kulgarrr.kulgar-event7.cf Open in urlscan Pro
62.77.156.111  Malicious Activity! Public Scan

URL: http://kulgarrr.kulgar-event7.cf/
Submission: On November 28 via manual from GB

Summary

This website contacted 12 IPs in 5 countries across 12 domains to perform 47 HTTP transactions. The main IP is 62.77.156.111, located in Lithuania and belongs to RACKRAY UAB Rakrejus, LT. The main domain is kulgarrr.kulgar-event7.cf.
This is the only time kulgarrr.kulgar-event7.cf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Codashop (Entertainment)

Domain & IP information

Domain Requested by
20 cdn1.codashop.com kulgarrr.kulgar-event7.cf
cdn1.codashop.com
10 kulgarrr.kulgar-event7.cf kulgarrr.kulgar-event7.cf
3 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net kulgarrr.kulgar-event7.cf
connect.facebook.net
2 d1qgcmfii0ptfa.cloudfront.net kulgarrr.kulgar-event7.cf
2 cdn1.codapayments.com kulgarrr.kulgar-event7.cf
2 fonts.googleapis.com kulgarrr.kulgar-event7.cf
1 www.google.de kulgarrr.kulgar-event7.cf
1 www.google.com kulgarrr.kulgar-event7.cf
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com kulgarrr.kulgar-event7.cf
47 12
Subject Issuer Validity Valid
*.codashop.com
Go Daddy Secure Certificate Authority - G2
2020-01-06 -
2021-09-18
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.codapayments.com
DigiCert SHA2 Secure Server CA
2020-07-23 -
2022-10-05
2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2
2020-05-26 -
2021-04-21
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-11-02 -
2021-01-30
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
www.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
www.google.de
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh

This page contains 1 frames:

Primary Page: http://kulgarrr.kulgar-event7.cf/
Frame ID: C4AE236CF1815A644AA7873346FB20B8
Requests: 47 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery-ui.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

47
Requests

79 %
HTTPS

67 %
IPv6

12
Domains

12
Subdomains

12
IPs

5
Countries

1234 kB
Transfer

2249 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
kulgarrr.kulgar-event7.cf/
192 KB
21 KB
Document
General
Full URL
http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Server
62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
31fe.c.serverhost.name
Software
LiteSpeed /
Resource Hash
6dd213b07d2d1049257e18149c637e1f6faf99ecf622d7122a17a0e0a617b3dd

Request headers

Host
kulgarrr.kulgar-event7.cf
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Sat, 28 Nov 2020 04:41:59 GMT
Server
LiteSpeed
xss.min.js
cdn1.codashop.com/S/content/common/js/
28 KB
7 KB
Script
General
Full URL
https://cdn1.codashop.com/S/content/common/js/xss.min.js
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0278b60e08b67fb8ae86c56dd80075e94e1d51113eb21ade41996147c601dfe6

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 06:05:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Nov 2019 04:16:51 GMT
Server
AmazonS3
Age
81400
ETag
W/"4947ff982fb69173f95da79b538f254d"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 ed0b7f757277c9400d55f37abd579b7b.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
CDG3-C1
X-Amz-Cf-Id
zEup_5JnsKS2d_gn40BfTOaOhhrL7GuwYsTQlTHIMMRwF7_9tMiXig==
jquery-ui-1.12.1.css
cdn1.codashop.com/S/content/common/css/
35 KB
9 KB
Stylesheet
General
Full URL
https://cdn1.codashop.com/S/content/common/css/jquery-ui-1.12.1.css
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 15:19:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Dec 2018 07:52:04 GMT
Server
AmazonS3
Age
48152
ETag
"c4a88ec0cb998929a670c0c58d7dc526"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 afbd0756929fd5d8f835ce26b1931d4c.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Disposition
attachment
X-Amz-Cf-Pop
CDG3-C1
X-Amz-Cf-Id
Dz9UekF4_sWAxYckuzPw0Sb1V4Ize7WIy86KDwZKYg4H1QqtI6sdMg==
flags.css
cdn1.codashop.com/S/content/common/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://cdn1.codashop.com/S/content/common/css/flags.css
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6a3220f393767077637471193f95bbde06a0928b0fe5fda70a0aa01cd2cb7b0

