urlscan.io logo urlscan.io
SecurityTrails logo

www87.davisonbarker.pro Open in urlscan Pro
104.21.92.39  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www77.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=22370579&pci=7073249587&t=1678061749&dest...
Effective URL: https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest...
Submission: On March 06 via manual from CL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 13 domains to perform 37 HTTP transactions. The main IP is 104.21.92.39, located in and belongs to CLOUDFLARENET, US. The main domain is www87.davisonbarker.pro.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.
This is the only time www87.davisonbarker.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 104.21.92.39 13335 (CLOUDFLAR...)
4 13.224.194.88 16509 (AMAZON-02)
4 172.64.132.29 13335 (CLOUDFLAR...)
6 13.35.166.20 16509 (AMAZON-02)
8 188.114.97.3 13335 (CLOUDFLAR...)
2 52.20.131.174 14618 (AMAZON-AES)
1 13.35.166.66 16509 (AMAZON-02)
1 173.233.137.52 7979 (SERVERS-COM)
1 18.192.190.118 16509 (AMAZON-02)
2 192.243.59.13 39572 (ADVANCEDH...)
37 11
7    104.21.92.39 (None, )

ASN13335 (CLOUDFLARENET, US)
www77.davisonbarker.pro
www24.davisonbarker.pro
www87.davisonbarker.pro
4    13.224.194.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-88.fra2.r.cloudfront.net
dc5k8fg5ioc8s.cloudfront.net
4    172.64.132.29 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
6    13.35.166.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-166-20.tpe50.r.cloudfront.net
xstownrusisedp.info
8    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
habitofsticklik.com
2    52.20.131.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-131-174.compute-1.amazonaws.com
ndandinter.hair
1    13.35.166.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-166-66.tpe50.r.cloudfront.net
ablesasmetotr.monster
1    173.233.137.52 (United States)

ASN7979 (SERVERS-COM, US)
breedingdaringconcussion.com
1    18.192.190.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-190-118.eu-central-1.compute.amazonaws.com
simplewebanalysis.com
2    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
banquetunarmedgrater.com
reasonablelandmark.com
Domain Requested by
8 habitofsticklik.com www77.davisonbarker.pro
dc5k8fg5ioc8s.cloudfront.net
www87.davisonbarker.pro
6 xstownrusisedp.info dc5k8fg5ioc8s.cloudfront.net
4 pogothere.xyz dc5k8fg5ioc8s.cloudfront.net
4 dc5k8fg5ioc8s.cloudfront.net www77.davisonbarker.pro
xstownrusisedp.info
www87.davisonbarker.pro
4 www77.davisonbarker.pro 1 redirects www77.davisonbarker.pro
2 www87.davisonbarker.pro www87.davisonbarker.pro
2 ndandinter.hair www77.davisonbarker.pro
1 reasonablelandmark.com www87.davisonbarker.pro
1 banquetunarmedgrater.com www87.davisonbarker.pro
1 simplewebanalysis.com www87.davisonbarker.pro
1 breedingdaringconcussion.com www87.davisonbarker.pro
1 www24.davisonbarker.pro www77.davisonbarker.pro
1 ablesasmetotr.monster www77.davisonbarker.pro
0 dismantlepenantiterrorist.com Failed
0 addresseepaper.com Failed www87.davisonbarker.pro
37 15

This site contains links to these domains. Also see Links.

Domain
reasonablelandmark.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-26		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
xstownrusisedp.info
Amazon RSA 2048 M01		 2023-03-02 -
2024-03-30		 a year crt.sh
ndandinter.hair
R3		 2023-02-02 -
2023-05-03		 3 months crt.sh
ablesasmetotr.monster
Amazon RSA 2048 M02		 2023-02-28 -
2023-09-01		 6 months crt.sh
breedingdaringconcussion.com
R3		 2023-03-03 -
2023-06-01		 3 months crt.sh
simplewebanalysis.com
Amazon RSA 2048 M01		 2023-03-02 -
2024-03-31		 a year crt.sh
banquetunarmedgrater.com
R3		 2023-02-02 -
2023-05-03		 3 months crt.sh
reasonablelandmark.com
R3		 2023-02-03 -
2023-05-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Frame ID: FA05E03F787CB7D6959826B693C9A282
Requests: 33 HTTP requests in this frame

Frame: https://xstownrusisedp.info/bE9FTXkNLSYgRg1yJ2sMHiN4aEsqancLHQ96LnUfC3osIhpUPGsuFQM6ISsLAyExYxcJO2B/PyIdKQshDRkUISkGJBUsAyV7CHwrHysCGxM0IiEqNhUeAgITNjwJITwfLAcATiAYBAUYKHcfLhMlPQh8KwcWAX1LLjULeh0WBg0DShgoJhweGwUCNRM4NgR/KQY3EAQqC34IKkFVBAEcAzg2ACMbKCACARBUdgo6ERQrBykQPn0XJyBeKwcEAFRqdws0GxYvAyE+IxIZFhUrAhsjNhcfaEsqFXU1Fy4HFyEuPwIzHUsqKyYVLDgsKTkSPCIhJygkCXUULUEWHwc6A38MDA5eAxEqEzgIHAwjKx0gKBc6ISYhDQctLyJcXgkNGRIdKwIYCA8XFyU2Gw5gfz8lfBchLjgCLwATGwgjGjcGFTIiQSILcXs9JAl1C0s2Fh8KEQQqEzUeCiIHeC4rAT0pPjoVDzQaXwEtPkA1fQgfISsrPStLPikmJzcfFSJrEx8gKz1EFXc9ezsAC3EMQAQ/
Frame ID: 4E0FA175AFE0D7F23799F5C45273E33D
Requests: 2 HTTP requests in this frame

Frame: https://xstownrusisedp.info/ZXpMbWYEGC8AWQRHLksTFxZxSFQjX34rAgZPJ1UAAk8lAgVdCWIOCgoPKAsUChQ4QwgADmlfIBIYCCsyMEknPT4PSn0/Dg0jAl9TJyIrOwg/PzwmMRw7dCseEjcEFD80IiceMCMpDSgxCBklPlcdNgQDMys8IDsTPEt0LDMhSnw/IxUvHDkkICIeDh8rAjg/JD0vIi43KxsuBD89OQo8VyoSLycwPS8hKiAjGRwuDTQ7Cl0fARE/HCQtSyY1IFE4KRQ3NDsgOF4vOzwnJ1c3dSkzDj4VXywvKysrVDw+OCcnVzcnKCcsMhZePC42JD8OPA0KDCQ9VzxfNVQCHSQfKCwPOD9XNx4kIDciFgU2VBEPNy5UMRsFNA0jfSguMikvSFQnPBkGIiAyFiE+I0p6IiQdMA1fK1UyDVQHNTI8Dj4CPzsiERY+FCk8Vyk1Aic8FwI1PidDITdWIx4EXywOLicGIjwDDTQlCTskIgodHyhfPAIuJyQlPyIZIDM0O2oHFQoUPFAqEBN+FyAjIyQGUhRIfBcr
Frame ID: 87E77B862E5E11B10B8AFB29F551E5D3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AdFly - Click Allow to continue

Page URL History Show full URLs

  1. https://www77.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=22370579&pci=70732495... Page URL
  2. https://www24.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=70732495... Page URL
  3. https://www77.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=22370579&pci=70732495... HTTP 302
    https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=70732495... Page URL

