URL: https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest...
Submission: On August 02 via manual from US — Scanned from DE

Summary

This website contacted 13 IPs in 2 countries across 13 domains to perform 30 HTTP transactions. The main IP is 172.67.186.48, located in United States and belongs to CLOUDFLARENET, US. The main domain is www14.davisonbarker.pro.
TLS certificate: Issued by E1 on July 20th 2022. Valid for: 3 months.
This is the only time www14.davisonbarker.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.186.48 13335 (CLOUDFLAR...)
1 192.243.59.12 39572 (ADVANCEDH...)
2 52.222.250.181 16509 (AMAZON-02)
4 192.243.59.20 39572 (ADVANCEDH...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 18.66.248.95 16509 (AMAZON-02)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 142.0.204.220 7979 (SERVERS-COM)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 192.243.61.227 39572 (ADVANCEDH...)
1 52.29.132.48 16509 (AMAZON-02)
1 52.218.208.9 16509 (AMAZON-02)
30 13
Apex Domain
Subdomains
Transfer
5 briolenproc.pics
briolenproc.pics
2 KB
4 furstraitsbrowse.com
furstraitsbrowse.com — Cisco Umbrella Rank: 753534
469 B
3 owledconside.xyz
owledconside.xyz
3 KB
3 davisonbarker.pro
www14.davisonbarker.pro
46 KB
2 dismantlepenantiterrorist.com
dismantlepenantiterrorist.com — Cisco Umbrella Rank: 113348
425 B
2 freychang.fun
freychang.fun — Cisco Umbrella Rank: 16921
101 KB
2 cloudfront.net
dc5k8fg5ioc8s.cloudfront.net
49 KB
1 amazonaws.com
webpick-cdn.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 68762 Failed
9 KB
1 simplewebanalysis.com
simplewebanalysis.com — Cisco Umbrella Rank: 9641
295 B
1 addresseepaper.com
addresseepaper.com — Cisco Umbrella Rank: 12065
23 KB
1 clenchedyouthmatching.com
clenchedyouthmatching.com — Cisco Umbrella Rank: 172505
159 B
1 auntieimpetus.com
auntieimpetus.com — Cisco Umbrella Rank: 798976
613 B
0 venetrigni.com Failed
venetrigni.com Failed
30 13
Domain Requested by
5 briolenproc.pics www14.davisonbarker.pro
dc5k8fg5ioc8s.cloudfront.net
4 furstraitsbrowse.com www14.davisonbarker.pro
3 owledconside.xyz dc5k8fg5ioc8s.cloudfront.net
3 www14.davisonbarker.pro www14.davisonbarker.pro
2 dismantlepenantiterrorist.com www14.davisonbarker.pro
2 freychang.fun dc5k8fg5ioc8s.cloudfront.net
2 dc5k8fg5ioc8s.cloudfront.net www14.davisonbarker.pro
owledconside.xyz
1 webpick-cdn.s3.us-west-2.amazonaws.com dc5k8fg5ioc8s.cloudfront.net
1 simplewebanalysis.com addresseepaper.com
1 addresseepaper.com www14.davisonbarker.pro
1 clenchedyouthmatching.com www14.davisonbarker.pro
1 auntieimpetus.com www14.davisonbarker.pro
0 venetrigni.com Failed www14.davisonbarker.pro
30 13

This site contains links to these domains. Also see Links.

Domain
furstraitsbrowse.com
Subject Issuer Validity Valid
*.davisonbarker.pro
E1
2022-07-20 -
2022-10-18
3 months crt.sh
auntieimpetus.com
R3
2022-07-29 -
2022-10-27
3 months crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
furstraitsbrowse.com
R3
2022-07-22 -
2022-10-20
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-10-16 -
2022-10-15
a year crt.sh
owledconside.xyz
Amazon
2022-07-27 -
2023-08-25
a year crt.sh
*.briolenproc.pics
E1
2022-07-18 -
2022-10-16
3 months crt.sh
clenchedyouthmatching.com
R3
2022-07-30 -
2022-10-28
3 months crt.sh
*.addresseepaper.com
E1
2022-06-25 -
2022-09-23
3 months crt.sh
dismantlepenantiterrorist.com
R3
2022-06-30 -
2022-09-28
3 months crt.sh
simplewebanalysis.com
Amazon
2022-04-01 -
2023-04-30
a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon
2021-12-17 -
2022-11-29
a year crt.sh

