7iokwf1k8.pro Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ksbpbad7.net/ads.js?api_key=567744ae-0446-46c4-87bf-da925dc9d000&header=54936a555d3306632687ba30476630fa&p=19...
Effective URL:
https://7iokwf1k8.pro/?2227f8697c02623e6ad62b85eb86d696=4=66f99b32822af&t=24&s=ff
Submission: On September 29 via manual (September 29th 2024, 6:23:50 pm UTC) from PL — Scanned from AT

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 43 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is 7iokwf1k8.pro.
TLS certificate: Issued by WE1 on September 27th 2024. Valid for: 3 months.

This is the only time 7iokwf1k8.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.16.80.73 104.16.80.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 18	172.67.205.92 172.67.205.92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
1	195.179.237.77 195.179.237.77	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	104.16.79.73 104.16.79.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
43	9

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

ksbpbad7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.67.205.92 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

5cvd85l9.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

7iokwf1k8.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.179.237.77 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)

freeiconshop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.79.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	5cvd85l9.xyz 1 redirects 5cvd85l9.xyz	16 KB
8	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 775	21 KB
7	7iokwf1k8.pro 1 redirects 7iokwf1k8.pro	40 KB
2	ksbpbad7.net ksbpbad7.net	2 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	freeiconshop.com freeiconshop.com — Cisco Umbrella Rank: 149156	10 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	894 B
43	7

	Domain	Requested by
18	5cvd85l9.xyz	1 redirects static.cloudflareinsights.com 5cvd85l9.xyz ksbpbad7.net
8	static.cloudflareinsights.com	ksbpbad7.net 5cvd85l9.xyz 7iokwf1k8.pro
7	7iokwf1k8.pro	1 redirects 7iokwf1k8.pro static.cloudflareinsights.com
2	ksbpbad7.net
1	fonts.gstatic.com	fonts.googleapis.com
1	freeiconshop.com	7iokwf1k8.pro
1	fonts.googleapis.com	7iokwf1k8.pro
43	7

This site contains no links.

Subject Issuer	Validity	Valid
ksbpbad7.net WE1	`2024-09-04` - `2024-12-03`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
5cvd85l9.xyz WE1	`2024-09-27` - `2024-12-26`	3 months	crt.sh
7iokwf1k8.pro WE1	`2024-09-27` - `2024-12-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
freeiconshop.com R10	`2024-08-05` - `2024-11-03`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://7iokwf1k8.pro/?2227f8697c02623e6ad62b85eb86d696=4=66f99b32822af&t=24&s=ff
Frame ID: 89672A3C5519365EB9A214095F761F12
Requests: 37 HTTP requests in this frame

Frame: https://5cvd85l9.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: C79345D4BB81A370B440A186BFF84D78
Requests: 2 HTTP requests in this frame

Frame: https://5cvd85l9.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: A6E40C614FDC17AADCF1EC6825E905E4
Requests: 2 HTTP requests in this frame

Frame: https://7iokwf1k8.pro/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: 780C238B9004EF956F11167CA9D04B83
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ksbpbad7.net/ads.js?api_key=567744ae-0446-46c4-87bf-da925dc9d000&header=54936a555d3306632... Page URL
https://5cvd85l9.xyz/?a8e19f31bd8465740785e70ef6c756ed&s=ff&t=33 Page URL
https://5cvd85l9.xyz/?96632dd0d7b2fbb656d5326274d46dc5=6&utm=5 Page URL
https://5cvd85l9.xyz/?34597851ddb8ce2155c83ebbea98158a=6&utm=4 Page URL
https://5cvd85l9.xyz/?0bd46ed8901783842aa8d4639268fbe4=9&utm=3 Page URL
https://5cvd85l9.xyz/?4ed97633b112cb69009a31ded6e04c52=6&utm=2 Page URL
https://5cvd85l9.xyz/?1a3506a26f91a894144a034a954493d3=5&utm=1 Page URL
https://7iokwf1k8.pro/?2227f8697c02623e6ad62b85eb86d696=4=66f99b32822af&t=24&s=ff Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

