urlscan.io logo urlscan.io
SecurityTrails logo

www.fel3ardaa.live Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fel3ardaa.live/
Effective URL: https://www.fel3ardaa.live/
Submission: On April 12 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 18 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.fel3ardaa.live.
TLS certificate: Issued by GTS CA 1P5 on April 7th 2023. Valid for: 3 months.
This is the only time www.fel3ardaa.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 173.233.139.164 7979 (SERVERS-COM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::347 54113 (FASTLY)
1 139.45.197.239 9002 (RETN-AS)
2 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 67.199.248.10 396982 (GOOGLE-CL...)
18 10
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
fel3ardaa.live
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.fel3ardaa.live
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
4    173.233.139.164 (United States)

ASN7979 (SERVERS-COM, US)
almightyexploitjumpy.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42::347 (United States)

ASN54113 (FASTLY, US)
cdn.statically.io
1    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
goomaphy.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
youtube.com
www.youtube.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
consent.youtube.com
3    2a00:1450:4001:812::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
Apex Domain
Subdomains		 Transfer
4 almightyexploitjumpy.com
almightyexploitjumpy.com
3 blogger.com
www.blogger.com — Cisco Umbrella Rank: 9153
3 KB
3 youtube.com
youtube.com — Cisco Umbrella Rank: 60
www.youtube.com — Cisco Umbrella Rank: 93
consent.youtube.com — Cisco Umbrella Rank: 40323
2 KB
3 gstatic.com
fonts.gstatic.com
53 KB
3 fel3ardaa.live
fel3ardaa.live
www.fel3ardaa.live
140 KB
2 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 15222
45 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 5486
432 B
1 goomaphy.com
goomaphy.com — Cisco Umbrella Rank: 171349
1 statically.io
cdn.statically.io — Cisco Umbrella Rank: 8296
56 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
9 KB
18 10
Domain Requested by
4 almightyexploitjumpy.com www.fel3ardaa.live
3 www.blogger.com cdnjs.cloudflare.com
3 fonts.gstatic.com www.fel3ardaa.live
2 blogger.googleusercontent.com www.fel3ardaa.live
2 www.fel3ardaa.live www.fel3ardaa.live
1 bit.ly 1 redirects
1 consent.youtube.com www.fel3ardaa.live
1 www.youtube.com 1 redirects
1 youtube.com 1 redirects
1 goomaphy.com www.fel3ardaa.live
1 cdn.statically.io www.fel3ardaa.live
1 cdnjs.cloudflare.com www.fel3ardaa.live
1 fel3ardaa.live 1 redirects
18 13

This site contains links to these domains. Also see Links.

Domain
youtube.com
Subject Issuer Validity Valid
*.fel3ardaa.live
GTS CA 1P5		 2023-04-07 -
2023-07-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
almightyexploitjumpy.com
R3		 2023-03-22 -
2023-06-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
statically.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-22 -
2023-12-24		 a year crt.sh
goomaphy.com
R3		 2023-03-18 -
2023-06-16		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.fel3ardaa.live/
Frame ID: 2A920ABB87061645923265AE0F2E4775
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

في العارضه fel3arda بث مباشر جميع مباريات اليوم

Page URL History Show full URLs

  1. http://fel3ardaa.live/ HTTP 302
    https://www.fel3ardaa.live/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • zepto.*\.js

Page Statistics

18
Requests

89 %
HTTPS

75 %
IPv6

10
Domains

13
Subdomains

10
IPs

3
Countries

305 kB
Transfer

562 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fel3ardaa.live/ HTTP 302
    https://www.fel3ardaa.live/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://youtube.com/channel/UCcejdhyybZrCF0c-dIQPpFAw.blogger.com/feeds/770posts/default/4010169340389713602?alt=json&_=1681296265942&callback=Zepto1681296265885 HTTP 301
  • https://www.youtube.com/channel/UCcejdhyybZrCF0c-dIQPpFAw.blogger.com/feeds/770posts/default/4010169340389713602?alt=json&_=1681296265942&callback=Zepto1681296265885 HTTP 302
  • https://consent.youtube.com/m?continue=https%3A%2F%2Fwww.youtube.com%2Fchannel%2FUCcejdhyybZrCF0c-dIQPpFAw.blogger.com%2Ffeeds%2F770posts%2Fdefault%2F4010169340389713602%3Falt%3Djson%26_%3D1681296265942%26callback%3DZepto1681296265885%26cbrd%3D1&gl=NL&m=0&pc=yt&cm=2&hl=nl&src=1
Request Chain 17
  • https://bit.ly/3Obk92e HTTP 301
  • https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOk23nPuJWYvjsmYzkjHpBCeXSFJe6FJl65VaPNc06YvDHEgJ7leccLdW5XmvcjJSNtwBTNopSGqqBUvr9FnB22kHjkzpUND45R7AepwtUacLVB6VLPIxvraoZrXHuhIh1iX-qk5GoT6B3mESX4i7JCKKgW4cxSPQxBTgOn4yV7G8AiYuYTlST6OeB/s205/Syntax__1_-removebg-preview.png

