d6b.dev Open in urlscan Pro
199.188.201.73  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request vollet-battant-bois-sans-echarpes-k.html Show response d6b.dev/	109 KB 38 KB	1162ms 654ms	Document text/html	199.188.201.73 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.73 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server275-1.web-hosting.com Software LiteSpeed / PHP/7.2.34 Resource Hash d3b73b3eec612223a6ee29e05c78cb27169457b10304dd9893d8ab236a20fe49 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers cache-control no-cache, must-revalidate, max-age=0 content-encoding br content-type text/html; charset=UTF-8 date Sat, 21 May 2022 14:36:39 GMT expires Wed, 11 Jan 1984 05:00:00 GMT link <https://d6b.dev/wp-json/>; rel="https://api.w.org/" server LiteSpeed vary Accept-Encoding x-powered-by PHP/7.2.34 x-turbo-charged-by LiteSpeed
GET H2	200	style.min.css d6b.dev/wp-includes/css/dist/block-library/	77 KB 10 KB	466ms 466ms	Stylesheet text/css	199.188.201.73 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://d6b.dev/wp-includes/css/dist/block-library/style.min.css?ver=5.9 Requested by Host: d6b.dev URL: https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.73 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server275-1.web-hosting.com Software LiteSpeed / Resource Hash 7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 May 2022 14:36:39 GMT content-encoding br last-modified Wed, 26 Jan 2022 00:49:23 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 10331 expires Sat, 28 May 2022 14:36:39 GMT
GET H2	200	wp-emoji-release.min.js Show response d6b.dev/wp-includes/js/	18 KB 5 KB	454ms 454ms	Script application/javascript	199.188.201.73 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://d6b.dev/wp-includes/js/wp-emoji-release.min.js?ver=5.9 Requested by Host: d6b.dev URL: https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.73 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server275-1.web-hosting.com Software LiteSpeed / Resource Hash def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 May 2022 14:36:39 GMT content-encoding br last-modified Wed, 21 Jul 2021 00:14:29 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 4539 expires Sat, 28 May 2022 14:36:39 GMT
GET H2	200	style.css d6b.dev/wp-content/themes/twentytwenty/	118 KB 21 KB	477ms 477ms	Stylesheet text/css	199.188.201.73 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://d6b.dev/wp-content/themes/twentytwenty/style.css?ver=1.8 Requested by Host: d6b.dev URL: https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.73 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server275-1.web-hosting.com Software LiteSpeed / Resource Hash f2236f75d55db393b15d818dec5ce0a3ca74306b96e645b9ff61277f648d6c20 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 May 2022 14:36:39 GMT content-encoding br last-modified Mon, 06 Sep 2021 10:37:36 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 21531 expires Sat, 28 May 2022 14:36:39 GMT
