urlscan.io logo urlscan.io
SecurityTrails logo

ci5zjlh.com Open in urlscan Pro
2606:4700::6812:ec2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hedie.cc/
Effective URL: https://ci5zjlh.com/download?&from=hedie.cc
Submission: On November 16 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 52 HTTP transactions. The main IP is 2606:4700::6812:ec2, located in United States and belongs to CLOUDFLARENET, US. The main domain is ci5zjlh.com.
TLS certificate: Issued by WE1 on November 3rd 2024. Valid for: 3 months.
This is the only time ci5zjlh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 2606:4700::68... 13335 (CLOUDFLAR...)
3 104.18.14.194 13335 (CLOUDFLAR...)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 2 104.18.95.41 13335 (CLOUDFLAR...)
14 104.18.15.194 13335 (CLOUDFLAR...)
6 104.18.26.31 13335 (CLOUDFLAR...)
52 7
23    2606:4700::6812:ec2 (United States)

ASN13335 (CLOUDFLARENET, US)
hedie.cc
ci5zjlh.com
3    104.18.14.194 (None, )

ASN13335 (CLOUDFLARENET, US)
hedie.cc
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
14    104.18.15.194 (None, )

ASN13335 (CLOUDFLARENET, US)
ci5zjlh.com
6    104.18.26.31 (None, )

ASN13335 (CLOUDFLARENET, US)
api.n-t-v-w.com
Apex Domain
Subdomains		 Transfer
21 ci5zjlh.com
ci5zjlh.com
905 KB
19 hedie.cc
hedie.cc
261 KB
6 n-t-v-w.com
api.n-t-v-w.com — Cisco Umbrella Rank: 242628
1 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
98 KB
52 4
Domain Requested by
21 ci5zjlh.com hedie.cc
ci5zjlh.com
19 hedie.cc hedie.cc
6 api.n-t-v-w.com ci5zjlh.com
2 challenges.cloudflare.com 1 redirects ci5zjlh.com
2 cdnjs.cloudflare.com ci5zjlh.com
cdnjs.cloudflare.com
52 5

This site contains no links.

Subject Issuer Validity Valid
hedie.cc
WE1		 2024-11-09 -
2025-02-07		 3 months crt.sh
ci5zjlh.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
n-t-v-w.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ci5zjlh.com/download?&from=hedie.cc
Frame ID: A07A6F7242D7507AAE044A80EFE87D12
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://hedie.cc/ Page URL
  2. https://ci5zjlh.com/download?&from=hedie.cc Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