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.fel3ardaa.live/
Redirect Chain
  • http://fel3ardaa.live/
  • https://www.fel3ardaa.live/
371 KB
138 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fel3ardaa.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c6fa7eec990df837403135d5565ac72d8070674d81b1985e2e11c4d3b63065b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7b6adfb5e8cf0bc5-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 12 Apr 2023 10:44:25 GMT
expires
Wed, 12 Apr 2023 10:44:25 GMT
last-modified
Tue, 11 Apr 2023 22:40:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlofeFiEQIxvoAN88t23shvXeQFX%2BYqDdE7n6W%2B2Oo1MbXuPTu7cyedbSx9dBk2fVeTC1kTVVpqFx8OUwQTqk6LdbT%2Bol1LueOSNehUTs2u894S1BaeC5vEok5ZmQAWBw34j847D3jayzHlPA0g6Z1M%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-robots-tag
all,noodp
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
7b6adfb50a2e0a58-AMS
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Date
Wed, 12 Apr 2023 10:44:24 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Location
https://www.fel3ardaa.live
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEwPtzsX8PHQrITaA1qks3LM7U%2FU6D8lmNps6AWvdPLbYAWCQzN40HA7BjZGbDHkTrYgXnxPy7mhnxlrgUEV%2Ftquqhk95aQz2oHthzY8XxnBD8W%2Bn1wlPXfIBmOnQg5GkyyGFw%2BMgaciIEc%2BgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
SLXGc1nY6HkvalIkTpu0xg.woff2
fonts.gstatic.com/s/cairo/v10/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cairo/v10/SLXGc1nY6HkvalIkTpu0xg.woff2
Requested by
Host: www.fel3ardaa.live
URL: https://www.fel3ardaa.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e44a062d28d6d5058ae9567dddb28916851f2147d48363bf9c095d4cc1115e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fel3ardaa.live/
Origin
https://www.fel3ardaa.live
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 17:58:46 GMT
x-content-type-options
nosniff
age
60339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17952
x-xss-protection
0
last-modified
Wed, 24 Mar 2021 17:47:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 17:58:46 GMT
SLXGc1nY6HkvalIvTpu0xg.woff2
fonts.gstatic.com/s/cairo/v10/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cairo/v10/SLXGc1nY6HkvalIvTpu0xg.woff2
Requested by
Host: www.fel3ardaa.live
URL: https://www.fel3ardaa.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff849c20c6e6aa458a968089d318b1aa78ad3a342247e6c837a0fc112776cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fel3ardaa.live/
Origin
https://www.fel3ardaa.live
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 12:52:16 GMT
x-content-type-options
nosniff
age
78729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14804
x-xss-protection
0
last-modified
Wed, 24 Mar 2021 17:46:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 12:52:16 GMT
SLXGc1nY6HkvalIhTps.woff2
fonts.gstatic.com/s/cairo/v10/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cairo/v10/SLXGc1nY6HkvalIhTps.woff2
Requested by
Host: www.fel3ardaa.live
URL: https://www.fel3ardaa.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33b5e84734e6c2f41286376d3c9ee3da94da179f4e3b20c7e3a20e1a21c2b665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fel3ardaa.live/
Origin
https://www.fel3ardaa.live
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 13:07:16 GMT
x-content-type-options
nosniff
age
77829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20672
x-xss-protection
0
last-modified
Wed, 24 Mar 2021 17:47:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 13:07:16 GMT
AVvXsEgUsS-8UlB421Q6ga3e9_CxKVRaARM8cAfrZ773DrzaZPUlyKPLTO6uWENfdzQpY9e6CtfTfhdwu9ng4wmL-SSfn1w9ChTedypjOUU4JIxiYf4vhT3i0KesJazvQNR0nbMAiuUvRWUgJdxJtz__LqS7YP_ZLfaeJVG88AgiO87FEfG40olJD8HpI9YPWg=s542
