urlscan.io logo urlscan.io
SecurityTrails logo

maskedbamboo.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://images.google.com/url?q=https%3A%2F%2F41%40wimarmanous.blogspot.com&sa=D&sntz=1&usg=AOvVaw2J9jnDv_A9FaA4PxmsmohH#a...
Effective URL: https://maskedbamboo.com/?s1=win&s3=sp_sor
Submission: On October 25 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 14 domains to perform 27 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is maskedbamboo.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.
This is the only time maskedbamboo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
images.google.com
2    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
wimarmanous.blogspot.com
2    2a00:1450:4001:831::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
5    46.150.12.119 (Kharkiv, Ukraine)

ASN47513 (SKYLINE-UA-AS ISP Skyline, UA)
PTR: ririerd.tk
hankumar.verymad.net
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
9    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
restachat.com
maskedbamboo.com
2    178.63.199.193 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178-63-199-193.clients.your-server.de
gmyze.com
1    2606:4700:3037::ac43:d471 (United States)

ASN13335 (CLOUDFLARENET, US)
giantgiraffes.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
svntrk.com
2    45.130.41.50 (None, )

ASN- ()
hello-site.ru
1    185.88.181.4 (None, )

ASN- ()
www.xvideos.com
1    2a03:2880:f177:185:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
Apex Domain
Subdomains		 Transfer
7 maskedbamboo.com
maskedbamboo.com
275 KB
5 verymad.net
hankumar.verymad.net
55 KB
2 hello-site.ru
hello-site.ru
132 B
2 gmyze.com
gmyze.com
1 KB
2 restachat.com
restachat.com
2 KB
2 blogger.com
www.blogger.com — Cisco Umbrella Rank: 9861
164 KB
2 blogspot.com
wimarmanous.blogspot.com
5 KB
1 facebook.com
www.facebook.com
2 KB
1 xvideos.com
www.xvideos.com
1 svntrk.com
svntrk.com — Cisco Umbrella Rank: 521017
513 B
1 giantgiraffes.com
giantgiraffes.com
487 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 405
30 KB
1 google.com
images.google.com — Cisco Umbrella Rank: 46488
accounts.google.com Failed
1 KB
0 pornhub.com Failed
de.pornhub.com Failed
27 14
Domain Requested by
7 maskedbamboo.com restachat.com
maskedbamboo.com
5 hankumar.verymad.net wimarmanous.blogspot.com
hankumar.verymad.net
ajax.googleapis.com
2 hello-site.ru 1 redirects maskedbamboo.com
2 gmyze.com hankumar.verymad.net
2 restachat.com 1 redirects hankumar.verymad.net
2 www.blogger.com wimarmanous.blogspot.com
2 wimarmanous.blogspot.com images.google.com
wimarmanous.blogspot.com
1 www.facebook.com maskedbamboo.com
1 www.xvideos.com maskedbamboo.com
1 svntrk.com maskedbamboo.com
1 giantgiraffes.com 1 redirects
1 ajax.googleapis.com hankumar.verymad.net
1 images.google.com
0 accounts.google.com Failed
0 de.pornhub.com Failed
27 15

This site contains no links.

Subject Issuer Validity Valid
*.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
restachat.com
E1		 2023-10-02 -
2023-12-31		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-26		 a year crt.sh
*.xvideos.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-02-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2023-11-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://maskedbamboo.com/?s1=win&s3=sp_sor
Frame ID: E6F2FA5A22E0B35A3CA5D77E794F8942
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Peek, what she is up to