77 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

9
IPs

3
Countries

104 kB
Transfer

315 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ksbpbad7.net/ads.js?api_key=567744ae-0446-46c4-87bf-da925dc9d000&header=54936a555d3306632687ba30476630fa&p=198&n=91&hex=2&file=ff Page URL
https://5cvd85l9.xyz/?a8e19f31bd8465740785e70ef6c756ed&s=ff&t=33 Page URL
https://5cvd85l9.xyz/?96632dd0d7b2fbb656d5326274d46dc5=6&utm=5 Page URL
https://5cvd85l9.xyz/?34597851ddb8ce2155c83ebbea98158a=6&utm=4 Page URL
https://5cvd85l9.xyz/?0bd46ed8901783842aa8d4639268fbe4=9&utm=3 Page URL
https://5cvd85l9.xyz/?4ed97633b112cb69009a31ded6e04c52=6&utm=2 Page URL
https://5cvd85l9.xyz/?1a3506a26f91a894144a034a954493d3=5&utm=1 Page URL
https://7iokwf1k8.pro/?2227f8697c02623e6ad62b85eb86d696=4=66f99b32822af&t=24&s=ff Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://5cvd85l9.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://5cvd85l9.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js

Request Chain 38

https://7iokwf1k8.pro/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://7iokwf1k8.pro/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 ads.js Show response
ksbpbad7.net/ 3 KB
1 KB 65ms
34ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ksbpbad7.net/ads.js?api_key=567744ae-0446-46c4-87bf-da925dc9d000&header=54936a555d3306632687ba30476630fa&p=198&n=91&hex=2&file=ff
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c55e2d3785d9cc0893ed1d486a54557f9004769c3159d63f48001e75152234d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 3708
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 8cae01911cf63248-VIE
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 29 Sep 2024 18:23:44 GMT
last-modified: Sun, 29 Sep 2024 17:21:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OoiQBdfk3V00XSfd0zgRH5fzricSU9Ks1yJiDN9cd6RosapRtlRSt%2B72wIWzRBgfYR3WVteLVI57J9pZUKtWVSkmNndLPVYjQYwuKOHGcMioDizRrnmM5EpKjzAbb%2FE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding

GET
H3 200 speculation
ksbpbad7.net/cdn-cgi/ 128 B
543 B 22ms
22ms Other
application/speculationrules+json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ksbpbad7.net/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ksbpbad7.net
Referer: https://ksbpbad7.net/ads.js?api_key=567744ae-0446-46c4-87bf-da925dc9d000&header=54936a555d3306632687ba30476630fa&p=198&n=91&hex=2&file=ff

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BgRcrf68Jsnfs5xiAPPZYCn2PrUJ4jix0BswEf227SskND8MXnRiv0mRo26AfbhEI%2BbNwGeXhtFPR2M3pNJAMy7eIXxjO8v1IK3JNUTLV1YptkNfohX8FlfQvMhdmbk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cae01915d553248-VIE
access-control-allow-origin: https://ksbpbad7.net
content-length: 128
date: Sun, 29 Sep 2024 18:23:44 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare
priority: u=4,i

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 88ms
46ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: ksbpbad7.net
URL: https://ksbpbad7.net/ads.js?api_key=567744ae-0446-46c4-87bf-da925dc9d000&header=54936a555d3306632687ba30476630fa&p=198&n=91&hex=2&file=ff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://ksbpbad7.net
Referer: https://ksbpbad7.net/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8cae01919907c31b-VIE
access-control-allow-origin: *
date: Sun, 29 Sep 2024 18:23:44 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 200 / Show response
5cvd85l9.xyz/ 3 KB
2 KB 552ms
518ms Document
text/html 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5cvd85l9.xyz/?a8e19f31bd8465740785e70ef6c756ed&s=ff&t=33

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

175af7f39255adb4ea63b9f833b8602a2b29f5683b769e5f11be3d3a9752f809

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ksbpbad7.net
Referer: https://ksbpbad7.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8cae0191ae0fc2c3-VIE
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 29 Sep 2024 18:23:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rzs1rdLzuWnKRNXUW0U1pkpDULUVRjmZPGkW9wHM07H98YhA0MKyhOJwjDz7I%2FpAlhJTQwG8AHpobSpB3gnQoENzM6oUfPwrRAJG6GZMn1U92u9bxr3hOp%2BP2gmtGAc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 87ms
54ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: 5cvd85l9.xyz
URL: https://5cvd85l9.xyz/?a8e19f31bd8465740785e70ef6c756ed&s=ff&t=33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://5cvd85l9.xyz
Referer: https://5cvd85l9.xyz/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8cae019519115b19-VIE
access-control-allow-origin: *
date: Sun, 29 Sep 2024 18:23:45 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3

200

main.js
5cvd85l9.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame C793
Redirect Chain

https://5cvd85l9.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://5cvd85l9.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

8 KB
4 KB

26ms
25ms

Script
application/javascript

172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5cvd85l9.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