Page Statistics

37
Requests

95 %
HTTPS

0 %
IPv6

13
Domains

15
Subdomains

11
IPs

4
Countries

410 kB
Transfer

772 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www77.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf Page URL
  2. https://www24.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf Page URL
  3. https://www77.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf HTTP 302
    https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www77.davisonbarker.pro/pushredirect/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www77.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
e97e0ff28e24ea73907db7491438c056195d08f23bc7d4dcdaeb247b713066a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7a36692caaae6993-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 00:16:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bNDfo20YVMeOfwo87tyZ64d1jiTgpBRqKSLUPthJSk0nTdNPas9eQjKGiylq5SxkWYROTjyFdDDZ%2FMXQNoR3nACJu0uBb3Y1w%2BNQqsGroo5cE%2BrXKLeOWtUC6ig%2Bv5JMRjYad9iJRNhdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed
/
dc5k8fg5ioc8s.cloudfront.net/ 		180 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Requested by
Host: www77.davisonbarker.pro
URL: https://www77.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-88.fra2.r.cloudfront.net
Software
/
Resource Hash
4af54f57c9f9a1fe5e849d93901755d49a35ca866d73232042966eaee2d1dcea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www77.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 00:16:35 GMT
content-encoding
gzip
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
51551
x-amz-cf-id
iGMjh7Jgn2yWEsCVAHDcgosL5wWUnPSu0WN2vAMB2YJPZJZQE4atvw==
logo.png
www77.davisonbarker.pro/static/image/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www77.davisonbarker.pro/static/image/logo.png
Requested by
Host: www77.davisonbarker.pro
URL: https://www77.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www77.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:16:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
321
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10726
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
server
cloudflare
etag
"29e6-5faa60e6-b4021a56880f53fc;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCxYzczOz2%2FHE19dxyZis8srDs%2F4sP1pj0SCY3qAz%2F9tZDNavWhUwK3L976Y%2F6BYx3FjF3go%2FJlMsG5PnJlQXSiLrgn9Mg56MzgkI6KwHz4vJRTzqewx2pr71RWGgc8Ul%2BgFSQUP4w8KCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7a36692e8b9e6993-FRA
expires
Mon, 13 Mar 2023 00:11:14 GMT
am-push-cps.js
www77.davisonbarker.pro/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www77.davisonbarker.pro/am-push-cps.js?puid=22370579&clickid=22370579_4374667&allb=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf&ob=https%3A%2F%2Fwww24.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D22370579%26pci%3D7073249587%26t%3D1678061749%26dest%3Dhttps%253A%252F%252Foaxyteek.net%252Fredirecting%252FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%253D%253D%252Ff55804eaec28beb9792522ba7b8defcf&clb=https%3A%2F%2Fwww24.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D22370579%26pci%3D7073249587%26t%3D1678061749%26dest%3Dhttps%253A%252F%252Foaxyteek.net%252Fredirecting%252FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%253D%253D%252Ff55804eaec28beb9792522ba7b8defcf&asb=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Requested by
Host: www77.davisonbarker.pro
URL: https://www77.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4720c44ed409f268f5c7791185c5464bd750e81a4e2deb2766b6d4270b4ca8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www77.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:16:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 08 Aug 2022 14:16:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"19284-62f11ad4-ba71540cd1782978;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ft6%2Fo5hoPlF%2BEgNK223ekAKYlVv1yIlSGPDGfjNhoyeLacVjvmImALbnWcUY4nmaCxbpsm8P17z88Htvoc0QEyoHQ5R3cfRY9ykP0hduQk51mIKi9O3MDhs4Bixu4FJrG%2BNHteBbofAdWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7a36692eac55699b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 13 Mar 2023 00:16:17 GMT
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www77.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:16:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6033
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 05 Mar 2023 22:36:02 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www77.davisonbarker.pro
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuWte8G891b0G75qKZsAu%2BfazVoZ1yQ%2FkKHatFutTwBQeXP0OUPA58Nlyb8Uh1oNlKi1etMpWaMymYWgN1iKg2MDJnM9l7ymylhlLK7H80ooGRko%2F01Miromq7QUQua4"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7a3669304ab49b40-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7172fd98ced01e19ed24727c3b40b5733b4e47b8b758cc695662b6a9ac5189c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www77.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:16:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtN4v%2BNOl8yjAUMolMugC%2FP1rIopoTT2MZPLQ4Q6BEXLWUm2e%2F0gXRC%2Bcd1vGrTYvejtrmRIIfQ%2FxhsOl1QU%2FY3e853j1osd2yrHt21NieSwzjptiHJouxS6GOqvRWgK"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://www77.davisonbarker.pro
content-type
text/plain
access-control-allow-credentials
true
cf-ray
7a3669304ab59b40-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
xstownrusisedp.info/ 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xstownrusisedp.info/utx?cb=IVanzhowavac&top=www77.davisonbarker.pro&tid=824473
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.166.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-166-20.tpe50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www77.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 00:16:36 GMT
via
1.1 ba6b942710aa259103f983d062cdf774.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
TPE50-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www77.davisonbarker.pro
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
wxFCusbk_wek7Y1lDnTmvlqFbVslOQoGXA4SQ-8nQgDkkd46TZm0mQ==
/
xstownrusisedp.info/bE9FTXkNLSYgRg1yJ2sMHiN4aEsqancLHQ96LnUfC3osIhpUPGsuFQM6ISsLAyExYxcJO2B/PyIdKQshDRkUISkGJBUsAyV7CHwrHysCGxM0IiEqNhUeAgITNjwJITwfLAcATiAYBAUYKHcfLhMlPQh8KwcWAX1LLjULeh0WBg0DShgoJ... Frame 4E0F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xstownrusisedp.info/bE9FTXkNLSYgRg1yJ2sMHiN4aEsqancLHQ96LnUfC3osIhpUPGsuFQM6ISsLAyExYxcJO2B/PyIdKQshDRkUISkGJBUsAyV7CHwrHysCGxM0IiEqNhUeAgITNjwJITwfLAcATiAYBAUYKHcfLhMlPQh8KwcWAX1LLjULeh0WBg0DShgoJhweGwUCNRM4NgR/KQY3EAQqC34IKkFVBAEcAzg2ACMbKCACARBUdgo6ERQrBykQPn0XJyBeKwcEAFRqdws0GxYvAyE+IxIZFhUrAhsjNhcfaEsqFXU1Fy4HFyEuPwIzHUsqKyYVLDgsKTkSPCIhJygkCXUULUEWHwc6A38MDA5eAxEqEzgIHAwjKx0gKBc6ISYhDQctLyJcXgkNGRIdKwIYCA8XFyU2Gw5gfz8lfBchLjgCLwATGwgjGjcGFTIiQSILcXs9JAl1C0s2Fh8KEQQqEzUeCiIHeC4rAT0pPjoVDzQaXwEtPkA1fQgfISsrPStLPikmJzcfFSJrEx8gKz1EFXc9ezsAC3EMQAQ/
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.166.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-166-20.tpe50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
62a495e3e1f7f9f9578162a2c64194bf1c0bc4d55882c7dfed4aef4a9a650369

