lidsaich.net Open in urlscan Pro
139.45.197.244  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://end-year.gift-out.buzz/40GB Page URL
2. https://end-year.gift-out.buzz/go.php Page URL
3. https://shukri.mwikace.com/api/direct/408950?s1=%subid1%&kw= Page URL
4. https://oga.njerezi.xyz/ Page URL
5. https://lidsaich.net/4/5636064 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	40GB Show response end-year.gift-out.buzz/	22 KB 22 KB	186ms 51ms	Document text/html	66.45.232.107 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://end-year.gift-out.buzz/40GB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.45.232.107 , United States, ASN19318 (IS-AS-1, US), Reverse DNS webhosting2044.is.cc Software LiteSpeed / Resource Hash b24585da00106046376b14d503a5984b5ce1a0be6bbcc5f3a0d2288ca9b35d5f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 22513 date Mon, 09 Dec 2024 01:18:55 GMT last-modified Tue, 29 Oct 2024 20:45:52 GMT server LiteSpeed
GET H2	200	sa20gb3.js Show response end-year.gift-out.buzz/	121 B 231 B	30ms 27ms	Script application/javascript	66.45.232.107 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://end-year.gift-out.buzz/sa20gb3.js Requested by Host: end-year.gift-out.buzz URL: https://end-year.gift-out.buzz/40GB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.45.232.107 , United States, ASN19318 (IS-AS-1, US), Reverse DNS webhosting2044.is.cc Software LiteSpeed / Resource Hash 8ef37950c178feedb71c7d43dad96b3d9102ad8c6ab7f2db3e21eae06c0db9c6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://end-year.gift-out.buzz/40GB Response headers cache-control public, max-age=604800 expires Mon, 16 Dec 2024 01:18:55 GMT accept-ranges bytes content-length 121 date Mon, 09 Dec 2024 01:18:55 GMT content-type application/javascript last-modified Tue, 29 Oct 2024 20:44:35 GMT server LiteSpeed
GET H2	200	css2 fonts.googleapis.com/	2 KB 879 B	120ms 47ms	Stylesheet text/css	2607:f8b0:4004:c1f::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap Requested by Host: end-year.gift-out.buzz URL: https://end-year.gift-out.buzz/40GB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1f::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://end-year.gift-out.buzz/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 09 Dec 2024 01:18:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 09 Dec 2024 01:18:55 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Mon, 09 Dec 2024 00:42:04 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	droidarabicnaskh.css fonts.googleapis.com/earlyaccess/	1 KB 383 B	121ms 48ms	Stylesheet text/css	2607:f8b0:4004:c1f::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/earlyaccess/droidarabicnaskh.css Requested by Host: end-year.gift-out.buzz URL: https://end-year.gift-out.buzz/40GB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1f::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://end-year.gift-out.buzz/ Response headers cache-control private, max-age=86400 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups content-encoding gzip cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Mon, 09 Dec 2024 01:18:55 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 09 Dec 2024 01:18:55 GMT x-xss-protection 0 content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site server ESF x-frame-options SAMEORIGIN
GET		tom6.jpg i.postimg.cc/SK4DQGPn/	0 0
GET		a.jpg i.postimg.cc/DypK8gyK/	0 0
GET		b.jpg i.postimg.cc/NfjcsVt4/	0 0
GET		c.jpg i.postimg.cc/J7q8W8f0/	0 0
GET		CD96B478-3804-4AA0-8845-4DD4691724FE.jpeg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEGIU4I3FLr4U7evWh2xwsKgDuSf5xtd-LviUuEAU6VuJLHmlYd-YvnHZNEeH5eycNdess4bsr3oCveTapvvcBBFQbO84DSY62sejy6oV4oOjNgltFcB8PEu4lir31S_FDh5LJTMK_4osj7Kz-...	0 0
GET		twwr.jpg 1.bp.blogspot.com/-pxi_cz3OrcQ/YKKeJ7ijV8I/AAAAAAAAB3M/tEdGiB-Gh4gpnHk84_PtsFKeYZUvh-04wCLcBGAsYHQ/s225/	0 0
GET		jGUvgw.jpg imagizer.imageshack.com/img923/8602/	0 0
GET		ettte.jpg 1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/	0 0