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 08:43:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Dec 2018 04:54:20 GMT
Server
AmazonS3
Age
71916
ETag
W/"48625f4127086c12c9db05064a6bab03"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
CDG3-C1
X-Amz-Cf-Id
T66pnsMOMQsmMS78oRC4_Y7fxaxnDl1-_O_brl69aJ41r8pMk-emjA==
css
fonts.googleapis.com/
3 KB
935 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
561cbf25e415fbfbc72c55b5638dc81cac5f5316d5963113daba10babe6ec795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 28 Nov 2020 04:02:27 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Sat, 28 Nov 2020 04:41:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sat, 28 Nov 2020 04:41:59 GMT
css
fonts.googleapis.com/
3 KB
690 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans&display=swap
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a055c77a7121a4cb620a8f1be1cf69e2d5f52a8a3e05b2379cff6c4acc8b0f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 28 Nov 2020 04:17:00 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Sat, 28 Nov 2020 04:41:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sat, 28 Nov 2020 04:41:59 GMT
responsive-product-page.css
kulgarrr.kulgar-event7.cf/content/mobile/css/productPage/
32 KB
6 KB
Stylesheet
General
Full URL
http://kulgarrr.kulgar-event7.cf/content/mobile/css/productPage/responsive-product-page.css
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Server
62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
31fe.c.serverhost.name
Software
LiteSpeed /
Resource Hash
343e2d830f1a6098d2bad16a258001d0f1bce745d9a2ea253c0fc33aad8c3bb4

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 28 Nov 2020 04:41:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 May 2020 23:31:06 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5780
Expires
Sat, 05 Dec 2020 04:41:59 GMT
airtime_v1.0a.js
cdn1.codashop.com/P/production/airtime/w/js/
96 KB
33 KB
Script
General
Full URL
https://cdn1.codashop.com/P/production/airtime/w/js/airtime_v1.0a.js?v=197
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11bd4777146cd407d2a8e32997e3ec87223d2acd976a85e8373f51ce8e3ea184

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 28 Nov 2020 04:28:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Sep 2020 01:53:51 GMT
Server
AmazonS3
Age
2986
ETag
W/"cd6d48ed6daadb52fb1c604af98c88ce"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 f35aa6bf386bb517249eff682674d4c5.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
CDG3-C1
X-Amz-Cf-Id
vofssrPnYd4SOK-wRtf0hN5T9JKbnBiCsQQxt2V_cIHaQ9RsoBVoeA==
jquery-1.12.4.js
cdn1.codashop.com/S/content/common/js/
287 KB
86 KB
Script
General
Full URL
https://cdn1.codashop.com/S/content/common/js/jquery-1.12.4.js?v=197
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 28 Nov 2020 00:33:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Dec 2018 08:04:35 GMT
Server
AmazonS3
Age
14935
ETag
"fb2d334dabf4902825df4fe6c2298b4b"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 1dd9956539498e00dad2092ceea48484.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Disposition
attachment
X-Amz-Cf-Pop
CDG3-C1
X-Amz-Cf-Id
3TwA14BqPgANkrERywrjQm9zVoSNErJxM6ul1DPO8O57-N6zzRBbYw==
jquery-ui-1.12.1.min.js
cdn1.codashop.com/S/content/common/js/
248 KB
67 KB
Script
General
Full URL
https://cdn1.codashop.com/S/content/common/js/jquery-ui-1.12.1.min.js
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 20:54:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Dec 2018 08:04:35 GMT
Server
AmazonS3
Age
28050
ETag
"0a497d4661df7b82feee14332ce0bdaf"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 afbd0756929fd5d8f835ce26b1931d4c.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Disposition
attachment
X-Amz-Cf-Pop
CDG3-C1
X-Amz-Cf-Id
23MrNlRMzGbawXyXEzZiq3J6O6nRd_3IJ1SqRoZPY_owffS01YLcVQ==
loadingoverlay.min.js
cdn1.codashop.com/S/content/common/js/
17 KB
12 KB
Script
General
Full URL
https://cdn1.codashop.com/S/content/common/js/loadingoverlay.min.js?v=197
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50764f297f5d5f4ae8c9e475d83abea36d9502fce658a0168e646e4574ec9e45

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 28 Nov 2020 03:52:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Dec 2018 04:54:51 GMT
Server
AmazonS3
Age
2986
ETag
W/"345ef09ffae9dc361353c16dea5fd86d"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 1dd9956539498e00dad2092ceea48484.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
CDG3-C1
X-Amz-Cf-Id
5-CaIJor7_U1bsIZE5S-ZeXaD7OThsUomwLDDwUrq8VmwfYVadyXag==
loadingoverlay_progress.min.js
cdn1.codashop.com/S/content/common/js/
1 KB
1 KB
Script
General
Full URL
https://cdn1.codashop.com/S/content/common/js/loadingoverlay_progress.min.js?v=197
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac7ef9889112672dc040d570fa76ce9495371efaf65d9952fbe43b4dac152dea