blogger.googleusercontent.com/img/a/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEgUsS-8UlB421Q6ga3e9_CxKVRaARM8cAfrZ773DrzaZPUlyKPLTO6uWENfdzQpY9e6CtfTfhdwu9ng4wmL-SSfn1w9ChTedypjOUU4JIxiYf4vhT3i0KesJazvQNR0nbMAiuUvRWUgJdxJtz__LqS7YP_ZLfaeJVG88AgiO87FEfG40olJD8HpI9YPWg=s542
Requested by
Host: www.fel3ardaa.live
URL: https://www.fel3ardaa.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
61efaa1f6c90ecc2f6a5ea699b8ddca0482f037e9f28afb267a3b070c6f0ea94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.fel3ardaa.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 10:44:25 GMT
x-content-type-options
nosniff
server
fife
etag
"v127"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Picsart_23-04-07_02-22-01-370.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37695
x-xss-protection
0
expires
Thu, 13 Apr 2023 10:44:25 GMT
invoke.js
almightyexploitjumpy.com/f260ddeadcad9a3f817f3dd33fcaebe5/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://almightyexploitjumpy.com/f260ddeadcad9a3f817f3dd33fcaebe5/invoke.js
Requested by
Host: www.fel3ardaa.live
URL: https://www.fel3ardaa.live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://www.fel3ardaa.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 12 Apr 2023 10:44:25 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
zepto.min.js
cdnjs.cloudflare.com/ajax/libs/zepto/1.2.0/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/zepto/1.2.0/zepto.min.js
Requested by
Host: www.fel3ardaa.live
URL: https://www.fel3ardaa.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beb9f5e32ed61fbce010497242a9b6b8219242b5ffc636038e7891510c773725
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://www.fel3ardaa.live
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 12 Apr 2023 10:44:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1769900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8798
last-modified
Mon, 04 May 2020 16:18:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04043-6712"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6brVSYbPOtZUsBZbiB756z25VCy603HYhytkWrgwb%2B0Z2XZRVFS5TTnUJOJ2dA3SRIWKFEVi59iJKqo4KJ8nQfeh5TJwU%2FzkSydn0VI1LSld4JXR42ic23icYMC17PV8uXh1hQNT%2BsnXaMvQoj6v4wT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b6adfba0853b766-AMS
expires
Mon, 01 Apr 2024 10:44:25 GMT
NeoSansArabic.woff
cdn.statically.io/gh/yallashoot808/yalla-shoot-new/6a47ce1e/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.statically.io/gh/yallashoot808/yalla-shoot-new/6a47ce1e/NeoSansArabic.woff
Requested by
Host: www.fel3ardaa.live
URL: https://www.fel3ardaa.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
statically /
Resource Hash
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fel3ardaa.live/
Origin
https://www.fel3ardaa.live
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 10:44:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
statically
age
1220171
etag
"4cb0be1807b6236ab749d2f5e38eed261e9f0d3967da730a6786482cd5dd4b18"
x-cache
HIT, HIT
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
57364
x-served-by
cache-sjc10068-SJC, cache-bom4749-BOM
invoke.js
almightyexploitjumpy.com/3b4a01c328dd40e7142e64b4963766fc/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://almightyexploitjumpy.com/3b4a01c328dd40e7142e64b4963766fc/invoke.js
Requested by
Host: www.fel3ardaa.live
URL: https://www.fel3ardaa.live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://www.fel3ardaa.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 12 Apr 2023 10:44:25 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
953b4b72f673971bcccdd71be36e41e3eb04b4bac604fe9a83a6dcb1179c2337

