opulentii.bid Open in urlscan Pro
2606:4700:3032::6815:ecc Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ncnfitness.net/2849815fv7489035sy340610135mg2299wv2hcr195805gi
Effective URL:
https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Submission: On February 27 via api (February 27th 2024, 10:54:52 pm UTC) from US — Scanned from US

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3032::6815:ecc, located in United States and belongs to CLOUDFLARENET, US. The main domain is opulentii.bid.
TLS certificate: Issued by E1 on January 2nd 2024. Valid for: 3 months.

This is the only time opulentii.bid was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	209.141.62.250 209.141.62.250	53667 (PONYNET) (PONYNET)
1	193.105.134.167 193.105.134.167	42237 (W1N) (W1N)
1 1	23.229.68.110 23.229.68.110	55286 (SERVER-MANIA) (SERVER-MANIA)
1 18	2606:4700:303... 2606:4700:3032::6815:ecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3037::ac43:a08b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:402... 2607:f8b0:4023:400::5f	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e6:... 2606:4700:e6::ac40:cc14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3032::ac43:b158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	45.55.126.207 45.55.126.207	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	20.50.64.3 20.50.64.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
32	9

1 209.141.62.250 (Las Vegas, United States) 1 redirects

ASN53667 (PONYNET, US)

ncnfitness.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.105.134.167 (Stockholm, Sweden)

ASN42237 (W1N, GB)

moxirix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.229.68.110 (Buffalo, United States) 1 redirects

ASN55286 (SERVER-MANIA, CA)
PTR: generably.com

igojoy.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3032::6815:ecc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

opulentii.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:a08b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

opulentii.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:400::5f (Sewanee, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:cc14 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::ac43:b158 (United States)

ASN13335 (CLOUDFLARENET, US)

virtualpushplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.55.126.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

beacon.opulentii.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.64.3 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pushvisit.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	opulentii.bid 2 redirects opulentii.bid beacon.opulentii.bid	1 MB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1464 ka-f.fontawesome.com — Cisco Umbrella Rank: 3033	24 KB
3	virtualpushplatform.com virtualpushplatform.com — Cisco Umbrella Rank: 361003	4 KB
2	pushvisit.xyz pushvisit.xyz — Cisco Umbrella Rank: 333801	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	849 B
1	igojoy.bid 1 redirects igojoy.bid	607 B
1	moxirix.com moxirix.com	464 B
1	ncnfitness.net 1 redirects ncnfitness.net	297 B
32	8

	Domain	Requested by
19	opulentii.bid	2 redirects moxirix.com opulentii.bid
4	beacon.opulentii.bid	opulentii.bid
3	virtualpushplatform.com	opulentii.bid virtualpushplatform.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	pushvisit.xyz	virtualpushplatform.com
1	fonts.googleapis.com	opulentii.bid
1	kit.fontawesome.com	opulentii.bid
1	igojoy.bid	1 redirects
1	moxirix.com
1	ncnfitness.net	1 redirects
32	10

This site contains no links.

Subject Issuer	Validity	Valid
moxirix.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-30` - `2024-06-29`	a year	crt.sh
opulentii.bid E1	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-01-06` - `2024-04-05`	3 months	crt.sh
virtualpushplatform.com Cloudflare Inc ECC CA-3	`2024-01-14` - `2024-12-31`	a year	crt.sh
beacon.opulentii.bid R3	`2024-01-08` - `2024-04-07`	3 months	crt.sh
pushvisit.xyz Sectigo RSA Domain Validation Secure Server CA	`2023-08-02` - `2024-08-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Frame ID: 193260AB7218BA02891B1DC42A720E3D
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Walmart

Page URL History Show full URLs

http://ncnfitness.net/2849815fv7489035sy340610135mg2299wv2hcr195805gi HTTP 302
https://moxirix.com/feda4b33fb42e7e000/1b-2849815-7489035-195805-2299-/340610135 Page URL
https://igojoy.bid/r/acbfbf80-f9f0-4dfd-a3ed-bf69d45590c2/470120/1447834314/1b-2849815-7489035-... HTTP 302
https://opulentii.bid/sf/tpl9?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s... HTTP 301
http://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&... HTTP 301
https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