GET H2	200	print.css d6b.dev/wp-content/themes/twentytwenty/	3 KB 1 KB	406ms 405ms	Stylesheet text/css	199.188.201.73 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://d6b.dev/wp-content/themes/twentytwenty/print.css?ver=1.8 Requested by Host: d6b.dev URL: https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.73 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server275-1.web-hosting.com Software LiteSpeed / Resource Hash 3a6e534ba6c925e8646018b5b7133e0e42fa33c8d67bd104e7b0f2521bcdf595 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 May 2022 14:36:40 GMT content-encoding br last-modified Mon, 06 Sep 2021 10:37:36 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 891 expires Sat, 28 May 2022 14:36:40 GMT
GET H2	200	index.js Show response d6b.dev/wp-content/themes/twentytwenty/assets/js/	25 KB 7 KB	241ms 241ms	Script application/javascript	199.188.201.73 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://d6b.dev/wp-content/themes/twentytwenty/assets/js/index.js?ver=1.8 Requested by Host: d6b.dev URL: https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.73 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server275-1.web-hosting.com Software LiteSpeed / Resource Hash 46b35ed348cb3d9618b6ca80a7ce6e594729e03acde5f3dc6befc56074811e9a Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 May 2022 14:36:40 GMT content-encoding br last-modified Mon, 06 Sep 2021 10:37:36 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 6562 expires Sat, 28 May 2022 14:36:40 GMT
GET H2	200	/ Show response d26adrx9c3n0mq.cloudfront.net/	306 KB 98 KB	520ms 284ms	Script text/plain	13.224.194.223 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d26adrx9c3n0mq.cloudfront.net/?xrdad=937126 Requested by Host: d6b.dev URL: https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.194.223 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-223.fra2.r.cloudfront.net Software / Resource Hash b6f664cf0726ba9f1b6e1b13528edb7c1d255b5eea546e130a1caf6f1befccbf Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 21 May 2022 14:36:40 GMT content-encoding gzip x-amz-cf-pop FRA2-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 99961 via 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront) x-amz-cf-id ue4CUKToFwgeD-N8z90_lmbzgZqXpX8rzAbYHJUC3Qo4GDB702uvjA==
GET H2	200	cropped-itsthe_oricl3-me.png d6b.dev/wp-content/uploads/2020/08/	80 KB 80 KB	241ms 240ms	Image image/png	199.188.201.73 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://d6b.dev/wp-content/uploads/2020/08/cropped-itsthe_oricl3-me.png Requested by Host: d6b.dev URL: https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.73 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server275-1.web-hosting.com Software LiteSpeed / Resource Hash 2f972f018a6f56e1a9c8e06fef22ea1291e143c07255041c0c7f90db677e37f1 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 May 2022 14:36:40 GMT last-modified Thu, 27 Aug 2020 08:20:32 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 81790 expires Sat, 28 May 2022 14:36:40 GMT