Page URL History Show full URLs

  1. https://images.google.com/url?q=https%3A%2F%2F41%40wimarmanous.blogspot.com&sa=D&sntz=1&usg=AOvVaw2J9j... Page URL
  2. https://wimarmanous.blogspot.com/ Page URL
  3. http://hankumar.verymad.net/cucurbit/398127516/hylophagous/danburite/1698211551/uncivility Page URL
  4. https://restachat.com/x/MQUA?prid=tc398127516_30919529&usid=469&email=tsvi22@hotmail.com Page URL
  5. https://restachat.com/go/VDTfCWU4xFQ HTTP 302
    https://giantgiraffes.com/rtc?s1=sp_sor&email=tsvi22@hotmail.com&s3=1329&s5=&s2=VDTfCWU4xFQ&s4=4034123... HTTP 302
    https://maskedbamboo.com/?s1=win&s3=sp_sor Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

63 %
HTTPS

67 %
IPv6

14
Domains

15
Subdomains

12
IPs

3
Countries

536 kB
Transfer

743 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://images.google.com/url?q=https%3A%2F%2F41%40wimarmanous.blogspot.com&sa=D&sntz=1&usg=AOvVaw2J9jnDv_A9FaA4PxmsmohH Page URL
  2. https://wimarmanous.blogspot.com/ Page URL
  3. http://hankumar.verymad.net/cucurbit/398127516/hylophagous/danburite/1698211551/uncivility Page URL
  4. https://restachat.com/x/MQUA?prid=tc398127516_30919529&usid=469&email=tsvi22@hotmail.com Page URL
  5. https://restachat.com/go/VDTfCWU4xFQ HTTP 302
    https://giantgiraffes.com/rtc?s1=sp_sor&email=tsvi22@hotmail.com&s3=1329&s5=&s2=VDTfCWU4xFQ&s4=4034123914796226093&trx_s=5c12957b6330b120e39e5e7e7e07fe22461db068c&sdx=1&src=api&lbcid=6d108c45-094c-488e-874b-563e2394da4c-7-1023&lb=1 HTTP 302
    https://maskedbamboo.com/?s1=win&s3=sp_sor Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://hello-site.ru//main/images/preloads/rings.svg HTTP 301
  • https://hello-site.ru/main/images/preloads/rings.svg/
Request Chain 23
  • https://pornhub.com/video/manage?o=mr&t=pr2 HTTP 301
  • https://www.pornhub.com/video/manage?o=mr&t=pr2 HTTP 302
  • https://de.pornhub.com/video/manage?o=mr&t=pr2
Request Chain 24
  • https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP 302
  • https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
url
images.google.com/ 		361 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://images.google.com/url?q=https%3A%2F%2F41%40wimarmanous.blogspot.com&sa=D&sntz=1&usg=AOvVaw2J9jnDv_A9FaA4PxmsmohH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
0dad3d2716666b2d4c90ea2c0c38c3c31392d62f212970422a423f0b2cbbcfd0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
361
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 07:31:29 GMT
expires
Wed, 25 Oct 2023 07:31:29 GMT
location
https://41@wimarmanous.blogspot.com
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
server
gws
x-xss-protection
0
/
wimarmanous.blogspot.com/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://41@wimarmanous.blogspot.com/
Requested by
Host: images.google.com
URL: https://images.google.com/url?q=https%3A%2F%2F41%40wimarmanous.blogspot.com&sa=D&sntz=1&usg=AOvVaw2J9jnDv_A9FaA4PxmsmohH#aHR0cDovL2hhbmt1bWFyLnZlcnltYWQubmV0L2N1Y3VyYml0LzM5ODEyNzUxNi9oeWxvcGhhZ291cy9kYW5idXJpdGUvMTY5ODIxMTU1MS91bmNpdmlsaXR5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6547b3078bb2664fadde8617ade7e5a5f94c5335f82ba15c5a9694f2fb3dcf2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://images.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
2821
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 07:31:29 GMT
etag
W/"0bef58a9685fad1a444a86663ad913653db4abe76192381897ce384e65d3d067"
expires
Wed, 25 Oct 2023 07:31:29 GMT
last-modified
Wed, 11 Oct 2023 14:40:00 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Requested by
Host: wimarmanous.blogspot.com
URL: https://41@wimarmanous.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wimarmanous.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
479125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6620
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 00:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 18 Oct 2024 18:26:05 GMT
cookienotice.js
wimarmanous.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://41@wimarmanous.blogspot.com/js/cookienotice.js
Requested by
Host: wimarmanous.blogspot.com
URL: https://41@wimarmanous.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wimarmanous.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 07:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2026
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 06:55:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Wed, 01 Nov 2023 07:31:30 GMT
4222370799-widgets.js
www.blogger.com/static/v1/widgets/ 		157 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/4222370799-widgets.js
Requested by
Host: wimarmanous.blogspot.com
URL: https://41@wimarmanous.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wimarmanous.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 02:16:19 GMT
x-content-type-options
nosniff
age
191711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
160588
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 01:50:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 22 Oct 2024 02:16:19 GMT
uncivility
hankumar.verymad.net/cucurbit/398127516/hylophagous/danburite/1698211551/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hankumar.verymad.net/cucurbit/398127516/hylophagous/danburite/1698211551/uncivility
Requested by
Host: wimarmanous.blogspot.com
URL: https://41@wimarmanous.blogspot.com/
Protocol
HTTP/1.1
Server
46.150.12.119 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
ririerd.tk
Software
nginx /
Resource Hash
200bdde06d77371dcb885d570d1f2fd81a2711a8e21ee3706663cc877826d198