Protocol

Server

172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BrkcVdDwsJX4p0twjL2Uaee%2FCprXmbfTNq3sZuXV%2B%2BERvm81JhFXBmumsoKDYm3U4Zpxtq8NSKmu4Ati2Ri3QmTU0Wr0iIEowFVNWvD%2B2kPfDqtuQ4v%2BqgTqvwxoFM8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8cae0195acedc2c3-VIE
date: Sun, 29 Sep 2024 18:23:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yTcSvg1nANL2D8LTfcLeoKbTJHMVSqroLY6zwuDSB5lOk9PGsytSw5R5owfRnaWkXgjycNiwaWcrB9BQvCcUTDg4hVf%2FuzmOoJPJncnIaxNVPAzAjCaixvxPMtWYDqU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cae01957cb6c2c3-VIE
access-control-allow-origin: *
content-length: 0
date: Sun, 29 Sep 2024 18:23:45 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 204 rum
5cvd85l9.xyz/cdn-cgi/ 0
140 B 22ms
21ms XHR
text/plain 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5cvd85l9.xyz/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://5cvd85l9.xyz/?a8e19f31bd8465740785e70ef6c756ed&s=ff&t=33

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8cae01957cb8c2c3-VIE
access-control-allow-origin: https://5cvd85l9.xyz
date: Sun, 29 Sep 2024 18:23:45 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET favicon.ico
5cvd85l9.xyz/ 0
0

POST
H3 200 / Show response
5cvd85l9.xyz/ 3 KB
2 KB 208ms
207ms Document
text/html 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5cvd85l9.xyz/?96632dd0d7b2fbb656d5326274d46dc5=6&utm=5

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f6210fd9ff357c725a9b26a81e67b9c2ef676cba30874c896548f6cca87b9dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://5cvd85l9.xyz
Referer: https://5cvd85l9.xyz/?a8e19f31bd8465740785e70ef6c756ed&s=ff&t=33
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8cae01957cbcc2c3-VIE
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 29 Sep 2024 18:23:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rcuW8sjNEno%2Fcx6zKjT1MQkJeL41R9%2FwoEoJXToYkN7STbeogO7GLpPfi2u6mGamP6kgcseVnsNTxSG4KxW3Rh9h1j95gM%2FzfVU3lcx4M8nBI%2BvyBNUHHMlf7yrsDWM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff

POST
H3 200 8cae0191ae0fc2c3
5cvd85l9.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame C793 0
908 B 41ms
37ms XHR
text/plain 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5cvd85l9.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8cae0191ae0fc2c3
Requested by: Host: 5cvd85l9.xyz
URL: https://5cvd85l9.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YkdegfVWFbSY9BIXmeA9vDfds%2FCK12XKz5cTY9PgvzegIqonP58BSbOrudi246xh75skGfCntfnYRcBKclT6lMx%2BzTrhbtLwC1qxPr%2BOzhAMeqlQk96%2BiT8ZNK7JzNk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cae01962db5c2c3-VIE
content-length: 0
date: Sun, 29 Sep 2024 18:23:45 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

POST rum
5cvd85l9.xyz/cdn-cgi/ 0
0

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
0 87ms
54ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: 5cvd85l9.xyz
URL: https://5cvd85l9.xyz/?96632dd0d7b2fbb656d5326274d46dc5=6&utm=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://5cvd85l9.xyz
Referer: https://5cvd85l9.xyz/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8cae019519115b19-VIE
access-control-allow-origin: *
date: Sun, 29 Sep 2024 18:23:45 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 main.js Show response
5cvd85l9.xyz/cdn-cgi/challenge-platform/scripts/jsd/ Frame A6E4 8 KB
0 26ms
25ms Script
application/javascript 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5cvd85l9.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js

Requested by

Host: ksbpbad7.net
URL: https://ksbpbad7.net/ads.js?api_key=567744ae-0446-46c4-87bf-da925dc9d000&header=54936a555d3306632687ba30476630fa&p=198&n=91&hex=2&file=ff