GET H2	200	asd100.bin Show response freychang.fun/	100 KB 100 KB	498ms 279ms	Fetch binary/octet-stream	104.21.45.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/asd100.bin Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=937126 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 May 2022 14:36:40 GMT access-control-allow-methods GET cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sat, 21 May 2022 12:21:41 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVAxCCZM9B57RhNNOYQKRmd4B1mGjCU6d4gWw%2B7TaSnZx5urtmxUFYEkF5aDP%2FDLse5ZnDdBNwZECBHe81P5%2BAUDsoA%2BvL6kqzijjE0SX7MTdTqCRbU1AAvenI%2B8hugd"}],"group":"cf-nel","max_age":604800} content-type binary/octet-stream access-control-allow-origin https://d6b.dev cache-control max-age=14400 access-control-allow-credentials true cf-ray 70ee0bb1cd2b202c-AMS access-control-allow-headers X-Requested-With, content-type
GET H2	200	/ Show response freychang.fun/	26 B 700 B	421ms 203ms	Fetch text/plain	104.21.45.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/ Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=937126 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ec7dd8e43d45c25533b3876bb2d9be60798bbddd2ed3553b1acaa489f6faba5 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 May 2022 14:36:40 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://d6b.dev report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afD9KaNvpLyK1IkdByvUK5ZZ5EQveMe6p2J%2FyEr227D9BpigPAhpjj%2Fd4bXpbUXpmUIr6kguwLfax1KeSCvgsGDaT25Pch3D8nrmYpDINLQGsTVNhJXstlvRC%2Bfyz4ov"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 70ee0bb1cd2c202c-AMS access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx Show response audiosech.xyz/	0 484 B	439ms 201ms	XHR text/plain	65.9.63.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audiosech.xyz/utx?cb=xBSRhfs0n2ac&top=d6b.dev&tid=937126 Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=937126 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-101.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 21 May 2022 14:36:40 GMT via 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA56-C1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://d6b.dev cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id 04BXaJxYDL7yCwl4V-oozDU7k57Ds7Wy7qy9U2T2w-ClFlWQ72N1Hg==
GET H2	200	asd100.bin Show response freychang.fun/	100 KB 100 KB	473ms 281ms	Fetch binary/octet-stream	104.21.45.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/asd100.bin Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=937126 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 May 2022 14:36:40 GMT access-control-allow-methods GET cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sat, 21 May 2022 12:21:41 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9q%2BwK3hd59hSCaLN537w3bPI7Zyh0%2B6Udmr%2FvIreRXBgnoDZAfNMwVp%2Fz7QrtN3Y3H9msAQDDwLeXz30kLZrViyNQaPQE3N7Q9IqRmRFu1Z9HZrYTmlDBeCinFtlj%2FH"}],"group":"cf-nel","max_age":604800} content-type binary/octet-stream access-control-allow-origin https://d6b.dev cache-control max-age=14400 access-control-allow-credentials true cf-ray 70ee0bb1cd2d202c-AMS access-control-allow-headers X-Requested-With, content-type