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 14:05:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Dec 2018 04:54:51 GMT
Server
AmazonS3
Age
52573
ETag
W/"efaaf4ceda5749b4f11c91d63af961e2"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
CDG3-C1
X-Amz-Cf-Id
PUhu7pI47bp9JWkNeb9vlS304bUzHK2i1dXZEwZ6CaB4PSSEnXklHA==
jquery.cookie.js
cdn1.codashop.com/S/content/common/js/
2 KB
1 KB
Script
General
Full URL
https://cdn1.codashop.com/S/content/common/js/jquery.cookie.js?v=197
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23beeff38dfd1f4608b34b9947aeae8506b37bea2677967c2d5f43125515ce10

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 23:07:11 GMT
Content-Encoding
gzip
Age
20089
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-meta-mode
33204
Connection
keep-alive
Last-Modified
Thu, 20 Dec 2018 04:54:50 GMT
Server
AmazonS3
ETag
"e370a1a6eda7c6c9e00b6828e4137323"
x-amz-meta-uid
1000
Vary
Accept-Encoding
x-amz-meta-gid
1000
Via
1.1 ed0b7f757277c9400d55f37abd579b7b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CDG3-C1
Content-Type
application/javascript
X-Amz-Cf-Id
MlAsPJy_L8hu-2jtBPtlYxBpyRAiC5h-KpW0YQ6u_ghD5NF5tC6g3A==
x-amz-meta-mtime
1468204972
airtime_v1.0a.css
cdn1.codashop.com/P/airtime/w/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://cdn1.codashop.com/P/airtime/w/css/airtime_v1.0a.css?v=197
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232f4b64740dd615857b7d31a7839d94de691ddce917fe1a56b0f3de7498fa48

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 28 Nov 2020 00:45:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Mar 2020 03:56:02 GMT
Server
AmazonS3
Age
14180
ETag
"753a330f95a906499abe488e677662d3"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 1dd9956539498e00dad2092ceea48484.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
CDG3-C1
X-Amz-Cf-Id
vlZN-eLhndTKZF5adZ6YtbWc04Yo76dj0rPQznMxBEFJ_1JvZEHIZQ==
material-components-web.min.css
cdn1.codapayments.com/W/pub/mobile-web/css/
260 KB
260 KB
Stylesheet
General
Full URL
https://cdn1.codapayments.com/W/pub/mobile-web/css/material-components-web.min.css
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
792cec437849414bb7fa6004896ebba6b1948934e6093535eb04d4496e237d96

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Mon, 14 Jan 2019 02:58:56 GMT
Date
Fri, 27 Nov 2020 06:31:55 GMT
Via
1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
Last-Modified
Tue, 15 Jan 2019 03:00:48 GMT
Server
AmazonS3
Age
79805
ETag
"468d6d437259c1be6de55957cab4651e"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
266114
X-Amz-Cf-Id
k6F1KhBs-pxIIdFwi6zSLkIDZK2mEVRpwrNNcBF8_-ufz3bZygMiqw==
material-components-web.min.js
cdn1.codapayments.com/W/pub/mobile-web/js/
393 KB
393 KB
Script
General
Full URL
https://cdn1.codapayments.com/W/pub/mobile-web/js/material-components-web.min.js
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f78e45e49d5846acb2f6d39b1a20146190932ac1f8a6e2cf74c9f4c1287371d8

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime
Tue, 15 Jan 2019 02:04:05 GMT
Date
Fri, 27 Nov 2020 06:32:10 GMT
Via
1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
Last-Modified
Tue, 15 Jan 2019 03:01:16 GMT
Server
AmazonS3
Age
79790
ETag
"ef377ef7dd8fecdedbff47d1f0035ac2"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
402145
X-Amz-Cf-Id
64uM1sE4_dlrxrgA2KxXAk4hn703K8fKxKKEXgEovr1jDWuM-Fx9XQ==
codashop-logo.png
cdn1.codashop.com/S/content/mobile/images/
2 KB
3 KB
Image
General
Full URL
https://cdn1.codashop.com/S/content/mobile/images/codashop-logo.png
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fdf464d02d5be0bcfd2f1ad32c75aeed1f03232c2033f399df2ce78a289d8f7

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 10:39:28 GMT
Via
1.1 1dd9956539498e00dad2092ceea48484.cloudfront.net (CloudFront)
Last-Modified
Tue, 21 May 2019 00:56:00 GMT
Server
AmazonS3
Age
64952
ETag
"ef72958375f5891863e9e027d910fe6f"
x-amz-meta-sha256
5fdf464d02d5be0bcfd2f1ad32c75aeed1f03232c2033f399df2ce78a289d8f7
Content-Type
image/png
Connection
keep-alive
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
CDG3-C1
Accept-Ranges
bytes
Content-Length
2191
X-Amz-Cf-Id
t7gJig5NyGtLaL4GBpBZHKfyzWu5bQqDvu6IANDkfTEbBCibscKACw==
x-amz-meta-s3b-last-modified
20190509T041738Z
freefire_640x241.png
cdn1.codashop.com/S/content/common/images/mno/
82 KB
83 KB
Image
General
Full URL
https://cdn1.codashop.com/S/content/common/images/mno/freefire_640x241.png
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ee661e12972aa24454fd360cf7907fa4a719fb9c282c92e4064a2174fb70391