Protocol

Server

172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

959c815b303a16e23dda9a0aaa96413874a26a1e73923042930e5b97e4b6e015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BrkcVdDwsJX4p0twjL2Uaee%2FCprXmbfTNq3sZuXV%2B%2BERvm81JhFXBmumsoKDYm3U4Zpxtq8NSKmu4Ati2Ri3QmTU0Wr0iIEowFVNWvD%2B2kPfDqtuQ4v%2BqgTqvwxoFM8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8cae0195acedc2c3-VIE
date: Sun, 29 Sep 2024 18:23:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 200 8cae01957cbcc2c3
5cvd85l9.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A6E4 0
925 B 40ms
33ms XHR
text/plain 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5cvd85l9.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8cae01957cbcc2c3
Requested by: Host: 5cvd85l9.xyz
URL: https://5cvd85l9.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtOyXDbtW2dTEbpSooVOrWaU9LP%2FPX2IvVfosb%2FWsnvoHjC1ODIQlkev2LZRcwTnmWGDxjFqhwGJOtnkCZEzpq%2BeRCHuPwWeqxQ57pK7LxRHxNRJwzecPPGBxQByiYo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cae01972822c2c3-VIE
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 29 Sep 2024 18:23:45 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

POST
H3 204 rum
5cvd85l9.xyz/cdn-cgi/ 0
140 B 24ms
22ms XHR
text/plain 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5cvd85l9.xyz/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://5cvd85l9.xyz/?96632dd0d7b2fbb656d5326274d46dc5=6&utm=5

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8cae01972828c2c3-VIE
access-control-allow-origin: https://5cvd85l9.xyz
date: Sun, 29 Sep 2024 18:23:45 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET favicon.ico
5cvd85l9.xyz/ 0
0

POST
H3 200 / Show response
5cvd85l9.xyz/ 2 KB
1 KB 205ms
201ms Document
text/html 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5cvd85l9.xyz/?34597851ddb8ce2155c83ebbea98158a=6&utm=4

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

201d34000768f3c27153e7512cfa1f81934bd7f8236911379e7061d7157659a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://5cvd85l9.xyz
Referer: https://5cvd85l9.xyz/?96632dd0d7b2fbb656d5326274d46dc5=6&utm=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8cae0197282dc2c3-VIE
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 29 Sep 2024 18:23:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YdsuZpQvcAZlxKLWR40qKvd2UFa00qJ33TvcgZaGscmNifDMBGJtxFSfjoboC6uGlzCVlndo7IsxrLZ2s3gjqfpzUEH3xtW5pq1tmqj1XTrtvAdL0Qg7qcNsJctebh0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff

POST rum
5cvd85l9.xyz/cdn-cgi/ 0
0

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
0 87ms
54ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: 5cvd85l9.xyz
URL: https://5cvd85l9.xyz/?34597851ddb8ce2155c83ebbea98158a=6&utm=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://5cvd85l9.xyz
Referer: https://5cvd85l9.xyz/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8cae019519115b19-VIE
access-control-allow-origin: *
date: Sun, 29 Sep 2024 18:23:45 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 204 rum
5cvd85l9.xyz/cdn-cgi/ 0
140 B 35ms
34ms XHR
text/plain 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5cvd85l9.xyz/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://5cvd85l9.xyz/?34597851ddb8ce2155c83ebbea98158a=6&utm=4

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8cae01988aa8c2c3-VIE
access-control-allow-origin: https://5cvd85l9.xyz
date: Sun, 29 Sep 2024 18:23:46 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 404 favicon.ico
5cvd85l9.xyz/ 236 B
608 B 69ms
69ms Other
text/html 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5cvd85l9.xyz/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://5cvd85l9.xyz/?34597851ddb8ce2155c83ebbea98158a=6&utm=4

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 0
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QZr%2BYoMAkK5He%2BeACm10a3XVQ3HaizJgR2nbRTSH70eF0MCukKceXwanSC%2BNF4K178edV2eA%2F%2F8A8scNhqMAasGy5S8eNSqEa%2F%2FEM3Zcbend5AQkhApcr8GgOHelcH8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cae01988ab2c2c3-VIE
date: Sun, 29 Sep 2024 18:23:46 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

POST
H3 200 / Show response
5cvd85l9.xyz/ 2 KB
1 KB 209ms
209ms Document
text/html 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5cvd85l9.xyz/?0bd46ed8901783842aa8d4639268fbe4=9&utm=3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b980b4a0e9f919c0928f88e9ddece1892e363485834ce58fe0fb2e3c95e2ea40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://5cvd85l9.xyz
Referer: https://5cvd85l9.xyz/?34597851ddb8ce2155c83ebbea98158a=6&utm=4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8cae01988ab7c2c3-VIE
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 29 Sep 2024 18:23:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dg9kqvgS5zTaV8RMIezIqRAtHXlw5RR5jtX%2FOS9G4SFKkFAnAlyktaQxhYkxumiQgb%2BOj3hMgZZx70vF7v5mIPFobe1epgugirCMUfGuAB3UIMPIj0ro9SxyPkO1ips%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff

POST rum
5cvd85l9.xyz/cdn-cgi/ 0
0

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
0 87ms
54ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: 5cvd85l9.xyz
URL: https://5cvd85l9.xyz/?0bd46ed8901783842aa8d4639268fbe4=9&utm=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://5cvd85l9.xyz
Referer: https://5cvd85l9.xyz/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8cae019519115b19-VIE
access-control-allow-origin: *
date: Sun, 29 Sep 2024 18:23:45 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 204 rum
5cvd85l9.xyz/cdn-cgi/ 0
139 B 25ms
23ms XHR
text/plain 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5cvd85l9.xyz/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://5cvd85l9.xyz/?0bd46ed8901783842aa8d4639268fbe4=9&utm=3

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8cae0199ec9ec2c3-VIE
access-control-allow-origin: https://5cvd85l9.xyz
date: Sun, 29 Sep 2024 18:23:46 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

POST
H3 200 / Show response
5cvd85l9.xyz/ 2 KB
1 KB 197ms
196ms Document
text/html 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5cvd85l9.xyz/?4ed97633b112cb69009a31ded6e04c52=6&utm=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a232862e1934384289dfe663c0295b3b12c4deb8d528acc309efb565762547f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://5cvd85l9.xyz
Referer: https://5cvd85l9.xyz/?0bd46ed8901783842aa8d4639268fbe4=9&utm=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8cae0199eca1c2c3-VIE
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 29 Sep 2024 18:23:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CsodRSMgKOJYJzUFKUsmylOswntexrEnja9AJ7LZ1dWq6lB%2FpEl0PweXJxDK6DEa%2B2C%2BEiAUBkFbuAFTHkJzOpii%2FUpBRsuRT%2BOVEvoWp74v2zJTED%2FICnTOuJp%2Bcfg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff

POST rum
5cvd85l9.xyz/cdn-cgi/ 0
0

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
0 87ms
54ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: 5cvd85l9.xyz
URL: https://5cvd85l9.xyz/?4ed97633b112cb69009a31ded6e04c52=6&utm=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://5cvd85l9.xyz
Referer: https://5cvd85l9.xyz/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8cae019519115b19-VIE
access-control-allow-origin: *
date: Sun, 29 Sep 2024 18:23:45 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 204 rum
5cvd85l9.xyz/cdn-cgi/ 0
140 B 22ms
21ms XHR
text/plain 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5cvd85l9.xyz/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://5cvd85l9.xyz/?4ed97633b112cb69009a31ded6e04c52=6&utm=2

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8cae019b3ea6c2c3-VIE
access-control-allow-origin: https://5cvd85l9.xyz
date: Sun, 29 Sep 2024 18:23:46 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

POST
H3 200 / Show response
5cvd85l9.xyz/ 2 KB
1 KB 194ms
193ms Document
text/html 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5cvd85l9.xyz/?1a3506a26f91a894144a034a954493d3=5&utm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17f56ed7f67ca65e4dd77e803ec3ef568c817780c0d3bd89bfa1f0fd276e77be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://5cvd85l9.xyz
Referer: https://5cvd85l9.xyz/?4ed97633b112cb69009a31ded6e04c52=6&utm=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8cae019b3eadc2c3-VIE
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 29 Sep 2024 18:23:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTed3fRcwAYRlvQvuaGoEspRzCbfgWB7NCiMYH0WgRPBqD6W6U3vhJ%2FcUt%2FHSugqoRtv37sGvDCQEb4FV1vU3tz7MlVLuoLJImyyOuBebt4w1gF6Mm7jda0vZl6lIZc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff

POST rum
5cvd85l9.xyz/cdn-cgi/ 0
0

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
0 87ms
54ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: 5cvd85l9.xyz
URL: https://5cvd85l9.xyz/?1a3506a26f91a894144a034a954493d3=5&utm=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://5cvd85l9.xyz
Referer: https://5cvd85l9.xyz/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8cae019519115b19-VIE
access-control-allow-origin: *
date: Sun, 29 Sep 2024 18:23:45 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 204 rum Show response
5cvd85l9.xyz/cdn-cgi/ 0
140 B 21ms
20ms XHR
text/plain 172.67.205.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5cvd85l9.xyz/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.205.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://5cvd85l9.xyz/?1a3506a26f91a894144a034a954493d3=5&utm=1

