXUScUOw Requested by Host: www91.davisonbarker.pro URL: https://www91.davisonbarker.pro/am-push-cps.js?puid=25467909&clickid=25467909_4712061&allb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit&ob=https%3A%2F%2Fwww14.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&clb=https%3A%2F%2Fwww14.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&asb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.162.51.18 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-162-51-18.compute-1.amazonaws.com Software / Express Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www91.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers access-control-allow-origin * x-powered-by Express access-control-allow-headers X-Requested-With,content-type access-control-allow-methods GET, POST
GET H2	200	zcDNzcnYTXB0USQRaF09OQgdHRUVWWQAdGAAOBhoYHlQ0IT9JfgsaNxIGVQYMFA5DVBoRXRRPUBVdEE9HVlIXEEtEFQcCGRsOBhwSFVUaHBMUFQYTSx1cCRsaHFJWQDBFHUNXREAbBBsYFFwEAVNCAx0GU0IDQkJYQBZAMFNCAwQbGEYHVkE0VQFDCkBEGl-ZARhF... Show response dc5k8fg5ioc8s.cloudfront.net/ Frame 3DAD	463 B 642 B	165ms 164ms	Script text/plain	52.222.250.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dc5k8fg5ioc8s.cloudfront.net/zcDNzcnYTXB0USQRaF09OQgdHRUVWWQAdGAAOBhoYHlQ0IT9JfgsaNxIGVQYMFA5DVBoRXRRPUBVdEE9HVlIXEEtEFQcCGRsOBhwSFVUaHBMUFQYTSx1cCRsaHFJWQDBFHUNXREAbBBsYFFwEAVNCAx0GU0IDQkJYQBZAMFNCAwQbGEYHVkE0VQFDCkBEGl-ZARhFDAx4TB1YRGR8EFkE0Q0MEXUFAVQFDWh0YRx4eU0JwVkBGHFoYF1NCAxQXFRtcWldEQFAbABkdVlZAMEECQFxGXgZFRUReBUBXREBAEhQXAlpWQDBFAERcRUYVBk9H Requested by Host: kultingecauyuksehinkitw.info URL: https://kultingecauyuksehinkitw.info/SE9ERGopLScpVSlyJmIfOiN5YVgOanYCDit6L3wML3otKwlwPGonBic6ICIYJyEwagQtO2F2LDIsAAoQKyEdEDIKfxEXOxouAnRTBx4jICIaGhITPRkOIAMrCQAGLAURBygVWgEbfQ4MLzwlChIBCBIVMwUJBXEuHg0rFjIaHRQRKB4rAQFTABkoDTINCjABLBksBwM4OwAGLB0bCRIRCwANCREsGRYQFxJ5LAcWGSkHAg49GQsGAiIdARwWLwktBgYZEQkCMy8JGQoHKzB/AxFaAQsVLyARHgYeKwUJCgcrPx4mAy8RBxIvL3gZFQIuCyQGAS0kYh4FOCAJAAUSfBsGdTMaCBZ8Lw4kAXQ7eAIBHD8ODhIVLAwYLHQzGjdwIT94BTMSAQoIDAIFEQl1CikJNxUcLBo7JxMGLAoVAisqDgYvDh4jHgUnDQoHFSwwCBwjMA4dERYPChoGHDgNDQUBAhkXBSgaHx4ABiwJChYnOB0WEgYBcQdiLhknITR5HyAhKiMtGwZ9CRIgDiZx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.250.225 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-250-225.fra60.r.cloudfront.net Software / Resource Hash `933e7a3f429f8e4a46f806f0895320e82cef21a80b15e45e6ad4c4a9c1febb67` Request headers accept-language de-DE,de;q=0.9 Referer https://kultingecauyuksehinkitw.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:10 GMT content-encoding gzip via 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 365 x-amz-cf-id 1HvuXeppDKtCSEQE0Nmea50_3lcdHKOr7pCz2U1x4GBPGHWNphyeUw==
GET H2	200	popunder.gif workhovdiminatedi.info/	35 B 398 B	27ms 26ms	Image image/gif	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://workhovdiminatedi.info/popunder.gif Requested by Host: www91.davisonbarker.pro URL: https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015` Request headers accept-language de-DE,de;q=0.9 Referer https://www91.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers pragma public date Fri, 05 May 2023 17:40:10 GMT cf-cache-status HIT last-modified Fri, 05 May 2023 16:19:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4816 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvkCzeMnUT80STpg95d4ZtkO5LD37KPZ8AdN4RJaRg%2BlExFNzLvWBmHUy6pSBhMe8lAvPPgTtlZxNj92iFm6BfhhD7vrKpwse%2BDupbYMbxoFYvGZu7NlwvoT0Umz4E3bOuKWLSE1vGCr"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable cf-ray 7c2ac45c4c9b373b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	204	WmhXa051VzQYcwlZASIYMS5uCRYcAjMzdzQNOlI3OVoBXhdpIXEfJz5Vb1l6bl9kTT4zDGpYfHwbIwo6LxtqWX5qX3ECIDwHalloLFVnRXd0WXleaC9VZl15a1BnX3ZvXmNbfGNbYE06KgkwVn98GCMfImdZYVN9aVhvX39qW2da workhovdiminatedi.info/	0 440 B	122ms 121ms	Ping text/plain	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://workhovdiminatedi.info/WmhXa051VzQYcwlZASIYMS5uCRYcAjMzdzQNOlI3OVoBXhdpIXEfJz5Vb1l6bl9kTT4zDGpYfHwbIwo6LxtqWX5qX3ECIDwHalloLFVnRXd0WXleaC9VZl15a1BnX3ZvXmNbfGNbYE06KgkwVn98GCMfImdZYVN9aVhvX39qW2da Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www91.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:10 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FJhBgzWzXcRfJS0iVfHpp%2FqjaWo%2BQxvZUYFsssKrCf8JZtDf2DBWGfzyzJWUmDG0V%2F%2Fl2TNda0utDX5S6FGBiFrCZ22YgeFx3MAVlVFjVyphesCIKCI1U%2BuSnQV6TZXJFYFv616P3NK"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7c2ac45c780535e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	floater Show response kultingecauyuksehinkitw.info/	2 KB 2 KB	248ms 248ms	XHR text/plain	13.225.78.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kultingecauyuksehinkitw.info/floater?cs=Umx1elNkVExPZ2ZeR0NgalxET2A&abt=0&red=1&sm=83&k=&v=0.9.1.5&sts=0&prn=0&emb=0&tid=824473&rxy=1600_1200&u=1671804856402937&agec=1683308409&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=943.3962264150944&ref=https%3A%2F%2Fwww91.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F113.0.5672.63%20safari%2F537.36&tzd=0&uloc=&if=0&aa=oi1_&_mfZI=1683308410302&crc=1 Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-121.fra2.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `9caf66ca8775878b97526707be29226af78fc1a40da190efca1906eca3c56500` Request headers accept-language de-DE,de;q=0.9 Referer https://www91.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers pragma no-cache date Fri, 05 May 2023 17:40:10 GMT content-encoding gzip via 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront) server openresty/1.17.8.2 accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront content-type text/plain access-control-allow-origin https://www91.davisonbarker.pro p3p CP="NID DSP ALL COR" cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true content-length 1196 x-amz-cf-id oLv0agVEHdOYeamWpauQNodKZ5IEbjAaz0yIYEde8HwYwZnUKI1HbA==