32
Requests

100 %
HTTPS

55 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

1389 kB
Transfer

10752 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ncnfitness.net/2849815fv7489035sy340610135mg2299wv2hcr195805gi HTTP 302
https://moxirix.com/feda4b33fb42e7e000/1b-2849815-7489035-195805-2299-/340610135 Page URL
https://igojoy.bid/r/acbfbf80-f9f0-4dfd-a3ed-bf69d45590c2/470120/1447834314/1b-2849815-7489035-195805-2299- HTTP 302
https://opulentii.bid/sf/tpl9?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314 HTTP 301
http://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314 HTTP 301
https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ncnfitness.net/2849815fv7489035sy340610135mg2299wv2hcr195805gi HTTP 302
https://moxirix.com/feda4b33fb42e7e000/1b-2849815-7489035-195805-2299-/340610135

32 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

340610135
moxirix.com/feda4b33fb42e7e000/1b-2849815-7489035-195805-2299-/
Redirect Chain

http://ncnfitness.net/2849815fv7489035sy340610135mg2299wv2hcr195805gi
https://moxirix.com/feda4b33fb42e7e000/1b-2849815-7489035-195805-2299-/340610135

170 B
464 B

736ms
502ms

Document
text/html

193.105.134.167
W1N

General

Check archive.org

Show headers Download Go to

Full URL: https://moxirix.com/feda4b33fb42e7e000/1b-2849815-7489035-195805-2299-/340610135
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.105.134.167 Stockholm, Sweden, ASN42237 (W1N, GB),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Content-Length: 170
Content-Type: text/html; charset=UTF-8
Date: Tue, 27 Feb 2024 22:54:46 GMT
Server: Apache

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 27 Feb 2024 22:54:45 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.6 (CentOS)
location: https://moxirix.com/feda4b33fb42e7e000/1b-2849815-7489035-195805-2299-/340610135

GET
H2

200

Primary Request / Show response
opulentii.bid/sf/tpl9/
Redirect Chain

https://igojoy.bid/r/acbfbf80-f9f0-4dfd-a3ed-bf69d45590c2/470120/1447834314/1b-2849815-7489035-195805-2299-
https://opulentii.bid/sf/tpl9?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
http://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314

13 KB
4 KB

23ms
22ms

Document
text/html

2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Requested by: Host: moxirix.com
URL: https://moxirix.com/feda4b33fb42e7e000/1b-2849815-7489035-195805-2299-/340610135
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da66a6be195fcb0c6f0495701a6147cb28943bd79fd1258767e402569f152cbc

Request headers

Referer: https://moxirix.com/feda4b33fb42e7e000/1b-2849815-7489035-195805-2299-/340610135
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85c402f91c284211-EWR
content-encoding: br
content-type: text/html
date: Tue, 27 Feb 2024 22:54:47 GMT
last-modified: Fri, 09 Feb 2024 13:15:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GunydCIzT4JYso01DEic1U7m9M3EaPoKrYdz2Qd1VM7DjpP59g3rdzYT5mj%2BGCha5L1vHFYUdxhYYBlF3gvoKrUt06iSf%2B81MaXGqhafU9WxPKwGOkCUDRGoq0lVdNEcCVLteX2ixwlLbfVo"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-robots-tag: noindex

Redirect headers

CF-RAY: 85c402f8fde84303-EWR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 27 Feb 2024 22:54:47 GMT
Expires: Tue, 27 Feb 2024 23:54:47 GMT
Location: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2PT4YgxmX2LZNDPw%2FjtqGus099tSlnIRgCVHHhqiel4GoOGvrPPk%2BqblkO2kUQ%2BJWpyBeizJVvVhCBVjt7kjVOBNY4ehH3ohjeNZPMqAoIBpQExqFm5oKTa3akJg9b%2BMxTOzlhFchOG8LQ%2B"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 268a7048dd.js Show response
kit.fontawesome.com/ 12 KB
5 KB 377ms
15ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/268a7048dd.js
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3bd0bb9c81300549973c534de26accf7b6104bed7bee20c8bf0371022dd7c2e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 41
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 85c402fb8b350ccd-EWR
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F7Z7AgKrSSRkf4FGJhbC

GET
H3 200 bundle.d02107d8190d1cf8d332.css
opulentii.bid/sf/tpl9/ 9 MB
877 KB 23ms
22ms Stylesheet
text/css 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opulentii.bid/sf/tpl9/bundle.d02107d8190d1cf8d332.css?t=1707484419218
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd9c98e2a3e3fd7cde0dfbbdfc777514d216a73b02125fd58924a9f75335cc01

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 13:15:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 240833
etag: W/"65c62569-8b71a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDGfbO%2Fo%2B1JwsTb0eYaya6iwaelrYiWnG9X2BkVD%2FX18TM6%2BW0R82cnDl9e4uMJUm8aRO0wgW94EoE%2FlylgLsAYhV1CqUk2Jlv7VBZi8%2BYkcK4NiWqgj4AhHhPZkCxXyc9Y5OQDgoIs5Rost"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 85c402f94ede7c8d-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Feb 2025 04:00:54 GMT