Request headers

Referer
https://www77.davisonbarker.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1235
content-type
text/html
date
Mon, 06 Mar 2023 00:16:36 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 ba6b942710aa259103f983d062cdf774.cloudfront.net (CloudFront)
x-amz-cf-id
-Za1Kzc2biq12TLt4KbEt6wy-EyXSK4d4XRkyHZkt5ukDSWgtJFFAQ==
x-amz-cf-pop
TPE50-C1
x-cache
Miss from cloudfront
VWQ0eHV6W1cLSDQgbiIXDQhtORghMmAuBhoGYgg+DTUNDSIQAxIMHDFZDEpBYVMHXgU8AAlLR3MXQBkBIBcJSVM8ClIXSHMSCUhbbEoFVkFzEQlJUyEUVR9IZEJEDAE5WQVOQm1UAklCbFEMS0E
habitofsticklik.com/ 		0
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://habitofsticklik.com/VWQ0eHV6W1cLSDQgbiIXDQhtORghMmAuBhoGYgg+DTUNDSIQAxIMHDFZDEpBYVMHXgU8AAlLR3MXQBkBIBcJSVM8ClIXSHMSCUhbbEoFVkFzEQlJUyEUVR9IZEJEDAE5WQVOQm1UAklCbFEMS0E
Requested by
Host: www77.davisonbarker.pro
URL: https://www77.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www77.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:16:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDWm7QQuxWimc%2F%2FebnjEk45ADynRPTSZPWgeO25WSHtkL8hVJbmPI4FalJGAFAD1xS%2FSamnCCxoxL9XGUeG8Q3YWeYgJXdva0YP%2FEoLDmZQorEaIHhwxzB6Kvw8k1C%2BsDJyp1ogX"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7a3669303dca3826-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Y0RTaG1MezAbUDIcFhEIDSwrOjwhBwcgJykGOFkhBwE0LjlTL3UcBAd5a1pZV3NgTh0KIG5bX0U3JwkZFjduWl1Tc3UBAwUrblpLFXljRlRNdX1cSxZ5Yk4ZEyU0VVxFNCccAV51ZV9VU3JiX1RWfGBd
habitofsticklik.com/ 		0
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://habitofsticklik.com/Y0RTaG1MezAbUDIcFhEIDSwrOjwhBwcgJykGOFkhBwE0LjlTL3UcBAd5a1pZV3NgTh0KIG5bX0U3JwkZFjduWl1Tc3UBAwUrblpLFXljRlRNdX1cSxZ5Yk4ZEyU0VVxFNCccAV51ZV9VU3JiX1RWfGBd
Requested by
Host: www77.davisonbarker.pro
URL: https://www77.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www77.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:16:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2F7vZWpcJAORdwGKpfY3%2FDauhDJ%2BmxKHVkfSdp8vU0B3HS3vL5VRzFrAwWMDYtdUj2lNbbok7di7aapux8wRPKLiAeGs9zcMsZ2QT6gdaGf64leFg%2FRueWb%2BUph2FQPEMX2KtRGu"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7a3669303dcb3826-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cXVhaFMKVxIfDAQHDUppUx0VHCMCT05HJAYCVl99FRQXASAeGwMJIRoQE0YjAxpOCT5cBRQbO1wWERt9GwZeGCYYEVxaYUJCUV1kSFMCBDoSHggMbkNHUl9jREJYN2dCQlVeZUZTAAQ%2FE0gJHCcBBkRbElRHJ01hNxoAECoFEAQDfR8QFU1hNwcEDDoDEAIcOh8...
ndandinter.hair/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ndandinter.hair/cXVhaFMKVxIfDAQHDUppUx0VHCMCT05HJAYCVl99FRQXASAeGwMJIRoQE0YjAxpOCT5cBRQbO1wWERt9GwZeGCYYEVxaYUJCUV1kSFMCBDoSHggMbkNHUl9jREJYN2dCQlVeZUZTAAQ%2FE0gJHCcBBkRbElRHJ01hNxoAECoFEAQDfR8QFU1hNwcEDDoDEAIcOh8SRFoVED0zWDA5OFckKkhGBVswBBc2PjgQIicFMik%2FDSQ%2BPwMDO2ocFDYQPz1GK1gdNRkXJhQZQy4sAkE6NQQgEjZYOQYLOwsLPkgPAhFmCCw5ISUrGA0bCSBQUix2QjFEWhUXQFRQY0UQAA0wQ00DDTFIQlhaZkNHAwlkE00FDTUSE0cHMUwdFRwjAlBSKXZDM0RaFQYCFlpnXxEAHjoCGg8KMgMeBBp9AQcOTWE3BRQbOwMQBQEhFBYVTWE3UFIuJxwFRFsXQFBTXj0UARYHIRpQUixgVEdXATwCUFIsY1RHVxs6BRBEWxcQEQcEKlRHVwt2QjFVTWFHBREBdkIxU1pgRkVUX2pUR1cYMBhQUixkQUJSWmdIQFlfdkNDFU1gNURXX2tBQ1BfZ0hQU143FAYVTWA1HRUcIwJQU11gMFBTXWE3UFNdYTcaABAqBRAEA30fEBVNYURHJxo2FRwTDTAFHA8PdkNAUy4yOSdRCxs8Qy0RakIRUgsmEyI3AzImMwwJCzsZLQUdBxcyUT4QIhkEH0I%2FUSYXHQMvLztHOiU5Yz4hDRswMkwwPSk%2FHwIFagsWGF0qKC0oHgkcGRIyAlRHVFsXVEdUWxdUR1RaFRdAVFBjRRAADTBDTQMNMUhCWFpmQ0cDCWQTTQUNNRITRws%2FE0gJHCcBBkRbElRHJ01hNwIWH2FFWwUJJRgGDgYxEAcKDSFfBRMHdkMzER0gGQcEDDoDEAIcdkMzRFsVBRgRTWA1R0RaZR8QFR88Ax5EWxdCUFNeOh4GRFsXQVBTXiAYAQRNYDUUBQ4%2FCFBTXjBURiVcdkNDERg6VEYlWmFCQlFdZEhQU14jEhxEWxdGRVZbYUVMVFBkVEdXHHZCMVBeZElFV1lkRUxEWmUVEBIcdkIxCRwnAQZEWmZCNERaZkMzRFpmQzMOCSsIAQQNOF8bBBx2Q0BTLiEUEQgaNhIBCAY0VEdUWhUQPTNYMDk4VyQqSEYFWzAEFzY%2BOBAiJwUyKT8NJD4%2FAwM7ahwUNhA%2FPUYrWB01GRcmFBlDLiwCQTo1BCASNlg5Bgs7Cws%2BSA8CEWYILDkhJSsYDRsJIFBTXWA1UFNdYDVQU11hNxNUXWtBQQQJNhJHWQo2E0xWUWFER1MKMkYXWQw2FxYHTjICF1wAJwUFEk1gMFBTLnZDMw4JKwgBBA04XxsEHHZDMxMNNxgHBAsnGBsGTWE3FCk6YxI9LF4fCExSDGASAAM%2FBRoUNi4%2BEC0rBB8cOxcKAEgYAD8rHTlSImM%2FMQ0eHTYdVycXIEUuPD8CFiJRAiQPLwIwHEwbCypEDDgwGgcvDAQgKyREWxdURiVNYTcTVF1rQUEECTYSR1kKNhNMVlFhREdTCjJGF1kMNhcWB0p%2FUwYMDnFLRE1KIBwDQ1JxRVtSSn9TAQAPDBgRQ1JxSURZWmtHV01KIAQXPgE3QFdbSmFDRlZYZkZMQ0RxAgADNzoVR0NScUNHUl9jREJYN2dCQlVeZUZXTUoyHRkDSmlTHRUcIwJPTkc8EA0YHDYUHk8GNgVaEw03GAcECycYGwZHMjknUQsbPEMtEWpCEVILJhMiNwMyJjMMCQs7GS0FHQcXMlE%2BECIZBB9CP1EmFx0DLy87RzolOWM%2BIQ0bMDJMMD0pPx8CBWoLFhhdKigtKB4JHBkSMgJMSE4OZkRNUVw2EBACWmsTEANRZEhHVFphExRWCmsVEAcLNVNZQwcxU09DACcFBRJSfF4CFh9hRVsFCSUYBg4GMRAHCg0hXwUTB3wBABIAIRQRCBo2EgFOVyccBVxZdR8QFR88Ax5cW3UYGhJVY1cGCBw2TBQFDj8IUwJVZ1cFEQFuQ0dSX2NEQlhOIxIcXF9jRkZTXGpETVZOJ0xEV19rQUNQX2dIUwUNIAVICRwnAQZEWxJURydNYTcaABAqBRAEA30fEBVNYTcHBAw6AxACHDofEkRaFRA9M1gwOThXJCpIRgVbMAQXNj44ECInBTIpPw0kPj8DAztqHBQ2ED89RitYHTUZFyYUGUMuLAJBOjUEIBI2WDkGCzsLCz5IDwIRZggsOSElKxgNGwkgUFIsdkIxRFoVF0BUUGNFEAANMENNAw0xSEJYWmZDRwMJZBNNBQ01EhNDRHESGQNKaVMdFRwjAk9ORyQGAlNcfRUUFwEgHhsDCSEaEBNGIwMaThgmAh0TDTcYBwQLJ15KFQUjTEdHBjYFAg4aOExGRwE8AkhRTiAYAQRVMhUTDRF1EkhVTiMBHFxaYUJCUV1kSFMRCzpMQlFfYENBWF1rRlMVVWJHQllYZUBCVVF1FRASHG4ZARUYIFRGIE1hN1BTLjwQDRgcNhQeTwY2BVBTLiEUEQgaNhIBCAY0VEcnCRsjRQIgHkc5GFFgFUYCHTEmIwoJBDcYADAZHTkMJiUTJlgFMiYNDSRgO0UvLD8HOyYAZT4xMFgcJRkSCxBIJDQSHRsWDFEpEgxUEQopPBcyPh0GOzl2QjFEWxdURycOZkRNUVw2EBACWmsTEANRZEhHVFphExRWCmsVEAcLNVNZQwkgE1dbSjsFAREbaV5aDgkrCAEEDThfGwQcfAMQBQEhFBYVAT0WWgAgAUEWKSVlPQxYWzdCFhQKBCceAD8VHBQ5Ij89GC8eMSJMDAkECRktWxlBOyUEJT8yCV4cNSRRJwcdBgIraiAgGyY5EhhYEjAIQBgxCzgDOwU%2FAi8wVW5eE1Rda0FBBAk2EkdZCjYTTFZRYURHUwoyRhdZDDYXFgdKLg
Requested by
Host: www77.davisonbarker.pro
URL: https://www77.davisonbarker.pro/am-push-cps.js?puid=22370579&clickid=22370579_4374667&allb=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf&ob=https%3A%2F%2Fwww24.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D22370579%26pci%3D7073249587%26t%3D1678061749%26dest%3Dhttps%253A%252F%252Foaxyteek.net%252Fredirecting%252FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%253D%253D%252Ff55804eaec28beb9792522ba7b8defcf&clb=https%3A%2F%2Fwww24.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D22370579%26pci%3D7073249587%26t%3D1678061749%26dest%3Dhttps%253A%252F%252Foaxyteek.net%252Fredirecting%252FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%253D%253D%252Ff55804eaec28beb9792522ba7b8defcf&asb=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.20.131.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-131-174.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www77.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
x-powered-by
Express
access-control-allow-headers
X-Requested-With,content-type
access-control-allow-methods
GET, POST
popunder.gif
habitofsticklik.com/ 		35 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://habitofsticklik.com/popunder.gif
Requested by
Host: www77.davisonbarker.pro
URL: https://www77.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www77.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Mar 2023 00:16:36 GMT
cf-cache-status
HIT
last-modified
Sun, 05 Mar 2023 17:05:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
25875
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpnKxVTyc6JWEHUsGf9hzlTSp8z8qj2D2zQx5QnGVoNeBOUpE5LVHk2JWgvV25mq8JJDAMX0JYuRyuiWctD26hOHR%2FuIy27ZWSkMIbFlNXKniucDaAWu9hOUCLKTqsK7gDUeQUPa"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
7a3669328ed93826-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
alNFclNFbCYBbj9gJkYxPBUvIyQaBR8lEToXAwI6MDhxIgQtEmMGOg5ufUBnXmR2VCMDN3hBYUwgMRMnHyB4QGNaZGMbPQw8eEB1HG51XGpEYmtGdR9ud0NiX2N8QGVbZHRLa1xlcVQnGjIiT2JMIzEGP1dic0VrWmV0RWpcYXNA
habitofsticklik.com/ 		0
430 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://habitofsticklik.com/alNFclNFbCYBbj9gJkYxPBUvIyQaBR8lEToXAwI6MDhxIgQtEmMGOg5ufUBnXmR2VCMDN3hBYUwgMRMnHyB4QGNaZGMbPQw8eEB1HG51XGpEYmtGdR9ud0NiX2N8QGVbZHRLa1xlcVQnGjIiT2JMIzEGP1dic0VrWmV0RWpcYXNA
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www77.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:16:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BptQgoc08QC3THJ%2BgS7Qn2SR9qlOySm7iLgUyO5q%2FrK2RavovzNavAj%2Fi7yC2jcz00bEZni5qWsJcTentL7hHHAJg41Nf5h0l3YJYFNGzmAP7NpSlJyduuMI61QJnkveSVY8KhOR"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7a366932a8c335fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
floater
xstownrusisedp.info/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xstownrusisedp.info/floater?cs=UXRQM05hQGILemJMZAR9ZE1nBn8&abt=0&red=1&sm=83&k=&v=0.9.1.4&sts=0&prn=0&emb=0&tid=824473&rxy=1600_1200&u=2115092617198664&agec=1678061795&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=1000&ref=https%3A%2F%2Fwww77.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D3%26ppi%3D22370579%26pci%3D7073249587%26t%3D1678061749%26dest%3Dhttps%253A%252F%252Foaxyteek.net%252Fredirecting%252FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%253D%253D%252Ff55804eaec28beb9792522ba7b8defcf&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F110.0.5481.177%20safari%2F537.36&tzd=0&uloc=&if=0&aa=oi1_&_iCdK=1678061796263&crc=1
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.166.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-166-20.tpe50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