GET H2	204	utx Show response ablesasmetotr.monster/	0 544 B	326ms 107ms	XHR text/plain	54.230.163.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ablesasmetotr.monster/utx?tid=818286&top=www91.davisonbarker.pro&cb=pbWD5i6bebO8 Requested by Host: www91.davisonbarker.pro URL: https://www91.davisonbarker.pro/am-push-cps.js?puid=25467909&clickid=25467909_4712061&allb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit&ob=https%3A%2F%2Fwww14.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&clb=https%3A%2F%2Fwww14.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&asb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.163.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-163-121.ewr53.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www91.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers pragma no-cache date Fri, 05 May 2023 17:40:10 GMT via 1.1 2b873f743281511e290d4958008561c2.cloudfront.net (CloudFront) server openresty/1.17.8.2 accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-amz-cf-pop EWR53-C3 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www91.davisonbarker.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id _rkp-AYNiV9gTYpakuiQR9C3cd6H9xuWbf_gyuccOeXFO7rlCoBO0w==
POST H2	200	/ Show response ndandinter.hair/	0 37 B	354ms 126ms	XHR text/plain	54.162.51.18 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ndandinter.hair/ Requested by Host: www91.davisonbarker.pro URL: https://www91.davisonbarker.pro/am-push-cps.js?puid=25467909&clickid=25467909_4712061&allb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit&ob=https%3A%2F%2Fwww14.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&clb=https%3A%2F%2Fwww14.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&asb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.162.51.18 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-162-51-18.compute-1.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www91.davisonbarker.pro/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * content-length 0
GET H2	200	/ www14.davisonbarker.pro/pushredirect/	118 B 382 B	249ms 239ms	Document text/html	104.21.92.39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www14.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Requested by Host: www91.davisonbarker.pro URL: https://www91.davisonbarker.pro/am-push-cps.js?puid=25467909&clickid=25467909_4712061&allb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit&ob=https%3A%2F%2Fwww14.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&clb=https%3A%2F%2Fwww14.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&asb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash Request headers Referer https://www91.davisonbarker.pro/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7c2ac46208161909-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 05 May 2023 17:40:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTCKreqx%2Fm8B9bg5Rw9b9Nf2Tsae4Mm9dqyU85OBZ6LQ4sY61uN6oRX2bzg8LKFa0Zxkr6oNXcVjpLxK8uGMnvoCTn5C%2ByRgi%2FCUf3SV9PTutFP7a929%2Fp9OWRMc3cRBUoROfMeZ3i90Ug%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.3.27 x-turbo-charged-by LiteSpeed
GET H2	200	/ Show response www88.davisonbarker.pro/pushredirect/ Redirect Chain https://www91.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbM... https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9G...	5 KB 3 KB	256ms 244ms	Document text/html	104.21.92.39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash `8b330acff0b04480a0dd77248a58cd478151d4f809bb922438e8a2eb0b866c8b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 cf-cache-status DYNAMIC cf-ray 7c2ac4652ca51909-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 05 May 2023 17:40:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpL1YFUFfPa6kpyvgsnbBd%2BiU8zEZdW0UEtKAT%2FC95Um0Rswj34BxjYURDJQzteQr6fVPlQJu7YZ7uFw7qWiv34423e4vklOsugqlzF5W1bCK9Wx2Ak9es%2BcsA6zYWy9HVn5vSKxABh1bQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.3.27 x-turbo-charged-by LiteSpeed Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate, max-age=0 cf-cache-status DYNAMIC cf-ray 7c2ac4639f093838-FRA content-type text/html; charset=UTF-8 date Fri, 05 May 2023 17:40:11 GMT location https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxTNbPvfJx%2B3xmdGGlWgUP9080Mz43rcgU74ZuOoZc4H%2BFNeFDjKvAztOEtrTCwqy02h4G%2B1VPBP6VehGj4Okg%2BrYOcB9epgyZwdFrebiRFrx8%2BDIqvYAFoPsnyYvkVrEj%2BDyuCiQXxNTQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.3.27 x-turbo-charged-by LiteSpeed
GET H2	200	/ Show response dc5k8fg5ioc8s.cloudfront.net/	180 KB 51 KB	173ms 173ms	Script text/plain	52.222.250.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Requested by Host: www88.davisonbarker.pro URL: https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.250.225 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-250-225.fra60.r.cloudfront.net Software / Resource Hash `35c6b77759f8a17b624a083b7a64434b452a5827fe513f2ceb7bbe3e17e738c7` Request headers accept-language de-DE,de;q=0.9 Referer https://www88.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers pragma no-cache date Fri, 05 May 2023 17:40:12 GMT content-encoding gzip via 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 51555 x-amz-cf-id eEYlHU_OD2dVOUvLbQtboSLX9CqwP1n3NoyvrnidBuNVq1dHkq3_iw==
GET H3	200	logo.png www88.davisonbarker.pro/static/image/	10 KB 11 KB	29ms 28ms	Image image/png	104.21.92.39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www88.davisonbarker.pro/static/image/logo.png Requested by Host: www88.davisonbarker.pro URL: https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a` Request headers accept-language de-DE,de;q=0.9 Referer https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1352 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10726 last-modified Tue, 10 Nov 2020 09:44:06 GMT server cloudflare etag "29e6-5faa60e6-b22ed065d915c717;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wG3Hfe0tqhufPYBI2bJvpVUCGa6bu8JTJuUe6HU%2F7boz%2Bf%2FMRVwwYBz8ra%2BiSV7NHZWAWgDxv52%2FgYezCPRNPeixjBNmjlxHWOzNAmB%2BWhgVUFbtNZtsx8OcOBo%2BeBCCpyIPsiixoBJVpQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 7c2ac466bc423838-FRA expires Fri, 12 May 2023 17:17:24 GMT