GET H2	200	/ Show response freychang.fun/	26 B 359 B	400ms 208ms	Fetch text/plain	104.21.45.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/ Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=937126 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b6bb6bf53a1d7b1029419c9384806ba5a5862ba5cffee21c2c6bf6224df2b2c Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 May 2022 14:36:40 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://d6b.dev report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhYHWnn0Y1%2B1B7ygqHfAt6UpdkGXw1npQ8sO%2Bv5fUTXVgxBkY94r8uG0JdXfEeyX7uf2fJDtkQZbJ9f91iXUkCxx%2FV2FgE0tCPakm4kiQxP2woac1RHyIS8N%2BXl5zHAx"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 70ee0bb1cd2e202c-AMS access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx Show response audiosech.xyz/	0 483 B	412ms 199ms	XHR text/plain	65.9.63.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audiosech.xyz/utx?cb=hSuzj9AOI1Ug&top=d6b.dev&tid=943147 Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=937126 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-101.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 21 May 2022 14:36:40 GMT via 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA56-C1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://d6b.dev cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id aBwxSloG0aMYb7e3sD5Q0W0YmzjxfuXyPEHsbIDEK53AINp-ib2D1Q==
GET H2	204	W0V+QzgDE3VUbhkDKRE9GUp5QyEEESdYbhxKeUt7Xll6U2ZaUT1YeUwDOAQvV0ZuFTweG3VUfl9EeVF7Ukd4VnxS ckgroundan.xyz/andIZUhFSCsWdQ8jBhIZASUGJ3gGQCwweCIkECN4PhA8IisENm4RIQ5KcVZ/	0 267 B	413ms 194ms	Image text/plain	188.114.96.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ckgroundan.xyz/andIZUhFSCsWdQ8jBhIZASUGJ3gGQCwweCIkECN4PhA8IisENm4RIQ5KcVZ/W0V+QzgDE3VUbhkDKRE9GUp5QyEEESdYbhxKeUt7Xll6U2ZaUT1YeUwDOAQvV0ZuFTweG3VUfl9EeVF7Ukd4VnxS Requested by Host: d6b.dev URL: https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 May 2022 14:36:40 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oy7kQQd%2FI6qx580yTTeMPMB6MR%2F7Jn4RM%2BWDCx0Xox59CYZ9%2B%2F3rt6LcxYiSkdO48t970Q6PFLfS%2BQz%2F0%2BGCQn19X6RJhxwelJwUx%2FFgaIJaAfOXv1SDhfc2VrAkcbX%2BEw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 70ee0bb229b0972d-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	login.php www.facebook.com/	0 0	433ms 209ms	Image text/html	157.240.236.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp Requested by Host: d6b.dev URL: https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-02-frx5.facebook.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	ServiceLogin accounts.google.com/	0 0	390ms 160ms	Image text/html	142.250.185.237 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail Requested by Host: d6b.dev URL: https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.237 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f13.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	ServiceLogin accounts.google.com/	0 0	605ms 375ms	Image text/html	142.250.185.237 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube Requested by Host: d6b.dev URL: https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.237 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f13.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	popunder.gif ckgroundan.xyz/	35 B 627 B	329ms 111ms	Image image/gif	188.114.96.