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
invoke.js
almightyexploitjumpy.com/2f202e7724b7a7b2900db0d666ed1862/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://almightyexploitjumpy.com/2f202e7724b7a7b2900db0d666ed1862/invoke.js
Requested by
Host: www.fel3ardaa.live
URL: https://www.fel3ardaa.live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://www.fel3ardaa.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 12 Apr 2023 10:44:25 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
invoke.js
almightyexploitjumpy.com/3e17c9b33d6092ec00b3c5a69cc7ff8a/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://almightyexploitjumpy.com/3e17c9b33d6092ec00b3c5a69cc7ff8a/invoke.js
Requested by
Host: www.fel3ardaa.live
URL: https://www.fel3ardaa.live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://www.fel3ardaa.live/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 12 Apr 2023 10:44:25 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
5730307
goomaphy.com/401/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://goomaphy.com/401/5730307
Requested by
Host: www.fel3ardaa.live
URL: https://www.fel3ardaa.live/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.fel3ardaa.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
/
www.fel3ardaa.live/feeds/posts/default/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.fel3ardaa.live/feeds/posts/default/?max-results=0&alt=json
Requested by
Host: www.fel3ardaa.live
URL: https://www.fel3ardaa.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fa7068fdf1ccceb09f4ff40e7756e86e6ae57f23fd4b811b451161f0b82a668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.fel3ardaa.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 10:44:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 22:40:17 GMT
server
cloudflare
etag
W/"3d3135770cb7f07021842b64c145d5915058ed3949064b44599ec6a4c4f2f93c"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEzSXxMBTuuld4GpQ6B9rjVj7KaxPIb6ZctQxS%2Fq0RANqx223DAf7dTeK13nwmwEQVa9zcE82cAN%2BIVdjCqa4xZdzzE4o6N0TWbJfTAjrE4mKOd7GPAEMcSGujh6gaVeOhXWb2xPKW5O64z9%2FifEG%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cf-ray
7b6adfbe4c300bc5-AMS
expires
Wed, 12 Apr 2023 10:44:27 GMT
m
consent.youtube.com/
Redirect Chain
  • https://youtube.com/channel/UCcejdhyybZrCF0c-dIQPpFAw.blogger.com/feeds/770posts/default/4010169340389713602?alt=json&_=1681296265942&callback=Zepto1681296265885
  • https://www.youtube.com/channel/UCcejdhyybZrCF0c-dIQPpFAw.blogger.com/feeds/770posts/default/4010169340389713602?alt=json&_=1681296265942&callback=Zepto1681296265885
  • https://consent.youtube.com/m?continue=https%3A%2F%2Fwww.youtube.com%2Fchannel%2FUCcejdhyybZrCF0c-dIQPpFAw.blogger.com%2Ffeeds%2F770posts%2Fdefault%2F4010169340389713602%3Falt%3Djson%26_%3D16812962...
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.youtube.com/m?continue=https%3A%2F%2Fwww.youtube.com%2Fchannel%2FUCcejdhyybZrCF0c-dIQPpFAw.blogger.com%2Ffeeds%2F770posts%2Fdefault%2F4010169340389713602%3Falt%3Djson%26_%3D1681296265942%26callback%3DZepto1681296265885%26cbrd%3D1&gl=NL&m=0&pc=yt&cm=2&hl=nl&src=1
Requested by
Host: www.fel3ardaa.live
URL: https://www.fel3ardaa.live/
Protocol
H2
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.fel3ardaa.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Redirect headers