This page contains 3 frames:

Primary Page: https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
Frame ID: 944BA1FFEECDA8BD08711AC97DAFEB93
Requests: 26 HTTP requests in this frame

Frame: https://owledconside.xyz/M2N5SVdSARokaFJeG28iQQ9EbGV1RksPM1BWEnExVFYQJjQLEFcqO1wWHS8lXA0NZzlWF1x7EWUHLgMHYjQoHhNgJhceIHYvMnovUDFIE2BXDx0dFHcUDAowZQUxJxZrJC0PcgEhPggWUCUOGA57BBojNmc2HAwBCkZLDw1EBCwNFFtbKCEWfi8xMQFmFDQ7HgIPOxsTQBs6MWJVLBBxFnYiKCQbRCYrGxNcBC4bMH0tKi4edDI3ODRKKTgdHwoILyIBeCw6Lhx2Mkl9GlglMRw+dlIoHDNgBRcPHGE2HXEWAyUxHD1UDDoiGWQCFwA6ZiU7bGV1LC8DFWBRVDktZSEoGgdKUzsIMFAXMi5ncTFKeR9mNiMfDmspKhwRcUZLDzZiWx0PPnoXKBw0WwIXBwJ0MgoiHXYlMRw+VAg7MWN9ORQbAGEyPCcaRBAgC2VDGTAiBWAFPnACZFIdbGV1B0gbNWZQAXgGZgcqGRRyID8LFl45PxAtZVABewRYOSwoA2E5KwhxWRAWJycOMkg6O2BSIC0+RiggMyVy
Frame ID: 1C370C32AC80C63F9B47A09F8F36BFFB
Requests: 2 HTTP requests in this frame

Frame: https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
Frame ID: C21E25A897180DFA2EC8CDA27C45AB5A
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

AdFly - Click Allow to continue

Page Statistics

30
Requests

87 %
HTTPS

25 %
IPv6

13
Domains

13
Subdomains

13
IPs

2
Countries

237 kB
Transfer

452 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www14.davisonbarker.pro/pushredirect/
73 KB
29 KB
Document
General
Full URL
https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.186.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
fac84b858e4e778f4fc43b53065741647205110c5bec3d725fbedd8d8608833d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
734477002e8b1e65-MUC
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Aug 2022 05:38:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCzLTYq3U10c9X%2FlpNcOt1Ulo6I%2FkKB2T6JLyQgUOLeG8Lyk4fiUKPc1nA%2F9ArASqK4%2FklbSbeoBRLM%2FMi0tbOksNMyN2nuJbKMu9PKmwVIjkSlPTLTpX%2FvhG7qFL9H%2Bb4YzWhW6RuYFnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed
aa240591af5d8573573bb87d25c7ab12.json
auntieimpetus.com/aa/24/05/
0
613 B
XHR
General
Full URL
https://auntieimpetus.com/aa/24/05/aa240591af5d8573573bb87d25c7ab12.json
Requested by
Host: www14.davisonbarker.pro
URL: https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 05:38:01 GMT
Server
nginx/1.17.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
stats
venetrigni.com/
0
0