GET H3	200	am-push-cps.js Show response www88.davisonbarker.pro/	101 KB 40 KB	230ms 230ms	Script application/x-javascript	104.21.92.39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www88.davisonbarker.pro/am-push-cps.js?puid=25467909&clickid=25467909_7239251&allb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit&ob=https%3A%2F%2Fwww25.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&clb=https%3A%2F%2Fwww25.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&asb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Requested by Host: www88.davisonbarker.pro URL: https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bc4720c44ed409f268f5c7791185c5464bd750e81a4e2deb2766b6d4270b4ca8` Request headers accept-language de-DE,de;q=0.9 Referer https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:12 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 08 Aug 2022 14:16:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"19284-62f11ad4-dcbd68a41223eabf;gz" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hU1yung15WpbK%2BDYRq4%2Bx0OjvaqSu93UXxW3nG1LD99dRHZ8uiPOmVozTTF1qDzPwAMUZpbCTXeLOCGHpsddT8pY0%2BW3T0idqCo643WBhkgC5esaU25I0eOd%2BVzA%2FNB3kxIm9crd14zYAw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 7c2ac466cc483838-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 12 May 2023 17:40:12 GMT
GET H2	200	asd100.bin Show response pogothere.xyz/	100 KB 100 KB	207ms 206ms	Fetch binary/octet-stream	172.64.198.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/asd100.bin Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.198.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16` Request headers accept-language de-DE,de;q=0.9 Referer https://www88.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:12 GMT cf-cache-status EXPIRED last-modified Fri, 05 May 2023 15:18:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin https://www88.davisonbarker.pro report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTYrQuK1umvA10t%2FvhmLbyyS30HIgQhdu9kR7e%2FC73kbvLPL9kYpEg9N3LhtJx56sv0hkSYBhTJI%2Fj%2F%2BGH%2Fslop2boTYmfe%2FccLR9uMfguc0HI0xO7X60AhwXB1kUcaP"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 access-control-allow-credentials true cf-ray 7c2ac467d9f51c1c-FRA access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	/ Show response pogothere.xyz/	27 B 399 B	129ms 129ms	Fetch text/plain	172.64.198.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/ Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.198.35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4712099780bbc8cccdee4f3fec901f0939548d64e1d4eb25086db9ea3088a62` Request headers accept-language de-DE,de;q=0.9 Referer https://www88.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:12 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pcrzq1XE%2FoKPOhMIUw7VMePsMtO2Wc6a%2B1tYmh4vdajN0%2FqHjbEveAOJOA4%2BVJI%2FHWF2DCIgwI1JkduORjdl5T1KEizr5z1yMYoNWH5oh80WM9VNo55jIyDkJ85vYy2q"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET access-control-allow-origin https://www88.davisonbarker.pro content-type text/plain access-control-allow-credentials true cf-ray 7c2ac467e9f81c1c-FRA access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx Show response kultingecauyuksehinkitw.info/	0 544 B	115ms 114ms	XHR text/plain	13.225.78.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kultingecauyuksehinkitw.info/utx?cb=XqcboBsb8weu&top=www88.davisonbarker.pro&tid=824473 Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-121.fra2.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www88.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers pragma no-cache date Fri, 05 May 2023 17:40:12 GMT via 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront) server openresty/1.17.8.2 accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www88.davisonbarker.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id qmLSVTxVMNJJ9aAPYdM3K1eLdpN3kvHNFspKgTZ9hTTgRt-yggS_9Q==
GET H2	200	VGsYGx4KPU8BGDMcRDw0IBlEGQUiCSQ Show response kultingecauyuksehinkitw.info/cmhxZE0TChIJchNVE0I4AARMQX80TUMiKRFdGlwrFV0YCy5KG18HIR0dFQI/HQYFSiMXHFRWCxY6CzIZEAMkDxoYWDgBJzwLP1UDSwwgIiMlMCsMFQspMy83ESE+Ay4hLhYpBTkfNDAMCyEQJTo8AhU2IldaNy06GgIiJyYf... Frame 37E2	3 KB 2 KB	122ms 122ms	Document text/html	13.225.78.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kultingecauyuksehinkitw.info/cmhxZE0TChIJchNVE0I4AARMQX80TUMiKRFdGlwrFV0YCy5KG18HIR0dFQI/HQYFSiMXHFRWCxY6CzIZEAMkDxoYWDgBJzwLP1UDSwwgIiMlMCsMFQspMy83ESE+Ay4hLhYpBTkfNDAMCyEQJTo8AhU2IldaNy06GgIiJyYfPws2GSsROwYANCZBPRsjWzUsJQgtCAcoOQEGLQcVKRktIT9eMCcMGC0IPR0XKwEFBiMLAS98IFopJQMLL0MqARZbEgAHMwsDLXwdAzkzD0MqJVQsKyAkIhQeXQMANTAPPSMPQyoiNQU5WzQmKR5YOT0qFgI3CgMIIDlJFxEMIj4LOx84AwA0KQkmHgUSNCMIHQs5NQ4UPkAeFBUMGzYkRh4gMHkxMTkyfxYECVUGQx9FJ38wWTMwHD4iGBwsFwMFVylDMUYsDh0ZJCwXESlCPQgrLTNVLCMqHTMVFhgwVg8+DEIACj8PFg8DJBBDPAw8ETMJHzMMHyEZOAQ/VGsYGx4KPU8BGDMcRDw0IBlEGQUiCSQ Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-121.fra2.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `782bbe9ea3c150dddf7479953f86541453ef3fd575a2e405f40658522ab83d62` Request headers Referer https://www88.davisonbarker.pro/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1240 content-type text/html date Fri, 05 May 2023 17:40:12 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront) x-amz-cf-id 90q6G8rJ1Q2nUWwmHbMq15gfE0WWMwJ-Qj7xQgk7ODCxgzhkQLf0UA== x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront
GET H3	204	NmM3b3EZXFQcTGE7YTknYSlCPUN0C2ICAXA6BSUnVFNxBCtgLhEbGFJeD11FAlQESQFfBwpcQxAQQw4FQxAKXldfDVEATBAVCl9fD00GQUQQFgpeV0ITVghMB0VHGwVaXgZZSQVQB1dFB1EGXEM workhovdiminatedi.info/	0 397 B	119ms 118ms	Image text/plain	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://workhovdiminatedi.info/NmM3b3EZXFQcTGE7YTknYSlCPUN0C2ICAXA6BSUnVFNxBCtgLhEbGFJeD11FAlQESQFfBwpcQxAQQw4FQxAKXldfDVEATBAVCl9fD00GQUQQFgpeV0ITVghMB0VHGwVaXgZZSQVQB1dFB1EGXEM Requested by Host: www88.davisonbarker.pro URL: https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www88.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Np1I76y7rK1W7QWPlnoak232QBVedElFk8N5DYOo3lO1YBfEYD1IMErOCYPFFTVZBzb5JiAV%2Fs4btlAEruZX7fK8D%2FpYTAtHiommrfWTVVOPeUu7NnOsQinE6%2FgeFMJCFc2meFVcd94O"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7c2ac467ea0c35e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	204	Z2tpRXpIVAo2RwYtOwouLwMPHxQTXzoDDgwOITEqPwYrYEghDSwuXBMCDXhCVV9dcklBGwAhR1RZTzYOBh8cNkdVW1lyXA4FDypHVU0feEpJUkd0VFJNHHhLQR8ZJB1aWk81DhMHVHRMX1hadUJTWlt0SVQ workhovdiminatedi.info/	0 397 B	117ms 117ms	Image text/plain	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://workhovdiminatedi.info/Z2tpRXpIVAo2RwYtOwouLwMPHxQTXzoDDgwOITEqPwYrYEghDSwuXBMCDXhCVV9dcklBGwAhR1RZTzYOBh8cNkdVW1lyXA4FDypHVU0feEpJUkd0VFJNHHhLQR8ZJB1aWk81DhMHVHRMX1hadUJTWlt0SVQ Requested by Host: www88.davisonbarker.pro URL: https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www88.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpAihXzsA3CqFmkDanO0e8s0KJPXV6OzIqYQRkj1DQKbD%2FDOsdMR5qnTRNN8Cah2WGA0ti5IYlkVvl9dIjuxYjQ2MZ66kLa96MI8orF9oFKe%2FHUoPLMnOUjg6SmBQDGO4Irao87PUEt6"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7c2ac467ea0e35e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	IwhjSCkmWzRTYyJbMFN0YVQ3DHhzEyceKiwIJgAhIlM6ACAjEyYPeCpaKQcpK1R2XANyG2NLd3cdJAcrI1okHWB1BT0aYHUFYl5rdxBgLGB1BSQHK3EBdl0HYgdjFnNzHH-ZcdSZFIwIgMFAxBSwzEGEocHQCfV1zYgdjRi4vQT4CYHV2dlx1K1w4C2B1BTQLJixa... Show response dc5k8fg5ioc8s.cloudfront.net/dRzVTbkUkWj0IejNcN1N9dQFnWXZhXyABKzcIOgcSFgMHKwETAyIaAwNjdRo/ Frame 37E2	463 B 642 B	163ms 163ms	Script text/plain	52.222.250.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dc5k8fg5ioc8s.cloudfront.net/dRzVTbkUkWj0IejNcN1N9dQFnWXZhXyABKzcIOgcSFgMHKwETAyIaAwNjdRo/IwhjSCkmWzRTYyJbMFN0YVQ3DHhzEyceKiwIJgAhIlM6ACAjEyYPeCpaKQcpK1R2XANyG2NLd3cdJAcrI1okHWB1BT0aYHUFYl5rdxBgLGB1BSQHK3EBdl0HYgdjFnNzHH-ZcdSZFIwIgMFAxBSwzEGEocHQCfV1zYgdjRi4vQT4CYHV2dlx1K1w4C2B1BTQLJixaekt3d1Y7HCoqUHZcA3YEYEB1aQBlWXdpA2BLd3dGMggkNVx2XANyBmRAdnETJlN0 Requested by Host: kultingecauyuksehinkitw.info URL: https://kultingecauyuksehinkitw.info/cmhxZE0TChIJchNVE0I4AARMQX80TUMiKRFdGlwrFV0YCy5KG18HIR0dFQI/HQYFSiMXHFRWCxY6CzIZEAMkDxoYWDgBJzwLP1UDSwwgIiMlMCsMFQspMy83ESE+Ay4hLhYpBTkfNDAMCyEQJTo8AhU2IldaNy06GgIiJyYfPws2GSsROwYANCZBPRsjWzUsJQgtCAcoOQEGLQcVKRktIT9eMCcMGC0IPR0XKwEFBiMLAS98IFopJQMLL0MqARZbEgAHMwsDLXwdAzkzD0MqJVQsKyAkIhQeXQMANTAPPSMPQyoiNQU5WzQmKR5YOT0qFgI3CgMIIDlJFxEMIj4LOx84AwA0KQkmHgUSNCMIHQs5NQ4UPkAeFBUMGzYkRh4gMHkxMTkyfxYECVUGQx9FJ38wWTMwHD4iGBwsFwMFVylDMUYsDh0ZJCwXESlCPQgrLTNVLCMqHTMVFhgwVg8+DEIACj8PFg8DJBBDPAw8ETMJHzMMHyEZOAQ/VGsYGx4KPU8BGDMcRDw0IBlEGQUiCSQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.250.225 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-250-225.fra60.r.cloudfront.net Software / Resource Hash `c6097dfab4ced581c0fccaf0170319c06645abb918ac54bcbb94f6a7e42d3829` Request headers accept-language de-DE,de;q=0.9 Referer https://kultingecauyuksehinkitw.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:12 GMT content-encoding gzip via 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 366 x-amz-cf-id 6WcYPgKtA5aRlqZ3cDaRq4l4pHCcsKGnpfrze-XCTo8AMa1aQJ2UVQ==
GET H2	502	Y09jU1gYbRAkBxY9D3FiQScXJygQdUx8LxQ4W2t2By4VOisMIQEyKggqEX0oESBMMjVOPxYgME4sEyB2CTxcIy0KK15hbVd5VGpoWmkAPzEAJAo3ZVF6V2VvWn9aDG9RfFphbVJpAj80AXILJywTPEZgGUZ9JXZqJSsMMCtNKAw8Pw8qTTA3DmpRFTwMLBY%2BPQ0... ndandinter.hair/	0 0	342ms 119ms	Script text/plain	54.162.51.18 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ndandinter.hair/Y09jU1gYbRAkBxY9D3FiQScXJygQdUx8LxQ4W2t2By4VOisMIQEyKggqEX0oESBMMjVOPxYgME4sEyB2CTxcIy0KK15hbVd5VGpoWmkAPzEAJAo3ZVF6V2VvWn9aDG9RfFphbVJpAj80AXILJywTPEZgGUZ9JXZqJSsMMCtNKAw8Pw8qTTA3DmpRFTwMLBY%2BPQ07RmEeB2pRFWkQDDk6dSJ9DSBrOXY2Zy4KBRBqHxM%2BLAI9ACcBYzFbYgQxOi4DMWUeBx06dmolKgc6LEUgAW4wFzsTIH1QDkZhHkZ9JSQvFH1WfTwCOQogNw0tAiEzBj1NIyoMalEVKBY8CyE9ByYRNjsXalEVfVAJFz4oRnwnYn1ReQ02LBQgETh9UAtQdmpVJgwgfVALU3ZqVTwKJz1GfCcyPAUjGnZqVSxGYBxRalFlKBMmRmAcUXpXZW9af1p2alU%2FADp9UAtVamlSeVphb1V6RmFuF2pQF2lVd1BgaFV9UGJ9UXkHNisXalAXMBc7EyB9UXpQEn1RelEVfVF6URU8DCwQfT8MIAQ%2FPU0sDD59UXpRFTwMLBY%2BPQ07RmFtUQkHdmpWfSViKyAVCn4ZUSEQYAJaGlclMSk8WhQoEgAyNjsLLVM6YE4oATEVLx1VFTwxFkZhbVEJBjcxF2kAPzpeJxcnKBBqUBJ9UQlGYR4UOBRhbU0rAiUxECANMTkRJAYhdhM9DHZqJT8WIDARKgc6KgYsF3ZqJWpQFSwOP0ZgHFFqUWU2BjsUPCoIalAXa0Z9VTo3EGpQF2hGfVUgMRcqRmAcAisFPyFGfVUwfVALUXZqVT8TOn1QC1FmbFV4WmNhRn1VIzsKalAXblp%2BUmVhUXhVZn1ReRd2ayd%2BVWtrUH9VYWtSalFlPAY8F3ZrJycXJygQalFmayJqUWZqJWpRZmolKwwwK00oDDw%2FDypNMDcOalFmaiUrDDAtDioNJ31RelEVPEZ9VmEeUjwgCTFODlE9K1AVWgZsFSYpIGEkPxIcCQYsCzFoCndONDoBAi8BbiUrMQp9UXpRFT0HJhd1ORAtXjssFz8QdmsialEVfVEJBzw7EGEEPDcEIwZ9OwwiRmEeByAAJjUGIRd2aiUrRmEeUjwgCTFODlE9K1AVWgZsFSYpIGEkPxIcCQYsCzFoCndONDoBAi8BbiUrMQp9UQkGNzEXbU9xKw4pQWlpT20QPi5BdUFndlBtT3EsAig8OjxBdUFraVt9W2V6T20QJjo8JgdielltUWZsVXhaY2FBY0EgLQEQCjdqQXVBYW1XeVRqaFoQVGFrWn1WYnpPbQI%2FNAFtWXEwFzsTIGJMYAc8OxBhBDw3BCMGfTsMIkw3NwA6DjY2F2AHfGkQDDk6dSJ9DSBrOXY2Zy4KBRBqHxM%2BLAI9ACcBYzFbYgQxOi4DMWUeBx06fD0HJhdxdEEgAXFiQScXJygQdUx8LxQ4UWZ2By4VOisMIQEyKggqEX0oESBMIy0QJxE2PAo9BjAsTHAXPihefkU9PRc4DCEzXnxFOjcQclN1Kwo7Bm45BykPKn4AclF1KBMmXmFtV3lUamhaaRMwMV55WmJpVXZRZG5WaRduaVV3UGBoVX1QYn4HKhAnZQs7FyMrRnwidmolalEVPAwsEH0%2FDCAEPz1NLAw%2BfVEJBzw7FiIGPSxGfSU3fVEJUiAbOSZOEmoNPFAJYTZ7FToSEHYkIyksHgYwMAF%2FCmt1BC0BHhQxeSU3CjpqURU9ByYXcXRBLA8xelltCycsEzxZfHcUOBRhbU0rAiUxECANMTkRJAYhdhM9DHwoFjwLIT0HJhE2OxdgXCc1E3JRdTYGOxQ8KghyUHUxDDxeY34QJhc2ZQIrBT8hRSxeYX4TPwpualZ7VWRhU3ZFIzsKclVqaVJ5WmFvVXpFJ2VSeVtga1N5UWBpRSsGICxeJxcnKBBqUBJ9UQlGYR4HIAAgdgQgDDQ0BmEAPDVGfSU3NwA6DjY2F2pRFTxGfSViKyAVCn4ZUSEQYAJaGlclMSk8WhQoEgAyNjsLLVM6YE4oATEVLx1VFTwxFkZhHgYrCid6T20CIDpBdUE7LBc%2FEGl3TCsMMCtNKAw8Pw8qTTA3DmAHPDsWIgY9LEwrTGIrIBUKfhlRIRBgAloaVyUxKTxaFCgSADI2OwstUzpgTigBMRUvHVUVPDEWTDY8CjtBLg Requested by Host: www88.davisonbarker.pro URL: https://www88.davisonbarker.pro/am-push-cps.js?puid=25467909&clickid=25467909_7239251&allb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit&ob=https%3A%2F%2Fwww25.