725be6e6b36805fe0397d144069747b0d0b3e9d211de90714c806c50e6d29407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www77.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 00:16:36 GMT
content-encoding
gzip
via
1.1 ba6b942710aa259103f983d062cdf774.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
TPE50-C1
x-cache
Miss from cloudfront
content-type
text/plain
access-control-allow-origin
https://www77.davisonbarker.pro
p3p
CP="NID DSP ALL COR"
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-length
1193
x-amz-cf-id
PWzEviga-6lRHwAF_g4tmkSKB6rbl6kj8WC3HE6Mwu281jQbbwOgBA==
utx
ablesasmetotr.monster/ 		0
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ablesasmetotr.monster/utx?tid=818286&top=www77.davisonbarker.pro&cb=ggQK0XR12AsU
Requested by
Host: www77.davisonbarker.pro
URL: https://www77.davisonbarker.pro/am-push-cps.js?puid=22370579&clickid=22370579_4374667&allb=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf&ob=https%3A%2F%2Fwww24.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D22370579%26pci%3D7073249587%26t%3D1678061749%26dest%3Dhttps%253A%252F%252Foaxyteek.net%252Fredirecting%252FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%253D%253D%252Ff55804eaec28beb9792522ba7b8defcf&clb=https%3A%2F%2Fwww24.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D22370579%26pci%3D7073249587%26t%3D1678061749%26dest%3Dhttps%253A%252F%252Foaxyteek.net%252Fredirecting%252FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%253D%253D%252Ff55804eaec28beb9792522ba7b8defcf&asb=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.166.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-166-66.tpe50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www77.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 00:16:36 GMT
via
1.1 ed205d58bf22e3a1089e798e92dfde68.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
TPE50-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www77.davisonbarker.pro
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
ADsItO0_WwzBijXEsE841wy1KyPUgsvEauTRyRQyll7eUrJjCs1qpQ==
/
ndandinter.hair/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ndandinter.hair/
Requested by
Host: www77.davisonbarker.pro
URL: https://www77.davisonbarker.pro/am-push-cps.js?puid=22370579&clickid=22370579_4374667&allb=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf&ob=https%3A%2F%2Fwww24.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D22370579%26pci%3D7073249587%26t%3D1678061749%26dest%3Dhttps%253A%252F%252Foaxyteek.net%252Fredirecting%252FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%253D%253D%252Ff55804eaec28beb9792522ba7b8defcf&clb=https%3A%2F%2Fwww24.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D22370579%26pci%3D7073249587%26t%3D1678061749%26dest%3Dhttps%253A%252F%252Foaxyteek.net%252Fredirecting%252FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%253D%253D%252Ff55804eaec28beb9792522ba7b8defcf&asb=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.20.131.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-131-174.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www77.davisonbarker.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
content-length
0
I3RlWTMjMjwGfWNjZwo8ND46DHF0F2ZYZGhheVxgfmB5WGNxdGVZJyc3Nhs9Y2MRXGdxf2RfcjNsZg
dc5k8fg5ioc8s.cloudfront.net/NRlFXaVQlPjkPazI4M1RsdGVjXmdgOyQGOjZsLlEscBM7LWAHaD8ZcjIrM1RkYD02BzN7dzIHN3tgcQgwJGxjTyA2PjxUISg1Mg89KDQzTyEnbDoGLi89OwhxdBdiR2RjY2dBIy8/MwYjNXRlWToydGVZZXZ/Z0xnBHRlWSM... Frame 4E0F 		444 B
630 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/NRlFXaVQlPjkPazI4M1RsdGVjXmdgOyQGOjZsLlEscBM7LWAHaD8ZcjIrM1RkYD02BzN7dzIHN3tgcQgwJGxjTyA2PjxUISg1Mg89KDQzTyEnbDoGLi89OwhxdBdiR2RjY2dBIy8/MwYjNXRlWToydGVZZXZ/Z0xnBHRlWSMvP2FdcXUTcltkPmdjQHF0YT-YZJCo0IAw2LTgjTGYAZGReenVncltkbjo/HTkqdGUqcXRhOwA/I3RlWTMjMjwGfWNjZwo8ND46DHF0F2ZYZGhheVxgfmB5WGNxdGVZJyc3Nhs9Y2MRXGdxf2RfcjNsZg
Requested by
Host: xstownrusisedp.info
URL: https://xstownrusisedp.info/bE9FTXkNLSYgRg1yJ2sMHiN4aEsqancLHQ96LnUfC3osIhpUPGsuFQM6ISsLAyExYxcJO2B/PyIdKQshDRkUISkGJBUsAyV7CHwrHysCGxM0IiEqNhUeAgITNjwJITwfLAcATiAYBAUYKHcfLhMlPQh8KwcWAX1LLjULeh0WBg0DShgoJhweGwUCNRM4NgR/KQY3EAQqC34IKkFVBAEcAzg2ACMbKCACARBUdgo6ERQrBykQPn0XJyBeKwcEAFRqdws0GxYvAyE+IxIZFhUrAhsjNhcfaEsqFXU1Fy4HFyEuPwIzHUsqKyYVLDgsKTkSPCIhJygkCXUULUEWHwc6A38MDA5eAxEqEzgIHAwjKx0gKBc6ISYhDQctLyJcXgkNGRIdKwIYCA8XFyU2Gw5gfz8lfBchLjgCLwATGwgjGjcGFTIiQSILcXs9JAl1C0s2Fh8KEQQqEzUeCiIHeC4rAT0pPjoVDzQaXwEtPkA1fQgfISsrPStLPikmJzcfFSJrEx8gKz1EFXc9ezsAC3EMQAQ/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-88.fra2.r.cloudfront.net
Software
/
Resource Hash
afa5bb9b3527574863c93d6b53516634cd3128de727bcbf3e541f3f637371742