/
dc5k8fg5ioc8s.cloudfront.net/
163 KB
49 KB
Script
General
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Requested by
Host: www14.davisonbarker.pro
URL: https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-181.fra60.r.cloudfront.net
Software
/
Resource Hash
e2a98e7737a9eae3644b3d70196971d346ab582a9173b22bba4f29f8aaae66f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Aug 2022 05:38:00 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
49649
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-id
NXciwkjSkyAKefM-lc4q7lYlRJiOgwbpjt31HqXpgCnfowSYjB60Rg==
logo.png
www14.davisonbarker.pro/static/image/
10 KB
11 KB
Image
General
Full URL
https://www14.davisonbarker.pro/static/image/logo.png
Requested by
Host: www14.davisonbarker.pro
URL: https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.186.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 05:38:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1652
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10726
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
server
cloudflare
etag
"29e6-5faa60e6-b4021a56880f53fc;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuKwzsVxc3Dk2086C2Mu2PZfoJcZkBzSMy5A6ESH8Z9TFZBDaqxMCdTftvJZTiwkPw5nNdHRSpheaoLHDepW5F2CTCyoBeWMr5AYzt6OSlRCQRWjmQIIoCgXmXy3NK%2Fc4nod%2BPfTOE5i%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7344770298b31e65-MUC
expires
Tue, 09 Aug 2022 05:10:28 GMT
pure
furstraitsbrowse.com/pixel/
0
469 B
XHR
General
Full URL
https://furstraitsbrowse.com/pixel/pure
Requested by
Host: www14.davisonbarker.pro
URL: https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www14.davisonbarker.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 02 Aug 2022 05:38:01 GMT
Server
nginx/1.17.9
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
pure
furstraitsbrowse.com/pixel/ Frame
0
0
Preflight
General
Full URL
https://furstraitsbrowse.com/pixel/pure
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www14.davisonbarker.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Tue, 02 Aug 2022 05:38:01 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Server
nginx/1.17.9
asd100.bin
freychang.fun/
100 KB
101 KB
Fetch
General
Full URL
https://freychang.fun/asd100.bin
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 05:38:01 GMT
access-control-allow-methods
GET
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4443
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 02 Aug 2022 04:23:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KP1l86UK74JF8G7uR9l3yUgbl%2BTi7FmAnHC8pPmXswesFBpMufV7g4Yl32YkqDqGs3meDfgZpOPiYDKzl%2BFpWRbgZyIHnZ6JzKjFCUdB0gIsUy9Gki9PFG0DjFUzFJYQ1Qysg4nzcAPW2i0q"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
access-control-allow-origin
https://www14.davisonbarker.pro
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
73447704acc29152-FRA
access-control-allow-headers
X-Requested-With, content-type
/
freychang.fun/
27 B
392 B
Fetch
General
Full URL
https://freychang.fun/
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d24761367d5e427c0405cce8bbab96d06f897a09fcdaf21fb3c42462a15c1940

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 05:38:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www14.davisonbarker.pro
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2hmE1xKzb8Er0K8ag59eB%2FnYYagm9wwnm4iFDuBsKmn9V60UEIP3bCapGhb3%2FgzVCgOP48Dw4cYU07dspMYJGm4dSGGZn29T2G7jq3y%2FBy%2BrUko1KJza0DsOXeNhwx3N%2FOz6DGPm6Q0m4C6"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
73447704acc49152-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
owledconside.xyz/
0
497 B
XHR
General
Full URL
https://owledconside.xyz/utx?cb=oT91DcY1k6LZ&top=www14.davisonbarker.pro&tid=824473
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-95.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Aug 2022 05:38:01 GMT
via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www14.davisonbarker.pro
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
ON9hPegvx6-61gowOBNAxbSLxXMl83_xN1EzGy9URGMDx6r2wWpB6A==
M2N5SVdSARokaFJeG28iQQ9EbGV1RksPM1BWEnExVFYQJjQLEFcqO1wWHS8lXA0NZzlWF1x7EWUHLgMHYjQoHhNgJhceIHYvMnovUDFIE2BXDx0dFHcUDAowZQUxJxZrJC0PcgEhPggWUCUOGA57BBojNmc2HAwBCkZLDw1EBCwNFFtbKCEWfi8xMQFmFDQ7HgIPO...
owledconside.xyz/ Frame 1C37
3 KB
2 KB
Document
General
Full URL
https://owledconside.xyz/M2N5SVdSARokaFJeG28iQQ9EbGV1RksPM1BWEnExVFYQJjQLEFcqO1wWHS8lXA0NZzlWF1x7EWUHLgMHYjQoHhNgJhceIHYvMnovUDFIE2BXDx0dFHcUDAowZQUxJxZrJC0PcgEhPggWUCUOGA57BBojNmc2HAwBCkZLDw1EBCwNFFtbKCEWfi8xMQFmFDQ7HgIPOxsTQBs6MWJVLBBxFnYiKCQbRCYrGxNcBC4bMH0tKi4edDI3ODRKKTgdHwoILyIBeCw6Lhx2Mkl9GlglMRw+dlIoHDNgBRcPHGE2HXEWAyUxHD1UDDoiGWQCFwA6ZiU7bGV1LC8DFWBRVDktZSEoGgdKUzsIMFAXMi5ncTFKeR9mNiMfDmspKhwRcUZLDzZiWx0PPnoXKBw0WwIXBwJ0MgoiHXYlMRw+VAg7MWN9ORQbAGEyPCcaRBAgC2VDGTAiBWAFPnACZFIdbGV1B0gbNWZQAXgGZgcqGRRyID8LFl45PxAtZVABewRYOSwoA2E5KwhxWRAWJycOMkg6O2BSIC0+RiggMyVy
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-95.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
abb2680ec9727c71722b770472447af181ff4684364d8f1eb772abed7199e38e