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 25 Oct 2023 07:31:51 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: hankumar.verymad.net
URL: http://hankumar.verymad.net/cucurbit/398127516/hylophagous/danburite/1698211551/uncivility
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 23:02:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
462566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 23:02:05 GMT
778473882.917110104.2217194139.519065708
hankumar.verymad.net/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hankumar.verymad.net/778473882.917110104.2217194139.519065708
Requested by
Host: hankumar.verymad.net
URL: http://hankumar.verymad.net/cucurbit/398127516/hylophagous/danburite/1698211551/uncivility
Protocol
HTTP/1.1
Server
46.150.12.119 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
ririerd.tk
Software
nginx /
Resource Hash
8effef18a817c22d929eb3955cd32d2ffb4859b8d7035c8e2f4ade2bb41e77f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 07:31:51 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
14742
Expires
0
uncivility&p=a
hankumar.verymad.net/cucurbit/398127516/hylophagous/danburite/1698211551/ 		88 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://hankumar.verymad.net/cucurbit/398127516/hylophagous/danburite/1698211551/uncivility&p=a
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
HTTP/1.1
Server
46.150.12.119 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
ririerd.tk
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 07:31:51 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
hWMD0=
hankumar.verymad.net/M1k4em1MSCs1dE1YOWk4ZF/c5VUh5Vy8yS3Nx/NmgxMDU/1N09vdGE4Yl/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hankumar.verymad.net/M1k4em1MSCs1dE1YOWk4ZF/c5VUh5Vy8yS3Nx/NmgxMDU/1N09vdGE4Yl/hWMD0=
Requested by
Host: hankumar.verymad.net
URL: http://hankumar.verymad.net/cucurbit/398127516/hylophagous/danburite/1698211551/uncivility
Protocol
HTTP/1.1
Server
46.150.12.119 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
ririerd.tk
Software
nginx /
Resource Hash
667fb3374e9c1c677dd86bfee7541d0c7bf588ad9a482ee5974cf91e55b76d65