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 14:05:48 GMT
Via
1.1 ed0b7f757277c9400d55f37abd579b7b.cloudfront.net (CloudFront)
Last-Modified
Thu, 09 Jul 2020 03:21:55 GMT
Server
AmazonS3
Age
52572
ETag
"d8fdf8b46c548993949d38533bce3398"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG3-C1
Accept-Ranges
bytes
Content-Length
84335
X-Amz-Cf-Id
3Jv5k8ONGecar12aBFdrpgrlFswNbPgMYw-2jquMqdhD2onzfZ06Jg==
app_store_coda.png
d1qgcmfii0ptfa.cloudfront.net/S/content/mobile/images/
3 KB
3 KB
Image
General
Full URL
https://d1qgcmfii0ptfa.cloudfront.net/S/content/mobile/images/app_store_coda.png
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a69de99192160f4a77667679c5a985beb0758dd464c162f58e2f89b91d11011

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 16:42:30 GMT
Via
1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jul 2017 08:47:30 GMT
Server
AmazonS3
Age
43170
ETag
"cfd0f0cbf8aa1717324f64a438c378c5"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Content-Disposition
attachment
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
2799
X-Amz-Cf-Id
jiJCXTMlel8VxAdrYVVjR7wtilqMPLnW2Wkuhydq6q_cv2iEgKjujw==
google_play_coda.png
d1qgcmfii0ptfa.cloudfront.net/S/content/mobile/images/
3 KB
3 KB
Image
General
Full URL
https://d1qgcmfii0ptfa.cloudfront.net/S/content/mobile/images/google_play_coda.png
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19c2b75fe23ae2238adbd7f34901396d4120605d9028c2fcc7bd3c010e27ef9a

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 19:07:44 GMT
Via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jul 2017 08:47:31 GMT
Server
AmazonS3
Age
34456
ETag
"e7ebc6c74ec20ea3614970e178217c10"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Content-Disposition
attachment
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
2631
X-Amz-Cf-Id
qGYpA4hbbFvJmTcZgb4pgqN-YMl-5NaHQrilZTRLERRLvQE9D04O_A==
jquery.mask.min.js
cdn1.codashop.com/S/content/common/js/
7 KB
4 KB
Script
General
Full URL
https://cdn1.codashop.com/S/content/common/js/jquery.mask.min.js
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f8e21f061de1874e4af063f095a389187c40583c9033946e406a8bb825ca358

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 12:33:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Dec 2018 08:04:35 GMT
Server
AmazonS3
Age
58085
ETag
W/"35d9db48e3112f35d81e70b98457aa42"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 afbd0756929fd5d8f835ce26b1931d4c.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Disposition
attachment
X-Amz-Cf-Pop
CDG3-C1
X-Amz-Cf-Id
tJyzwdaXyy8A8kgYoQHw57R_bX24FSXcmjCqKotKF8KPbDzsxSiFmw==
moonton.js
kulgarrr.kulgar-event7.cf/content/mobile/js/
0
0
Script
General
Full URL
http://kulgarrr.kulgar-event7.cf/content/mobile/js/moonton.js
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Server
62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
31fe.c.serverhost.name
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 28 Nov 2020 04:41:59 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
1237
Content-Type
text/html
third_party_common.js
kulgarrr.kulgar-event7.cf/content/common/js/
0
0
Script
General
Full URL
http://kulgarrr.kulgar-event7.cf/content/common/js/third_party_common.js
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Server
62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
31fe.c.serverhost.name
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 28 Nov 2020 04:41:59 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
1237
Content-Type
text/html
logo-codapay.png
cdn1.codashop.com/S/content/common/images/
2 KB
2 KB
Image
General
Full URL
https://cdn1.codashop.com/S/content/common/images/logo-codapay.png
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5de0bca0d58688793e6c684a36a45886f38204f6f48930fcaf490f3b5a4e656b