GET		jquery-latest.min.js code.jquery.com/	0 0
GET		online_i.js widget.supercounters.com/ssl/	0 0
GET H2	200	go.php Show response end-year.gift-out.buzz/	645 B 529 B	102ms 101ms	Document text/html	66.45.232.107 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://end-year.gift-out.buzz/go.php Requested by Host: end-year.gift-out.buzz URL: https://end-year.gift-out.buzz/sa20gb3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.45.232.107 , United States, ASN19318 (IS-AS-1, US), Reverse DNS webhosting2044.is.cc Software LiteSpeed / Resource Hash 137f6073073669e6593b7542a945d1273b3193bb2c6be38efb55fab8754fd3f3 Request headers Referer https://end-year.gift-out.buzz/40GB Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers content-encoding br content-length 457 content-type text/html; charset=UTF-8 date Mon, 09 Dec 2024 01:18:55 GMT server LiteSpeed vary Accept-Encoding
GET		hm.js hm.baidu.com/	0 0
GET H2	200	408950 Show response shukri.mwikace.com/api/direct/	608 B 836 B	179ms 27ms	Document text/html	206.72.205.7 IS-AS-1
General Check archive.org Show headers Download Go to Full URL https://shukri.mwikace.com/api/direct/408950?s1=%subid1%&kw= Requested by Host: end-year.gift-out.buzz URL: https://end-year.gift-out.buzz/go.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 206.72.205.7 , United States, ASN19318 (IS-AS-1, US), Reverse DNS rkinfocom.host Software LiteSpeed / Resource Hash 34e1b377bc3833f091f2e7597daeb43e105fdffb181f6b2ee0a9ebacb2114454 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 608 date Mon, 09 Dec 2024 01:18:56 GMT last-modified Thu, 25 Apr 2024 00:05:50 GMT server LiteSpeed
GET		hm.js hm.baidu.com/	0 0
GET H2	200	/ oga.njerezi.xyz/	2 KB 1 KB	442ms 90ms	Document text/html	2607:f8b0:4004:c19::79 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://oga.njerezi.xyz/ Requested by Host: shukri.mwikace.com URL: https://shukri.mwikace.com/api/direct/408950?s1=%subid1%&kw= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c19::79 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers cache-control private, max-age=0 content-encoding gzip content-length 1185 content-type text/html; charset=UTF-8 date Mon, 09 Dec 2024 01:18:56 GMT etag W/"880becc5953fbffa662c60ae44610596cefcec9a028c627e302937c6d5fc8ed8" expires Mon, 09 Dec 2024 01:18:56 GMT last-modified Fri, 01 Nov 2024 10:42:09 GMT server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	FGV.png blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrX9rbzFNFbqQEaIu1RSECU2quiT3J_TPOkujBLpqA_FHOYC14Z_BHJAxZ6qnjwcf1_tWxvumxbZ5t4HB5Y_grlcewhL8T246sGzBpFRD3bsBBGGuHZ80SGNmHap-PimJEM9wlhsq1V5Q/s800/	15 KB 16 KB	368ms 240ms	Image image/png	2607:f8b0:4004:c1d::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrX9rbzFNFbqQEaIu1RSECU2quiT3J_TPOkujBLpqA_FHOYC14Z_BHJAxZ6qnjwcf1_tWxvumxbZ5t4HB5Y_grlcewhL8T246sGzBpFRD3bsBBGGuHZ80SGNmHap-PimJEM9wlhsq1V5Q/s800/FGV.png Requested by Host: oga.njerezi.xyz URL: https://oga.njerezi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://oga.njerezi.xyz/ Response headers access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform etag "v95f" x-content-type-options nosniff expires Tue, 10 Dec 2024 01:18:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15808 date Mon, 09 Dec 2024 01:18:56 GMT x-xss-protection 0 content-type image/png vary Origin server fife content-disposition inline;filename="FGV.png"
GET H2	200	3334278262-classic.css www.blogger.com/static/v1/v-css/navbar/	871 B 849 B	160ms 31ms	Stylesheet text/css	2607:f8b0:4004:c09::bf GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/static/v1/v-css/navbar/3334278262-classic.css Requested by Host: oga.njerezi.xyz URL: https://oga.njerezi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::bf Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://oga.njerezi.xyz/ Response headers content-encoding gzip age 297926 report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 14:33:30 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 14:33:30 GMT last-modified Thu, 05 Dec 2024 04:54:32 GMT content-type text/css vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" content-length 404 x-xss-protection 0 server sffe