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&clb=https%3A%2F%2Fwww25.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&asb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.162.51.18 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-162-51-18.compute-1.amazonaws.com Software / Express Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www88.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers access-control-allow-origin * x-powered-by Express access-control-allow-headers X-Requested-With,content-type access-control-allow-methods GET, POST
GET H3	200	popunder.gif workhovdiminatedi.info/	35 B 518 B	29ms 29ms	Image image/gif	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://workhovdiminatedi.info/popunder.gif Requested by Host: www88.davisonbarker.pro URL: https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015` Request headers accept-language de-DE,de;q=0.9 Referer https://www88.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers pragma public date Fri, 05 May 2023 17:40:12 GMT cf-cache-status HIT last-modified Fri, 05 May 2023 16:19:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4818 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zvikejUecTHjGWHYRPCM11wwHaeih8WOSNuCr8oksIaDMrzBPPFZBtNZrZbo5ARpgXfp7N%2B2NBnvfmTTlM%2FUOgqdkMAR%2BeLyzBt7sKWwVUHHmekhrVRQRo430%2FfwYEVDAHe4QlxreNM"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable cf-ray 7c2ac46a6dec35e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	204	NE1DVFUbciAnaGAaBQE3Yg91AWdyFxocYGYULyQ7UXwVOA1jCGUgPFBwe2ZhAHpwciVdKX5nZxI+NzUhQT5+ZmUEemU9O1IifmZzQnBzemwafG1hc0FwcmJiBXVzYG0Be3dkZw1+dHIhRCwkaWQSPTcgOQl8dWxmB317YGQGeHVi workhovdiminatedi.info/	0 397 B	120ms 120ms	Ping text/plain	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://workhovdiminatedi.info/NE1DVFUbciAnaGAaBQE3Yg91AWdyFxocYGYULyQ7UXwVOA1jCGUgPFBwe2ZhAHpwciVdKX5nZxI+NzUhQT5+ZmUEemU9O1IifmZzQnBzemwafG1hc0FwcmJiBXVzYG0Be3dkZw1+dHIhRCwkaWQSPTcgOQl8dWxmB317YGQGeHVi Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www88.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:12 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xvi1F52STVXOT5vhgHRu2HKXz7b3%2FsKl0ZgIAK4HQxyPKemRNJ39TvPMd3obCdpMrEtSg7iqBkESA82AX011Dga06vpvGCGCpv2e7SkR8heIXj%2FKdfkegPpcZ4l7yTJWE3pTs9RFTdfZ"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7c2ac46a9e2835e6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	floater Show response kultingecauyuksehinkitw.info/	2 KB 2 KB	282ms 282ms	XHR text/plain	13.225.78.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://kultingecauyuksehinkitw.info/floater?cs=S2lRQXB8W2R1QHhZZ3ZHfV1gcUE&abt=0&red=1&sm=83&k=&v=0.9.1.5&sts=0&prn=0&emb=0&tid=824473&rxy=1600_1200&u=1671804856402937&agec=1683308409&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=255.1020408163265&ref=https%3A%2F%2Fwww88.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F113.0.5672.63%20safari%2F537.36&tzd=0&uloc=&if=0&aa=oi1_&_f8Ms=1683308412567&crc=1 Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-121.fra2.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `f6e0db11cbf873091dcaa4177fab9697fa4dbc6cadb8680949abacf594f7c0d9` Request headers accept-language de-DE,de;q=0.9 Referer https://www88.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers pragma no-cache date Fri, 05 May 2023 17:40:12 GMT content-encoding gzip via 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront) server openresty/1.17.8.2 accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront content-type text/plain access-control-allow-origin https://www88.davisonbarker.pro p3p CP="NID DSP ALL COR" cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true content-length 1188 x-amz-cf-id MM7Qb2y97aAjbzXfBsasLkNgHiVkGW4CZ6P6WHjxeW-FSq4W_cesJg==
GET H2	204	utx Show response ablesasmetotr.monster/	0 544 B	107ms 107ms	XHR text/plain	54.230.163.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ablesasmetotr.monster/utx?tid=818286&top=www88.davisonbarker.pro&cb=JD5PhbV1Dwj5 Requested by Host: www88.davisonbarker.pro URL: https://www88.davisonbarker.pro/am-push-cps.js?puid=25467909&clickid=25467909_7239251&allb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit&ob=https%3A%2F%2Fwww25.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&clb=https%3A%2F%2Fwww25.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&asb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.163.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-163-121.ewr53.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www88.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers pragma no-cache date Fri, 05 May 2023 17:40:12 GMT via 1.1 2b873f743281511e290d4958008561c2.cloudfront.net (CloudFront) server openresty/1.17.8.2 accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-amz-cf-pop EWR53-C3 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www88.davisonbarker.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id WsN_eWjuYR7my-9ugA7D1FKa74ZnUlktw_cKmN8vsDbLlgAxMdPsRw==