Request headers

Referer
https://www14.davisonbarker.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1240
content-type
text/html
date
Tue, 02 Aug 2022 05:38:01 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
x-amz-cf-id
MU6Ov8x7v2At3lsum8XJRG9rN5VoJMaTaWVi-OhxY6pYOCexr-m57w==
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
XQVrOSIOC357bRlCLD0+GQt8byIEUCJ0bRwLfWdzRA9jeW0fC3xvPxpXKnR6TEY5PSdXB3t8cl4HdX9zWg90eg
briolenproc.pics/TUlLajZidigZCxl7DQV7f3BuWHQbD38pbiN4HjJBFxMuW1IvC3ozEDkgL1cOf31/
0
494 B
Image
General
Full URL
https://briolenproc.pics/TUlLajZidigZCxl7DQV7f3BuWHQbD38pbiN4HjJBFxMuW1IvC3ozEDkgL1cOf31/XQVrOSIOC357bRlCLD0+GQt8byIEUCJ0bRwLfWdzRA9jeW0fC3xvPxpXKnR6TEY5PSdXB3t8cl4HdX9zWg90eg
Requested by
Host: www14.davisonbarker.pro
URL: https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 05:38:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGVptSw09aGW6TbQb%2FLka8FtbOGrmxHgNYXtPjPHc4Ul7H%2Fzikc%2F5sNK0jbRfcn7EK9cnOEgqfgcVaCLE0FrAQ61KCCWVUfCmAirEAr4A9s8mkZeQA4XRPKud%2BaFHcwaTM8kuaNrRbM%2Biq%2FrnNqc"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
73447704da339b4f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
OUZlZVYWeQYWa1gSNzcCQy48JAFdY1cnFW81Jz84Vgk9NBxQIxIgcE0vAVhuC3JRUmUfNgwBawp0QxYiWDIQFmsLdlVScFAoAwprC2ATWGYXfktceAlgEFhnHzIVBDEEd0MVIk0qWFRgDH9RVG4PflVcbw8
briolenproc.pics/
0
259 B
Image
General
Full URL
https://briolenproc.pics/OUZlZVYWeQYWa1gSNzcCQy48JAFdY1cnFW81Jz84Vgk9NBxQIxIgcE0vAVhuC3JRUmUfNgwBawp0QxYiWDIQFmsLdlVScFAoAwprC2ATWGYXfktceAlgEFhnHzIVBDEEd0MVIk0qWFRgDH9RVG4PflVcbw8
Requested by
Host: www14.davisonbarker.pro
URL: https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 05:38:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TB7w2kA8dhFRrVEuR%2B9tg1w1EYWdYspkyDvcf7Y3bsLTWu%2F7eYhsCg8IglBkPnQ8dStZI2FKMOTrGPuJLKYpYyxGjKRV9Xw8Zw%2FSJNkzDSuu4Te7A%2BJ8wS7U0oT4JuduAxuHX6Bgp2TacgGee0cc"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
73447704da359b4f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
d1RbU3x1QUdSPCACFBAmZFYzV3x2SkZUaTRZRA
dc5k8fg5ioc8s.cloudfront.net/VdWJPQWQWDSEnWwELK3xcR1Z7dldTCDwuCgVfHnAXGTF+GAAcFwQYHgcjaTUeEV9/ZwgUDCh8QhAMLHxVUwMrI1lBRDsxCx5fOi8AEAQmLwERRDogWRgNNSgIGQNqcyJATH9kVkVKOCgKEQ04MkFHUiE1QUdSfnFKRUd8A0F... Frame 1C37
427 B
618 B
Script
General
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/VdWJPQWQWDSEnWwELK3xcR1Z7dldTCDwuCgVfHnAXGTF+GAAcFwQYHgcjaTUeEV9/ZwgUDCh8QhAMLHxVUwMrI1lBRDsxCx5fOi8AEAQmLwERRDogWRgNNSgIGQNqcyJATH9kVkVKOCgKEQ04MkFHUiE1QUdSfnFKRUd8A0FHUjgoCkNWanImUFB/OVJBS2-pzVBQSPy0BAgctKg0BR30HUUZVYXJSUFB/aQ8dFiItQUchanNUGQskJEFHUigkBx4NZmRWRQEnMwsYB2pzIkRSfG9UW1d/d1RbU3x1QUdSPCACFBAmZFYzV3x2SkZUaTRZRA
Requested by
Host: owledconside.xyz
URL: https://owledconside.xyz/M2N5SVdSARokaFJeG28iQQ9EbGV1RksPM1BWEnExVFYQJjQLEFcqO1wWHS8lXA0NZzlWF1x7EWUHLgMHYjQoHhNgJhceIHYvMnovUDFIE2BXDx0dFHcUDAowZQUxJxZrJC0PcgEhPggWUCUOGA57BBojNmc2HAwBCkZLDw1EBCwNFFtbKCEWfi8xMQFmFDQ7HgIPOxsTQBs6MWJVLBBxFnYiKCQbRCYrGxNcBC4bMH0tKi4edDI3ODRKKTgdHwoILyIBeCw6Lhx2Mkl9GlglMRw+dlIoHDNgBRcPHGE2HXEWAyUxHD1UDDoiGWQCFwA6ZiU7bGV1LC8DFWBRVDktZSEoGgdKUzsIMFAXMi5ncTFKeR9mNiMfDmspKhwRcUZLDzZiWx0PPnoXKBw0WwIXBwJ0MgoiHXYlMRw+VAg7MWN9ORQbAGEyPCcaRBAgC2VDGTAiBWAFPnACZFIdbGV1B0gbNWZQAXgGZgcqGRRyID8LFl45PxAtZVABewRYOSwoA2E5KwhxWRAWJycOMkg6O2BSIC0+RiggMyVy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-181.fra60.r.cloudfront.net
Software
/
Resource Hash
d305423a4c4f47820c6fa8943a61f431d8287b22757deff2f30440ac3f16116c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://owledconside.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 05:38:01 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
342
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-id
28aW-UuiDk_Y4uv3O-_cCjrtGOtq0IeRwDDmT_ShKvdq_dw899x1mQ==
advertisers.js
clenchedyouthmatching.com/
0
159 B
Script
General
Full URL
https://clenchedyouthmatching.com/advertisers.js
Requested by
Host: www14.davisonbarker.pro
URL: https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.0.204.220 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 05:38:01 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Length
0
Content-Type
application/javascript
sfp.js
addresseepaper.com/
79 KB
23 KB
Script
General
Full URL
https://addresseepaper.com/sfp.js
Requested by
Host: www14.davisonbarker.pro
URL: https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eafe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec91098ecdf99168e077aa63fb41758d5d89be3165f73a7b6176a6ba4a24291d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 05:38:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
bcddc31b393c4c5864f4bbefe969ca5a
last-modified
Tue, 02 Aug 2022 05:38:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2r9G%2FQaN8qI1wjOIz4TEfytFn%2BNXhthhBL%2BeF%2FrwYYs65msr7hQt0kI7Qoj%2BIF3MHNuJcwrCxkJcRRFZ%2FSN%2BDs0YdbOmadaD0nWtuIkd8UlQBBIcIHiM%2BfZCThxuVtmUzfKadAI42rb0iBE%2BOXLzmM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7344770728a19b94-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
venetrigni.com/
0
0