GET H2	200	platform.js apis.google.com/js/	63 KB 24 KB	103ms 34ms	Script text/javascript	2607:f8b0:4004:c19::65 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/platform.js Requested by Host: oga.njerezi.xyz URL: https://oga.njerezi.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c19::65 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://oga.njerezi.xyz/ Response headers content-encoding gzip etag "27a62a450d9bd00c" report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} x-content-type-options nosniff expires Mon, 09 Dec 2024 01:18:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 09 Dec 2024 01:18:56 GMT content-type text/javascript vary Accept-Encoding content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team cache-control private, max-age=1800, stale-while-revalidate=1800 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="gapi-team" cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 24187 x-xss-protection 0 server sffe
GET H2	200	Primary Request 5636064 Show response lidsaich.net/4/	37 KB 17 KB	484ms 214ms	Document text/html	139.45.197.244 RETN-AS RETN Limited
General Check archive.org Show headers Download Go to Full URL https://lidsaich.net/4/5636064 Requested by Host: oga.njerezi.xyz URL: https://oga.njerezi.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB), Reverse DNS Software nginx / Resource Hash d8fd52121be4f70f7d538854a1a6789bf9a39a016d82e8d5f9be1cf9eee41a7d Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://oga.njerezi.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 86400 cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 content-encoding gzip content-type text/html; charset=utf8 date Mon, 09 Dec 2024 01:18:56 GMT expires Tue, 11 Jan 1994 10:00:00 GMT pragma no-cache server nginx strict-transport-security max-age=1 timing-allow-origin * * x-content-type-options nosniff
GET H3	200	img.gif my.rtmark.net/	43 B 875 B	201ms 125ms	Image image/gif	172.67.169.157 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://my.rtmark.net/img.gif?f=merge&userId=00812d3f812b4710eeb98734703e44fd&z=5636064&p_rid=4950d212-1f8b-45ae-9ab3-e73282fd4e61&p_src=sf Requested by Host: lidsaich.net URL: https://lidsaich.net/4/5636064 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.169.157 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lidsaich.net/ Response headers access-control-expose-headers Authorization cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IfWh8L0sbRjSyIfpg1VQyk%2BGijz6wOEiBBXvGhFbwemuAdLSXv1iqvu%2FdQ2waaM88zjO7%2BOyKR1mMqa7izeii%2BBVq2foNN1zn4ndTN2tyusv2ro2ONzhtZEoWcB3RdRt"}],"group":"cf-nel","max_age":604800} access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=26035&min_rtt=22810&rtt_var=9854&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4119&recv_bytes=4517&delivery_rate=587&cwnd=12000&unsent_bytes=0&cid=44527866e3a6ecdd&ts=132&x=1", cfExtPri, cfHdrFlush;dur=0 date Mon, 09 Dec 2024 01:18:57 GMT content-type image/gif priority u=1,i access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token strict-transport-security max-age=1 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} timing-allow-origin *, * access-control-allow-credentials true cf-ray 8ef12a07c891aac5-YYZ access-control-allow-origin * content-length 43 server cloudflare
GET H2	200	sftouch lidsaich.net/	43 B 652 B	107ms 107ms	Image image/gif	139.45.197.244 RETN-AS RETN Limited