POST H2	200	/ Show response ndandinter.hair/	0 37 B	340ms 113ms	XHR text/plain	54.162.51.18 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ndandinter.hair/ Requested by Host: www88.davisonbarker.pro URL: https://www88.davisonbarker.pro/am-push-cps.js?puid=25467909&clickid=25467909_7239251&allb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit&ob=https%3A%2F%2Fwww25.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&clb=https%3A%2F%2Fwww25.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&asb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.162.51.18 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-162-51-18.compute-1.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www88.davisonbarker.pro/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * content-length 0
GET H2	200	/ www25.davisonbarker.pro/pushredirect/	118 B 385 B	254ms 245ms	Document text/html	104.21.92.39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www25.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=2&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Requested by Host: www88.davisonbarker.pro URL: https://www88.davisonbarker.pro/am-push-cps.js?puid=25467909&clickid=25467909_7239251&allb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit&ob=https%3A%2F%2Fwww25.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&clb=https%3A%2F%2Fwww25.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&asb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash Request headers Referer https://www88.davisonbarker.pro/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7c2ac470e8601909-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 05 May 2023 17:40:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqOjf5d%2FLg9WRcfnzYecsLvfO28c4KmwfS%2B3PPd%2FIqgX79d2vCB99sUvNLVwnS0QrnEsyeVtc2nJ8r9P%2Br1F9%2Frj47TGIsMNmf36OjNyuEWsQHozBc5ywXGmd%2Bn6xrucnJACM6znf1Ltqw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.3.27 x-turbo-charged-by LiteSpeed
GET H2	200	Primary Request / Show response www54.davisonbarker.pro/pushredirect/ Redirect Chain https://www88.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9G... https://www54.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9G...	5 KB 3 KB	250ms 240ms	Document text/html	104.21.92.39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www54.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash `5cd611de6168691a5752e8ba9e4570d7bbc89d3c7abf99212e29961ffb3559fa` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 cf-cache-status DYNAMIC cf-ray 7c2ac4740cec1909-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 05 May 2023 17:40:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DxIqhSi%2FgN%2BQRWE17Lglc9Oz%2FJ76xv%2Fap2bQjx4msIJE%2FN9ez5ymfIvnziX%2F8vMRnE6YRF8Ardcudw62SuaGonIMtWpcSBUEwFRMxLrlNAtnOI7xGCv%2BxMrcuVwVLdVfXf8zob67aP7tZw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.3.27 x-turbo-charged-by LiteSpeed Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate, max-age=0 cf-cache-status DYNAMIC cf-ray 7c2ac4728db33838-FRA content-type text/html; charset=UTF-8 date Fri, 05 May 2023 17:40:14 GMT location https://www54.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWgsxqHtlFllEFOPvOAsdNfBKnIyqeA28X%2FlhiAwW%2BLRlR%2Bgqt4vhq56dUkj%2BiI4gkoyWdLu5Xwns9GmcqZA2y0wkUhnf4D6aluaOS1mCWZ3EIeVgQ2yw%2Ba8C5VUtFldOdLZjt3gPt3BeQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.3.27 x-turbo-charged-by LiteSpeed
GET H2	200	/ dc5k8fg5ioc8s.cloudfront.net/	60 KB 0	179ms 178ms	Script text/plain	52.222.250.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Requested by Host: www54.davisonbarker.pro URL: https://www54.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.250.225 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-250-225.fra60.r.cloudfront.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www54.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers pragma no-cache date Fri, 05 May 2023 17:40:14 GMT content-encoding gzip via 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 51555 x-amz-cf-id DmLN7oua-1hRb8lySMWZlZUP1Lz4a-BcujDhrL0QjJcWEzzNZf2moQ==
GET H3	200	logo.png www54.davisonbarker.pro/static/image/	10 KB 11 KB	30ms 29ms	Image image/png	104.21.92.39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www54.davisonbarker.pro/static/image/logo.png Requested by Host: www54.davisonbarker.pro URL: https://www54.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a` Request headers accept-language de-DE,de;q=0.9 Referer https://www54.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=25467909&pci=6911692765&t=1683306231&dest=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36 Response headers date Fri, 05 May 2023 17:40:14 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1055 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10726 last-modified Tue, 10 Nov 2020 09:44:06 GMT server cloudflare etag "29e6-5faa60e6-b4021a56880f53fc;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CIMdwSVsFQ%2FBzzWtJJN%2BTtjshP7d%2FRnNp6QjEliZuTslttNB1jvFEKrb6nxF2t2B9sQsgjMjaoPh2l5oKV8bYPlSpX2KgE73mzf6lpmHpJxiDQulnGGLcsZ72mY%2BTul6vJdR9u2vU2GaQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 7c2ac4759a3f3838-FRA expires Fri, 12 May 2023 17:22:39 GMT
GET		am-push-cps.js www54.davisonbarker.pro/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www54.davisonbarker.pro
URL: https://www54.davisonbarker.pro/am-push-cps.js?puid=25467909&clickid=25467909_2258534&allb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit&ob=https%3A%2F%2Fwww75.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D3%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&clb=https%3A%2F%2Fwww75.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D3%26ppi%3D25467909%26pci%3D6911692765%26t%3D1683306231%26dest%3Dhttps%253A%252F%252Fdocs.google.com%252Fdocument%252Fd%252F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%252Fedit&asb=https%3A%2F%2Fdocs.google.com%2Fdocument%2Fd%2F1sCZi-A2ns3Z9U4viJs9GpqOQechb0i8-gbbMLR6FdRY%2Fedit