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 28 Nov 2020 04:28:49 GMT
Via
1.1 1dd9956539498e00dad2092ceea48484.cloudfront.net (CloudFront)
Last-Modified
Tue, 25 Feb 2020 08:47:36 GMT
Server
AmazonS3
Age
54082
ETag
"29d643ce627d0d78371d87944195a22e"
x-amz-meta-sha256
5de0bca0d58688793e6c684a36a45886f38204f6f48930fcaf490f3b5a4e656b
Content-Type
image/png
Connection
keep-alive
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
CDG3-C1
Accept-Ranges
bytes
Content-Length
1920
X-Amz-Cf-Id
ofjcxntbJzF59vF9UFUmWdH3jF2FlIfjBUgwKeNt7ZVOZTLSHSqVAg==
x-amz-meta-s3b-last-modified
20200225T004516Z
spinner-25x25.gif
cdn1.codashop.com/S/content/mobile/images/
6 KB
6 KB
Image
General
Full URL
https://cdn1.codashop.com/S/content/mobile/images/spinner-25x25.gif
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5729c45abd577e40e1642fab550d9614417774b3d43785141a4292121a74a44a

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 21 Nov 2020 17:13:10 GMT
Via
1.1 f35aa6bf386bb517249eff682674d4c5.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 20 Dec 2018 08:12:20 GMT
Server
AmazonS3
Age
559730
ETag
"b94bfa3a5cf9b807043bbb5cc231b3f9"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Cache-Control
max-age=2592000
X-Amz-Cf-Pop
CDG3-C1
Accept-Ranges
bytes
Content-Length
5875
X-Amz-Cf-Id
m_MJMg9n748ahzufE-IlnX0pGK7HTa_vQIva-lVXWXfe7xO39-nmOw==
fb.png
kulgarrr.kulgar-event7.cf/content/images/
9 KB
10 KB
Image
General
Full URL
http://kulgarrr.kulgar-event7.cf/content/images/fb.png
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Server
62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
31fe.c.serverhost.name
Software
LiteSpeed /
Resource Hash
d61a2ef02864020bda07d94232000ee6fea96f5782d8d63ab2c92002164e3f7f

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 28 Nov 2020 04:41:59 GMT
Last-Modified
Wed, 13 May 2020 23:31:06 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
9522
Expires
Sat, 05 Dec 2020 04:41:59 GMT
vk.png
kulgarrr.kulgar-event7.cf/content/images/
27 KB
28 KB
Image
General
Full URL
http://kulgarrr.kulgar-event7.cf/content/images/vk.png
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Server
62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
31fe.c.serverhost.name
Software
LiteSpeed /
Resource Hash
2e9384bb0a579983041ec10b3952be614ac35a5fc4fd6ff5a59256f65c205b57

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 28 Nov 2020 04:41:59 GMT
Last-Modified
Wed, 13 May 2020 23:31:06 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
28110
Expires
Sat, 05 Dec 2020 04:41:59 GMT
facebook_icon.png
cdn1.codashop.com/S/content/mobile/images/sosmed-icons/
608 B
1 KB
Image
General
Full URL
https://cdn1.codashop.com/S/content/mobile/images/sosmed-icons/facebook_icon.png
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a8ea5d9e0831c86d37afe550dd1c45dbd1225450aef1f46cb21ff189fd179aa

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 28 Nov 2020 04:28:49 GMT
Via
1.1 1dd9956539498e00dad2092ceea48484.cloudfront.net (CloudFront)
Last-Modified
Thu, 20 Dec 2018 08:12:20 GMT
Server
AmazonS3
Age
54082
ETag
"815b5f3de3b97684d0082f158cacc62a"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG3-C1
Accept-Ranges
bytes
Content-Length
608
X-Amz-Cf-Id
dSY59kvya2pZQc4KFbgWHIngh1dOmGhE5ftO1c2lMnJjfs4qEoBF4g==
youtube_icon.png
cdn1.codashop.com/S/content/mobile/images/sosmed-icons/
728 B
1 KB
Image
General
Full URL
https://cdn1.codashop.com/S/content/mobile/images/sosmed-icons/youtube_icon.png
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
522e9c7216d716037382ac11431124605ba695b35017e2124467b059e59317ff

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 28 Nov 2020 04:28:49 GMT
Via
1.1 afbd0756929fd5d8f835ce26b1931d4c.cloudfront.net (CloudFront)
Last-Modified
Thu, 20 Dec 2018 08:12:20 GMT
Server
AmazonS3
Age
52641
ETag
"83858838fcba3a65aa5080e7fc962716"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG3-C1
Accept-Ranges
bytes
Content-Length
728
X-Amz-Cf-Id
OrKWV1E70YAIkxh0wCNazbDz-5rC3uZ1vziQtR0Eqo8028hL2XadVw==
instagram_icon.png
cdn1.codashop.com/S/content/mobile/images/sosmed-icons/
1 KB
2 KB
Image
General
Full URL
https://cdn1.codashop.com/S/content/mobile/images/sosmed-icons/instagram_icon.png
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb708bb8f7dc59f963a4e0b7ccbe874ed4318b0f7b22501a57f8c33c65fe2a4e