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 07:31:51 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
MQUA
restachat.com/x/ 		482 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://restachat.com/x/MQUA?prid=tc398127516_30919529&usid=469&email=tsvi22@hotmail.com
Requested by
Host: hankumar.verymad.net
URL: http://hankumar.verymad.net/cucurbit/398127516/hylophagous/danburite/1698211551/uncivility
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81b8c2abaf339040-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 07:31:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K195xNXQ6MGSsY6jV7f0NfVKpYsBcG5pIRJKGCEr2H1T3XIyDZFu4ha3BsEsqUQF6xyomEcLn82DHCEBane4U6ESD8Iyz6poHIKG6IvWB4PlFLKvQQxh6bt36%2BWe3UESHscBft2pFtJEdFic"}],"group":"cf-nel","max_age":604800}
server
cloudflare
pl.php
gmyze.com/1.1/resources/ 		76 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
http://gmyze.com/1.1/resources/pl.php?name=__ax&6870
Requested by
Host: hankumar.verymad.net
URL: http://hankumar.verymad.net/M1k4em1MSCs1dE1YOWk4ZF/c5VUh5Vy8yS3Nx/NmgxMDU/1N09vdGE4Yl/hWMD0=
Protocol
HTTP/1.1
Server
178.63.199.193 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178-63-199-193.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 07:31:32 GMT
Content-Encoding
none
Server
nginx
Transfer-Encoding
chunked
Vary
Origin
P3P
CP="CAO PSA OUR"
Content-Type
application/javascript
Access-Control-Allow-Methods
GET
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
If-None-Match,Cookie,Content-Type,Accept,Origin,User-Agent,Cache-Control,Keep-Alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
uncivility&p=ax&trcd=snk398127516_1698211551
hankumar.verymad.net/cucurbit/398127516/hylophagous/danburite/1698211551/ 		2 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://hankumar.verymad.net/cucurbit/398127516/hylophagous/danburite/1698211551/uncivility&p=ax&trcd=snk398127516_1698211551
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
HTTP/1.1
Server
46.150.12.119 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
ririerd.tk
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 25 Oct 2023 07:31:52 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
pl.php
gmyze.com/1.1/resources/ 		149 B
818 B 		Script
General
Check archive.org
Download Go to
Full URL
http://gmyze.com/1.1/resources/pl.php?name=__ax&value=fKri1HBj6vx4uOnIkVRj4
Requested by
Host: hankumar.verymad.net
URL: http://hankumar.verymad.net/M1k4em1MSCs1dE1YOWk4ZF/c5VUh5Vy8yS3Nx/NmgxMDU/1N09vdGE4Yl/hWMD0=
Protocol
HTTP/1.1
Server
178.63.199.193 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178-63-199-193.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 07:31:32 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin
P3P
CP="CAO PSA OUR"
Content-Type
application/javascript
Access-Control-Allow-Methods
GET
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
If-None-Match,Cookie,Content-Type,Accept,Origin,User-Agent,Cache-Control,Keep-Alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Primary Request /
maskedbamboo.com/
Redirect Chain
  • https://restachat.com/go/VDTfCWU4xFQ
  • https://giantgiraffes.com/rtc?s1=sp_sor&email=tsvi22@hotmail.com&s3=1329&s5=&s2=VDTfCWU4xFQ&s4=4034123914796226093&trx_s=5c12957b6330b120e39e5e7e7e07fe22461db068c&sdx=1&src=api&lbcid=6d108c45-094c-...
  • https://maskedbamboo.com/?s1=win&s3=sp_sor
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://maskedbamboo.com/?s1=win&s3=sp_sor
Requested by
Host: restachat.com
URL: https://restachat.com/x/MQUA?prid=tc398127516_30919529&usid=469&email=tsvi22@hotmail.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ebe1c7276634cedbaadc285584086e35f8a3d714419086b2ba6da928aa68e70