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ckgroundan.xyz/popunder.gif Requested by Host: d6b.dev URL: https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Sat, 21 May 2022 14:36:40 GMT cf-cache-status HIT last-modified Wed, 18 May 2022 15:26:40 GMT server cloudflare age 256200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJKhOAXzB%2BahFLMWqeZWWo1zrDc6HUTS177DKw55zo6M%2BEFjfVKjLl%2F%2F4NwxAUbsmAYBiwKWRiBcbfkUlwDhVc1TNfcNr%2F3596MQNmCG1phF%2FtBGaWip0mnAkUMsfLxVfg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 70ee0bb229b2972d-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	cFAA ckgroundan.xyz/M0ZPQ2cceSwwWmcTenUyAxB2Jgx9KytwXgoSIidVVx4VCT1dF2k3Dld7dndUAnJ4ZRdaInJyQUAyLjcSQHt+ZQ5dICB+QUV7fm1UB2h9dUkDYDp+VhUyPyIADndpMxNHKnJyUQZ1fndUC3Z/	0 252 B	424ms 206ms	Image text/plain	188.114.96.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ckgroundan.xyz/M0ZPQ2cceSwwWmcTenUyAxB2Jgx9KytwXgoSIidVVx4VCT1dF2k3Dld7dndUAnJ4ZRdaInJyQUAyLjcSQHt+ZQ5dICB+QUV7fm1UB2h9dUkDYDp+VhUyPyIADndpMxNHKnJyUQZ1fndUC3Z/cFAA Requested by Host: d6b.dev URL: https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 May 2022 14:36:40 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MgFYsesLN4a0DRo58qJqzO%2B5M4bS9ZHR%2FB9ExmbSDh4WxC5JqMQ58C1I3eHTEbJjmdjRUfVQ%2F264JmoZL2A5ZowKdCLfZ1HjQ%2B3IZzDnksp1WlvM%2B0apKkZkuCyGn6zVA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 70ee0bb229b4972d-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	/ Show response d26adrx9c3n0mq.cloudfront.net/	47 B 443 B	460ms 250ms	Fetch	13.224.194.223 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d26adrx9c3n0mq.cloudfront.net/ Requested by Host: d6b.dev URL: https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.194.223 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-223.fra2.r.cloudfront.net Software / Resource Hash 0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d Request headers accept-language is-IS,is;q=0.9 Referer https://d6b.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 21 May 2022 14:36:40 GMT content-encoding gzip x-amz-cf-pop FRA2-C1 x-cache Miss from cloudfront access-control-allow-origin https://d6b.dev cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform access-control-allow-credentials true content-length 73 via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) x-amz-cf-id PN5sOEa1VnS55wL1znl5K5z5Y-9HuRCq1SUwjL94PESZU43-BI6ucQ==
GET H2	200	Inter-upright-var.woff2 d6b.dev/wp-content/themes/twentytwenty/assets/fonts/inter/	219 KB 219 KB	403ms 402ms	Font font/woff2	199.188.201.73 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://d6b.dev/wp-content/themes/twentytwenty/assets/fonts/inter/Inter-upright-var.woff2 Requested by Host: d6b.dev URL: https://d6b.dev/wp-content/themes/twentytwenty/style.css?ver=1.8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 199.188.201.73 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server275-1.web-hosting.com Software LiteSpeed / Resource Hash e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03 Request headers Referer https://d6b.dev/wp-content/themes/twentytwenty/style.css?ver=1.8 Origin https://d6b.dev accept-language is-IS,is;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 May 2022 14:36:40 GMT last-modified Mon, 06 Sep 2021 10:37:36 GMT server LiteSpeed content-type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 223892 expires Sat, 28 May 2022 14:36:40 GMT