52
Requests

92 %
HTTPS

17 %
IPv6

4
Domains

5
Subdomains

7
IPs

2
Countries

1265 kB
Transfer

4189 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hedie.cc/ Page URL
  2. https://ci5zjlh.com/download?&from=hedie.cc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
hedie.cc/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Nuxt
Resource Hash
322c578f400c38f758c655d513daff4edfa1695bb5a81c949bc2d0d910e808ee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8e3395c3bd232c4b-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Sat, 16 Nov 2024 01:07:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8vy5uctQcjZrTbzAvcuTFMZkqfCE3e2IxRNLbpYa9jv0ZgZyuh7Rl1TNmEbMAAoO5A%2FCNInbgPDV%2Bw8%2BPF0tJkT%2FIwj%2FC6a5D4%2BlA2b5pelPpCWNI2ySWuz%2FDVaViIvSW64RyHy1gA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=42401&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4021&recv_bytes=2305&delivery_rate=104476&cwnd=254&unsent_bytes=0&cid=7f44e18a2cf80177&ts=429&x=0"
vary
Accept-Encoding
x-powered-by
Nuxt
Cu0HX_AA.js
hedie.cc/_nuxt/ 		96 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/Cu0HX_AA.js
Requested by
Host: hedie.cc
URL: https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c318e6914f231dbdbc65dfadbce972eb471d1a6f1b6235750b88984ddcfdad0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"d4c4f32e8934c0d86765ba10d777675a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Af62LqOiSD1SwFpmbWIMXfZu9DtDyJ4HBKd4lj7G6jYhwNV49TsxH9OBzQcQLV60DJ0bXioDZ3%2BLAfKlYe39zioWgAhH3lePuoOxhijnzDoGI4zahrwx5UJkS6ffUnVBM4tb%2Fr47ww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c66e2a2c4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=40109&sent=65&recv=23&lost=0&retrans=0&sent_bytes=52521&recv_bytes=2966&delivery_rate=140299&cwnd=257&unsent_bytes=0&cid=7f44e18a2cf80177&ts=542&x=0"
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
YEsMPfrR-legacy.js
hedie.cc/_nuxt/ 		89 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/YEsMPfrR-legacy.js
Requested by
Host: hedie.cc
URL: https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06190daf3e538daeef217f28691ae6eddccf709cc513e43d8eff1013f0a18862
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"43743563a28103bcae897aac89c4dc0b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vLdhxb0KaqDrwPEjkRttsvFGqOtCJNgPS3gh1COw%2Fsqx6FBZATywm7%2F2fe7M7MdNLPuO9isx2uF9GnuIAWPPdRWKYNzq8zOwCy2L3K5fCZ6zW0%2BFmcAQeyyqn%2Bd2drA4DmAl4JPIVw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c66e2f2c4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=40109&sent=81&recv=23&lost=0&retrans=0&sent_bytes=70976&recv_bytes=2966&delivery_rate=140299&cwnd=257&unsent_bytes=32425&cid=7f44e18a2cf80177&ts=545&x=0"
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
BpHzTSm_-legacy.js
hedie.cc/_nuxt/ 		154 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/BpHzTSm_-legacy.js
Requested by
Host: hedie.cc
URL: https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c196f801ba1d18837279526b9f118930f94e8d8c2d54aa22321c92c9495d85a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"cd86f65c2a8137dd2269402bdd8e7a7d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZRryvuNoK76hIFOIC17rN2BNLae54BIA%2BK9WKN5ET4SjVWZVbgiaDk8ucXqLMRLQac2Z%2BpUCiStPXN85x6MYCzXQo3jTaS87vOEifSbpKKmL4MKEegyU%2F4lzjhDWo%2FpH9vsuCCid7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c66e322c4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=40109&sent=81&recv=23&lost=0&retrans=0&sent_bytes=70976&recv_bytes=2966&delivery_rate=140299&cwnd=257&unsent_bytes=32425&cid=7f44e18a2cf80177&ts=548&x=0"
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
aICu0AXk.js
hedie.cc/_nuxt/ 		158 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/aICu0AXk.js
Requested by
Host: hedie.cc
URL: https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed4f6dad41ae25e9ed007f23a32449ec63008235363e5cad680768a4e99b12ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"0efb6bcd72325523035fd3c025350f4d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wpxPYmmb49wVJ2F21%2Beo5lXmkz2HKnGSKB2oWfqovX%2F96gvfMbWaqI3Z2hmelS5c1jQ2fxGEQuFkKX2SQgjiB4%2Bvd8DhK3UzNPnqYxocsnH5CCDTrL9qnNZovRRwDiH3u241plsx4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c66e372c4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=40109&sent=14&recv=23&lost=0&retrans=0&sent_bytes=6848&recv_bytes=2966&delivery_rate=140299&cwnd=257&unsent_bytes=0&cid=7f44e18a2cf80177&ts=539&x=0"
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
GGfah0dn.js
hedie.cc/_nuxt/ 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/GGfah0dn.js
Requested by
Host: hedie.cc
URL: https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a18be61e193719c44ea1d26f8173df15d630a3e581b5b97231590283f06b55
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"32a4be07fb364257203ad81af7542c3c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xauyimnW%2B07zNzKEHp32MrDBnHbJcVuQmNqfFvaaoEDJDFszf2B%2FrxMjbxhTQO7CBqzVNjJajtK2n8XkKcxKIqsHCzQJ32QzKhG7O5JIpLHmBQQSHrV4PeSgmLeDrem6sY51ST9TKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c66e382c4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=40109&sent=81&recv=23&lost=0&retrans=0&sent_bytes=70976&recv_bytes=2966&delivery_rate=140299&cwnd=257&unsent_bytes=32425&cid=7f44e18a2cf80177&ts=544&x=0"
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
CMQg-MuX.js
hedie.cc/_nuxt/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/CMQg-MuX.js
Requested by
Host: hedie.cc
URL: https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7c8e0a60afd5191f348e1de02c091cd885b076875b581a8a6a8bf86b8726f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"965c5a65ddd194e1510fd4c3894b9813"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2BJ6YRqx2tnVw%2BTlezgPxgVdUeu4if7zgZ6Q8qCXpl6qOlWCOsM9m1VU2xwBWJ5wXCeHCPnjPOkqfsXBRbw4NyBszlTtlZnRsYvMr%2F3%2FAm89sLMXa%2BVy7uX5hOrXjce3EgHK%2BfAPmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c66e392c4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=40109&sent=42&recv=23&lost=0&retrans=0&sent_bytes=34434&recv_bytes=2966&delivery_rate=140299&cwnd=257&unsent_bytes=0&cid=7f44e18a2cf80177&ts=541&x=0"
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
Cj862xVT.js
hedie.cc/_nuxt/ 		384 B
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/Cj862xVT.js
Requested by
Host: hedie.cc
URL: https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15842fe1091a48fce474adc7a25380c2bd5326a9d5a5f5c789f8e9bcc023b947
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"46e0ad9d11e5e50d3c8c373d295a84b3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67L%2BjT%2FA6E6sDabSzzpwSfgYgk1mMZ8PnDMaH2xKxDy6joSjGTkp3qKdO84tZB%2FVu40mhhs6HTN%2BhCsIQwGctJKn5jxReekZmHD%2FWiWukcNsX9RXdJ9vYKxYPCaKQibp0t09vaYi2w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c66e3a2c4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=40109&sent=83&recv=31&lost=0&retrans=0&sent_bytes=70976&recv_bytes=3599&delivery_rate=140299&cwnd=257&unsent_bytes=32425&cid=7f44e18a2cf80177&ts=558&x=0"