Request headers

Referer
https://restachat.com/mblp/9AQA?usid=lp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
81b8c2b8a8ac3677-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 07:31:34 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUHqySRmZL%2FRatw6sj0dvJIgi18IGuNqE491LdnrbpxkR7bzqX2BEzDwvA%2BzlqOE8jVRgq97%2BEAEARQJxUAdQ8QiuCHSFU4nTxGqEiO%2BYRDlI4oK8uGnRdRL0Fh2S1A6YekRnZylblQ7c8z9ehZb"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
81b8c2b67c429171-FRA
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 07:31:33 GMT
location
https://maskedbamboo.com?s1=win&s3=sp_sor
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2bQcprEuHJAUQNr2D%2FK8gnOfHzmqx7gppk3BTg%2FvTRuLxh1F927PSycZ0xniq10pb9T0OooWLYmW8J8qI9JQ6tscBURsX75iNos83ht2wuuk12cG71emZjyVpFtwbJN87twCnOlUZ%2B69HCNs1q9ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
win_6538c45624307.js
svntrk.com/assets/ 		0
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://svntrk.com/assets/win_6538c45624307.js
Requested by
Host: maskedbamboo.com
URL: https://maskedbamboo.com/?s1=win&s3=sp_sor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 07:31:34 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwcyGldsa1rvpUPpO4EYP6Rp%2BKwG3dRRdjKsp2fxL8FEZ8XEcbBsXrOa98t9%2B4U%2FW9xjPnb5H6sesTPFdx0eX1kiQPVo4%2BBMD4QJhH4skeM2R1SM164NAeB%2FL46VhnFWBpryYf4suy5w"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, private
cf-ray
81b8c2bb99c29b82-FRA
alt-svc
h3=":443"; ma=86400
fp.v3.646d4b3deea4287def3fdfc18906bcc7.js
maskedbamboo.com/scripts/ 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maskedbamboo.com/scripts/fp.v3.646d4b3deea4287def3fdfc18906bcc7.js
Requested by
Host: maskedbamboo.com
URL: https://maskedbamboo.com/?s1=win&s3=sp_sor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 07:31:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 14:11:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1154
etag
W/"64f88891-9ca8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TD5yn%2FKbgQ0omeJPWnbjmiGeWRHvsWbgdUwOL7KB59eegwbuGUibpJDmRLRm4Lqi4RY7OxP%2FGegTma0aps3AK56ZTzrQfjorq2wCXWlWhkn8kYFwtVbijtJxWPHkxCkFD0KRap2BqV7Dl8F3lB6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
81b8c2bb6bd63677-FRA
alt-svc
h3=":443"; ma=86400
vendor.8706243f0e7dd679d06425b814013446.css
maskedbamboo.com/landings/24/fonts/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maskedbamboo.com/landings/24/fonts/vendor.8706243f0e7dd679d06425b814013446.css
Requested by
Host: maskedbamboo.com
URL: https://maskedbamboo.com/?s1=win&s3=sp_sor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e33eaf3fa2cd0e53987964277824ea022689ac607850c33032978e26fff1fcb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 07:31:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 14:11:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6132
etag
W/"64f888ac-2dd4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7w3ZynGkuMKMBgqzMMQ0aYFQ7noSpVv2CW01JbhKuNBFq21hgk5Uo1j7DsXPezi7Y9hKSQkVpkqnZRezZiKStPALxd%2FIpNGfs7IR3CfJu1iYH0bdZ9kGlYF8Vq5CjsTpaXwYAD9tdjq7TgwnyyFW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
81b8c2bb6bd33677-FRA
alt-svc
h3=":443"; ma=86400
vendor.1ad8b0fcfdc82f9f8cc23547ed19837f.js
maskedbamboo.com/landings/24/js/ 		150 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maskedbamboo.com/landings/24/js/vendor.1ad8b0fcfdc82f9f8cc23547ed19837f.js
Requested by
Host: maskedbamboo.com
URL: https://maskedbamboo.com/?s1=win&s3=sp_sor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dd21c04e696ea0f3d4c3bfc2b4aee933fadec33adc10e9229a1b4123d486443