bff29f0d3318d4c4b9a844119e218228.js
furstraitsbrowse.com/bf/f2/9f/
0
0
Script
General
Full URL
https://furstraitsbrowse.com/bf/f2/9f/bff29f0d3318d4c4b9a844119e218228.js
Requested by
Host: www14.davisonbarker.pro
URL: https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 05:38:01 GMT
Server
nginx/1.17.9
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
popunder.gif
briolenproc.pics/
35 B
624 B
Image
General
Full URL
https://briolenproc.pics/popunder.gif
Requested by
Host: www14.davisonbarker.pro
URL: https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
public
date
Tue, 02 Aug 2022 05:38:01 GMT
cf-cache-status
HIT
last-modified
Mon, 01 Aug 2022 11:42:25 GMT
server
cloudflare
age
64536
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1whPYg0JsjBMTRFUJeUGtEGcwkHAuNVZsayeJOnXiqU7JCBgcBbBNlvYhvt55exnlmKDXli9phi8m7BS5tHfTy78CPI1GQRHKRriA3RvMyTNNAXnyJKT%2B17enpQXF3cit4DZggXxjS9qbKMNIbqv"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73447707ac119bc4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pxf.gif
dismantlepenantiterrorist.com/
1 B
425 B
Image
General
Full URL
https://dismantlepenantiterrorist.com/pxf.gif?uuid=&eb=d141fc753c4dc92138847cf684e0f25d&te=a2d0ce014e78ed2cbdd2e7e815a3f70a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.134%20Safari%2F537.36&dev=r&res=12.31&b_frame=0&pk=aa240591af5d8573573bb87d25c7ab12&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=5
Requested by
Host: www14.davisonbarker.pro
URL: https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 05:38:02 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
1
X-Request-ID
49ccb3abd328efc41695f317c3347201
Expires
Thu, 01 Jan 1970 00:00:01 GMT
RFdlQTRraAYyCRZmMxVQEQVXGHMSEgEZYiMNIANNJ2UrJmUcZ0M1XSBqXXMAcGBWZ0QtM1hyBmIkESBAMSRYcwR0YEMoWiI4WHMSMmpVbwxqbktxEjFqV3MAc2JUcAdzZVZ2BHFkV2dANDYCfAViJxE1WHlmU3QNcGZddwx1YlJx
briolenproc.pics/
0
477 B
Ping
General
Full URL
https://briolenproc.pics/RFdlQTRraAYyCRZmMxVQEQVXGHMSEgEZYiMNIANNJ2UrJmUcZ0M1XSBqXXMAcGBWZ0QtM1hyBmIkESBAMSRYcwR0YEMoWiI4WHMSMmpVbwxqbktxEjFqV3MAc2JUcAdzZVZ2BHFkV2dANDYCfAViJxE1WHlmU3QNcGZddwx1YlJx
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 05:38:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5Ya3mVAnu%2BBOjhf6BWVGRchutMdJtpiHCFE4TFA1LoGDm8dBp0R3odEB69CGmPB%2FCZq%2BBHjRIs23k7Qql%2BzXWlgy%2B%2BO61kVryEkVC5aolDsruw2EekwvMIOmSE%2FnVa7Lb693XUcuDeArxViqDjX"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
73447707ec599bc4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
floater
owledconside.xyz/
1 KB
1 KB
XHR
General
Full URL
https://owledconside.xyz/floater?cs=dFZMN2tFY3oGWkZjewJdQGB%2FA1I&abt=0&red=1&sm=83&k=&v=0.8.9.0&sts=0&prn=0&emb=0&tid=824473&u=2247511372370532&agec=1659418681&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=769.2307692307692&ref=https%3A%2F%2Fwww14.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D26462811%26pci%3D7119749803%26t%3D1659418630%26dest%3Dhttps%253A%252F%252Fmultiup.org%252Fdownload%252F355d8d6f680004acac5b5e6f65949f64%252FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F103.0.5060.134%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td7_oi1_&_yb04=1659418681571&crc=1
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-95.dus51.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
262a7c190430c206303e86d36c8000337324ae033c8a916e4eb41fa6af24e48c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Aug 2022 05:38:01 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www14.davisonbarker.pro
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
text/plain
content-length
844
via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
x-amz-cf-id
ndtRoxO5A-ZNWr-STD0Itu3PqADSSqde2xX3FWh_DmE-mbuYyJ2LGw==
stats
simplewebanalysis.com/
40 B
295 B
XHR
General
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: addresseepaper.com
URL: https://addresseepaper.com/sfp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.132.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-132-48.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
6f42249f7bc6ef0640c4a168ecd112991c9b1eadae938a5f42e4fafa42799801