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
B_Wqv3ta-legacy.js
hedie.cc/_nuxt/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/B_Wqv3ta-legacy.js
Requested by
Host: hedie.cc
URL: https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"110f248784c37700e96ac00c0a38f299"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HRUGkQjFmYwH8Xn7ig46lR3klvmM47LD1aloNssDpGE6qGpEGlOAuVnObZUXvL2yLdsqroOob5rk31rJKBBq6aeM5y%2BIBph666%2B6OFXM3V4dY7rWgiuNTzjP%2FtM5s0t5SGx9PEuZQg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c69e4d2c4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=40109&sent=83&recv=31&lost=0&retrans=0&sent_bytes=70976&recv_bytes=3599&delivery_rate=140299&cwnd=257&unsent_bytes=32425&cid=7f44e18a2cf80177&ts=566&x=0"
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
BFfI4Gjz-legacy.js
hedie.cc/_nuxt/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/BFfI4Gjz-legacy.js
Requested by
Host: hedie.cc
URL: https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"61fe9c0e130d333d955077fc9541d8b3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GpPsMv20WzCguDA5gbkps9emHiDjFpaUNWZA27uvB2oVNuYOSSRX1C9YpWnOYEr1yyoaORZqbAhE7G6rBavvGKL%2FJEqhEjezlKcGJeIdbqv%2F2JMztrrACveLXJZPzt4B0qFZrjzQpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c69e552c4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=40109&sent=83&recv=31&lost=0&retrans=0&sent_bytes=70976&recv_bytes=3599&delivery_rate=140299&cwnd=257&unsent_bytes=32425&cid=7f44e18a2cf80177&ts=574&x=0"
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
6igjDNGO-legacy.js
hedie.cc/_nuxt/ 		0
752 B 		Other
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/6igjDNGO-legacy.js
Requested by
Host: hedie.cc
URL: https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"fec42302af708ae628c1e1aeb479b787"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Alb%2BjBWGSbFBLUvVswLVZVkgNE5ukyXoJaUBuIN4%2FbSaXuEVezXtyitq7sDMb4O1b8SRk4nlbTn6l9DRQ9kJwyznsbJ61B4QTr1VlMtTJZS124J9IWpk8EykxVvsPLAgAW9t6u0F%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c69e572c4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=40109&sent=83&recv=31&lost=0&retrans=0&sent_bytes=70976&recv_bytes=3599&delivery_rate=140299&cwnd=257&unsent_bytes=32425&cid=7f44e18a2cf80177&ts=573&x=0"
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
BzIRJCKp-legacy.js
hedie.cc/_nuxt/ 		0
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/BzIRJCKp-legacy.js
Requested by
Host: hedie.cc
URL: https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"c70010cb0e49cb95d12da89b4dbe8d67"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jRiaOoiCJIQs1%2FCr7V95MG3DCgTvRKixvX%2FqvtswEO7%2FnT0W3m9KcdRmQDGpuBWLgnCaqGjRM94p5WNSUM9hckeP%2BYQr%2FuYgrsW8LP9dL0go6nlSbl3fd736L%2BA2sjZ0IEJqNVLTRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c69e582c4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=37742&sent=103&recv=46&lost=0&retrans=0&sent_bytes=95676&recv_bytes=3599&delivery_rate=881851&cwnd=257&unsent_bytes=32425&cid=7f44e18a2cf80177&ts=578&x=0"
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
DUbMBqg6-legacy.js
hedie.cc/_nuxt/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/DUbMBqg6-legacy.js
Requested by
Host: hedie.cc
URL: https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"d1851cc0d47d606bad6c18deb36f024c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rA6tgujzzO7NFpwxAgwqSnIZ6H75Ob1xr0r4SUl7DVPMI2B7xzglVK%2BDzUICY1nys4zgRoaTBAWMhUoHoIg7oM3PCuVRdyGabktqLzbrPHFvznp5yB%2Fi4ok7PbucIVILBeu1nE4m8g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c69e592c4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=40109&sent=83&recv=31&lost=0&retrans=0&sent_bytes=70976&recv_bytes=3599&delivery_rate=140299&cwnd=257&unsent_bytes=32425&cid=7f44e18a2cf80177&ts=573&x=0"
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
uso_ElAT-legacy.js
hedie.cc/_nuxt/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/uso_ElAT-legacy.js
Requested by
Host: hedie.cc
URL: https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"f9e91ff589e6ad8973be05fec6f6b176"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnygX9k%2FeqWeBXEkRXrYuqfE6pgE1O%2B4r9FG8LeI0X5p19Ac7%2Fux9%2BRLosc5Wh3hc7xidPLQT8ggsB%2BsMnd5wvG23DK7Z2rZ2lvzpWsVhz95O%2BBRu2MdjDf19llAjaeNkGa%2ByTI8Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c6ae5a2c4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=40109&sent=83&recv=31&lost=0&retrans=0&sent_bytes=70976&recv_bytes=3599&delivery_rate=140299&cwnd=257&unsent_bytes=32425&cid=7f44e18a2cf80177&ts=575&x=0"
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
7G5qPtoe.js
hedie.cc/_nuxt/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/7G5qPtoe.js
Requested by
Host: hedie.cc
URL: https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"0f129817c56731f9a45918be3c39a144"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F4XSzpqjzukLzfU3acL%2FGEELOIC1ePT8uAl8Fc%2BvcXJa0ppfP9uIN5XVwg1%2FaZbudXqRG2UNXNuh3HMX9oF4vLY44c6QJQU8OkmLxGRNSoPieqlcsaeXXSgy5kkab0f0I9frsLwKfA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c6ae5b2c4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=40109&sent=83&recv=31&lost=0&retrans=0&sent_bytes=70976&recv_bytes=3599&delivery_rate=140299&cwnd=257&unsent_bytes=32425&cid=7f44e18a2cf80177&ts=576&x=0"
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
DBwpRuPD.js
hedie.cc/_nuxt/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/DBwpRuPD.js
Requested by
Host: hedie.cc
URL: https://hedie.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"915da2f3d273ce4410ca512c13eb3c1d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ewyZwJz1qe1QzRJXOBz6KZKUEDmm4FcnowvL5c%2BXUgJx0SUgUTXGtwiJTR3SdiQxTMqWdq5Qyy5yiS%2BUWKlNia9OFE04LOtSIsOy09Mg14G%2BqKytv569InhnML5pcGdxbKd1OeuKvA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c6ae5d2c4b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=37742&sent=103&recv=46&lost=0&retrans=0&sent_bytes=95676&recv_bytes=3599&delivery_rate=881851&cwnd=257&unsent_bytes=32425&cid=7f44e18a2cf80177&ts=578&x=0"
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
index.DokOj3jQ.css
hedie.cc/_nuxt/ 		494 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/index.DokOj3jQ.css
Requested by
Host: hedie.cc
URL: https://hedie.cc/_nuxt/aICu0AXk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.14.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a3f23956c2a665cf8f8bf36d7b7dea28d04e3ceed26cdf8a3db8e56f8fb3ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hedie.cc
Referer
https://hedie.cc/