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 07:31:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 14:11:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6132
etag
W/"64f8888e-25695"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGqDNvPgNMFHDiRQZTC9vfs1WfztA%2Fr5w0LQVVZKNuR4m8cL1TENbNY9%2Bh8F3VOxjUuqxoY8lPr%2B7qUpn7mFf48fyGFTQ32Dm3Imigwag0ajTEBh3Q6FUV0oYFxYOSBlqTpegD3vx2Tc%2BPUQgnk6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
81b8c2bb6bd73677-FRA
alt-svc
h3=":443"; ma=86400
pusher.js
maskedbamboo.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maskedbamboo.com/pusher.js
Requested by
Host: maskedbamboo.com
URL: https://maskedbamboo.com/?s1=win&s3=sp_sor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b4f7b80463e6e9325f08ed8e82c5452bf980ebf076a6a2636397454f2acc19

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 07:31:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 14:11:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64f888af-965"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5lAUYeaBo6aK7l9nloJEKs6XzTCjizh6Oo1%2B7HXvyJJ14C%2BiIg1%2B03fDUCwpmPTds5BKzO1tqPl2%2FM%2F1ONAQWmEI0lVFfysJwHOoK0h4%2BNT70lDKWWRuTpMdsi7H33Y0l24pJrjae%2B9UEex4Fui"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
81b8c2bb6bd93677-FRA
alt-svc
h3=":443"; ma=86400
/
hello-site.ru/main/images/preloads/rings.svg/
Redirect Chain
  • https://hello-site.ru//main/images/preloads/rings.svg
  • https://hello-site.ru/main/images/preloads/rings.svg/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hello-site.ru/main/images/preloads/rings.svg/
Requested by
Host: maskedbamboo.com
URL: https://maskedbamboo.com/landings/24/fonts/vendor.8706243f0e7dd679d06425b814013446.css
Protocol
H2
Server
45.130.41.50 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://maskedbamboo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Redirect headers

location
https://hello-site.ru/main/images/preloads/rings.svg/
date
Wed, 25 Oct 2023 07:31:35 GMT
server
nginx-reuseport/1.21.1
content-length
338
content-type
text/html; charset=iso-8859-1
main-bg.jpeg
maskedbamboo.com/landings/24/img/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maskedbamboo.com/landings/24/img/main-bg.jpeg
Requested by
Host: maskedbamboo.com
URL: https://maskedbamboo.com/landings/24/fonts/vendor.8706243f0e7dd679d06425b814013446.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7548086affb7796b32312e3a664f9a73aafe28b8619241995db3bae4abc3a9a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://maskedbamboo.com/landings/24/fonts/vendor.8706243f0e7dd679d06425b814013446.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 07:31:35 GMT
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 14:11:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64f888ac-2d02f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPUFhYiRisxJbpjoxooeLqW8ZpClH7rzowuDJMdRC5Ps4NO6iG8RFPzbY0dOKcpwPVMweHS3uC11cmjXjqoV3nM3Vn4Uv2DTXbDH9YlBXMd7zqcGKlTE5H9PHehajk2QmsHr8jALsJhoFhMeWNTX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81b8c2bdde0e30f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
184367
revue.woff
maskedbamboo.com/landings/24/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maskedbamboo.com/landings/24/fonts/revue.woff
Requested by
Host: maskedbamboo.com
URL: https://maskedbamboo.com/landings/24/fonts/vendor.8706243f0e7dd679d06425b814013446.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf6f66179369acc829e1f41f6ca307a2549d1fbd1f01730f02cc6d90f88a2aee