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
https://www14.davisonbarker.pro
date
Tue, 02 Aug 2022 05:38:02 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
content-type
text/html; charset=UTF-8
d1VZVndxVl9fdHxVWFNxckcZW3dqWUFfaXRHGlt1dlVYU3Z1UlhUdHNRWlV1YhUfByB5UEkWMzANUldxcVhbV39yWVtWdXE
briolenproc.pics/RGFvZkdrXgwVeh01KQoQAys+JAEKETpXCgE0AlcSEjALMSUCEkkSLiBcV1RzcFZcQDctBVJVdWISGwczMRJSVHd0VEkPKSIOUlR3dFdfVnJxWUpRBCwVGxY0YVIuQ3UCRF0gMCEDHw8kL0wMAilqElxIMjdMGAM0MExdSCYpABUJKSUWHEgk...
0
471 B
Ping
General
Full URL
https://briolenproc.pics/RGFvZkdrXgwVeh01KQoQAys+JAEKETpXCgE0AlcSEjALMSUCEkkSLiBcV1RzcFZcQDctBVJVdWISGwczMRJSVHd0VEkPKSIOUlR3dFdfVnJxWUpRBCwVGxY0YVIuQ3UCRF0gMCEDHw8kL0wMAilqElxIMjdMGAM0MExdSCYpABUJKSUWHEgkKwxKVAEjBBsKJi0FQQw3IQZKUQQqFAMKYnMiV1B/d1VZVndxVl9fdHxVWFNxckcZW3dqWUFfaXRHGlt1dlVYU3Z1UlhUdHNRWlV1YhUfByB5UEkWMzANUldxcVhbV39yWVtWdXE
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 05:38:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAAn1ZvZVQ0%2BAfpxN9D4o97Wqs5YkafFwK1p0Tgq9ZQyCC05Tg3KLQcdMn4JeTMhljCC2EzICsI4XYbzzJJrRNE6r51Z3REwuEAnHjwmvOgPJctB%2F6Sjx53FhTIhFOt9Cb0NOnyJz5TMzEEJIV6s"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
734477173e039bc4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
getlaid.jpeg
webpick-cdn.s3.us-west-2.amazonaws.com/
0
0