GET DATA	200 OK	truncated /	808 B 808 B		Font application/font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0e82505b30144c1df925f9e2b41576a1126a9168e5a2d7f4913f6304763dcdc8 Request headers Referer Origin https://d6b.dev accept-language is-IS,is;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff2;charset=utf-8
GET H2	200	LjdvJhQpFngzMyALbFE8PycGIAouN28mFj4dfTAzMB9sIiwoIH0sKiJCdwcCFzRvJwlXK08xLw02cBgdTjN0IwwZIGMCCko0QTgeQyBnKRZNM10WGzYYDCwKECRYOA4RK30YP0gmcDsfMDZsKhACHkQFNA43czIrEjBdCgwgH3AXDD9LQThoHjNnOSwLIAUvHSAfc... Show response audiosech.xyz/WHpyNWE5GBFYXjlHEBMUKhZPEFMeX0BzBWpME1ETIEMRBg9oFwMbAjQVB1EHKhUcQU82HwYQUx4IE20zaitDeCofAhVZAxpKFnAPbQslXi8QGSVjMRAdJ0YxChY4czkBOT52LB0xCmwVHTwzBioJSzhnDA1fQHMiGhUgUw8NNzVdN31IMGwKYCw... Frame 4588	3 KB 2 KB	319ms 207ms	Document text/html	65.9.63.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audiosech.xyz/WHpyNWE5GBFYXjlHEBMUKhZPEFMeX0BzBWpME1ETIEMRBg9oFwMbAjQVB1EHKhUcQU82HwYQUx4IE20zaitDeCofAhVZAxpKFnAPbQslXi8QGSVjMRAdJ0YxChY4czkBOT52LB0xCmwVHTwzBioJSzhnDA1fQHMiGhUgUw8NNzVdN31IMGwKYCw3XCctIiR8IhUABXYyCjcafgZgOTRMUWs7IF0wFhA4YCYKEUd6Bg0jNAc7MDZCczg7SShXMx5OQnoGOys1YTA/LjdvJhQpFngzMyALbFE8PycGIAouN28mFj4dfTAzMB9sIiwoIH0sKiJCdwcCFzRvJwlXK08xLw02cBgdTjN0IwwZIGMCCko0QTgeQyBnKRZNM10WGzYYDCwKECRYOA4RK30YP0gmcDsfMDZsKhACHkQFNA43czIrEjBdCgwgH3AXDD9LQThoHjNnOSwLIAUvHSAfczsaAhFZLDAJFmBSHSwqcAUaGCV3Bw0dPBBTGiMVEwsrFRxFXDtPI3A2KhI3cQU Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=937126 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-101.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 108f723d35a8dc908105b7210a4497bcfb805db177bdbb816b7612ebeaef1821 Request headers Referer https://d6b.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1231 content-type text/html date Sat, 21 May 2022 14:36:40 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront) x-amz-cf-id UzgZAF2TldRl0AeDmQvwtoVzAMrcYvBA4zXfpC0ZpUKyyaSzmshzCA== x-amz-cf-pop FRA56-C1 x-cache Miss from cloudfront
GET H2	200	TzgIOnQFK1lld0IfEGoUFGsDOTYCIQw7YR5pWCl8EzVaLTYWK1o2Jl43UCx3Qh8BFWBJFW8fFCEYdg0RKDJWHx5BNWwaYwhvYB4LJhthPx40aXsLEyJtTBkBPSl8DBBADlszNiVqDQIdJRBjCwMEa2MdNhYdXA0WKBtgExghPVYZORsodBkfPw4HaAM1D0IdNhccc... Show response audiosech.xyz/WTVYUnA4Vzs/ Frame 1256	3 KB 2 KB	312ms 203ms	Document text/html	65.9.63.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audiosech.xyz/WTVYUnA4Vzs/TzgIOnQFK1lld0IfEGoUFGsDOTYCIQw7YR5pWCl8EzVaLTYWK1o2Jl43UCx3Qh8BFWBJFW8fFCEYdg0RKDJWHx5BNWwaYwhvYB4LJhthPx40aXsLEyJtTBkBPSl8DBBADlszNiVqDQIdJRBjCwMEa2MdNhYdXA0WKBtgExghPVYZORsodBkfPw4HaAM1D0IdNhcccQs1G2B3CWsoG0w8ETYffwsYFypXDzU9N3cNAzISbW0ZJQtvPDdALmIPNTUvdiAIMQpbNAc0aVETNyYLZBliNm5kDhgICls0BzY1Who0JhtwGRFBLGM0FDwObXVrPgt0HjQ7MWQKCgc2DRkDPgB3MmsyDAYOMxUfewgTNjVADj41O3cbHyEdc2EZFQpRHRMmYVscAwAOZjY+JRtZAR85GEERFBxoAholHBt0GwsyC3QdIhNoBAgTQB8QahQmaF4TAyghYgoTNj96GQc4DF1oOyEPe2kFHjFhDCUyA1cKFBMYUn44AzZbKG86I2ZqHhIcZB9nQiAHFCQC Requested by Host: d26adrx9c3n0mq.cloudfront.net URL: https://d26adrx9c3n0mq.cloudfront.net/?xrdad=937126 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-101.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 8d702aaaf887452b8805cbc03ee4eef0d61974b89417215eb4812f34cfdf8761 Request headers Referer https://d6b.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1241 content-type text/html date Sat, 21 May 2022 14:36:40 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront) x-amz-cf-id HeU9GZpP5fnpF6KixuO8IRtjP_dJHfd4HUoVfyklKSGP6T5s9ld5bw== x-amz-cf-pop FRA56-C1 x-cache Miss from cloudfront