Request headers

Referer
https://maskedbamboo.com/landings/24/fonts/vendor.8706243f0e7dd679d06425b814013446.css
Origin
https://maskedbamboo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 07:31:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Sep 2023 14:11:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64f888ac-36e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6K%2FYvwVSmDP9LIUlPpxmu6fBTB0UtlDZ2t60bDflNbpPGE%2BOlaDZxoLbqXis6ZeJng0%2BVIa%2FfTGFpoYivRiPPRppuUNZGYjghUPn4AY8VBd7edE2%2BM5CnHN9H3vHecrMEqhnNyJCVc5Q4sFW51R"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
81b8c2bdde1130f9-FRA
alt-svc
h3=":443"; ma=86400
mk_1123
www.xvideos.com/favorite/90902157/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xvideos.com/favorite/90902157/mk_1123
Requested by
Host: maskedbamboo.com
URL: https://maskedbamboo.com/landings/24/js/vendor.1ad8b0fcfdc82f9f8cc23547ed19837f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.88.181.4 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
manage
de.pornhub.com/video/
Redirect Chain
  • https://pornhub.com/video/manage?o=mr&t=pr2
  • https://www.pornhub.com/video/manage?o=mr&t=pr2
  • https://de.pornhub.com/video/manage?o=mr&t=pr2
0
0
ServiceLogin
accounts.google.com/
Redirect Chain
  • https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
  • https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
0
0
like.php
www.facebook.com/v14.0/plugins/ 		67 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/v14.0/plugins/like.php
Requested by
Host: maskedbamboo.com
URL: https://maskedbamboo.com/?s1=win&s3=sp_sor
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-debug
OihqzLQWdygMjtXA/dAMHBSHodU2yZmWV1EUh7eWiKpxtg7/saPYa6rIGbb5SiMEseynPZs+94nZEnSJ9yK7/Q==
x-content-type-options
nosniff
date
Wed, 25 Oct 2023 07:31:35 GMT
cross-origin-opener-policy
same-origin-allow-popups
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/png
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
67
x-xss-protection
0
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
expires
Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
de.pornhub.com
URL
https://de.pornhub.com/video/manage?o=mr&t=pr2
Domain
accounts.google.com
URL
https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FingerprintJS function| getScreenInfo function| getUserAgent function| getLanguages function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| picassoCanvas function| picasso function| getVideoCardInfo function| deviceOrientationHandler string| thirdParty string| r string| vl object| fpPromise undefined| ss undefined| redirectURL function| fadeOutnojquery function| openPopup function| clickButton function| nextStep function| getTimezone function| $ function| jQuery object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin string| ce boolean| sf

12 Cookies

Domain/Path Name / Value
.google.com/ Name: AEC
Value: Ackid1SDKVljabHdV9QqtXvEha4BdPT2kw4Z4JW0VYJWTWfv5qcLvq92YvA
.google.com/ Name: __Secure-ENID
Value: 15.SE=EvqD6MStby9jG2NyFDFHwGm7tEmwvuC1CP1CkIMk3CTH33GurQEjUaBQcmVI2zwvdLW6sEzJy_EwVJgNA-xI2xHeXcfWHQ2L3mqEz20m-m6_vM6uyPCDv092pLHpSY_hic_zV1OEVcrCsKJsnDquBmTmVV4et-bfEEggrFY1uvw
.google.com/ Name: CONSENT
Value: PENDING+588
.hankumar.verymad.net/ Name: __ax
Value: fKri1HBj6vx4uOnIkVRj4
restachat.com/ Name: trbarid
Value: ea07fbaa0a8363a34ac1e0c02fb64245dde715b071b90af4bd11c7a8ff01f622a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A2923860191734187092%3B%7D
.restachat.com/ Name: tbar_uc1
Value: 262e7c44cd3f2d653829e56045faa5daaa2bbd0d8ce9b500e9c043ae90fa08e4a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22tbar_uc1%22%3Bi%3A1%3Bs%3A24%3A%22dHN2aTIyQGhvdG1haWwuY29t%22%3B%7D
.restachat.com/ Name: __cf_bm
Value: 3.bf9krbabAhxvqk7hgR5tQz66X_c4Xb8E3CUJugQbc-1698219093-0-ARfiOlGC3MkO0t6XTGHVadefy7hWY+68T9ybMKhuJz2SUjLjkpscBQM7l68UNC8M1Vbmsd2N0AFwdovxFMWSmDk=
giantgiraffes.com/ Name: SRVNAME
Value: s7
maskedbamboo.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InJ6RDBmRk4rRGQxdVJqVzNIZkRrcEE9PSIsInZhbHVlIjoiM1dpdnNsMWtiQ1BCTFQrbUg1dUI5a1JJSHJiNEl0THF0ZDIrMmVoWHB0dEhZZndzT04xQ0lJYS9JVmYyc0RvRiIsIm1hYyI6ImZmY2U2NzI1ZmVmNjQ3ZDYwMTk3N2U4NmJmN2ZkOWQ4NDUwMDg4YTBiODg2YzVhNmI5ZTJhZjgzNjYxMDY0NTAifQ%3D%3D
maskedbamboo.com/ Name: laravel_session
Value: eyJpdiI6IlQvRm1MSGJYbGxjOEJ4a2hrL1Q5dnc9PSIsInZhbHVlIjoiZi9OcVByL2F4SVZBT1JtQ2kwMy93Y2s5VWpXRjJ1dFJ4ci8vYkZ3c0VxbG53eTAzRHdIQURGNEpEdGFYT3grWiIsIm1hYyI6ImQ0N2UwNWExM2QxNmEzNTkzYWVlNDNiOGU0NDE2YWMwMmY0MjA4YmEwODkwZmZmZDA5MDdmYmM2YjNhMDJlM2MifQ%3D%3D
maskedbamboo.com/ Name: SRVNAME
Value: w1
svntrk.com/ Name: svnimp
Value: 6538c456924c8