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8cae019c787fc2c3-VIE
access-control-allow-origin: https://5cvd85l9.xyz
date: Sun, 29 Sep 2024 18:23:46 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

POST
H3 200 Primary Request / Show response
7iokwf1k8.pro/ 6 KB
3 KB 612ms
581ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://7iokwf1k8.pro/?2227f8697c02623e6ad62b85eb86d696=4=66f99b32822af&t=24&s=ff
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 560c11b24a8de849aaaa693976f754e48e28efdf8522dd1b2a104e773c41430c

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://5cvd85l9.xyz
Referer: https://5cvd85l9.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8cae01a2fb0cc217-VIE
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 29 Sep 2024 18:23:48 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2FI6VthpCCH4cqP%2FUnMCLy8fVJ99%2BBvveoUZSh9eQa%2FYUIV%2BE%2FDUQ7ZPBLmJ7ZauC5dbDpyFa1kVHjS0FnC3GC4vTKnPaBoh5vcFKOtO546eMH7PvLFIAe71wzduJtWE"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 jquery.js Show response
7iokwf1k8.pro/new/js/ 86 KB
31 KB 508ms
507ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://7iokwf1k8.pro/new/js/jquery.js
Requested by: Host: 7iokwf1k8.pro
URL: https://7iokwf1k8.pro/?2227f8697c02623e6ad62b85eb86d696=4=66f99b32822af&t=24&s=ff
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fdf878caa6115ab88f270d81cfdbccbaa93935924bb9d015b0c4cf4a1d483db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-bgj: minify
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Ka%2FuT50BeyG1Q9WH22ubWAL5Wd9cr1FPd%2BMF9g0WTuS51tWdx%2BIL0llC6El7sJdumHXltPSFyaPsiGT1vUyCsga6xNshxVKpDSORP20BMq5%2FBf3Br%2FBONFQqy5O5%2Fg4"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cae01a69fc7c217-VIE
cf-polished: origSize=88145
date: Sun, 29 Sep 2024 18:23:48 GMT
content-type: application/javascript
last-modified: Fri, 15 Oct 2021 19:37:00 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H2 200 css
fonts.googleapis.com/ 1 KB
894 B 103ms
37ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Asap

Requested by

Host: 7iokwf1k8.pro
URL: https://7iokwf1k8.pro/?2227f8697c02623e6ad62b85eb86d696=4=66f99b32822af&t=24&s=ff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

d34c4ec7243b3cb625156392fd82ed9427c70a0aad1583cc8646aa35553009f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 29 Sep 2024 18:23:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 18:23:48 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 29 Sep 2024 18:23:48 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 android-flat.png
freeiconshop.com/wp-content/uploads/edd/ 10 KB
10 KB 535ms
174ms Image
image/png 195.179.237.77
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freeiconshop.com/wp-content/uploads/edd/android-flat.png

Requested by

Host: 7iokwf1k8.pro
URL: https://7iokwf1k8.pro/?2227f8697c02623e6ad62b85eb86d696=4=66f99b32822af&t=24&s=ff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.179.237.77 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

155afeea143be84f45f613b72aae35b677b071897a5af3ca8265fa36f1aef114

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=31536000
etag: "262e-5a13002e-2bcbf6f4ea0f20d9;;;"
expires: Mon, 29 Sep 2025 18:23:48 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 9774
date: Sun, 29 Sep 2024 18:23:48 GMT
content-type: image/png
last-modified: Mon, 20 Nov 2017 16:17:50 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 73ms
41ms Script
text/javascript 104.16.79.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: 7iokwf1k8.pro
URL: https://7iokwf1k8.pro/?2227f8697c02623e6ad62b85eb86d696=4=66f99b32822af&t=24&s=ff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://7iokwf1k8.pro
Referer

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8cae01aa1ae15bbe-VIE
access-control-allow-origin: *
date: Sun, 29 Sep 2024 18:23:48 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 KFOOCniXp96a4Tc2DaTeuDAoKsE617JFc49knOIYdjTYkqUcKWmW.woff2
fonts.gstatic.com/s/asap/v30/ 15 KB
15 KB 65ms
28ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/asap/v30/KFOOCniXp96a4Tc2DaTeuDAoKsE617JFc49knOIYdjTYkqUcKWmW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

a07a2e0ca3402a2df11bd4b5144e81fd31709101d9a72ea0e27b48828a23f559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://7iokwf1k8.pro
Referer: https://fonts.googleapis.com/