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 28 Nov 2020 04:28:49 GMT
Via
1.1 1dd9956539498e00dad2092ceea48484.cloudfront.net (CloudFront)
Last-Modified
Thu, 20 Dec 2018 08:12:20 GMT
Server
AmazonS3
Age
54081
ETag
"3c96605ac4fafffba69de5882458d176"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG3-C1
Accept-Ranges
bytes
Content-Length
1316
X-Amz-Cf-Id
wJtiie-KC3woS19ZdfepNX802P3yWfXzcnEYiFgycBY41BxBC7cP4w==
custom-page.js
cdn1.codashop.com/S/content/common/js/
3 KB
2 KB
Script
General
Full URL
https://cdn1.codashop.com/S/content/common/js/custom-page.js?v=197
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
666b0ac84587917c999a31e584f2684c2849d35765d82ac233b5db5f6605a74a

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 14:05:54 GMT
Content-Encoding
gzip
Age
52566
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-meta-mode
33204
Connection
keep-alive
Last-Modified
Thu, 20 Dec 2018 04:54:50 GMT
Server
AmazonS3
ETag
W/"ae717175dfc3d25232f5bcdb990f1342"
x-amz-meta-uid
1000
Vary
Accept-Encoding
x-amz-meta-gid
1000
Via
1.1 afbd0756929fd5d8f835ce26b1931d4c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CDG3-C1
Content-Type
application/javascript
X-Amz-Cf-Id
hxz6vE3MhdNUCYnJjIdjRj5kf1ZLUQ4vAMGsZ9gsNXuavCHCtrSUcg==
x-amz-meta-mtime
1468204972
productPage.js
kulgarrr.kulgar-event7.cf/content/pages/js/
107 KB
15 KB
Script
General
Full URL
http://kulgarrr.kulgar-event7.cf/content/pages/js/productPage.js
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Server
62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
31fe.c.serverhost.name
Software
LiteSpeed /
Resource Hash
91d41434ed28eab7beba804e4d730ec29fb38404ad0fbaea84339518ca48e2c4

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 28 Nov 2020 04:41:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 May 2020 23:31:06 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
15483
Expires
Sat, 05 Dec 2020 04:41:59 GMT
common-sw.js
kulgarrr.kulgar-event7.cf/content/common/js/
407 B
646 B
Script
General
Full URL
http://kulgarrr.kulgar-event7.cf/content/common/js/common-sw.js?v=197
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Server
62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
31fe.c.serverhost.name
Software
LiteSpeed /
Resource Hash
4e32dcbf5f9939677f9f7c29fe2c20a2c517efcbfcdafe7bef7a29af3b5a056d

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 28 Nov 2020 04:41:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 May 2020 23:31:06 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
294
Expires
Sat, 05 Dec 2020 04:41:59 GMT
gtm.js
www.googletagmanager.com/
155 KB
47 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PF7TJ9
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
400bae22c3b3997757399e7d10548f057fd856d0676f28a61bace01a81d3ad90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 28 Nov 2020 04:41:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47635
x-xss-protection
0
last-modified
Sat, 28 Nov 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 28 Nov 2020 04:41:59 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://kulgarrr.kulgar-event7.cf
Referer
https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 23:28:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:59 GMT
server
sffe
age
364431
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Tue, 23 Nov 2021 23:28:08 GMT
fbevents.js
connect.facebook.net/en_US/
89 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23320
x-xss-protection
0
pragma
public
x-fb-debug
NBOFGO1aE9a3P2RU16x6YDifG/83++cXuxXvLcizyFw6iMTLqkUKx4SI7NsJuWYV8ecBDxk1ikKCZ/BApS5+EQ==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Sat, 28 Nov 2020 04:41:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
flags32.png
cdn1.codashop.com/S/content/common/css/
26 KB
26 KB
Image
General
Full URL
https://cdn1.codashop.com/S/content/common/css/flags32.png
Requested by
Host: cdn1.codashop.com
URL: https://cdn1.codashop.com/S/content/common/css/flags.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.217.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-217-107.cdg3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ad678791b5d4839f74a625c1ff6d3f4a6bbfca6417ecb0133f1a60de77b415d