General Check archive.org Show headers Download Go to Show image Full URL https://lidsaich.net/sftouch?userId=00812d3f812b4710eeb98734703e44fd&z=5636064&p_rid=4950d212-1f8b-45ae-9ab3-e73282fd4e61&p_src=sf&branchId=0&rb=BJD88imT7bltdR8OTSvzlLeMEfTpze2Pox3w9AqrutgEcQEvJa_btuhy3vijESQF6Y4yWWvAwSQAQxY6-tLylh2TLHVjYvSlg4PtULD9bhdBh29CjpwvccAJQ7J58nH7woGCsj2BbW4geUbFzS-vBTzNapa38pRoJEoEFe4X03BA9KZs1IbJY325y7ChjslmqR7j5xiIc6uNLXaeK5dKuXy12x3nDr6pm286ar4my-T-tIaVSjPv-C9dRWUDY5lEbsNdWp41aJ5w7Y__VeD9br5qpI0EutzvqwlA3lVE0MaKxUndI_whhzj2I0o9qUWwUZhxUqu11lFWM0DhyQNX0sUGmztJ_sDV&clksf=1&w_img=1 Requested by Host: lidsaich.net URL: https://lidsaich.net/4/5636064 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB), Reverse DNS Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lidsaich.net/4/5636064 Response headers access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS x-content-type-options nosniff expires Tue, 11 Jan 1994 10:00:00 GMT date Mon, 09 Dec 2024 01:18:57 GMT content-type image/gif access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon strict-transport-security max-age=1 cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin *, * accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version pragma no-cache access-control-allow-credentials true x-trace-id c4c3565ec85c734796a77b541159a28e access-control-allow-origin * content-length 43 server nginx
GET DATA	200 OK	truncated /	570 B 570 B		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 00639e0f6194f54c324335dbd6d3630e12f9478f2a65195d475f469b2b90bd22 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
POST H2	200	add Show response lidsaich.net/log/	12 B 382 B	108ms 106ms	XHR application/json	139.45.197.244 RETN-AS RETN Limited
General Check archive.org Show headers Download Go to Full URL https://lidsaich.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=4950d212-1f8b-45ae-9ab3-e73282fd4e61 Requested by Host: lidsaich.net URL: https://lidsaich.net/4/5636064 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB), Reverse DNS Software nginx / Resource Hash 587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://lidsaich.net/4/5636064 Response headers strict-transport-security max-age=1 timing-allow-origin * access-control-allow-credentials true access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE x-content-type-options nosniff access-control-allow-origin https://lidsaich.net content-length 12 date Mon, 09 Dec 2024 01:18:57 GMT content-type application/json; charset=utf-8 server nginx access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
POST H2	200	add Show response lidsaich.net/async_log/	0 336 B	107ms 105ms	XHR text/plain	139.45.197.244 RETN-AS RETN Limited
General Check archive.org Show headers Download Go to Full URL https://lidsaich.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=4950d212-1f8b-45ae-9ab3-e73282fd4e61 Requested by Host: lidsaich.net URL: https://lidsaich.net/4/5636064 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://lidsaich.net/4/5636064 Response headers strict-transport-security max-age=1 timing-allow-origin * access-control-allow-credentials true access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE x-content-type-options nosniff access-control-allow-origin https://lidsaich.net content-length 0 date Mon, 09 Dec 2024 01:18:57 GMT server nginx access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
GET H2	204	favicon.ico lidsaich.net/	0 150 B	106ms 105ms	Other text/plain	139.45.197.244 RETN-AS RETN Limited
General Check archive.org Show headers Download Go to Full URL https://lidsaich.net/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lidsaich.net/4/5636064 Response headers expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000, public, must-revalidate, proxy-revalidate date Mon, 09 Dec 2024 01:18:57 GMT pragma public server nginx
GET H2	204	favicon.ico lidsaich.net/	0 0	74ms 74ms	Other text/plain	139.45.197.244 RETN-AS RETN Limited
General Check archive.org Show headers Download Go to Full URL https://lidsaich.net/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lidsaich.net/afu.php?zoneid=5636064&var=5636064&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&cs=1&is_mobile=false Response headers expires Thu, 31 Dec 2037 23:55:55 GMT cache-control max-age=315360000, public, must-revalidate, proxy-revalidate date Mon, 09 Dec 2024 01:18:57 GMT pragma public server nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