getlaid.jpeg
webpick-cdn.s3.us-west-2.amazonaws.com/ Frame C21E
9 KB
9 KB
Image
General
Full URL
https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.208.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e6a18e81d67bc6cfadbe2c86c78b99c0e01644cdeafb48144663121b629ea227

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 05:38:05 GMT
Last-Modified
Thu, 25 Jun 2020 08:18:14 GMT
Server
AmazonS3
x-amz-request-id
C59N1X4BA88PS9V8
ETag
"e73bda30c82b74c32e5f03e4ed4e4bb1"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
9313
x-amz-id-2
a5WLlCAYtFNB4uUHfb07hXiFjkHtgdMirUm4v/uG27oQ1Kp2pcluyxf3+69M7nD7gZsz69fpdoA=
x-amz-meta-s3b-last-modified
20200625T081632Z
truncated
/ Frame C21E
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C21E
814 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
sfp.js
addresseepaper.com/
0
0

bff29f0d3318d4c4b9a844119e218228.js
furstraitsbrowse.com/bf/f2/9f/
0
0
Script
General
Full URL
https://furstraitsbrowse.com/bf/f2/9f/bff29f0d3318d4c4b9a844119e218228.js
Requested by
Host: www14.davisonbarker.pro
URL: https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 05:38:05 GMT
Server
nginx/1.17.9
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
de_tran.png
www14.davisonbarker.pro/static/image/skip_ad/
6 KB
7 KB
Image
General
Full URL
https://www14.davisonbarker.pro/static/image/skip_ad/de_tran.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.186.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09022d2f27688148aa3c86dd31f557615a526e2f37e7098f5afcedb46935df16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=26462811&pci=7119749803&t=1659418630&dest=https%3A%2F%2Fmultiup.org%2Fdownload%2F355d8d6f680004acac5b5e6f65949f64%2FTwoDDL_wmsdnhfS04E06.Fidelity.1080p.HMAX.WEB-DL.DD5.1.x264-NTb.mkv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 05:38:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
203
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6324
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
server
cloudflare
etag
"18b4-5faa60e6-6c0954209f25b16e;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FSspwAHWBfnG0VJjNP5k4K7LUuco9OGDOkN706YK93SpZ80cpqHmVUIdXp%2B%2FuO%2FEoDmNOmpEGwlFbcCkkGZcDEucSgRLbTQFxmFgJ0g0sRFo4KnLiaGWYmA9EpzPBWUhrG487FdCTV69A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
73447721db7d6d86-MUC
expires
Tue, 09 Aug 2022 05:34:42 GMT
pxf.gif
dismantlepenantiterrorist.com/
0
0
Image
General
Full URL
https://dismantlepenantiterrorist.com/pxf.gif?uuid=24e97a62-9801-492b-9a16-38d89aa669c5&eb=d141fc753c4dc92138847cf684e0f25d&te=a2d0ce014e78ed2cbdd2e7e815a3f70a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.134%20Safari%2F537.36&dev=r&res=13.31&b_frame=0&pk=aa240591af5d8573573bb87d25c7ab12&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www14.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 05:38:05 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
1
X-Request-ID
d792eb82dbcf885c79d6c595514ef52c
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
venetrigni.com
URL
https://venetrigni.com/stats
Domain
venetrigni.com
URL
https://venetrigni.com/stats
Domain
webpick-cdn.s3.us-west-2.amazonaws.com
URL
https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
Domain
addresseepaper.com
URL
https://addresseepaper.com/sfp.js