Request headers

Referer
https://cdn1.codashop.com/S/content/common/css/flags.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 15:42:52 GMT
Via
1.1 880c8b2fd269bd7da77c5b0af696cfdc.cloudfront.net (CloudFront)
Last-Modified
Thu, 20 Dec 2018 04:54:20 GMT
Server
AmazonS3
Age
46748
ETag
"ee905aeea99aa287b3f5b569fedbd91e"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
CDG3-C1
Accept-Ranges
bytes
Content-Length
26399
X-Amz-Cf-Id
DeiPyWIZot9w62jpJpEIOhEJQOr90fkX4uyAcPRwaWaPygAtfVCNXw==
S6u_w4BMUTPHjxsI9w2_Gwftx9897g.woff2
fonts.gstatic.com/s/lato/v17/
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u_w4BMUTPHjxsI9w2_Gwftx9897g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f84e0fa90478a07a7f65c48ecdae68cb3e74395f03b5d74f0b632883e74889a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://kulgarrr.kulgar-event7.cf
Referer
https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 02:44:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:43 GMT
server
sffe
age
525451
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14768
x-xss-protection
0
expires
Mon, 22 Nov 2021 02:44:28 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://kulgarrr.kulgar-event7.cf
Referer
https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 09:05:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:25 GMT
server
sffe
age
156990
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14176
x-xss-protection
0
expires
Fri, 26 Nov 2021 09:05:29 GMT
moonton.js
kulgarrr.kulgar-event7.cf/content/mobile/js/
0
0
Script
General
Full URL
http://kulgarrr.kulgar-event7.cf/content/mobile/js/moonton.js
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Server
62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
31fe.c.serverhost.name
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 28 Nov 2020 04:41:59 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
1237
Content-Type
text/html
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF7TJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3158
date
Sat, 28 Nov 2020 03:49:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sat, 28 Nov 2020 05:49:21 GMT
916139058437464
connect.facebook.net/signals/config/
25 KB
8 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/916139058437464?v=2.9.29&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c30fa7c251902f1559a466a4a0a63ee4a827f13a68fe78f56d01b42eb048d44
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
7729
x-xss-protection
0
pragma
public
x-fb-debug
aDtCD/MA8dD69wKIFTnGz2CFM75BKNRI1hRJr2toz5y2VaKZcw22SliXhaOkJLbsflCiCu/gabi+utb20xCxNg==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Sat, 28 Nov 2020 04:41:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
1764435339
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
73 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=403474643&t=pageview&_s=1&dl=http%3A%2F%2Fkulgarrr.kulgar-event7.cf%2F&ul=en-us&de=UTF-8&dt=Free%20Fire%20(Indonesia)%20-%20Codashop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1689332573&gjid=922512788&cid=778881008.1606538519&tid=UA-38419864-3&_gid=1609202325.1606538519&_r=1&gtm=2wgb41PF7TJ9&z=1346238927
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 28 Nov 2020 04:41:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://kulgarrr.kulgar-event7.cf
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
453 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-38419864-3&cid=778881008.1606538519&jid=1689332573&gjid=922512788&_gid=1609202325.1606538519&_u=YEBAAEAAAAAAAC~&z=285737094
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 28 Nov 2020 04:41:59 GMT
content-type
text/plain
access-control-allow-origin
http://kulgarrr.kulgar-event7.cf
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
third_party_common.js
kulgarrr.kulgar-event7.cf/content/common/js/
0
0
Script
General
Full URL
http://kulgarrr.kulgar-event7.cf/content/common/js/third_party_common.js
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
HTTP/1.1
Server
62.77.156.111 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),
Reverse DNS
31fe.c.serverhost.name
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 28 Nov 2020 04:41:59 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
1237
Content-Type
text/html
ga-audiences
www.google.com/ads/
42 B
505 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-38419864-3&cid=778881008.1606538519&jid=1689332573&_u=YEBAAEAAAAAAAC~&z=1268103896
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Nov 2020 04:41:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
505 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-38419864-3&cid=778881008.1606538519&jid=1689332573&_u=YEBAAEAAAAAAAC~&z=1268103896
Requested by
Host: kulgarrr.kulgar-event7.cf
URL: http://kulgarrr.kulgar-event7.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://kulgarrr.kulgar-event7.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Nov 2020 04:41:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Codashop (Entertainment)

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| filterCSS function| filterXSS object| dataLayer object| merchant_land_url boolean| firstTime undefined| txnid function| receiveMessage function| close_airtime_responsive_window function| create_airtime_form_div function| getGALinkerPram function| close_airtime_window function| airtime_checkout function| airtime_selection function| responsive_layout function| $ function| jQuery function| LoadingOverlayProgress object| mdc function| fbq function| _fbq object| $jscomp object| google_tag_manager function| postscribe object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| showConfirmation object| CODA function| showCandyCrushTheme function| showBattleNetTheme function| showClipOnYuTheme function| _typeof function| boletoRestrictionField function| numbersOnlyField function| selectPaymentChannel function| selectDenom function| getParameterByName function| checkKeyCode function| close3rdPartyConfirmDialog function| enableElement function| hideErrorPopup function| isEmail function| openTxnWindow function| submitRequest function| addExInfo boolean| isDcb boolean| isSendSms