GET H2	200	V1kKQXxWRAFfOAUHUh0iQVN1WnhTTwBZbRFcAg Show response d26adrx9c3n0mq.cloudfront.net/4M29LZGFQACUCXkcGL1lYB1x6UFYVBTgLD0NSAR4yASMpITB0WnkdU38ZOUIVSQt2VEdfDiUDXBUKJQdcAkkqAAMOW20QEVwEdgEDSgk9BQ9XBydCFFJSJgsbWgMnBUQBKX5KURZde0wWWgEvCxZASnlUD0dKeVRQA0F7QV... Frame 1256	788 B 819 B	260ms 260ms	Script text/plain	13.224.194.223 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d26adrx9c3n0mq.cloudfront.net/4M29LZGFQACUCXkcGL1lYB1x6UFYVBTgLD0NSAR4yASMpITB0WnkdU38ZOUIVSQt2VEdfDiUDXBUKJQdcAkkqAAMOW20QEVwEdgEDSgk9BQ9XBydCFFJSJgsbWgMnBUQBKX5KURZde0wWWgEvCxZASnlUD0dKeVRQA0F7QVJxSnlUFloBfVBEAC1uVlFLWX-9NRAFfKhQRXwo8AQNYBj9BU3VaeFNPAFluVlEbBCMQDF9KeSdEAV8nDQpWSnlUBlYMIAtIFl17BwlBACYBRAEpc11PA0F/V1kKQXxWRAFfOAUHUh0iQVN1WnhTTwBZbRFcAg Requested by Host: audiosech.xyz URL: https://audiosech.xyz/WTVYUnA4Vzs/TzgIOnQFK1lld0IfEGoUFGsDOTYCIQw7YR5pWCl8EzVaLTYWK1o2Jl43UCx3Qh8BFWBJFW8fFCEYdg0RKDJWHx5BNWwaYwhvYB4LJhthPx40aXsLEyJtTBkBPSl8DBBADlszNiVqDQIdJRBjCwMEa2MdNhYdXA0WKBtgExghPVYZORsodBkfPw4HaAM1D0IdNhcccQs1G2B3CWsoG0w8ETYffwsYFypXDzU9N3cNAzISbW0ZJQtvPDdALmIPNTUvdiAIMQpbNAc0aVETNyYLZBliNm5kDhgICls0BzY1Who0JhtwGRFBLGM0FDwObXVrPgt0HjQ7MWQKCgc2DRkDPgB3MmsyDAYOMxUfewgTNjVADj41O3cbHyEdc2EZFQpRHRMmYVscAwAOZjY+JRtZAR85GEERFBxoAholHBt0GwsyC3QdIhNoBAgTQB8QahQmaF4TAyghYgoTNj96GQc4DF1oOyEPe2kFHjFhDCUyA1cKFBMYUn44AzZbKG86I2ZqHhIcZB9nQiAHFCQC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.194.223 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-223.fra2.r.cloudfront.net Software / Resource Hash 3b289e3ddcaf7cf3a5d9977a43ed1ab723580c6e19c26a5a960776cd4140ddef Request headers accept-language is-IS,is;q=0.9 Referer https://audiosech.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 May 2022 14:36:41 GMT content-encoding gzip x-amz-cf-pop FRA2-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 544 via 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront) x-amz-cf-id WfedjvmFB5Irq0vj3RV6Tel6iXS59hjyOjgtiNDBDibr431ifgkkuA==
GET H2	200	CBoRfnUMGhV+Yk8VEiFuXVICMzwCSRMhKg8CFy03ARhQNjJUGRk5OgUYF2ZhL0FYc3ZbRF40OgcQGTQgTEZGLSdMRkZyY0dEU3ARTEZGNDoHQkJmYCtRRHMrX0BfZmFZFQ-YzPwwDEyE4AABTcRVcR0FtYF9RRHN7AhwCLj9MRjVmYVkYHyg2TEZGJDYKHxlqdltE... Show response d26adrx9c3n0mq.cloudfront.net/raXR2Q1MKGxglbB0dEn5qWkNHcWVPHgUsPRlJFXYCLCMEKxYtEFA3KQ1JRmU/ Frame 4588	742 B 797 B	260ms 260ms	Script text/plain	13.224.194.223 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d26adrx9c3n0mq.cloudfront.net/raXR2Q1MKGxglbB0dEn5qWkNHcWVPHgUsPRlJFXYCLCMEKxYtEFA3KQ1JRmU/CBoRfnUMGhV+Yk8VEiFuXVICMzwCSRMhKg8CFy03ARhQNjJUGRk5OgUYF2ZhL0FYc3ZbRF40OgcQGTQgTEZGLSdMRkZyY0dEU3ARTEZGNDoHQkJmYCtRRHMrX0BfZmFZFQ-YzPwwDEyE4AABTcRVcR0FtYF9RRHN7AhwCLj9MRjVmYVkYHyg2TEZGJDYKHxlqdltEFSshBhkTZmEvTE9tY0dARXtqR0NEZmFZBxclMhsdU3EVXEdBbWBfUgN+Yg Requested by Host: audiosech.xyz URL: https://audiosech.xyz/WHpyNWE5GBFYXjlHEBMUKhZPEFMeX0BzBWpME1ETIEMRBg9oFwMbAjQVB1EHKhUcQU82HwYQUx4IE20zaitDeCofAhVZAxpKFnAPbQslXi8QGSVjMRAdJ0YxChY4czkBOT52LB0xCmwVHTwzBioJSzhnDA1fQHMiGhUgUw8NNzVdN31IMGwKYCw3XCctIiR8IhUABXYyCjcafgZgOTRMUWs7IF0wFhA4YCYKEUd6Bg0jNAc7MDZCczg7SShXMx5OQnoGOys1YTA/LjdvJhQpFngzMyALbFE8PycGIAouN28mFj4dfTAzMB9sIiwoIH0sKiJCdwcCFzRvJwlXK08xLw02cBgdTjN0IwwZIGMCCko0QTgeQyBnKRZNM10WGzYYDCwKECRYOA4RK30YP0gmcDsfMDZsKhACHkQFNA43czIrEjBdCgwgH3AXDD9LQThoHjNnOSwLIAUvHSAfczsaAhFZLDAJFmBSHSwqcAUaGCV3Bw0dPBBTGiMVEwsrFRxFXDtPI3A2KhI3cQU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.194.223 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-223.fra2.r.cloudfront.net Software / Resource Hash 07e17b2bb587f03e290aeb0b7ff1305ab451262c8d948b790fbbf2eda915b1ad Request headers accept-language is-IS,is;q=0.9 Referer https://audiosech.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 21 May 2022 14:36:41 GMT content-encoding gzip x-amz-cf-pop FRA2-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 521 via 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront) x-amz-cf-id 4ZKEXh4Ak5YNxdaDqCOovprlqJgbcooG9OyFh51eXygvIl5P0iZz7Q==

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| _wpemojiSettings object| twemoji object| wp number| LAST_CORRECT_EVENT_TIME number| _1512957564 number| _1177696811 function| F5NN function| I833 boolean| DEBUG_MODE boolean| ENABLE_LOGS boolean| ENABLE_ONLINE_DEBUGGER boolean| SUPPORT_IE8 boolean| MOBILE_VERSION boolean| EXTERNAL_POLYFILL boolean| SEND_PIXELS boolean| IS_POP_COIN boolean| PIXEL_LOG_LEVEL_INFO boolean| PIXEL_LOG_LEVEL_DEBUG boolean| PIXEL_LOG_LEVEL_WARNING boolean| PIXEL_LOG_LEVEL_ERROR boolean| PIXEL_LOG_LEVEL_METRICS object| twentytwenty function| twentytwentyDomReady function| twentytwentyToggleAttribute function| twentytwentyMenuToggle function| twentytwentyFindParents boolean| fanfilnfjkdsabfhjdsbfkljsvmjhdfb number| iinf

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			freychang.fun/	1970-01-20 11:50:47	Name: csu Value: 531198758368194@1@1653143800

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d6b.dev/vollet-battant-bois-sans-echarpes-k.html Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
audiosech.xyz
ckgroundan.xyz
d26adrx9c3n0mq.cloudfront.net
d6b.dev
freychang.fun
www.facebook.com
104.21.45.207
13.224.194.223
142.250.185.237
157.240.236.35
188.114.96.10
199.188.201.73
65.9.63.101
07e17b2bb587f03e290aeb0b7ff1305ab451262c8d948b790fbbf2eda915b1ad
0e82505b30144c1df925f9e2b41576a1126a9168e5a2d7f4913f6304763dcdc8
0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d
108f723d35a8dc908105b7210a4497bcfb805db177bdbb816b7612ebeaef1821
2f972f018a6f56e1a9c8e06fef22ea1291e143c07255041c0c7f90db677e37f1
3a6e534ba6c925e8646018b5b7133e0e42fa33c8d67bd104e7b0f2521bcdf595
3b289e3ddcaf7cf3a5d9977a43ed1ab723580c6e19c26a5a960776cd4140ddef
3ec7dd8e43d45c25533b3876bb2d9be60798bbddd2ed3553b1acaa489f6faba5
46b35ed348cb3d9618b6ca80a7ce6e594729e03acde5f3dc6befc56074811e9a
5b6bb6bf53a1d7b1029419c9384806ba5a5862ba5cffee21c2c6bf6224df2b2c
7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d702aaaf887452b8805cbc03ee4eef0d61974b89417215eb4812f34cfdf8761
b6f664cf0726ba9f1b6e1b13528edb7c1d255b5eea546e130a1caf6f1befccbf
d3b73b3eec612223a6ee29e05c78cb27169457b10304dd9893d8ab236a20fe49
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2236f75d55db393b15d818dec5ce0a3ca74306b96e645b9ff61277f648d6c20
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16