GET
H3 200 img-4.png
opulentii.bid/sf/tpl9/public/ 2 KB
3 KB 16ms
15ms Image
image/png 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opulentii.bid/sf/tpl9/public/img-4.png
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ba90609efbf3e11565b8b9005e57d80f53a8837ce693c9023ccb0626461d212

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240832
alt-svc: h3=":443"; ma=86400
content-length: 2542
last-modified: Fri, 09 Feb 2024 13:15:21 GMT
server: cloudflare
etag: "65c62569-9ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0o0Hf29Tuk1sw1dQQCwra7TW9uYc%2FcGlEeUPlV32MCr%2FeDQSW6GhNiUM5H7vay5ubzxYkGxKwUL%2Fehdvlz87CaK%2BSNhjsaT8mRnJQf%2FlNme4rC7QA84TGBFXpmr%2FWt7P73M%2BIhi%2Fp1cZ53i"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85c402f94edf7c8d-EWR
expires: Mon, 24 Feb 2025 04:00:54 GMT

GET
H3 200 like.png
opulentii.bid/sf/tpl9/public/ 466 B
963 B 18ms
15ms Image
image/png 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opulentii.bid/sf/tpl9/public/like.png
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7adac1888791ad42f547c97c9c9dad37faee15dfb5e76f20eabc8a0a0b6168e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4091
alt-svc: h3=":443"; ma=86400
content-length: 466
last-modified: Fri, 09 Feb 2024 13:15:21 GMT
server: cloudflare
etag: "65c62569-1d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bzu0XfuUJB09uFqADV3tbKaSxE%2BphI8To%2B5T9tJZgOeMALB8967JN5NzaFhXqUAljlqeE6pDj%2FoesOXGpBIcmCYX6e%2B4JFy8JgOkZsj5%2BFmzW%2BgAIFqpMbniunKv2EMAcIZ2L1cU%2Fg50gZGK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85c402f97f217c8d-EWR
expires: Wed, 26 Feb 2025 21:46:35 GMT

GET
H3 200 img-5.png
opulentii.bid/sf/tpl9/public/ 2 KB
2 KB 17ms
16ms Image
image/png 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opulentii.bid/sf/tpl9/public/img-5.png
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fba1dafda080b2bf2c0074fc8eb29203c48f2afa916065df41a0a76e48f63987

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4092
alt-svc: h3=":443"; ma=86400
content-length: 1691
last-modified: Fri, 09 Feb 2024 13:15:21 GMT
server: cloudflare
etag: "65c62569-69b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSfgAywK2Ikyq1oFpDLjr%2Fz9lPazUb3knr%2BdiLoJcl5G34Nxpxy9VOZ%2FsC9raGvmQb9FIV6fxeDax1vvOl%2FgZcTm%2Bm9E0Z0j9nIgEddqvldXkmt%2Fe7yfGI%2FppT0HMoQSFdZkTQJUGgYaqPGt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85c402f94ee07c8d-EWR
expires: Wed, 26 Feb 2025 21:46:35 GMT

GET
H3 200 img-6.png
opulentii.bid/sf/tpl9/public/ 2 KB
3 KB 18ms
17ms Image
image/png 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opulentii.bid/sf/tpl9/public/img-6.png
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182600ef12499261e2e971331530eb1caacd6c2106c4c864d158ac9c4a9a2327

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240833
alt-svc: h3=":443"; ma=86400
content-length: 2491
last-modified: Fri, 09 Feb 2024 13:15:21 GMT
server: cloudflare
etag: "65c62569-9bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDZnqvaFPSIQ36QiZr1gWpSnbNKo5qsg3mZ8uEqCTEX%2FDwjry2qdePJOdnwLDnvHp3y3%2FUQYDmUvs%2Fn5iQ61zWdDw41NPEHcjun0CDXhOiXSgF0qyz87cdb%2FLSfWt%2BLtrBnDRn2yNjUhUjO9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85c402f96f147c8d-EWR
expires: Mon, 24 Feb 2025 04:00:54 GMT

GET
H3 200 img-7.png
opulentii.bid/sf/tpl9/public/ 3 KB
3 KB 18ms
18ms Image
image/png 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opulentii.bid/sf/tpl9/public/img-7.png
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ff0a6dfebce308d517e495941065eb38cc8b37a7b2bf67df272aea25f69c40