Response headers

content-encoding
br
etag
W/"92471d573f769267c7bbed4a3016bb5e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SkJeAckIUEakNF7cixHOQGIppSmFw7mSWE4Zxf6bc4dw64X0Mq%2BBxJD3Al%2FsrD7FG%2FAHIKvddGQsXzPkf00HSXOMHWzY0uxTM%2Bnv%2BS%2BaqChB806dcet3Ip6xLw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37591&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4226&recv_bytes=4546&delivery_rate=472&cwnd=12000&unsent_bytes=0&cid=bc75b272622fe47d&ts=213&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c76c84e523-TXL
access-control-allow-origin
*
server
cloudflare
d3ec52eb-952b-4a60-88b8-faf365e41df5.json
hedie.cc/_nuxt/builds/meta/ 		139 B
835 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/_nuxt/builds/meta/d3ec52eb-952b-4a60-88b8-faf365e41df5.json
Requested by
Host: hedie.cc
URL: https://hedie.cc/_nuxt/aICu0AXk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.14.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87961cdea86a01343641519b11b2a07be473a2e7002ef8b20d0a468dfcd0f32d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hedie.cc/

Response headers

content-encoding
br
etag
W/"4e57ec6d4afbf1b252abd9706dfffb79"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FiS8gpKh7zE8FzERSQ6Cr5dC9pmDvQMErTebOJwuFRBHGZGKLTeVkI1SMBeK3kltlpxdDy%2FJyg%2FoJthlYKlMTtXosq2jlu3gAhaGxCAif5nklW%2FuZkLqU4xq9w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37272&sent=18&recv=13&lost=0&retrans=0&sent_bytes=6791&recv_bytes=5487&delivery_rate=15959&cwnd=12000&unsent_bytes=0&cid=bc75b272622fe47d&ts=284&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=31536000, immutable, public, max-age=1, immutable, public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c80db0e523-TXL
access-control-allow-origin
*
server
cloudflare
favicon.ico
hedie.cc/ 		4 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hedie.cc/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.14.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1057b17aec08a7191d134000203947f195a8aa7c84c39f1164cee8d01279762a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hedie.cc/

Response headers

content-encoding
br
etag
W/"eb0ac4ca53d79290163968630addb1d5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AGo9N%2FVavj1DlaCrFAUy8zBuPHljLXtTsjIPqT%2FFfJAT0YXdad2DckMB1wzGwnrTbr7VjzSYZzVrKZDmKB9A8tl2sAslvsXOZ2CcBVn6DekcrYo1L5nvwwllrw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37272&sent=15&recv=13&lost=0&retrans=0&sent_bytes=5484&recv_bytes=5487&delivery_rate=15959&cwnd=12000&unsent_bytes=0&cid=bc75b272622fe47d&ts=283&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 01:07:36 GMT
content-type
image/vnd.microsoft.icon
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3395c80db2e523-TXL
access-control-allow-origin
*
server
cloudflare
Primary Request download
ci5zjlh.com/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/download?&from=hedie.cc
Requested by
Host: hedie.cc
URL: https://hedie.cc/_nuxt/aICu0AXk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f7ed18bfb2367f3d4d093f8a54112939d1c44f69a5170a7af655429264b4a7d

Request headers

Referer
https://hedie.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-ray
8e3395cf7acadc80-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 16 Nov 2024 01:07:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yfyvwQaFgLloX%2FDCEN0VobkjsHJvYsIHr8LNvoOQStviqv88lRmjz7fqoYzvPlXoEVcFRCHZxy6EvvdCBpzmUH4jwdURuI2QK74lqe5O2dY3wSGZWmR3Gz0CDy75a5EpwroICIKOofSMUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=37074&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4031&recv_bytes=2300&delivery_rate=105670&cwnd=254&unsent_bytes=0&cid=f08dcac57991b972&ts=222&x=0"
vary
Accept-Encoding
x-from
R2
x-r2-path
v43/index.html
x-version
v43
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=hedie.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-7918"
age
203965
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BEYlo%2B71e18Q19c61ZVnf%2FEwMZ5rqu1sJwFTs1JeSRMEbNWxF%2FqOiCDX8WbsdwS%2BxRPiBo7wjhAKS46ajSLbDP9VqzN6hHg3sVHybhzHcPsu96gyd06qdUTdrAIppSuQVXF8mUr9"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 01:07:37 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 01:07:37 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e3395d16b4c2c76-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5631
server
cloudflare
mini.js
ci5zjlh.com/ 		466 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/mini.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=hedie.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4c26210c0347a902e40b557af13bc633a8950292b1e787fb3dbf2c025b2874e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=hedie.cc