i.postimg.cc

URL

https://i.postimg.cc/SK4DQGPn/tom6.jpg

Domain

i.postimg.cc

URL

https://i.postimg.cc/DypK8gyK/a.jpg

Domain

i.postimg.cc

URL

https://i.postimg.cc/NfjcsVt4/b.jpg

Domain

i.postimg.cc

URL

https://i.postimg.cc/J7q8W8f0/c.jpg

Domain

blogger.googleusercontent.com

URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEGIU4I3FLr4U7evWh2xwsKgDuSf5xtd-LviUuEAU6VuJLHmlYd-YvnHZNEeH5eycNdess4bsr3oCveTapvvcBBFQbO84DSY62sejy6oV4oOjNgltFcB8PEu4lir31S_FDh5LJTMK_4osj7Kz-5AbTbJAfvD7sYgTSnLZcbiPIxxj6t_UdTW0XKt-6cnqn/s320/CD96B478-3804-4AA0-8845-4DD4691724FE.jpeg

Domain

1.bp.blogspot.com

URL

https://1.bp.blogspot.com/-pxi_cz3OrcQ/YKKeJ7ijV8I/AAAAAAAAB3M/tEdGiB-Gh4gpnHk84_PtsFKeYZUvh-04wCLcBGAsYHQ/s225/twwr.jpg

Domain

imagizer.imageshack.com

URL

https://imagizer.imageshack.com/img923/8602/jGUvgw.jpg

Domain

1.bp.blogspot.com

URL

https://1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/ettte.jpg

Domain

code.jquery.com

URL

https://code.jquery.com/jquery-latest.min.js

Domain

widget.supercounters.com

URL

https://widget.supercounters.com/ssl/online_i.js

Domain

hm.baidu.com

URL

https://hm.baidu.com/hm.js?96203ca5188c89396572f4c329976446

Domain

hm.baidu.com

URL

https://hm.baidu.com/hm.js?96203ca5188c89396572f4c329976446

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| onLazyPixel object| _nvksp5rgq function| nvksp5rgq boolean| lazyPixelLoaded

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			my.rtmark.net/	1970-01-21 10:20:43	Name: ID Value: 00812d3f812b4710eeb98734703e44fd

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://lidsaich.net/4/5636064 Message: [GroupMarkerNotSet(crbug.com/242999)!:A060CF0174340000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://lidsaich.net/afu.php?zoneid=5636064&var=5636064&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&cs=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A000CF0174340000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
apis.google.com
blogger.googleusercontent.com
code.jquery.com
end-year.gift-out.buzz
fonts.googleapis.com
hm.baidu.com
i.postimg.cc
imagizer.imageshack.com
lidsaich.net
my.rtmark.net
oga.njerezi.xyz
shukri.mwikace.com
widget.supercounters.com
www.blogger.com
1.bp.blogspot.com
blogger.googleusercontent.com
code.jquery.com
hm.baidu.com
i.postimg.cc
imagizer.imageshack.com
widget.supercounters.com
139.45.197.244
172.67.169.157
206.72.205.7
2607:f8b0:4004:c09::bf
2607:f8b0:4004:c19::65
2607:f8b0:4004:c19::79
2607:f8b0:4004:c1d::84
2607:f8b0:4004:c1f::5f
66.45.232.107
00639e0f6194f54c324335dbd6d3630e12f9478f2a65195d475f469b2b90bd22
137f6073073669e6593b7542a945d1273b3193bb2c6be38efb55fab8754fd3f3
34e1b377bc3833f091f2e7597daeb43e105fdffb181f6b2ee0a9ebacb2114454
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
8ef37950c178feedb71c7d43dad96b3d9102ad8c6ab7f2db3e21eae06c0db9c6
b24585da00106046376b14d503a5984b5ce1a0be6bbcc5f3a0d2288ca9b35d5f
d8fd52121be4f70f7d538854a1a6789bf9a39a016d82e8d5f9be1cf9eee41a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855