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| p18 function| w2 function| S8 object| mm object| LieDetector object| AaDetector function| replaceAll number| rnd string| source function| noDisplayTimer number| LAST_CORRECT_EVENT_TIME number| _2256987490 string| a object| _0x2c98 function| _0x5523 number| refS

5 Cookies

Domain/Path Name / Value
www14.davisonbarker.pro/pushredirect Name: lastUrlPushTmp
Value: www14.davisonbarker.pro
freychang.fun/ Name: csu
Value: 2247511372370532@1@1659418681
www14.davisonbarker.pro/ Name: ppu_main_aa240591af5d8573573bb87d25c7ab12
Value: 1
simplewebanalysis.com/ Name: uid_id2
Value: 24e97a62-9801-492b-9a16-38d89aa669c5:2:1
www14.davisonbarker.pro/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 24e97a62-9801-492b-9a16-38d89aa669c5%3A2%3A1

5 Console Messages

Source Level URL
Text
network error URL: https://venetrigni.com/stats
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://auntieimpetus.com/aa/24/05/aa240591af5d8573573bb87d25c7ab12.json
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://venetrigni.com/stats
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://furstraitsbrowse.com/bf/f2/9f/bff29f0d3318d4c4b9a844119e218228.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://furstraitsbrowse.com/bf/f2/9f/bff29f0d3318d4c4b9a844119e218228.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addresseepaper.com
auntieimpetus.com
briolenproc.pics
clenchedyouthmatching.com
dc5k8fg5ioc8s.cloudfront.net
dismantlepenantiterrorist.com
freychang.fun
furstraitsbrowse.com
owledconside.xyz
simplewebanalysis.com
venetrigni.com
webpick-cdn.s3.us-west-2.amazonaws.com
www14.davisonbarker.pro
addresseepaper.com
venetrigni.com
webpick-cdn.s3.us-west-2.amazonaws.com
142.0.204.220
172.67.186.48
18.66.248.95
192.243.59.12
192.243.59.20
192.243.61.227
2606:4700:3030::ac43:dadd
2606:4700:3038::6815:eafe
2a06:98c1:3121::3
52.218.208.9
52.222.250.181
52.29.132.48
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84
09022d2f27688148aa3c86dd31f557615a526e2f37e7098f5afcedb46935df16
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a
262a7c190430c206303e86d36c8000337324ae033c8a916e4eb41fa6af24e48c
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0
6f42249f7bc6ef0640c4a168ecd112991c9b1eadae938a5f42e4fafa42799801
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
abb2680ec9727c71722b770472447af181ff4684364d8f1eb772abed7199e38e
d24761367d5e427c0405cce8bbab96d06f897a09fcdaf21fb3c42462a15c1940
d305423a4c4f47820c6fa8943a61f431d8287b22757deff2f30440ac3f16116c
e2a98e7737a9eae3644b3d70196971d346ab582a9173b22bba4f29f8aaae66f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a18e81d67bc6cfadbe2c86c78b99c0e01644cdeafb48144663121b629ea227
ec91098ecdf99168e077aa63fb41758d5d89be3165f73a7b6176a6ba4a24291d
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fac84b858e4e778f4fc43b53065741647205110c5bec3d725fbedd8d8608833d