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pogothere.xyz/	1970-01-20 20:13:32	Name: csu Value: 1671804856402937@2@1683308409

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ndandinter.hair/OFM2RjNDcUUxbE0hWmQJGjtCMkNLaRlpRE8kD3cdXDJAL0BXPVQnQVM2RGhDSjwZJ14VI0M1WxUwRjUdUiAJNkZRNwt0BgxlAX8DAXVVKlpbOF8iDgpmAnAEAWMPGQcPYgR2BQl1VypfWm5eMkdIIBN1ch1hcGMBfjdZJUAWNFkpVFQ2GCVcVXYEAFdXMEMrVlYnE3R1XHYEAAJLEGwvHnlhWDUAYmpjckVRGUV%2FdEgieRdWWztUdloAflEkUXUfZHB1XAFvYwF%2BNlIvRx48VHtbTCdGNRYLEhN0dR1hcDFET2ICaFdZJV81XFYxVzRYXSEYNkFXdgQAQ00gXjRWXDpEI1BMdgQAFgsVQitDHWBydxYKZVgjR088RC0WCxcFYwEOOlk1FgsXBmMBDiBfMlYdYHInV14%2FT2MBDjATdXcJdgRwQ0g6E3V3CmYCcAQBYw9jAQ4jVS8WCxcAfwIJZQ90BA5mE3QFTHYFAgIOawV1Aw5hBXcWCmVSI0BMdgUCW0wnRjUWCmYFBxYKZgQAFgpmBABXVzBFaFRXPFEqVhYwWSsWCmYEAFdXMEMrVlYnE3QGChVSYwENYXB3QHsJX2tyCj1FdWkBBgIwWnIgDwFDSRxnI1BQMQYvCxU0VCR%2BdAEAAFdqChN0BgoVUyJaTHVVKlEFO0IyQ0t2BQcWChUTdHVPJEF3BxY3VzBaSzxYJFJKOFM0HUghWWMBfiNDNVtKNlIvQV0wQmMBfnYFAEdVIxN1dwp2BHBdXSdBKUFTdgUCAB1hAC9cS3YFAgMdYQA1Wkw2E3V3WTdQKkodYQAlFgsXB2MBDiNGLxYLFwRzBw5kD3YKHWEANlBRdgUCBQFiB3AKCmQAcxYKZUJjAHxiAH4AC2MAdAAJdgRwV10gQmMAfDtCMkNLdgRzAHl2BHMBfnYEcwF%2BN1klQBY0WSlUVDYYJVxVdgRzAX43WSVGVTZYMhYKZgQAVx1hA3R1CSB1HFoVEgQoQAsJDxMHTjp8NQp%2FI0cJYl0wXiQDUWsbIVFaHnoUBX43ZB8WCmYEAFZcOkJgUksxCy5HTCNFYwB5dgQAFgoVUilQS31RKVxfP1NoUFc%2BE3R1XDxVM15dPUJjAX43E3R1CSB1HFoVEgQoQAsJDxMHTjp8NQp%2FI0cJYl0wXiQDUWsbIVFaHnoUBX43ZB8WChVTIlpMcRpkQFU1FHwCFHFFK0UaaRRyHQtxGmRHWTRpL1caaRR%2BAgBhDnARFHFFM1FnOlJ3EQJxBHMHDmQPdgoafxQ1RloMXyIBGmkUdAYMZQF%2FAwEMAnECCmMAdxEUcVcqX1pxDGRbTCdGNQkXfFIpUEt9USlcXz9TaFBXPhkiXFsmWyNdTHxSaQJLEGwvHnlhWDUAYmpjckVRGUV%2FdEgieRdWWztUdloAflEkUXUfZHB1XAFvaVZcOkJkHxo8VGQJGjtCMkNLaRlpRE8kB3IdXDJAL0BXPVQnQVM2RGhDSjwZNkZLO0QjV1EhUyVHF2xCK0MFYhAoVkwkWTRYBWAQL1xLbgZgQFEnU3tSXDVaPxVbbgdgQ0g6C3QGDGUBfwMBdUYlWgVlD3cCDmoEcQUNdUJ7Ag5rBXUDDmEFdxVcNkUyDlAnQjZAHWB3YwF%2BdgQAV1cwRWhUVzxRKlYWMFkrFgoVUilQTT5TKEcdYXAiFgoVBzVwYjobBwFWIAUcCm1nQC95S2pxNkJ3AlMlW1pjX34eXzFUC39qZXAiYWF2BABWXDpCZB8aMFokEQJxXjJHSCAMaRxPJEF3BxY3VzBaSzxYJFJKOFM0HUghWWlDTSBeNFZcOkQjUEx8CTJeSG4EYF1dJ0EpQVNuBWBaVyALdhVLOkIjDlk3UCpKHjALdxVII197AQ1nAHEKCGoQNlBRbgB%2FAgllD3QEDmYQMg4JZQ51AAhlBHUCHjdTNUcFO0IyQ0t2BQcWChUTdHVcPFU1HV88WSFfXX1VKV4dYXAiXFsmWyNdTHYEAFcdYXB3QHsJX2tyCj1FdWkBBgIwWnIgDwFDSRxnI1BQMQYvCxU0VCR%2BdAEAAFdqChN0dV03XzIRFHFXNVEaaRQuR0wjRXwcFzdZJUAWNFkpVFQ2GCVcVXxSKVBNPlMoRxc3GXdAewlfa3IKPUV1aQEGAjBaciAPAUNJHGcjUFAxBi8LFTRUJH50AQAAV2oKGSNXUScUOw Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ndandinter.hair/Y09jU1gYbRAkBxY9D3FiQScXJygQdUx8LxQ4W2t2By4VOisMIQEyKggqEX0oESBMMjVOPxYgME4sEyB2CTxcIy0KK15hbVd5VGpoWmkAPzEAJAo3ZVF6V2VvWn9aDG9RfFphbVJpAj80AXILJywTPEZgGUZ9JXZqJSsMMCtNKAw8Pw8qTTA3DmpRFTwMLBY%2BPQ07RmEeB2pRFWkQDDk6dSJ9DSBrOXY2Zy4KBRBqHxM%2BLAI9ACcBYzFbYgQxOi4DMWUeBx06dmolKgc6LEUgAW4wFzsTIH1QDkZhHkZ9JSQvFH1WfTwCOQogNw0tAiEzBj1NIyoMalEVKBY8CyE9ByYRNjsXalEVfVAJFz4oRnwnYn1ReQ02LBQgETh9UAtQdmpVJgwgfVALU3ZqVTwKJz1GfCcyPAUjGnZqVSxGYBxRalFlKBMmRmAcUXpXZW9af1p2alU%2FADp9UAtVamlSeVphb1V6RmFuF2pQF2lVd1BgaFV9UGJ9UXkHNisXalAXMBc7EyB9UXpQEn1RelEVfVF6URU8DCwQfT8MIAQ%2FPU0sDD59UXpRFTwMLBY%2BPQ07RmFtUQkHdmpWfSViKyAVCn4ZUSEQYAJaGlclMSk8WhQoEgAyNjsLLVM6YE4oATEVLx1VFTwxFkZhbVEJBjcxF2kAPzpeJxcnKBBqUBJ9UQlGYR4UOBRhbU0rAiUxECANMTkRJAYhdhM9DHZqJT8WIDARKgc6KgYsF3ZqJWpQFSwOP0ZgHFFqUWU2BjsUPCoIalAXa0Z9VTo3EGpQF2hGfVUgMRcqRmAcAisFPyFGfVUwfVALUXZqVT8TOn1QC1FmbFV4WmNhRn1VIzsKalAXblp%2BUmVhUXhVZn1ReRd2ayd%2BVWtrUH9VYWtSalFlPAY8F3ZrJycXJygQalFmayJqUWZqJWpRZmolKwwwK00oDDw%2FDypNMDcOalFmaiUrDDAtDioNJ31RelEVPEZ9VmEeUjwgCTFODlE9K1AVWgZsFSYpIGEkPxIcCQYsCzFoCndONDoBAi8BbiUrMQp9UXpRFT0HJhd1ORAtXjssFz8QdmsialEVfVEJBzw7EGEEPDcEIwZ9OwwiRmEeByAAJjUGIRd2aiUrRmEeUjwgCTFODlE9K1AVWgZsFSYpIGEkPxIcCQYsCzFoCndONDoBAi8BbiUrMQp9UQkGNzEXbU9xKw4pQWlpT20QPi5BdUFndlBtT3EsAig8OjxBdUFraVt9W2V6T20QJjo8JgdielltUWZsVXhaY2FBY0EgLQEQCjdqQXVBYW1XeVRqaFoQVGFrWn1WYnpPbQI%2FNAFtWXEwFzsTIGJMYAc8OxBhBDw3BCMGfTsMIkw3NwA6DjY2F2AHfGkQDDk6dSJ9DSBrOXY2Zy4KBRBqHxM%2BLAI9ACcBYzFbYgQxOi4DMWUeBx06fD0HJhdxdEEgAXFiQScXJygQdUx8LxQ4UWZ2By4VOisMIQEyKggqEX0oESBMIy0QJxE2PAo9BjAsTHAXPihefkU9PRc4DCEzXnxFOjcQclN1Kwo7Bm45BykPKn4AclF1KBMmXmFtV3lUamhaaRMwMV55WmJpVXZRZG5WaRduaVV3UGBoVX1QYn4HKhAnZQs7FyMrRnwidmolalEVPAwsEH0%2FDCAEPz1NLAw%2BfVEJBzw7FiIGPSxGfSU3fVEJUiAbOSZOEmoNPFAJYTZ7FToSEHYkIyksHgYwMAF%2FCmt1BC0BHhQxeSU3CjpqURU9ByYXcXRBLA8xelltCycsEzxZfHcUOBRhbU0rAiUxECANMTkRJAYhdhM9DHwoFjwLIT0HJhE2OxdgXCc1E3JRdTYGOxQ8KghyUHUxDDxeY34QJhc2ZQIrBT8hRSxeYX4TPwpualZ7VWRhU3ZFIzsKclVqaVJ5WmFvVXpFJ2VSeVtga1N5UWBpRSsGICxeJxcnKBBqUBJ9UQlGYR4HIAAgdgQgDDQ0BmEAPDVGfSU3NwA6DjY2F2pRFTxGfSViKyAVCn4ZUSEQYAJaGlclMSk8WhQoEgAyNjsLLVM6YE4oATEVLx1VFTwxFkZhHgYrCid6T20CIDpBdUE7LBc%2FEGl3TCsMMCtNKAw8Pw8qTTA3DmAHPDsWIgY9LEwrTGIrIBUKfhlRIRBgAloaVyUxKTxaFCgSADI2OwstUzpgTigBMRUvHVUVPDEWTDY8CjtBLg Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ablesasmetotr.monster
dc5k8fg5ioc8s.cloudfront.net
kultingecauyuksehinkitw.info
ndandinter.hair
pogothere.xyz
workhovdiminatedi.info
www14.davisonbarker.pro
www25.davisonbarker.pro
www54.davisonbarker.pro
www88.davisonbarker.pro
www91.davisonbarker.pro
www54.davisonbarker.pro
104.21.92.39
13.225.78.121
172.64.198.35
188.114.96.3
52.222.250.225
54.162.51.18
54.230.163.121
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a
2ba01500193395d33cc81dc8737f8bf11519c63db556a8735a92651661648437
35c6b77759f8a17b624a083b7a64434b452a5827fe513f2ceb7bbe3e17e738c7
5cd611de6168691a5752e8ba9e4570d7bbc89d3c7abf99212e29961ffb3559fa
74141148f060e9c6bb57641a79c4b752a5d21fd9bd0e0563b86aed2f3d30d87e
782bbe9ea3c150dddf7479953f86541453ef3fd575a2e405f40658522ab83d62
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b330acff0b04480a0dd77248a58cd478151d4f809bb922438e8a2eb0b866c8b
933e7a3f429f8e4a46f806f0895320e82cef21a80b15e45e6ad4c4a9c1febb67
9caf66ca8775878b97526707be29226af78fc1a40da190efca1906eca3c56500
bc4720c44ed409f268f5c7791185c5464bd750e81a4e2deb2766b6d4270b4ca8
c6097dfab4ced581c0fccaf0170319c06645abb918ac54bcbb94f6a7e42d3829
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4712099780bbc8cccdee4f3fec901f0939548d64e1d4eb25086db9ea3088a62
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6e0db11cbf873091dcaa4177fab9697fa4dbc6cadb8680949abacf594f7c0d9

www54.davisonbarker.pro Open in urlscan Pro 104.21.92.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

40 Requests

98 %HTTPS

0 %IPv6

7 Domains

11 Subdomains

8 IPs

3 Countries

438 kBTransfer

880 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www54.davisonbarker.pro Open in urlscan Pro
104.21.92.39 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

98 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

8
IPs

3
Countries

438 kB
Transfer

880 kB
Size

1
Cookies

40 HTTP transactions
0 data transactions