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240833
alt-svc: h3=":443"; ma=86400
content-length: 2997
last-modified: Fri, 09 Feb 2024 13:15:21 GMT
server: cloudflare
etag: "65c62569-bb5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ca3ega%2BlZjO7vQbqA3EsTWSpj8%2FTHfbRDYPnB%2Fis6kkEFbTRX8hmqcz7IRT9cyEZlvvOGHCvQsYEtYHqbBqIiQBa%2BTTEd%2FpRggod6SXzQ4v4NSwAvsU4cpOWIb3L3%2FUVb5pn%2FqLGiVXqrwIa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85c402f96f157c8d-EWR
expires: Mon, 24 Feb 2025 04:00:54 GMT

GET
H3 200 img-3.png
opulentii.bid/sf/tpl9/public/ 3 KB
3 KB 18ms
17ms Image
image/png 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opulentii.bid/sf/tpl9/public/img-3.png
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0c40a3ef77aea7e48c710fa701af1d074224846ebf30cd9d82b7596c15da2c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240833
alt-svc: h3=":443"; ma=86400
content-length: 2891
last-modified: Fri, 09 Feb 2024 13:15:21 GMT
server: cloudflare
etag: "65c62569-b4b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DI06gwlFTEdRJTuGJOHqq32b%2FPfX2KTblrGx5XZRKspdOWwXYYGW1ueZAkMtZUUznPuMGrvu5s%2BhWcXaj%2BxqXPVHoGCLUueCRDkV%2FbJU33eTfl0dWjkOmVFX1TlrayWDbJ5ddbR7Rc9zs0q"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85c402f96f197c8d-EWR
expires: Mon, 24 Feb 2025 04:00:54 GMT

GET
H3 200 img-8.png
opulentii.bid/sf/tpl9/public/ 4 KB
4 KB 23ms
20ms Image
image/png 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opulentii.bid/sf/tpl9/public/img-8.png
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 845a5200eb01a02833e74b09ab84d6ec2aab5ee16211ee1a31b7eb6a4bb61ecc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240833
alt-svc: h3=":443"; ma=86400
content-length: 3700
last-modified: Fri, 09 Feb 2024 13:15:21 GMT
server: cloudflare
etag: "65c62569-e74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdnEg3hpUhcm3%2B1%2B9vxLq7bSHTTPTguY%2FibP9DyrKQWYjYwFW9j5EMdJf024Fpx8ynou3TkZuCK966Z5YzZBTuTZ9Udii%2BA8P%2FwWmTwO7Smo1MdnpQpCk9iUwYpCGYDagux9A4hSM7W%2BWBgj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85c402f97f247c8d-EWR
expires: Mon, 24 Feb 2025 04:00:54 GMT

GET
H3 200 img-9.png
opulentii.bid/sf/tpl9/public/ 3 KB
4 KB 20ms
17ms Image
image/png 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opulentii.bid/sf/tpl9/public/img-9.png
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18f551911c68e079ef629648f47ad743c99d47e9d5c0d5a475c7392a1f0ab248

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4092
alt-svc: h3=":443"; ma=86400
content-length: 3286
last-modified: Fri, 09 Feb 2024 13:15:21 GMT
server: cloudflare
etag: "65c62569-cd6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vq4vjiguk7Mcvpp7ZMyviYgFweGx%2F4NLD73yC6EpGvfoH9PqHGpXqb72XhSwGxsQ5xJxSH%2FGgOVEo2w6nxhGYwUQ4LMeiUYQo2aei01kbvKkPY%2FcNWFGjEmIkFKtWfV7ygG0VWcebO9%2FrpyG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85c402f97f257c8d-EWR
expires: Wed, 26 Feb 2025 21:46:35 GMT

GET
H3 200 img-10.png
opulentii.bid/sf/tpl9/public/ 1 KB
2 KB 18ms
16ms Image
image/png 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opulentii.bid/sf/tpl9/public/img-10.png
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b17d1bc53a49edcab5f29c232dde056d8ad18b6c948ad908134b64130eb2606

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240833
alt-svc: h3=":443"; ma=86400
content-length: 1292
last-modified: Fri, 09 Feb 2024 13:15:21 GMT
server: cloudflare
etag: "65c62569-50c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyn2PWSqQ49KbTjGMALSEOfFeI8kbL6yZDeYgKswrn47OPHaKuqvN%2FOl2XFt%2BUhmbvDbjVm7zU%2FrmyJI8R1lb0SEzm5fpeadbj5gd%2BTBoM8az2E9bGjCdjJxwLKcMhiLBF9iw6nM0KTRREZn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85c402f97f267c8d-EWR
expires: Mon, 24 Feb 2025 04:00:54 GMT