Response headers

x-version
v43
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EgKr62xH2onaGa%2BcG64SIbJddx53MdvP9oWVqjRn%2F%2B7476LGFnRyoBcX0JozWonpJ0cm4cuKrOTTYZqpQETN3Az4Ls8qv%2FTV%2Fb2u%2FdwJC4NnuFY5cSA9dkupvs8JlLXFHCOiZesjnxi2Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d0fc7bdc80-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=38681&sent=136&recv=27&lost=0&retrans=0&sent_bytes=135345&recv_bytes=2935&delivery_rate=2197549&cwnd=258&unsent_bytes=32425&cid=f08dcac57991b972&ts=472&x=0"
date
Sat, 16 Nov 2024 01:07:37 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v43/mini.js
server
cloudflare
api.js
challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js
47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=hedie.cc
Protocol
H3
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7595c3d2e94df7416308fa2ccf5ae8832137c76d2e9a8b02e6ed2cb2d92e2f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/

Response headers

server
cloudflare
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8e3395d3fb82e506-TXL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 16 Nov 2024 01:07:38 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 28 Oct 2024 19:08:47 GMT
vary
Accept-Encoding
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location
/turnstile/v0/b/22755d9a86c9/api.js
cross-origin-resource-policy
cross-origin
cf-ray
8e3395d3aa99e506-TXL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfExtPri
date
Sat, 16 Nov 2024 01:07:38 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
adAnalytics.js
ci5zjlh.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/adAnalytics.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=hedie.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f99592f1e1d933dd836158720ba5a971eac815767df96e234ae2303580d00b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=hedie.cc

Response headers

x-version
v43
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UkDhfh8VMtULZRsHzkA0tpM%2BC7NOKLWVW%2FkeFaSD86No4tieFtBIbTVQcRxd4IkAGMFSDdcACQRZXjAROKGi4f7CnDgHRX2gEYD3tFWErzccpBS4h5RlWnh%2Fuo9LrkX4kLfZkdcNVDzS2g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d0fc78dc80-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=38146&sent=710&recv=296&lost=0&retrans=0&sent_bytes=865222&recv_bytes=2935&delivery_rate=13259132&cwnd=782&unsent_bytes=0&cid=f08dcac57991b972&ts=629&x=0"
date
Sat, 16 Nov 2024 01:07:38 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v43/adAnalytics.js
server
cloudflare
reload.css
ci5zjlh.com/appReload/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/appReload/reload.css
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=hedie.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
920cbdf782168b5a13073f919eb275f19884dac5599531b66389575717203046

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=hedie.cc

Response headers

x-version
v43
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eNbZPXxDR9%2BW0cStcCSM2D0Z0vfcRAcDlKtl9XAfgOFL1fIb2O7w6zIQKJeBSc3HEilnW29TndsHDHAMrQBrkxA8vvUwmoGxLLTj%2BdojeffJfbuJx52yj8qhgV5ueFhOVIzZ7WUQyIFSPg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d0fc75dc80-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=38146&sent=706&recv=296&lost=0&retrans=0&sent_bytes=863661&recv_bytes=2935&delivery_rate=13259132&cwnd=782&unsent_bytes=0&cid=f08dcac57991b972&ts=621&x=0"
date
Sat, 16 Nov 2024 01:07:38 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-r2-path
v43/appReload/reload.css
server
cloudflare
index-Deu54kwU.js
ci5zjlh.com/assets/ 		2 MB
645 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/index-Deu54kwU.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=hedie.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b92a460f53d45805993e6fc957d0eed4cd3342294f361422c049586bdc6738

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/download?&from=hedie.cc

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W1mbMjpOh02tMNEwSYDc2Xa%2BFzqpAJK5yud3VnGMgcSmoZYJfbEs%2FOoop3LzK9wgKTMuEqy1Kseh7lWFPSEwlpZmEdUOCn%2FEjocfvgrBqqJQFoQ4pXP99raYRnoOha4XRIfCW4%2FXH%2BH2PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d0fc79dc80-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=40791&sent=14&recv=18&lost=0&retrans=0&sent_bytes=7089&recv_bytes=2935&delivery_rate=136014&cwnd=258&unsent_bytes=0&cid=f08dcac57991b972&ts=427&x=0"
date
Sat, 16 Nov 2024 01:07:37 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-Deu54kwU.js
server
cloudflare
index-D27NjhLj.css
ci5zjlh.com/assets/ 		316 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/index-D27NjhLj.css
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=hedie.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a07694fac8f5142583394251622a697390bd681a140ae34578dae7b12e0b31d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/download?&from=hedie.cc