date
Wed, 12 Apr 2023 10:44:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin-allow-popups; report-to="youtube_main"
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
application/binary
location
https://consent.youtube.com/m?continue=https%3A%2F%2Fwww.youtube.com%2Fchannel%2FUCcejdhyybZrCF0c-dIQPpFAw.blogger.com%2Ffeeds%2F770posts%2Fdefault%2F4010169340389713602%3Falt%3Djson%26_%3D1681296265942%26callback%3DZepto1681296265885%26cbrd%3D1&gl=NL&m=0&pc=yt&cm=2&hl=nl&src=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
expires
Mon, 01 Jan 1990 00:00:00 GMT
1048755037016559455
www.blogger.com/feeds/881832358031600275/pages/default/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/feeds/881832358031600275/pages/default/1048755037016559455?alt=json-in-script&_=1681296265946&callback=Zepto1681296265886
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zepto/1.2.0/zepto.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.fel3ardaa.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0f09793482d4d15f56e94b20fa892bd815a2e13316579c962db99552f206643

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		846 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11b17e55389077479841f7b954efdb138035e138f169f65e89cd958c0fae699f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
Syntax__1_-removebg-preview.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOk23nPuJWYvjsmYzkjHpBCeXSFJe6FJl65VaPNc06YvDHEgJ7leccLdW5XmvcjJSNtwBTNopSGqqBUvr9FnB22kHjkzpUND45R7AepwtUacLVB6VLPIxvraoZrXHuhIh1iX-qk5GoT6B3mESX...
Redirect Chain
  • https://bit.ly/3Obk92e
  • https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOk23nPuJWYvjsmYzkjHpBCeXSFJe6FJl65VaPNc06YvDHEgJ7leccLdW5XmvcjJSNtwBTNopSGqqBUvr9FnB22kHjkzpUND45R7AepwtUacLVB6VLPIxvraoZrXHuhIh1iX-qk5Go...
7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOk23nPuJWYvjsmYzkjHpBCeXSFJe6FJl65VaPNc06YvDHEgJ7leccLdW5XmvcjJSNtwBTNopSGqqBUvr9FnB22kHjkzpUND45R7AepwtUacLVB6VLPIxvraoZrXHuhIh1iX-qk5GoT6B3mESX4i7JCKKgW4cxSPQxBTgOn4yV7G8AiYuYTlST6OeB/s205/Syntax__1_-removebg-preview.png
Requested by
Host: www.fel3ardaa.live
URL: https://www.fel3ardaa.live/
Protocol
H2
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3ce0a7e0af47b7802190770441508532f2bfac395f5490a1dbd38c90105869a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.fel3ardaa.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 10:44:26 GMT
x-content-type-options
nosniff
server
fife
etag
"v607"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Syntax__1_-removebg-preview.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7571
x-xss-protection
0
expires
Thu, 13 Apr 2023 10:44:26 GMT

Redirect headers

date
Wed, 12 Apr 2023 10:44:26 GMT
via
1.1 google
server
nginx
content-type
text/html; charset=utf-8
location
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOk23nPuJWYvjsmYzkjHpBCeXSFJe6FJl65VaPNc06YvDHEgJ7leccLdW5XmvcjJSNtwBTNopSGqqBUvr9FnB22kHjkzpUND45R7AepwtUacLVB6VLPIxvraoZrXHuhIh1iX-qk5GoT6B3mESX4i7JCKKgW4cxSPQxBTgOn4yV7G8AiYuYTlST6OeB/s205/Syntax__1_-removebg-preview.png
cache-control
private, max-age=90
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
369
default
www.blogger.com/feeds/4229037950591697167/pages/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/feeds/4229037950591697167/pages/default?alt=json-in-script&_=1681296265968&callback=Zepto1681296265887
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zepto/1.2.0/zepto.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cad9986c8a9be35007ada3b9455c307d31658001678bf4316aec9643d6215daa
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.fel3ardaa.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Wed, 12 Apr 2023 10:44:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1370
x-xss-protection
1; mode=block
last-modified
Wed, 15 Feb 2023 17:51:42 GMT
server
GSE
vary
Accept, X-GData-Authorization, GData-Version
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
gdata-version
1.0
cache-control
private, max-age=0, must-revalidate, no-transform
expires
Wed, 12 Apr 2023 10:44:26 GMT
default
www.blogger.com/feeds/4229037950591697167/pages/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/feeds/4229037950591697167/pages/default?alt=json-in-script&_=1681296265970&callback=Zepto1681296265888
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/zepto/1.2.0/zepto.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f0537139ab78aaa110ba988b30622c6f599ee749ade4fcff0ae0590bec1703ad
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.fel3ardaa.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Wed, 12 Apr 2023 10:44:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1370
x-xss-protection
1; mode=block
last-modified
Wed, 15 Feb 2023 17:51:42 GMT
server
GSE
vary
Accept, X-GData-Authorization, GData-Version
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
gdata-version
1.0
cache-control
private, max-age=0, must-revalidate, no-transform
expires
Wed, 12 Apr 2023 10:44:26 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| adsbygoogle object| atOptions function| Zepto function| $ function| moment string| uri undefined| clean_uri function| _0x4a3d function| _0x257e99 object| TSWMDZ number| WUtDcl function| _0x2c72 function| _0x3baf4e function| _0x5c4ac8 function| _0x5a30af function| _0x1d9b function| _0x20b7 function| _0x3b1d98 function| _0x534dcb function| _0x5b3c95 function| _0x323963 string| idBlog string| idPage function| LazyOnScroll undefined| Zepto1681296265885 undefined| Zepto1681296265886 undefined| Zepto1681296265887 undefined| Zepto1681296265888