GET
H3 200 img-11.png
opulentii.bid/sf/tpl9/public/ 2 KB
3 KB 19ms
18ms Image
image/png 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opulentii.bid/sf/tpl9/public/img-11.png
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca3bcdc244a011cff113f873678ee9de68479a7f6c7f360b171c3edbc96dd1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3033171
alt-svc: h3=":443"; ma=86400
content-length: 2282
last-modified: Sat, 11 Nov 2023 12:14:08 GMT
server: cloudflare
etag: "654f7010-8ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4Kx%2BdOe3kV%2FpDL0uf80%2FHhUbNXT0Y1XlXAnyk8HhNrWNLOGuD4%2FyjwGZdlyxTFNa0vnK8zzOt%2F10%2F6xOv5XlyXIUelHwpPae%2B7%2F8Co10xbaMrKM26eRYi5X8Q8tZFAyA1WeswEfHmupPMyP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85c402f97f277c8d-EWR
expires: Wed, 22 Jan 2025 20:21:56 GMT

GET
H3 200 img-12.png
opulentii.bid/sf/tpl9/public/ 875 B
1 KB 21ms
20ms Image
image/png 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opulentii.bid/sf/tpl9/public/img-12.png
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73cb358bf47ed149f8fd7e3eada678166cfab77538c313ba72cb6e38d13253fa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4092
alt-svc: h3=":443"; ma=86400
content-length: 875
last-modified: Fri, 09 Feb 2024 13:15:21 GMT
server: cloudflare
etag: "65c62569-36b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnIPS92MTZXr%2Fo0pi36AbiamVtiF47IqdHUfg1xI6HIeariHOjAvmKt61hsoaMJaFK%2B18pGhk95j2NhE1HNJ%2B6e5%2FarQLLUu1%2BU3E5LtA%2FypETVrJ763BOkowbyOgMrtZ4EaBxNwZD4cvv2h"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85c402f97f297c8d-EWR
expires: Wed, 26 Feb 2025 21:46:35 GMT

GET
H3 200 13.61be7715.chunk.js Show response
opulentii.bid/sf/tpl9/js/ 390 KB
126 KB 31ms
27ms Script
application/javascript 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opulentii.bid/sf/tpl9/js/13.61be7715.chunk.js
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e4c0989b64f993d02f3a8d838d465a5783ffc74f739340efdb0d2c77abde691

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 13:15:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 240833
etag: W/"65c62569-61916"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNyp2V9YYASweVaUac9aQN6JRjkjFNyuQvbfwd%2BgLC%2B5k4RW5CN6sv7G0IQmIXhivPsnF1VvJgn0Xsz%2BOZN78S5eUIhReOn%2B1t0O7jxVMr0uHW9Uzrke%2BZQIv7ht4YpBkGrdM29hG%2FTSprle"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 85c402f97f1f7c8d-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Feb 2025 04:00:54 GMT

GET
H3 200 app.8e8cf021.js Show response
opulentii.bid/sf/tpl9/js/ 909 KB
152 KB 26ms
23ms Script
application/javascript 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opulentii.bid/sf/tpl9/js/app.8e8cf021.js
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c161f22d4fbc53dd15d845e6212332f29b17f8f0f9b8ff6380d3f4b49f1863

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 13:15:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 240833
etag: W/"65c62569-e33fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2Bq%2BjxSUymWisVP7C07Elvdo1ENoe4vzXWWY1IEE0xZ4CxbZyRQbx3huNOFjODKi%2Fuf0NDaadeJkwzGItLkyGcQgbw9ZeOSs7wbbLMIb3vqaKJRCIdVNhlSxsxubmBVgG7UJda493B5HV97k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 85c402f97f207c8d-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Feb 2025 04:00:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
849 B 245ms
32ms Stylesheet
text/css 2607:f8b0:4023:400::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap

Requested by

Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/bundle.d02107d8190d1cf8d332.css?t=1707484419218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:400::5f Sewanee, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d3fdef74b51045d7a82aa9a0ac59011087be9a9a59083272c3d7a5c8ba521b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 22:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 20:57:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 22:54:47 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 76ms
14ms Fetch
text/css 2606:4700:e6::ac40:cc14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
via: 1.1 9ad14e3f9b528d4215643d5af359b816.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: JFK50-P8
age: 380149
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTDQSXs7kVfZxWl%2BwZ8FV%2B8SaDCd6iMdygaxuZsrjcSzeZmOIOfxYiO6b7jwgOpbqYpyLksYc3shYmcSR%2FaqhETHrUZ2fpsrqrontp8Gt3bu4lG40qV%2Fi2%2Fyz3D5hiSpN%2BJBtPVO01Fd1Z29vEqHLOos0w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 85c402fc08e44245-EWR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: JI-wXinlLgvbC2pcmq8So5JsnSOXvk_PtzFO50EUWcPeMbQGsLi_Yg==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 74ms
13ms Fetch
text/css 2606:4700:e6::ac40:cc14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
via: 1.1 7082f41e4415fb7199f3ca9b16b5849a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: JFK50-P8
age: 380148
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFKYHX1tX7rKKL3ibyKDTXL0UmnH%2FIIFEz6sQ28D0HsnGVvfkPLCldmpORj2helEfeFT9rsAAgsF%2BOfoiM0UIoYOky4vqdVcJ40fkofOsuzFgHRKQ8Ab0MWY7X6y07NTOfLKD5QVuGRTcAzU9GUCG%2Bq9rA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 85c402fc08e24245-EWR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: S-HnZMNvLG9jIYQWgPy2MfNY5ogQtAdqptpEhnAisZpqVoRsrhJ_zA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 81ms
20ms Fetch
text/css 2606:4700:e6::ac40:cc14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
via: 1.1 9ad14e3f9b528d4215643d5af359b816.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: JFK50-P8
age: 1605658
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QWc2P8W0u4AWMEirYJCXSiQ7zkuMYNFJa5guONQNKcaxOiGuNUnoJWA1hUjtMKy6HwWeuTF%2BUdh2oXvcAHZFFBSCS26FCOOFlzqeFHPQc6FgctftzM5R8W3iQS7DYsXXgaMmJ%2B%2BOWvzklvwMmZQFfN8hg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 85c402fc08e04245-EWR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Ma-E0upLUzo99_puFBuDwF5gunSeYflplidw5IjCxMIdBgMUI6o4cQ==

GET
H2 200 ace-push.js Show response
virtualpushplatform.com/ 10 KB
4 KB 61ms
16ms Script
text/javascript 2606:4700:3032::ac43:b158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/ace-push.js
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/js/app.8e8cf021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:b158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f02c9e9b5533d8fb95d262beb3b14ff952bbc923e4bbccee995803089deb87f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3735
cf-polished: origSize=13643
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 12 Jan 2024 11:47:36 GMT
server: cloudflare
etag: W/"1da454d22d4494b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTpugNyWB624Bkr8g2%2BBYwCqFo60Tlfgd5gJ%2FEI8vhXWtTIQa4N8TxV5KlAm%2FV9bGU1qkqGOAFU7mZKiJ%2FYJI0kuQNRdx%2Br3Uv1o6hdIdkt6i7gIZgO2Ba%2B%2BqACvBSaP2h6RvZpeGUs%2BDOxlBSi4wrG8nuZyIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=3600
cf-ray: 85c402fd595a42b6-EWR

GET
H2 200 summary Show response
beacon.opulentii.bid/geo/ 128 B
582 B 80ms
10ms XHR
application/json 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.opulentii.bid/geo/summary

Requested by

Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/js/13.61be7715.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

27fd883d815954c51e00d2885124e0c6bfcadbb09978f1310497903a177f027a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://opulentii.bid/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H3 200 walmart.png
opulentii.bid/sf/tpl9/public/walmart/ 4 KB
4 KB 13ms
13ms Image
image/png 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opulentii.bid/sf/tpl9/public/walmart/walmart.png
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314&type=Computer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc04f5cf1931e4169ac115ab83fe016609e73a642817c746b32883e9f203a008

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314&type=Computer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 113456
alt-svc: h3=":443"; ma=86400
content-length: 3747
last-modified: Fri, 09 Feb 2024 13:15:21 GMT
server: cloudflare
etag: "65c62569-ea3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qgn2HWi2MKFBkclKo0Yd5kW0PZz3eIQUjllb0XlL9VxnFyNi0Ev6yj9POww8CMdPb6AM760yx9%2FmKJVkr3MjtZsSz3W%2FeOBXeM3IRIa%2BwKIOD%2F63v43vQqyaOLG20vvcttHM%2BZ%2FHOwam3AJV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85c402fd4c527c8d-EWR
expires: Tue, 25 Feb 2025 15:23:51 GMT