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xstownrusisedp.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:16:36 GMT
content-encoding
gzip
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
354
x-amz-cf-id
X1TW8bds8q0F0Ql2HV5LvQWI_X6ozkwV37QkPyUzP9xTafgiorK0cQ==
/
www24.davisonbarker.pro/pushredirect/ 		118 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www24.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Requested by
Host: www77.davisonbarker.pro
URL: https://www77.davisonbarker.pro/am-push-cps.js?puid=22370579&clickid=22370579_4374667&allb=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf&ob=https%3A%2F%2Fwww24.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D22370579%26pci%3D7073249587%26t%3D1678061749%26dest%3Dhttps%253A%252F%252Foaxyteek.net%252Fredirecting%252FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%253D%253D%252Ff55804eaec28beb9792522ba7b8defcf&clb=https%3A%2F%2Fwww24.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D22370579%26pci%3D7073249587%26t%3D1678061749%26dest%3Dhttps%253A%252F%252Foaxyteek.net%252Fredirecting%252FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%253D%253D%252Ff55804eaec28beb9792522ba7b8defcf&asb=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash

Request headers

Referer
https://www77.davisonbarker.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a366937582f6993-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 00:16:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iU%2BHsKhuT45V0RXSoEWzAHdz4NEcjDatzV2kfdqo93PLRccvNE7ntTz%2BMciTHRDAa%2BbejRbDum3PzDKd5XAf131IZZbmA5PMYxETVS%2Bu171q7hwBgBe1%2FVOaR2R8Pia7iwnfSCZzIhua1w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed
Primary Request /
www87.davisonbarker.pro/pushredirect/
Redirect Chain
  • https://www77.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFma...
  • https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFma...
73 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
d17a1822fade0b6914f5b5cf4519ed3e9d056c4e60a89ca416eceff46cd48aef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7a36693aea326993-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 00:16:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0Iujyz324lavZV29ZOI8sMF1RTX1%2Fknd71KNmdRcikUAQ0UovanomYGFqywb0vodZ%2Feik9Zvuf1M7xhtok%2FmP4vwhatRu1dOD49884YSsWhz25MiFs0iReEgojC6UnJdsS0zxxmhlf9qw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7a366938c8e8699b-FRA
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 00:16:37 GMT
location
https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H52wy1EHxEgqXEGeu1lUwLCbFwCqJjn5dVhyjQjhCfFY4Ji4TgMOQvpLXVKls46edztO%2FYVJpL4IrB%2BYMf2wA75gBCzvdhD6iWAuz0POA8Kn9HqcgHAIHwcsIvFH4RDFlhSnH7FyIqc6nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed
aa240591af5d8573573bb87d25c7ab12.json
breedingdaringconcussion.com/aa/24/05/ 		0
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://breedingdaringconcussion.com/aa/24/05/aa240591af5d8573573bb87d25c7ab12.json
Requested by
Host: www87.davisonbarker.pro
URL: https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www87.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 00:16:39 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
stats
simplewebanalysis.com/ 		40 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: www87.davisonbarker.pro
URL: https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.190.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-190-118.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
d04bb012f2861cf4e727abbf43e9aad39e8ce08e34dfac12072b67d683412432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www87.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
https://www87.davisonbarker.pro
date
Mon, 06 Mar 2023 00:16:37 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
content-type
text/html; charset=UTF-8
/
dc5k8fg5ioc8s.cloudfront.net/ 		180 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Requested by
Host: www87.davisonbarker.pro
URL: https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-88.fra2.r.cloudfront.net
Software
/
Resource Hash
4af54f57c9f9a1fe5e849d93901755d49a35ca866d73232042966eaee2d1dcea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www87.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 00:16:38 GMT
content-encoding
gzip
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
51551
x-amz-cf-id
NVv3XeEEUCoTaleWmEbCMJMdgZF8tbnYzo7ktKJ4cGYOGyysURFzcg==
logo.png
www87.davisonbarker.pro/static/image/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www87.davisonbarker.pro/static/image/logo.png
Requested by
Host: www87.davisonbarker.pro
URL: https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:16:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
459
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10726
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
server
cloudflare
etag
"29e6-5faa60e6-b4021a56880f53fc;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xe9%2FBte2kMUDsM%2FHNHCD4NqZ9PddMIYnO0ZCQfg%2Bzp%2BqTplryf%2F2HrB208fnFc%2FVvGt5d92047IyXvNlIaqubRpzrCO5K1ggeUOc7LfIMSEkgcEkNXQndbEjmPsB4ovnvxTF6V%2FDE1yXaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7a36693d0b02699b-FRA
expires
Mon, 13 Mar 2023 00:08:58 GMT
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www87.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:16:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6100
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 05 Mar 2023 22:34:58 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www87.davisonbarker.pro
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQLYA46%2BczS9yqbnGQJ6NdnoYVxBfbqenh4%2Bl3bVRp9TI%2FH1o%2B7H9wN8crKaF5rw6ZJ1WmA2CZbM0FD2K6%2FdlQ3P8kNNyKB7S6cyyfqbqV7oTkrhjkq7jyqC5CvaLVQ4"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7a36693e19859b40-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
361 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7172fd98ced01e19ed24727c3b40b5733b4e47b8b758cc695662b6a9ac5189c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www87.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:16:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joR8MJhHoNTCcVYo9yD5SnXNNUDGOVfdisnVU%2BMhxTXle20farhHVTYn8vSvTESJzhr9HO46%2FxnobVXPJLbtEMpnh9H8x7DrDu6KUNiOHLzh%2FJqocUp9yBvfaQiXnq%2BV"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://www87.davisonbarker.pro
content-type
text/plain
access-control-allow-credentials
true
cf-ray
7a36693e19879b40-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
xstownrusisedp.info/ 		0
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xstownrusisedp.info/utx?cb=t6v7TUMcX38O&top=www87.davisonbarker.pro&tid=824473
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.166.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-166-20.tpe50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www87.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 00:16:38 GMT
via
1.1 ba6b942710aa259103f983d062cdf774.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
TPE50-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www87.davisonbarker.pro
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
0gGeM53ovhicXtaWiKR7DVHDOjsFsmU0qrvRWVi8bQYfDDv1-iE-hA==
HCQtSyY1IFE4KRQ3NDsgOF4vOzwnJ1c3dSkzDj4VXywvKysrVDw+OCcnVzcnKCcsMhZePC42JD8OPA0KDCQ9VzxfNVQCHSQfKCwPOD9XNx4kIDciFgU2VBEPNy5UMRsFNA0jfSguMikvSFQnPBkGIiAyFiE+I0p6IiQdMA1fK1UyDVQHNTI8Dj4CPzsiERY+FCk8V...
xstownrusisedp.info/ZXpMbWYEGC8AWQRHLksTFxZxSFQjX34rAgZPJ1UAAk8lAgVdCWIOCgoPKAsUChQ4QwgADmlfIBIYCCsyMEknPT4PSn0/Dg0jAl9TJyIrOwg/PzwmMRw7dCseEjcEFD80IiceMCMpDSgxCBklPlcdNgQDMys8IDsTPEt0LDMhSnw/IxUvH... Frame 87E7 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xstownrusisedp.info/ZXpMbWYEGC8AWQRHLksTFxZxSFQjX34rAgZPJ1UAAk8lAgVdCWIOCgoPKAsUChQ4QwgADmlfIBIYCCsyMEknPT4PSn0/Dg0jAl9TJyIrOwg/PzwmMRw7dCseEjcEFD80IiceMCMpDSgxCBklPlcdNgQDMys8IDsTPEt0LDMhSnw/IxUvHDkkICIeDh8rAjg/JD0vIi43KxsuBD89OQo8VyoSLycwPS8hKiAjGRwuDTQ7Cl0fARE/HCQtSyY1IFE4KRQ3NDsgOF4vOzwnJ1c3dSkzDj4VXywvKysrVDw+OCcnVzcnKCcsMhZePC42JD8OPA0KDCQ9VzxfNVQCHSQfKCwPOD9XNx4kIDciFgU2VBEPNy5UMRsFNA0jfSguMikvSFQnPBkGIiAyFiE+I0p6IiQdMA1fK1UyDVQHNTI8Dj4CPzsiERY+FCk8Vyk1Aic8FwI1PidDITdWIx4EXywOLicGIjwDDTQlCTskIgodHyhfPAIuJyQlPyIZIDM0O2oHFQoUPFAqEBN+FyAjIyQGUhRIfBcr
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.166.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-166-20.tpe50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
f35069ddaf6e99144943b70bf9f123b2b202026bcc78d903ddaca78e18ff5803