4 Console Messages

Source Level URL
Text
security warning URL: https://maskedbamboo.com/?s1=win&s3=sp_sor(Line 143)
Message:
Mixed Content: The page at 'https://maskedbamboo.com/?s1=win&s3=sp_sor' was loaded over HTTPS, but requested an insecure element 'http://hello-site.ru//main/images/preloads/rings.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other error URL: https://maskedbamboo.com/?s1=win&s3=sp_sor
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network error URL: https://hello-site.ru/main/images/preloads/rings.svg/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.xvideos.com/favorite/90902157/mk_1123
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
de.pornhub.com
giantgiraffes.com
gmyze.com
hankumar.verymad.net
hello-site.ru
images.google.com
maskedbamboo.com
restachat.com
svntrk.com
wimarmanous.blogspot.com
www.blogger.com
www.facebook.com
www.xvideos.com
accounts.google.com
de.pornhub.com
178.63.199.193
185.88.181.4
2606:4700:3037::ac43:d471
2a00:1450:4001:827::2001
2a00:1450:4001:827::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2009
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
45.130.41.50
46.150.12.119
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0dad3d2716666b2d4c90ea2c0c38c3c31392d62f212970422a423f0b2cbbcfd0
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
200bdde06d77371dcb885d570d1f2fd81a2711a8e21ee3706663cc877826d198
2dd21c04e696ea0f3d4c3bfc2b4aee933fadec33adc10e9229a1b4123d486443
6547b3078bb2664fadde8617ade7e5a5f94c5335f82ba15c5a9694f2fb3dcf2a
667fb3374e9c1c677dd86bfee7541d0c7bf588ad9a482ee5974cf91e55b76d65
7548086affb7796b32312e3a664f9a73aafe28b8619241995db3bae4abc3a9a5
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8effef18a817c22d929eb3955cd32d2ffb4859b8d7035c8e2f4ade2bb41e77f6
9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c
9ebe1c7276634cedbaadc285584086e35f8a3d714419086b2ba6da928aa68e70
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
cf6f66179369acc829e1f41f6ca307a2549d1fbd1f01730f02cc6d90f88a2aee
e33eaf3fa2cd0e53987964277824ea022689ac607850c33032978e26fff1fcb8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b4f7b80463e6e9325f08ed8e82c5452bf980ebf076a6a2636397454f2acc19