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wKVCow1b72mZdO5oFioIVmt6I5PLmjKVZKD1WNdeok4vuP9ahS6GRCq7eXV%2F0dYY%2FF%2B8M8YinDOvhQG6RmFmGPS2yFas6VHh77M%2FFzKGvHmWPdzf8x8tM5FNFLQYldfHI33Vk9Hk66xEow%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d0fc77dc80-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=38681&sent=136&recv=27&lost=0&retrans=0&sent_bytes=135345&recv_bytes=2935&delivery_rate=2197549&cwnd=258&unsent_bytes=32425&cid=f08dcac57991b972&ts=472&x=0"
date
Sat, 16 Nov 2024 01:07:37 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-D27NjhLj.css
server
cloudflare
version-polling.min.js
ci5zjlh.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/version-polling.min.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=hedie.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9faf673113292d24752db2af256ce2cf2de78bb2c65498675ca7898f7c077b35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=hedie.cc

Response headers

x-version
v43
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aQ1BzEK2qMU7rd49%2BGFSps%2FClGZk5rbld3yobuTOuzNcw6G6LL%2BYetEJPp3E9xpXzooiGfH7XDFPvWbcwvKUpYQp5PHZVtldrcOag63hhyVuGqUmefVAKEcLF5jOF1PHoE9IxljpFaLBrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d0fc7adc80-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=38459&sent=702&recv=294&lost=0&retrans=0&sent_bytes=861839&recv_bytes=2935&delivery_rate=13425921&cwnd=774&unsent_bytes=0&cid=f08dcac57991b972&ts=616&x=0"
date
Sat, 16 Nov 2024 01:07:38 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v43/version-polling.min.js
server
cloudflare
index.js
ci5zjlh.com/appReload/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/appReload/index.js?v=20241103
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=hedie.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b2529c653f216397e16fe2519f773a1fe204db22cbbbda5b410e6a9d0047527

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=hedie.cc

Response headers

x-version
v43
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hDa%2FaCYk%2Bnx5Nw%2BWy7EXML%2FBk8zCXwpvJZBqJ9MzQb2GNO0MdkLaybpBPiYPZtWE4z3AktHSOP%2ByOYAtxoEWzuJ6n0ukvVAQKHuI9nGVStWLZr4tk297yC0KQpHEKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d35d7de52b-TXL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34704&sent=36&recv=21&lost=0&retrans=0&sent_bytes=28306&recv_bytes=7346&delivery_rate=33704&cwnd=22800&unsent_bytes=0&cid=bc7a06bcac544e31&ts=735&x=1", cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 01:07:38 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v43/appReload/index.js
server
cloudflare
webPushSdk.produce.min.2.1.6.js
ci5zjlh.com/ 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/webPushSdk.produce.min.2.1.6.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/download?&from=hedie.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ee4947bae28f87f22e0f400ac7ae540d0162c4102402eaafe7d3aa6a3420c7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=hedie.cc

Response headers

x-version
v43
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0A%2FUMwFHfF3OALOnwmiAcYtUmBq5EWJmO7uIEfl%2FnCDNaLhHHel%2Fh4JgSUaJqm1A2FFNGJo64JWP1nbo1Vv7VndfT5%2B2uj%2BxU%2FQPzlYBlJlEHvf1LT0TWXrgVZMqZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d36d8ee52b-TXL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34693&sent=15&recv=16&lost=0&retrans=0&sent_bytes=4306&recv_bytes=7131&delivery_rate=466&cwnd=12000&unsent_bytes=0&cid=bc7a06bcac544e31&ts=699&x=1", cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 01:07:38 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v43/webPushSdk.produce.min.2.1.6.js
server
cloudflare
version.js
ci5zjlh.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/version.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/version-polling.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=hedie.cc

Response headers

x-version
v43
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"e3951015eaa8250278021548d3812ebc"
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NCnG8A5abIAjBWSGRAfwC3lxbfe6ORIEI48EjCWq5NBYbOMpyb8y209r16W2z1WFhZRXDnHFjpG7AbYcqrIe6TW8E%2FDfQ8lJTAVAHUNxU%2FImg4HY%2F2sqDNiegfz1xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d36d8fe52b-TXL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36559&sent=55&recv=35&lost=0&retrans=0&sent_bytes=42459&recv_bytes=7950&delivery_rate=61532&cwnd=22800&unsent_bytes=0&cid=bc7a06bcac544e31&ts=979&x=1", cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 01:07:38 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v43/version.js
server
cloudflare
index-DJeXxPRa.js
ci5zjlh.com/assets/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/index-DJeXxPRa.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-Deu54kwU.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcd3e01034ff0a13c669f2326b65b8c68a50966768dc66e15b275d0c5e8d42de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SkOiaAicDdN66MFI%2FsAPR%2BH6l6wTYLtRBblkxkEjiAMpEVJSp1cCadJYFzX6FknwZwdOPGK005zM3uC6MjXcUw2ViMkCUDn%2FFQnusmd0e2RILqfds4WqAhHxUKzyvw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d4e885e52b-TXL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34815&sent=40&recv=29&lost=0&retrans=0&sent_bytes=32137&recv_bytes=7691&delivery_rate=46340&cwnd=22800&unsent_bytes=0&cid=bc7a06bcac544e31&ts=788&x=1", cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 01:07:38 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-DJeXxPRa.js
server
cloudflare
InstallModal-N6QwxobS.js
ci5zjlh.com/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/InstallModal-N6QwxobS.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-Deu54kwU.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ee13e7deef5a6408f23e52fd2654e723ef5cb5352f115b037099aaaa1511df2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJAhmEiPcQzM2i3Hjr2XW3PN%2BIaVzBAHYZiSBY0ahHytbuYBNmfsKDlCfIcaG3dqRzIhE27a8ksuQpA7RdSbxcFiWg0hUnPt2yhOqXsqIwTp3HGOaCMYHnTULq%2B%2FMw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d4e887e52b-TXL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34815&sent=44&recv=29&lost=0&retrans=0&sent_bytes=35905&recv_bytes=7691&delivery_rate=46340&cwnd=22800&unsent_bytes=0&cid=bc7a06bcac544e31&ts=798&x=1", cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 01:07:38 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/InstallModal-N6QwxobS.js
server
cloudflare
InstallModal-CulR4s_j.css
ci5zjlh.com/assets/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/InstallModal-CulR4s_j.css
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-Deu54kwU.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca85c0dc913ffde00195b8d4c2ee6b1f5067d2d136c5d2818164d5085390c12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/download?&from=hedie.cc