Response headers

age: 455850
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Sep 2025 11:46:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Sep 2024 11:46:18 GMT
last-modified: Tue, 06 Jun 2023 20:38:31 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15036
x-xss-protection: 0
server: sffe

GET
H3

200

main.js Show response
7iokwf1k8.pro/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame 780C
Redirect Chain

https://7iokwf1k8.pro/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://7iokwf1k8.pro/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

8 KB
4 KB

29ms
28ms

Script
application/javascript

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://7iokwf1k8.pro/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdbd13574d5ef4c2f649c24f42e65facc0d61561dd02f4fd70651a55b6d55e84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nt8rwk5ddxLwQwSHviYBHzAD8Z648kplO%2F1UBb6PlzCp7iEa0QsMZZoY17FNgekdREAAAuwLtf7H64%2FwOGZtLceeHlS6hKj4UpwQbQYF0a0dJVWV1rky%2F5g3Ob9hxU7w"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8cae01aa9e6ec217-VIE
date: Sun, 29 Sep 2024 18:23:48 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSNMk5XchVP4wi9BrIPVDd%2BaQB4TBb6zydRRgAlKGVtUFJGi8M8%2B2YP37%2FctDrOY8kVI%2F7xtNpUUxzgThv%2BFE1NCsWoeWIKq9tEsa5CFt%2Fb68lrzsDV274BOoE%2F4oqi7"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cae01aa6e17c217-VIE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 29 Sep 2024 18:23:48 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 204 rum Show response
7iokwf1k8.pro/cdn-cgi/ 0
139 B 35ms
34ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://7iokwf1k8.pro/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8cae01aa9e67c217-VIE
access-control-allow-origin: https://7iokwf1k8.pro
date: Sun, 29 Sep 2024 18:23:48 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H3 404 favicon.ico
7iokwf1k8.pro/ 236 B
627 B 507ms
507ms Other
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://7iokwf1k8.pro/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c09a3f77e8a1ce36ffdf1bf0cff8aa9bb5c17616ba8f31db31d8b5946245362

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: EXPIRED
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tcwc81hUz2DzQ9MvFD98MqxQ7s%2FLl4OzmM6cTdi%2FyWGvkutzJ8M8Dgb8mwzYE%2BiHnoCD%2FiCrt8NaIYDBfI2Tdr45OOw3GEHv2cAw8l%2FPx1TTjmN41d9fKUH5VsuSPiBK"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cae01aa9e6bc217-VIE
alt-svc: h3=":443"; ma=86400
date: Sun, 29 Sep 2024 18:23:49 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

POST
H3 200 8cae01a2fb0cc217 Show response
7iokwf1k8.pro/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 780C 0
903 B 42ms
38ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://7iokwf1k8.pro/cdn-cgi/challenge-platform/h/g/jsd/r/8cae01a2fb0cc217
Requested by: Host: 7iokwf1k8.pro
URL: https://7iokwf1k8.pro/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MN4p8ftUO6kPbCfiwdsjx1eKJi%2FLtHEkdoREbm56u0MPkt2uWvBsFXdYnxAXLvfsmtIXLFOoPpiPuW1n9Yv%2FzlkAXq4FYsi7KS4bItqAqFv6Fzd1YnjcMhvbTNKm7Eyl"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cae01ab2f18c217-VIE
content-length: 0
date: Sun, 29 Sep 2024 18:23:49 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 5cvd85l9.xyz
URL: https://5cvd85l9.xyz/favicon.ico

Domain: 5cvd85l9.xyz
URL: https://5cvd85l9.xyz/cdn-cgi/rum?

Domain: 5cvd85l9.xyz
URL: https://5cvd85l9.xyz/favicon.ico

Domain: 5cvd85l9.xyz
URL: https://5cvd85l9.xyz/cdn-cgi/rum?

Domain: 5cvd85l9.xyz
URL: https://5cvd85l9.xyz/cdn-cgi/rum?

Domain: 5cvd85l9.xyz
URL: https://5cvd85l9.xyz/cdn-cgi/rum?