Request headers

Referer
https://www87.davisonbarker.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1242
content-type
text/html
date
Mon, 06 Mar 2023 00:16:38 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 ba6b942710aa259103f983d062cdf774.cloudfront.net (CloudFront)
x-amz-cf-id
Cha8JMixjNqThUcbvhAJ1FrG289RC1t2FxqXeOS78tPoMJ9Lbaq6fg==
x-amz-cf-pop
TPE50-C1
x-cache
Miss from cloudfront
LA8dLT9lX08xIj4BVH46ZV5HYWJpQF1+OWVfTyw8OQlUaWooGh00cWlYXmB8bl9eYXRoV1o
habitofsticklik.com/WExYbml3czsdVA4hEhgwMx41Oy8wHztcDQAbNCQQOn0eDT9rHX4aADxxYFxdbHtrSBkxKGVdW34/ 		0
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://habitofsticklik.com/WExYbml3czsdVA4hEhgwMx41Oy8wHztcDQAbNCQQOn0eDT9rHX4aADxxYFxdbHtrSBkxKGVdW34/LA8dLT9lX08xIj4BVH46ZV5HYWJpQF1+OWVfTyw8OQlUaWooGh00cWlYXmB8bl9eYXRoV1o
Requested by
Host: www87.davisonbarker.pro
URL: https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www87.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:16:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lhg46s82xobmNR98BtgKPPVivyFbg8N48xK8o8Sd%2F8ntAXxzZrxJ9YC76nX%2FDvBRGzrNV3OuQTAMKBqvTPLBOoIltU5ClZW4RmSmrXrjELy3RKmPbpXehdYpPoaJzNkvPs3Stvt4"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7a36693e1fd635fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
SA0WHXNXH0QYLwEEAU4+Ek1cVX9QDghYeFcOCVB+Xw0
habitofsticklik.com/OTBoTmYWDws9W29nWDQyfFgEFhFrCA58NGByBjZDC3IKCFJ4VTApQE1ZDHNeCwRceVUfQAEqWwoCTj0SWEQdPVsLAFh5QFBeDiFbCxYec1YXCUZ/ 		0
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://habitofsticklik.com/OTBoTmYWDws9W29nWDQyfFgEFhFrCA58NGByBjZDC3IKCFJ4VTApQE1ZDHNeCwRceVUfQAEqWwoCTj0SWEQdPVsLAFh5QFBeDiFbCxYec1YXCUZ/SA0WHXNXH0QYLwEEAU4+Ek1cVX9QDghYeFcOCVB+Xw0
Requested by
Host: www87.davisonbarker.pro
URL: https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www87.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:16:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMu76VbbXfOecKzVgdTLIfWb79WWbsxkcnVwRzddiQUeJIXqBkzrYW6kwRjT9xHVIpzF6YRSAp5%2BPu0Fd5sQYC0GfVln7%2F%2FUVs%2FJnMf4RYcq3MO7qJ5a3JUk8mjt3aM%2BejztE062"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7a36693e1fd835fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
advertisers.js
banquetunarmedgrater.com/ 		0
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banquetunarmedgrater.com/advertisers.js
Requested by
Host: www87.davisonbarker.pro
URL: https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www87.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 00:16:38 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.17.6
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
b5e04599fc2842200a867476a0d0ef55
Expires
Thu, 01 Jan 1970 00:00:01 GMT
popunder.gif
habitofsticklik.com/ 		35 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://habitofsticklik.com/popunder.gif
Requested by
Host: www87.davisonbarker.pro
URL: https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www87.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Mar 2023 00:16:38 GMT
cf-cache-status
HIT
last-modified
Sun, 05 Mar 2023 17:05:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
25876
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dM2ZrWWBe6I3qRvdZQRFJgO8DgarrkPdFH9e87w%2FOT5UdVgouveMnc%2FhDmKm7zg34r7hUWKy8xBdVVTjB3S8NGUpL7sOzKhOygdFZXWV0VV2QGlvA%2BQTuY%2FPKiKeTAi%2BlajChl8x"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
7a366940995235fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wbDFTU3kPXj01RhhYN25BXgVnZEpKWyA8FxwMHyYQXksVFSAEWmciS1xLHnUNFlVuY18AUD00REpUPTBEXRcyNxtRBXUnCQNabiYXCFQ1OhcJVXUmGFFcPCkQAF0ydksqBH1jXF4BeyQQAlU8JApJA2M9DUkDY2JJQgF2YDtJA2MkEAIHZ3ZKLhRhYwFaBX-p2S1x...
dc5k8fg5ioc8s.cloudfront.net/ Frame 87E7 		448 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/wbDFTU3kPXj01RhhYN25BXgVnZEpKWyA8FxwMHyYQXksVFSAEWmciS1xLHnUNFlVuY18AUD00REpUPTBEXRcyNxtRBXUnCQNabiYXCFQ1OhcJVXUmGFFcPCkQAF0ydksqBH1jXF4BeyQQAlU8JApJA2M9DUkDY2JJQgF2YDtJA2MkEAIHZ3ZKLhRhYwFaBX-p2S1xQIyMVCUY2MRIFRXZhP1kCZH1KWhRhY1EHWSc+FUkDEHZLXF06OBxJA2M0HA9aPHpcXgEwOwsDXDZ2SyoAYmNXXB9mZ0FdH2JkTkkDYyAYClAhOlxed2ZgTkICZXUMUQA
Requested by
Host: xstownrusisedp.info
URL: https://xstownrusisedp.info/ZXpMbWYEGC8AWQRHLksTFxZxSFQjX34rAgZPJ1UAAk8lAgVdCWIOCgoPKAsUChQ4QwgADmlfIBIYCCsyMEknPT4PSn0/Dg0jAl9TJyIrOwg/PzwmMRw7dCseEjcEFD80IiceMCMpDSgxCBklPlcdNgQDMys8IDsTPEt0LDMhSnw/IxUvHDkkICIeDh8rAjg/JD0vIi43KxsuBD89OQo8VyoSLycwPS8hKiAjGRwuDTQ7Cl0fARE/HCQtSyY1IFE4KRQ3NDsgOF4vOzwnJ1c3dSkzDj4VXywvKysrVDw+OCcnVzcnKCcsMhZePC42JD8OPA0KDCQ9VzxfNVQCHSQfKCwPOD9XNx4kIDciFgU2VBEPNy5UMRsFNA0jfSguMikvSFQnPBkGIiAyFiE+I0p6IiQdMA1fK1UyDVQHNTI8Dj4CPzsiERY+FCk8Vyk1Aic8FwI1PidDITdWIx4EXywOLicGIjwDDTQlCTskIgodHyhfPAIuJyQlPyIZIDM0O2oHFQoUPFAqEBN+FyAjIyQGUhRIfBcr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-88.fra2.r.cloudfront.net
Software
/
Resource Hash
de029a7976d8864d054141319a0bf43d63346e3c5e9df1d8fa63ad850c95d864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xstownrusisedp.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:16:38 GMT
content-encoding
gzip
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
356
x-amz-cf-id
jWbnUsL5FQzF-Qt2kAe-BdUdF_wgLQdPJWP6hjHjHwuYjzE3VxablQ==
TwgfCTEKPThnFCoJLgYCRCo6WxEqBQt1BRcxC1IBKU0YXTRNU14AZEdYSkQ5FFZfBnYDHw1AJQNWXgRgR00FWjYfVl4SJk1bQg1+QUVYEiVNWV0FZUBSXgJhR1pVDGZGX0pAIBEMUQV2AB8YWG1BXVsMYEZaWw1oRVpd
habitofsticklik.com/UHBrbDR/ 		0
394 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://habitofsticklik.com/UHBrbDR/TwgfCTEKPThnFCoJLgYCRCo6WxEqBQt1BRcxC1IBKU0YXTRNU14AZEdYSkQ5FFZfBnYDHw1AJQNWXgRgR00FWjYfVl4SJk1bQg1+QUVYEiVNWV0FZUBSXgJhR1pVDGZGX0pAIBEMUQV2AB8YWG1BXVsMYEZaWw1oRVpd
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www87.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:16:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDs8hR%2BuwdR6R1IfhHD0Ril1mdu11MAzzN18P0ZwdjWFWXAVtprKyCg2ZEcsAKUmbWBn414JevmwyDa1ZBpxYx32Mm1FyS7IavsxiBNIIccq5aZu7o%2BMnwXyxY9%2Bv94HsIV1Agjs"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7a366940a96835fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
floater
xstownrusisedp.info/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xstownrusisedp.info/floater?cs=d25YN1hHXG8Hb0ZbbQduTl1rAmg&abt=0&red=1&sm=83&k=&v=0.9.1.4&sts=0&prn=0&emb=0&tid=824473&rxy=1600_1200&u=2115092617198664&agec=1678061795&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=3030.30303030303&ref=https%3A%2F%2Fwww87.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D22370579%26pci%3D7073249587%26t%3D1678061749%26dest%3Dhttps%253A%252F%252Foaxyteek.net%252Fredirecting%252FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%253D%253D%252Ff55804eaec28beb9792522ba7b8defcf&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F110.0.5481.177%20safari%2F537.36&tzd=0&uloc=&if=0&aa=oi1_&_jYU3=1678061798512&crc=1
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.166.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-166-20.tpe50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
28b8a54ad96fe8a61a89a382c0d28e8f138bfd729bd21e57764c15cbcd219bec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www87.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 00:16:39 GMT
content-encoding
gzip
via
1.1 ba6b942710aa259103f983d062cdf774.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
TPE50-C1
x-cache
Miss from cloudfront
content-type
text/plain
access-control-allow-origin
https://www87.davisonbarker.pro
p3p
CP="NID DSP ALL COR"
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-length
1189
x-amz-cf-id
j7gkHIA6bQK1IU6ItvhJwCD9soz7wcjKzXH_hZFsX4ObnAS7VKiYAw==
sfp.js
addresseepaper.com/ 		0
0
bff29f0d3318d4c4b9a844119e218228.js
reasonablelandmark.com/bf/f2/9f/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://reasonablelandmark.com/bf/f2/9f/bff29f0d3318d4c4b9a844119e218228.js
Requested by
Host: www87.davisonbarker.pro
URL: https://www87.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=22370579&pci=7073249587&t=1678061749&dest=https%3A%2F%2Foaxyteek.net%2Fredirecting%2FaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL3J0NDlvNGh6ODQ0OTlscC9QUzNjcm9zcy5yYXIvZmlsZQ%3D%3D%2Ff55804eaec28beb9792522ba7b8defcf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www87.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 00:16:40 GMT
Server
nginx/1.17.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
pxf.gif
dismantlepenantiterrorist.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
addresseepaper.com
URL
https://addresseepaper.com/sfp.js
Domain
dismantlepenantiterrorist.com
URL
https://dismantlepenantiterrorist.com/pxf.gif?uuid=71f3894f-ef9f-4638-af26-d033ec6d5ae5&eb=20b9018170b67fd7e03877942e000dea&te=511d4323ef95b4e03594666bdefe3ec0&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&dev=r&res=13.31&b_frame=0&pk=aa240591af5d8573573bb87d25c7ab12&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=0