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVXAUKmYWWJwsaDb%2BrdxT4sTttupL%2Bhtadt8iO9DlYou6rabSL0FZJmf62rXUXDeMwcpxRurOhmI8cdni8f7oX9fn8xbvfOjWy%2FWJD1xhpGeZ1p6hx%2FzA0xj5JnwWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d4e888e52b-TXL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37159&sent=48&recv=33&lost=0&retrans=0&sent_bytes=38172&recv_bytes=7863&delivery_rate=174332&cwnd=22800&unsent_bytes=0&cid=bc7a06bcac544e31&ts=905&x=1", cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 01:07:38 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/InstallModal-CulR4s_j.css
server
cloudflare
index-rMm4RPd_.css
ci5zjlh.com/assets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/index-rMm4RPd_.css
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-Deu54kwU.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefad98c9c63780a055ddc1d0a3c206a94e3da3658a4fe5d4f1d41669d1847a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/download?&from=hedie.cc

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEIfoc57Ya0g70567GFXCpFVjYjLSLcsow1h4WWoB5mEvYctGUIqgSsQZGWD66H3kNun0uf%2FaWrChAYQCYg5XDSmUZ0EcRsfjBZ4MWlpeQILzp4WE79UdiFJk5duWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d4e889e52b-TXL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36559&sent=51&recv=35&lost=0&retrans=0&sent_bytes=40282&recv_bytes=7950&delivery_rate=61532&cwnd=22800&unsent_bytes=0&cid=bc7a06bcac544e31&ts=973&x=1", cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 01:07:38 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-rMm4RPd_.css
server
cloudflare
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"5eb03e5f-12d68"
age
1381490
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLhtDUdILfwEzSW1XEieoGafxfEOV46vTa99UYVG90VVy2TsENL1bh%2BEt3eu1gWvhNajmw9wzcfsYVxLZydmGT0BAqm3oXmp7Q1m2LprQDtx%2B0dccgnSR3DbFTs3Xb1iFP92tSii"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 01:07:38 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 16 Nov 2024 01:07:38 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e3395d5dcfe8f3f-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
server
cloudflare
web-DB8SoWY2.js
ci5zjlh.com/assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/web-DB8SoWY2.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-Deu54kwU.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
312119def22536dd02ed9bbfb23131853391cf20e9922c0edf625519338a72ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/assets/index-Deu54kwU.js

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E9VGLNENhePyukwxELuxakWSK6STJWDwbc91ofUzDcoKq8o600XNXSaY1wfjycEKV9z1F4HW%2BsXJ4TrCyB54Z3af9Vp0m6vS39dlI5edjZSKWH5iFIOK%2BQx4SC%2Fw3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d76d5be52b-TXL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36557&sent=63&recv=42&lost=0&retrans=0&sent_bytes=44174&recv_bytes=10265&delivery_rate=88062&cwnd=22800&unsent_bytes=0&cid=bc7a06bcac544e31&ts=1183&x=1", cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 01:07:38 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/web-DB8SoWY2.js
server
cloudflare
169e932c-7c7e-4114-8db0-9cb6f941318b
https://ci5zjlh.com/ 		0
0
favicon.ico
ci5zjlh.com/ 		0
575 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ci5zjlh.com/download?&from=hedie.cc

Response headers

x-version
v43
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2Fp3Gi1LZdH4t1SLwDm0ZdWR0MQlNQgLP42IFrrnEBTlBX8FGQY0MgO4%2FvXpKZxirVidfSSrbSN2h0odu755cde8rRyKBbFoP3LL%2F6nF86%2FZ6CwVxqeRRItbxRETeg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d76d71e52b-TXL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35638&sent=86&recv=54&lost=0&retrans=0&sent_bytes=68256&recv_bytes=10789&delivery_rate=122833&cwnd=24000&unsent_bytes=0&cid=bc7a06bcac544e31&ts=1406&x=1", cfHdrFlush;dur=0
content-length
0
date
Sat, 16 Nov 2024 01:07:39 GMT
vary
Accept-Encoding
server
cloudflare
x-r2-path
v43/favicon.ico
index9-DqsF-br0.js
ci5zjlh.com/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/index9-DqsF-br0.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-Deu54kwU.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d34a409f95b93ffa5dca2ecf5c9d9da1a16087ac821524b114516abbc552268f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/assets/index-Deu54kwU.js