Domain: 5cvd85l9.xyz
URL: https://5cvd85l9.xyz/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| __cfBeacon

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
5cvd85l9.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: ab4e85335718c9ca2db9909f0fd4ffcf
.5cvd85l9.xyz/	1970-01-21 08:39:30	Name: cf_clearance Value: Uus2kpI45vIjnHgneJdNUoD8Ps9sDaCO8qPN4_XWdEg-1727634225-1.2.1.1-c4UqUlZlJ5CYji_X1QaJJZBLBuD0bWksf6Lk.NB93EdmmplamkitwBWFtjbyaxRmPyza9.xUhdjWyxtHJ4jkmfINz_hI25oR3fZgzw1bHpYEtoCf_UKQQL.6dwJDm2I_m4vdgWegbjNk6yKOFnJxke0nillLY9oUUh5oY9EAWWFPp47dvZO8KdbsCqzmiB73RqrpS9ar06NRFtLwk1A8N.v7gJ_43F_edEjDgRtsmzCz5S5SI7hzd.Sethcuqin3mxrbTzpFo1Vvb2Ac9PjCXOopZL6wqHmjNXdZb2C260i7IzZnTVsDv3zksPfjg.dZLYvthRnyVUc9lVnmjndPSHVrsiqx3USnBPUsYtFYLTibinoRDItz3vYSrAJemcey
7iokwf1k8.pro/	1969-12-31 23:59:59	Name: PHPSESSID Value: be46b7568c400a513c9cd7f1cff2e324
.7iokwf1k8.pro/	1970-01-21 08:39:30	Name: cf_clearance Value: 5Y6WsXYAXZ.OLncPXTfCeWlSrHipPpMg80SRbKfcA7Y-1727634229-1.2.1.1-LJ1GHvyu.RrRCX1ia0i9nuHNsQS_gvgeQclOtoNO91eUdgRtTkKgQBn8h95oFD2XsLd5opw11UJA3qbdhCHLW6Em8AyCQSbtdUw3q_ZFdjv4ZkkXYuHMffKER698iMbhuRvP0uEE9zjdSGhlmM31Dt8BbZv3UZ.FnlQhTBNUpKDi3tu7U7BlLTeAkPo2RGqnVghZNwPWgbDpvZ.XzJr4mh1PjT8piu6P7mpD100DBo.bAy0IGBx6VbINffvD09lPDxlY5oYl9bMNhmgdOHlVWiMH9NBqnm07nFM3TTKagdqtPfvPRMGUxpJj9cJspMsDoAQZIDItDMOeRhKmuSxye1YeW7gkeIJ_4WQfW9NlXCVrd8sFofjuTCIRwJ3cUK4J

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://5cvd85l9.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://7iokwf1k8.pro/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5cvd85l9.xyz
7iokwf1k8.pro
fonts.googleapis.com
fonts.gstatic.com
freeiconshop.com
ksbpbad7.net
static.cloudflareinsights.com
5cvd85l9.xyz
104.16.79.73
104.16.80.73
142.250.185.74
172.217.18.99
172.67.205.92
188.114.96.3
188.114.97.3
195.179.237.77
155afeea143be84f45f613b72aae35b677b071897a5af3ca8265fa36f1aef114
175af7f39255adb4ea63b9f833b8602a2b29f5683b769e5f11be3d3a9752f809
17f56ed7f67ca65e4dd77e803ec3ef568c817780c0d3bd89bfa1f0fd276e77be
201d34000768f3c27153e7512cfa1f81934bd7f8236911379e7061d7157659a1
2f6210fd9ff357c725a9b26a81e67b9c2ef676cba30874c896548f6cca87b9dd
560c11b24a8de849aaaa693976f754e48e28efdf8522dd1b2a104e773c41430c
6c09a3f77e8a1ce36ffdf1bf0cff8aa9bb5c17616ba8f31db31d8b5946245362
6fdf878caa6115ab88f270d81cfdbccbaa93935924bb9d015b0c4cf4a1d483db
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
959c815b303a16e23dda9a0aaa96413874a26a1e73923042930e5b97e4b6e015
a07a2e0ca3402a2df11bd4b5144e81fd31709101d9a72ea0e27b48828a23f559
a232862e1934384289dfe663c0295b3b12c4deb8d528acc309efb565762547f7
b980b4a0e9f919c0928f88e9ddece1892e363485834ce58fe0fb2e3c95e2ea40
c55e2d3785d9cc0893ed1d486a54557f9004769c3159d63f48001e75152234d6
d34c4ec7243b3cb625156392fd82ed9427c70a0aad1583cc8646aa35553009f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fdbd13574d5ef4c2f649c24f42e65facc0d61561dd02f4fd70651a55b6d55e84

7iokwf1k8.pro Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

77 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

9 IPs

3 Countries

104 kBTransfer

315 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

7iokwf1k8.pro Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

77 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

9
IPs

3
Countries

104 kB
Transfer

315 kB
Size

4
Cookies

43 HTTP transactions
0 data transactions