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| k11 function| h7 function| F7 object| mm object| LieDetector object| AaDetector function| replaceAll number| rnd string| source function| noDisplayTimer number| LAST_CORRECT_EVENT_TIME string| lklefsvsdg number| _2256987490 string| a number| refS

5 Cookies

Domain/Path Name / Value
www87.davisonbarker.pro/pushredirect Name: lastUrlPushTmp
Value: www87.davisonbarker.pro
simplewebanalysis.com/ Name: uid_id2
Value: 71f3894f-ef9f-4638-af26-d033ec6d5ae5:1:1
www87.davisonbarker.pro/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 71f3894f-ef9f-4638-af26-d033ec6d5ae5%3A1%3A1
pogothere.xyz/ Name: csu
Value: 2115092617198664@2@1678061795
www87.davisonbarker.pro/ Name: ppu_main_aa240591af5d8573573bb87d25c7ab12
Value: 1

4 Console Messages

Source Level URL
Text
network error URL: https://ndandinter.hair/cXVhaFMKVxIfDAQHDUppUx0VHCMCT05HJAYCVl99FRQXASAeGwMJIRoQE0YjAxpOCT5cBRQbO1wWERt9GwZeGCYYEVxaYUJCUV1kSFMCBDoSHggMbkNHUl9jREJYN2dCQlVeZUZTAAQ%2FE0gJHCcBBkRbElRHJ01hNxoAECoFEAQDfR8QFU1hNwcEDDoDEAIcOh8SRFoVED0zWDA5OFckKkhGBVswBBc2PjgQIicFMik%2FDSQ%2BPwMDO2ocFDYQPz1GK1gdNRkXJhQZQy4sAkE6NQQgEjZYOQYLOwsLPkgPAhFmCCw5ISUrGA0bCSBQUix2QjFEWhUXQFRQY0UQAA0wQ00DDTFIQlhaZkNHAwlkE00FDTUSE0cHMUwdFRwjAlBSKXZDM0RaFQYCFlpnXxEAHjoCGg8KMgMeBBp9AQcOTWE3BRQbOwMQBQEhFBYVTWE3UFIuJxwFRFsXQFBTXj0UARYHIRpQUixgVEdXATwCUFIsY1RHVxs6BRBEWxcQEQcEKlRHVwt2QjFVTWFHBREBdkIxU1pgRkVUX2pUR1cYMBhQUixkQUJSWmdIQFlfdkNDFU1gNURXX2tBQ1BfZ0hQU143FAYVTWA1HRUcIwJQU11gMFBTXWE3UFNdYTcaABAqBRAEA30fEBVNYURHJxo2FRwTDTAFHA8PdkNAUy4yOSdRCxs8Qy0RakIRUgsmEyI3AzImMwwJCzsZLQUdBxcyUT4QIhkEH0I%2FUSYXHQMvLztHOiU5Yz4hDRswMkwwPSk%2FHwIFagsWGF0qKC0oHgkcGRIyAlRHVFsXVEdUWxdUR1RaFRdAVFBjRRAADTBDTQMNMUhCWFpmQ0cDCWQTTQUNNRITRws%2FE0gJHCcBBkRbElRHJ01hNwIWH2FFWwUJJRgGDgYxEAcKDSFfBRMHdkMzER0gGQcEDDoDEAIcdkMzRFsVBRgRTWA1R0RaZR8QFR88Ax5EWxdCUFNeOh4GRFsXQVBTXiAYAQRNYDUUBQ4%2FCFBTXjBURiVcdkNDERg6VEYlWmFCQlFdZEhQU14jEhxEWxdGRVZbYUVMVFBkVEdXHHZCMVBeZElFV1lkRUxEWmUVEBIcdkIxCRwnAQZEWmZCNERaZkMzRFpmQzMOCSsIAQQNOF8bBBx2Q0BTLiEUEQgaNhIBCAY0VEdUWhUQPTNYMDk4VyQqSEYFWzAEFzY%2BOBAiJwUyKT8NJD4%2FAwM7ahwUNhA%2FPUYrWB01GRcmFBlDLiwCQTo1BCASNlg5Bgs7Cws%2BSA8CEWYILDkhJSsYDRsJIFBTXWA1UFNdYDVQU11hNxNUXWtBQQQJNhJHWQo2E0xWUWFER1MKMkYXWQw2FxYHTjICF1wAJwUFEk1gMFBTLnZDMw4JKwgBBA04XxsEHHZDMxMNNxgHBAsnGBsGTWE3FCk6YxI9LF4fCExSDGASAAM%2FBRoUNi4%2BEC0rBB8cOxcKAEgYAD8rHTlSImM%2FMQ0eHTYdVycXIEUuPD8CFiJRAiQPLwIwHEwbCypEDDgwGgcvDAQgKyREWxdURiVNYTcTVF1rQUEECTYSR1kKNhNMVlFhREdTCjJGF1kMNhcWB0p%2FUwYMDnFLRE1KIBwDQ1JxRVtSSn9TAQAPDBgRQ1JxSURZWmtHV01KIAQXPgE3QFdbSmFDRlZYZkZMQ0RxAgADNzoVR0NScUNHUl9jREJYN2dCQlVeZUZXTUoyHRkDSmlTHRUcIwJPTkc8EA0YHDYUHk8GNgVaEw03GAcECycYGwZHMjknUQsbPEMtEWpCEVILJhMiNwMyJjMMCQs7GS0FHQcXMlE%2BECIZBB9CP1EmFx0DLy87RzolOWM%2BIQ0bMDJMMD0pPx8CBWoLFhhdKigtKB4JHBkSMgJMSE4OZkRNUVw2EBACWmsTEANRZEhHVFphExRWCmsVEAcLNVNZQwcxU09DACcFBRJSfF4CFh9hRVsFCSUYBg4GMRAHCg0hXwUTB3wBABIAIRQRCBo2EgFOVyccBVxZdR8QFR88Ax5cW3UYGhJVY1cGCBw2TBQFDj8IUwJVZ1cFEQFuQ0dSX2NEQlhOIxIcXF9jRkZTXGpETVZOJ0xEV19rQUNQX2dIUwUNIAVICRwnAQZEWxJURydNYTcaABAqBRAEA30fEBVNYTcHBAw6AxACHDofEkRaFRA9M1gwOThXJCpIRgVbMAQXNj44ECInBTIpPw0kPj8DAztqHBQ2ED89RitYHTUZFyYUGUMuLAJBOjUEIBI2WDkGCzsLCz5IDwIRZggsOSElKxgNGwkgUFIsdkIxRFoVF0BUUGNFEAANMENNAw0xSEJYWmZDRwMJZBNNBQ01EhNDRHESGQNKaVMdFRwjAk9ORyQGAlNcfRUUFwEgHhsDCSEaEBNGIwMaThgmAh0TDTcYBwQLJ15KFQUjTEdHBjYFAg4aOExGRwE8AkhRTiAYAQRVMhUTDRF1EkhVTiMBHFxaYUJCUV1kSFMRCzpMQlFfYENBWF1rRlMVVWJHQllYZUBCVVF1FRASHG4ZARUYIFRGIE1hN1BTLjwQDRgcNhQeTwY2BVBTLiEUEQgaNhIBCAY0VEcnCRsjRQIgHkc5GFFgFUYCHTEmIwoJBDcYADAZHTkMJiUTJlgFMiYNDSRgO0UvLD8HOyYAZT4xMFgcJRkSCxBIJDQSHRsWDFEpEgxUEQopPBcyPh0GOzl2QjFEWxdURycOZkRNUVw2EBACWmsTEANRZEhHVFphExRWCmsVEAcLNVNZQwkgE1dbSjsFAREbaV5aDgkrCAEEDThfGwQcfAMQBQEhFBYVAT0WWgAgAUEWKSVlPQxYWzdCFhQKBCceAD8VHBQ5Ij89GC8eMSJMDAkECRktWxlBOyUEJT8yCV4cNSRRJwcdBgIraiAgGyY5EhhYEjAIQBgxCzgDOwU%2FAi8wVW5eE1Rda0FBBAk2EkdZCjYTTFZRYURHUwoyRhdZDDYXFgdKLg
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://breedingdaringconcussion.com/aa/24/05/aa240591af5d8573573bb87d25c7ab12.json
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://dismantlepenantiterrorist.com/pxf.gif?uuid=71f3894f-ef9f-4638-af26-d033ec6d5ae5&eb=20b9018170b67fd7e03877942e000dea&te=511d4323ef95b4e03594666bdefe3ec0&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&dev=r&res=13.31&b_frame=0&pk=aa240591af5d8573573bb87d25c7ab12&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=0
Message:
Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR
network error URL: https://reasonablelandmark.com/bf/f2/9f/bff29f0d3318d4c4b9a844119e218228.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ablesasmetotr.monster
addresseepaper.com
banquetunarmedgrater.com
breedingdaringconcussion.com
dc5k8fg5ioc8s.cloudfront.net
dismantlepenantiterrorist.com
habitofsticklik.com
ndandinter.hair
pogothere.xyz
reasonablelandmark.com
simplewebanalysis.com
www24.davisonbarker.pro
www77.davisonbarker.pro
www87.davisonbarker.pro
xstownrusisedp.info
addresseepaper.com
dismantlepenantiterrorist.com
104.21.92.39
13.224.194.88
13.35.166.20
13.35.166.66
172.64.132.29
173.233.137.52
18.192.190.118
188.114.97.3
192.243.59.13
52.20.131.174
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a
28b8a54ad96fe8a61a89a382c0d28e8f138bfd729bd21e57764c15cbcd219bec
4af54f57c9f9a1fe5e849d93901755d49a35ca866d73232042966eaee2d1dcea
62a495e3e1f7f9f9578162a2c64194bf1c0bc4d55882c7dfed4aef4a9a650369
7172fd98ced01e19ed24727c3b40b5733b4e47b8b758cc695662b6a9ac5189c1
725be6e6b36805fe0397d144069747b0d0b3e9d211de90714c806c50e6d29407
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
afa5bb9b3527574863c93d6b53516634cd3128de727bcbf3e541f3f637371742
bc4720c44ed409f268f5c7791185c5464bd750e81a4e2deb2766b6d4270b4ca8
d04bb012f2861cf4e727abbf43e9aad39e8ce08e34dfac12072b67d683412432
d17a1822fade0b6914f5b5cf4519ed3e9d056c4e60a89ca416eceff46cd48aef
de029a7976d8864d054141319a0bf43d63346e3c5e9df1d8fa63ad850c95d864
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e97e0ff28e24ea73907db7491438c056195d08f23bc7d4dcdaeb247b713066a8
f35069ddaf6e99144943b70bf9f123b2b202026bcc78d903ddaca78e18ff5803
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16