GET
H3 200 cart.png
opulentii.bid/sf/tpl9/public/walmart/ 2 KB
2 KB 12ms
12ms Image
image/png 2606:4700:3032::6815:ecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://opulentii.bid/sf/tpl9/public/walmart/cart.png
Requested by: Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314&type=Computer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:ecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b60ab58ea91fbd2346bb9ab54a3de3fa7ea2c590d7ceddcd1c2a36648782ac9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opulentii.bid/sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314&type=Computer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3033171
alt-svc: h3=":443"; ma=86400
content-length: 1728
last-modified: Sat, 11 Nov 2023 12:14:08 GMT
server: cloudflare
etag: "654f7010-6c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rhuilAnSTm%2BykKZGeQ9heFQVTCNxaXKknwpPVc7Gx0n738eXxyPnp6NaGRuElFg8J%2By6xL7oFU79V2%2FxWK92H3iRTD%2B%2Bg0VM2RksY5SfLy5QWHd2A1tpa0n9S3ZHU2StS%2FE37uA44kS%2Fyhi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85c402fd4c557c8d-EWR
expires: Wed, 22 Jan 2025 20:21:56 GMT

GET
H2 200 0aa1ed35-047c-44e4-a211-47dc2b9c1be9 Show response
beacon.opulentii.bid/g/ 113 B
581 B 84ms
15ms XHR
text/plain 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.opulentii.bid/g/0aa1ed35-047c-44e4-a211-47dc2b9c1be9?logo=walmart&item=RUG1&logo=53w&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314&type=Computer

Requested by

Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/js/13.61be7715.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b22a94d43414ee29e3011f1f38054f31bf8d4ef401c2ffa57e48d5ffbff1bdfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://opulentii.bid/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H2 200 73051eef-acf6-4ac1-91af-2de0f1fae4a4 Show response
beacon.opulentii.bid/s/ 216 KB
163 KB 17ms
17ms XHR
text/plain 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.opulentii.bid/s/73051eef-acf6-4ac1-91af-2de0f1fae4a4?requestid=F3lbQ8s1fH&destinationid=2254050042&item=RUG1&logo=53w&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314&type=Computer

Requested by

Host: opulentii.bid
URL: https://opulentii.bid/sf/tpl9/js/13.61be7715.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b9d2330ead16448b303d0b07a0aa931b2ecac46ba15a7d19dc19a179cadea51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://opulentii.bid/
X-Requested-With: /sf/tpl9/?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314&type=Computer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 22:54:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

OPTIONS
H2 200 73051eef-acf6-4ac1-91af-2de0f1fae4a4
beacon.opulentii.bid/s/ 0
0 75ms
74ms Preflight 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://opulentii.bid
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
access-control-allow-origin: *
content-length: 0
date: Tue, 27 Feb 2024 22:54:47 GMT
server: Kestrel
strict-transport-security: max-age=2592000

POST
H2 200 visit Show response
pushvisit.xyz/api/v1/ 1 KB
2 KB 74ms
74ms Fetch
application/json 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pushvisit.xyz/api/v1/visit
Requested by: Host: virtualpushplatform.com
URL: https://virtualpushplatform.com/ace-push.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: ecd7cfebdac9b01a2d543b9949a60f4d395465758b51a40ab0ade18f16306904

Request headers

Referer: https://opulentii.bid/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 27 Feb 2024 22:54:48 GMT
server: Kestrel
content-length: 1532
content-type: application/json; charset=utf-8

OPTIONS
H2 200 visit
pushvisit.xyz/api/v1/ 0
0 710ms
65ms Preflight 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pushvisit.xyz/api/v1/visit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://opulentii.bid
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
content-length: 0
date: Tue, 27 Feb 2024 22:54:47 GMT

GET
DATA 200
OK truncated
/ 157 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50c3b2be13615315d76999f10b7712dc3379bb492be4ee617670bdf19b79a01c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 log-client-error
virtualpushplatform.com/api/v1/visit/ 0
0 81ms
81ms Fetch 2606:4700:3032::ac43:b158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/api/v1/visit/log-client-error
Requested by: Host: virtualpushplatform.com
URL: https://virtualpushplatform.com/ace-push.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://opulentii.bid/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 27 Feb 2024 22:54:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6Zh7bUK1ZcYqgNuAuntpD0uc3r%2F%2BuhkkUx8C%2FlD8ANl7cebWoMd%2FdU8xDqZn9TEj2naWq2ws74D6dmEt88HJH0bEQr%2FPgjJMMTECUfmnx44fFymU9DV483HTF5sTi6pRar%2BmqYL7QjpjxxWzcxqrbV1lE9xqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 85c40304af0e425e-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H3 200 log-client-error
virtualpushplatform.com/api/v1/visit/ 0
0 88ms
79ms Preflight 2606:4700:3032::ac43:b158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/api/v1/visit/log-client-error
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:b158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://opulentii.bid
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85c403042e6c425e-EWR
content-length: 0
date: Tue, 27 Feb 2024 22:54:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NaTDpaQKv2rUtQRl1a7mplvr%2BZyo9Ubb54sjWDFiGb%2FyhE6PV%2FtXz8R6%2FHO%2B3qOCYDRZz%2BRTvLIxrX3aes8ozZo%2FBT%2FlGY%2ByyT4N4PEsSlvoUs1WTON%2FX2ptqGkDRct0gA%2BPOD3RjeXifUkOyQLjP3f2RnNpg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			moxirix.com/	1970-01-20 18:44:38	Name: uid27180 Value: 1447834314-20240227165446-f65f4a2c177b9b8d848937588005c9ae-