4 Cookies

Domain/Path Name / Value
.kulgar-event7.cf/ Name: _gat_UA-38419864-3
Value: 1
.kulgar-event7.cf/ Name: _gid
Value: GA1.2.1609202325.1606538519
.kulgar-event7.cf/ Name: _ga
Value: GA1.2.778881008.1606538519
.kulgar-event7.cf/ Name: _gcl_au
Value: 1.1.1864920282.1606538519

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn1.codapayments.com
cdn1.codashop.com
connect.facebook.net
d1qgcmfii0ptfa.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
kulgarrr.kulgar-event7.cf
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.225.84.79
143.204.217.107
2a00:1450:4001:802::2004
2a00:1450:4001:806::2008
2a00:1450:4001:808::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2003
2a00:1450:400c:c0c::9b
2a03:2880:f01c:8012:face:b00c:0:3
62.77.156.111
65.9.68.127
0278b60e08b67fb8ae86c56dd80075e94e1d51113eb21ade41996147c601dfe6
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
11bd4777146cd407d2a8e32997e3ec87223d2acd976a85e8373f51ce8e3ea184
19c2b75fe23ae2238adbd7f34901396d4120605d9028c2fcc7bd3c010e27ef9a
232f4b64740dd615857b7d31a7839d94de691ddce917fe1a56b0f3de7498fa48
23beeff38dfd1f4608b34b9947aeae8506b37bea2677967c2d5f43125515ce10
2c30fa7c251902f1559a466a4a0a63ee4a827f13a68fe78f56d01b42eb048d44
2e9384bb0a579983041ec10b3952be614ac35a5fc4fd6ff5a59256f65c205b57
343e2d830f1a6098d2bad16a258001d0f1bce745d9a2ea253c0fc33aad8c3bb4
400bae22c3b3997757399e7d10548f057fd856d0676f28a61bace01a81d3ad90
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4a8ea5d9e0831c86d37afe550dd1c45dbd1225450aef1f46cb21ff189fd179aa
4e32dcbf5f9939677f9f7c29fe2c20a2c517efcbfcdafe7bef7a29af3b5a056d
50764f297f5d5f4ae8c9e475d83abea36d9502fce658a0168e646e4574ec9e45
522e9c7216d716037382ac11431124605ba695b35017e2124467b059e59317ff
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
561cbf25e415fbfbc72c55b5638dc81cac5f5316d5963113daba10babe6ec795
5729c45abd577e40e1642fab550d9614417774b3d43785141a4292121a74a44a
5ad678791b5d4839f74a625c1ff6d3f4a6bbfca6417ecb0133f1a60de77b415d
5de0bca0d58688793e6c684a36a45886f38204f6f48930fcaf490f3b5a4e656b
5f8e21f061de1874e4af063f095a389187c40583c9033946e406a8bb825ca358
5fdf464d02d5be0bcfd2f1ad32c75aeed1f03232c2033f399df2ce78a289d8f7
666b0ac84587917c999a31e584f2684c2849d35765d82ac233b5db5f6605a74a
6a69de99192160f4a77667679c5a985beb0758dd464c162f58e2f89b91d11011
6dd213b07d2d1049257e18149c637e1f6faf99ecf622d7122a17a0e0a617b3dd
6f84e0fa90478a07a7f65c48ecdae68cb3e74395f03b5d74f0b632883e74889a
792cec437849414bb7fa6004896ebba6b1948934e6093535eb04d4496e237d96
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ee661e12972aa24454fd360cf7907fa4a719fb9c282c92e4064a2174fb70391
91d41434ed28eab7beba804e4d730ec29fb38404ad0fbaea84339518ca48e2c4
9a055c77a7121a4cb620a8f1be1cf69e2d5f52a8a3e05b2379cff6c4acc8b0f6
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
ac7ef9889112672dc040d570fa76ce9495371efaf65d9952fbe43b4dac152dea
cb708bb8f7dc59f963a4e0b7ccbe874ed4318b0f7b22501a57f8c33c65fe2a4e
d61a2ef02864020bda07d94232000ee6fea96f5782d8d63ab2c92002164e3f7f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6a3220f393767077637471193f95bbde06a0928b0fe5fda70a0aa01cd2cb7b0
f78e45e49d5846acb2f6d39b1a20146190932ac1f8a6e2cf74c9f4c1287371d8