1 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: QCfV5dGRovY

15 Console Messages

Source Level URL
Text
javascript warning URL: https://www.fel3ardaa.live/(Line 298)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://almightyexploitjumpy.com/f260ddeadcad9a3f817f3dd33fcaebe5/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.fel3ardaa.live/(Line 298)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/zepto/1.2.0/zepto.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.fel3ardaa.live/(Line 298)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://almightyexploitjumpy.com/f260ddeadcad9a3f817f3dd33fcaebe5/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://almightyexploitjumpy.com/f260ddeadcad9a3f817f3dd33fcaebe5/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://www.fel3ardaa.live/(Line 310)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://almightyexploitjumpy.com/3b4a01c328dd40e7142e64b4963766fc/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.fel3ardaa.live/(Line 310)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://almightyexploitjumpy.com/3b4a01c328dd40e7142e64b4963766fc/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://almightyexploitjumpy.com/3b4a01c328dd40e7142e64b4963766fc/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://www.fel3ardaa.live/(Line 345)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://almightyexploitjumpy.com/2f202e7724b7a7b2900db0d666ed1862/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.fel3ardaa.live/(Line 345)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://almightyexploitjumpy.com/2f202e7724b7a7b2900db0d666ed1862/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://almightyexploitjumpy.com/2f202e7724b7a7b2900db0d666ed1862/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://www.fel3ardaa.live/(Line 357)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://almightyexploitjumpy.com/3e17c9b33d6092ec00b3c5a69cc7ff8a/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.fel3ardaa.live/(Line 357)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://almightyexploitjumpy.com/3e17c9b33d6092ec00b3c5a69cc7ff8a/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://almightyexploitjumpy.com/3e17c9b33d6092ec00b3c5a69cc7ff8a/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://consent.youtube.com/m?continue=https%3A%2F%2Fwww.youtube.com%2Fchannel%2FUCcejdhyybZrCF0c-dIQPpFAw.blogger.com%2Ffeeds%2F770posts%2Fdefault%2F4010169340389713602%3Falt%3Djson%26_%3D1681296265942%26callback%3DZepto1681296265885%26cbrd%3D1&gl=NL&m=0&pc=yt&cm=2&hl=nl&src=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.blogger.com/feeds/881832358031600275/pages/default/1048755037016559455?alt=json-in-script&_=1681296265946&callback=Zepto1681296265886
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

almightyexploitjumpy.com
bit.ly
blogger.googleusercontent.com
cdn.statically.io
cdnjs.cloudflare.com
consent.youtube.com
fel3ardaa.live
fonts.gstatic.com
goomaphy.com
www.blogger.com
www.fel3ardaa.live
www.youtube.com
youtube.com
139.45.197.239
173.233.139.164
2606:4700::6811:190e
2a00:1450:4001:803::200e
2a00:1450:4001:811::200e
2a00:1450:4001:812::2009
2a00:1450:4001:827::2001
2a00:1450:4001:82f::2003
2a04:4e42::347
2a06:98c1:3120::3
2a06:98c1:3121::3
67.199.248.10
0c6fa7eec990df837403135d5565ac72d8070674d81b1985e2e11c4d3b63065b
11b17e55389077479841f7b954efdb138035e138f169f65e89cd958c0fae699f
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
33b5e84734e6c2f41286376d3c9ee3da94da179f4e3b20c7e3a20e1a21c2b665
3ce0a7e0af47b7802190770441508532f2bfac395f5490a1dbd38c90105869a7
4fa7068fdf1ccceb09f4ff40e7756e86e6ae57f23fd4b811b451161f0b82a668
61efaa1f6c90ecc2f6a5ea699b8ddca0482f037e9f28afb267a3b070c6f0ea94
953b4b72f673971bcccdd71be36e41e3eb04b4bac604fe9a83a6dcb1179c2337
beb9f5e32ed61fbce010497242a9b6b8219242b5ffc636038e7891510c773725
cad9986c8a9be35007ada3b9455c307d31658001678bf4316aec9643d6215daa
cff849c20c6e6aa458a968089d318b1aa78ad3a342247e6c837a0fc112776cfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44a062d28d6d5058ae9567dddb28916851f2147d48363bf9c095d4cc1115e82
f0537139ab78aaa110ba988b30622c6f599ee749ade4fcff0ae0590bec1703ad
f0f09793482d4d15f56e94b20fa892bd815a2e13316579c962db99552f206643