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://opulentii.bid/sf/tpl9/0?logo=53w&item=RUG1&s1=6JQT&s2=cec0b072-a7fe-4049-bd4c-3c2fdd50db8e&s3=1447834314 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.opulentii.bid
fonts.googleapis.com
igojoy.bid
ka-f.fontawesome.com
kit.fontawesome.com
moxirix.com
ncnfitness.net
opulentii.bid
pushvisit.xyz
virtualpushplatform.com
193.105.134.167
20.50.64.3
209.141.62.250
23.229.68.110
2606:4700:3032::6815:ecc
2606:4700:3032::ac43:b158
2606:4700:3037::ac43:a08b
2606:4700:4400::6812:2844
2606:4700:e6::ac40:cc14
2607:f8b0:4023:400::5f
45.55.126.207
01ff0a6dfebce308d517e495941065eb38cc8b37a7b2bf67df272aea25f69c40
0ca3bcdc244a011cff113f873678ee9de68479a7f6c7f360b171c3edbc96dd1a
182600ef12499261e2e971331530eb1caacd6c2106c4c864d158ac9c4a9a2327
18f551911c68e079ef629648f47ad743c99d47e9d5c0d5a475c7392a1f0ab248
27fd883d815954c51e00d2885124e0c6bfcadbb09978f1310497903a177f027a
2b60ab58ea91fbd2346bb9ab54a3de3fa7ea2c590d7ceddcd1c2a36648782ac9
3d3fdef74b51045d7a82aa9a0ac59011087be9a9a59083272c3d7a5c8ba521b5
3f02c9e9b5533d8fb95d262beb3b14ff952bbc923e4bbccee995803089deb87f
4ba90609efbf3e11565b8b9005e57d80f53a8837ce693c9023ccb0626461d212
50c3b2be13615315d76999f10b7712dc3379bb492be4ee617670bdf19b79a01c
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6e4c0989b64f993d02f3a8d838d465a5783ffc74f739340efdb0d2c77abde691
73cb358bf47ed149f8fd7e3eada678166cfab77538c313ba72cb6e38d13253fa
7adac1888791ad42f547c97c9c9dad37faee15dfb5e76f20eabc8a0a0b6168e9
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
845a5200eb01a02833e74b09ab84d6ec2aab5ee16211ee1a31b7eb6a4bb61ecc
85c161f22d4fbc53dd15d845e6212332f29b17f8f0f9b8ff6380d3f4b49f1863
9b17d1bc53a49edcab5f29c232dde056d8ad18b6c948ad908134b64130eb2606
b0c40a3ef77aea7e48c710fa701af1d074224846ebf30cd9d82b7596c15da2c1
b22a94d43414ee29e3011f1f38054f31bf8d4ef401c2ffa57e48d5ffbff1bdfe
b9d2330ead16448b303d0b07a0aa931b2ecac46ba15a7d19dc19a179cadea51d
cc04f5cf1931e4169ac115ab83fe016609e73a642817c746b32883e9f203a008
da66a6be195fcb0c6f0495701a6147cb28943bd79fd1258767e402569f152cbc
dd9c98e2a3e3fd7cde0dfbbdfc777514d216a73b02125fd58924a9f75335cc01
e3bd0bb9c81300549973c534de26accf7b6104bed7bee20c8bf0371022dd7c2e
ecd7cfebdac9b01a2d543b9949a60f4d395465758b51a40ab0ade18f16306904
fba1dafda080b2bf2c0074fc8eb29203c48f2afa916065df41a0a76e48f63987
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

opulentii.bid Open in urlscan Pro 2606:4700:3032::6815:ecc Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

55 %IPv6

8 Domains

10 Subdomains

9 IPs

3 Countries

1389 kBTransfer

10752 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

opulentii.bid Open in urlscan Pro
2606:4700:3032::6815:ecc Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

55 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

1389 kB
Transfer

10752 kB
Size

1
Cookies

32 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!