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E81hAIT2Rv86XsQsaP%2FZ5bzeSfcp11Mu8%2FPayrJS4CM%2FYGxyXsA1KMBRhYNbxpJ%2FF6UOd%2BQV%2Fu7d3vtQhCQTsYZm5ybmipe4XLk2YGAGvGljk3Y9nFhnFODcPKhnTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d78d9fe52b-TXL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36557&sent=83&recv=42&lost=0&retrans=0&sent_bytes=66285&recv_bytes=10265&delivery_rate=88062&cwnd=22800&unsent_bytes=0&cid=bc7a06bcac544e31&ts=1215&x=1", cfHdrFlush;dur=3
date
Sat, 16 Nov 2024 01:07:38 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index9-DqsF-br0.js
server
cloudflare
pt_BR-Bh7z304o.js
ci5zjlh.com/assets/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/pt_BR-Bh7z304o.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-Deu54kwU.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f29086844c509b2dea8dc0565c2230e6ce08ffee662ad5c963d009face55e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/assets/index-Deu54kwU.js

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xPT9TIHuy5XBb2Bk3oBE%2Fwiwmcg62qmDrfjZdF4MV90gXDYEsKS8KLqQRa0X6OKNkaJwrYaf5w28kHkpMh3lriv24JSu33a3EFHHnmVH%2Bzcue%2FgvW%2F9FOndTBDBv7g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395d78da4e52b-TXL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36557&sent=65&recv=42&lost=0&retrans=0&sent_bytes=45912&recv_bytes=10265&delivery_rate=88062&cwnd=22800&unsent_bytes=0&cid=bc7a06bcac544e31&ts=1197&x=1", cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 01:07:38 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/pt_BR-Bh7z304o.js
server
cloudflare
tenant.domainInfo
api.n-t-v-w.com/api/frontend/trpc/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,channelid,client-language,content-type,sign,tenantid,x-device-type,x-tag,x-trace-id
Access-Control-Request-Method
GET
Origin
https://ci5zjlh.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
8e3395d9ea29e515-TXL
date
Sat, 16 Nov 2024 01:07:39 GMT
priority
u=1,i
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
tenant.domainInfo
api.n-t-v-w.com/api/frontend/trpc/ 		28 B
446 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/mini.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d242137194749db304b6167388d502e8718f2491f5838c98f86b078d57b1eaa

Request headers

Authorization
Bearer null
sign
02f3ced25d87bd24dc26eb2cde3d17db147990a58cfed
tenantId
Referer
https://ci5zjlh.com/
X-Trace-ID
BO73BOCU
X-Device-Type
DesktopOS
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
channelId
Client-Language
X-Tag

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
cf-ray
8e3395da3aa4e515-TXL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
28
server-timing
cfExtPri
date
Sat, 16 Nov 2024 01:07:39 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
access-control-allow-headers
*
channel.info
api.n-t-v-w.com/api/frontend/trpc/ 		28 B
445 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/channel.info?input=%7B%22json%22%3A%7B%22id%22%3A0%2C%22tenantId%22%3A0%2C%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/mini.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d242137194749db304b6167388d502e8718f2491f5838c98f86b078d57b1eaa

Request headers

Authorization
Bearer null
sign
26cfd225dfab3f5cd483d10f2173c27e12e65e22ac94c
tenantId
Referer
https://ci5zjlh.com/
X-Trace-ID
6SGNNTJC
X-Device-Type
DesktopOS
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
channelId
Client-Language
X-Tag

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
cf-ray
8e3395da3aa5e515-TXL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
28
server-timing
cfExtPri
date
Sat, 16 Nov 2024 01:07:39 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
access-control-allow-headers
*
channel.info
api.n-t-v-w.com/api/frontend/trpc/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/channel.info?input=%7B%22json%22%3A%7B%22id%22%3A0%2C%22tenantId%22%3A0%2C%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,channelid,client-language,content-type,sign,tenantid,x-device-type,x-tag,x-trace-id
Access-Control-Request-Method
GET
Origin
https://ci5zjlh.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
8e3395d9ea2be515-TXL
date
Sat, 16 Nov 2024 01:07:39 GMT
priority
u=1,i
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
swipe-back-DtTPi8iK.js
ci5zjlh.com/assets/ 		682 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/swipe-back-DtTPi8iK.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-Deu54kwU.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e0036adb530513dcfdcfb8d0121fd3614a10ffaa8f3b07ed6776ba917a41776

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/assets/index-Deu54kwU.js

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l18xiXENUTlLXRcamz7hmmFiA24m6pyBPaGJoOiQHnaLS%2B%2FZ%2F57ExUFDqR5H5bI2ngmd%2F38dhhz9%2BZuD3V3bpG3qjim5AcMS%2BHr8R97YOvWYBVrudRWuta9MSArU%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395da8b17e52b-TXL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35573&sent=88&recv=56&lost=0&retrans=0&sent_bytes=68878&recv_bytes=11286&delivery_rate=9947&cwnd=24000&unsent_bytes=0&cid=bc7a06bcac544e31&ts=1693&x=1", cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 01:07:39 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/swipe-back-DtTPi8iK.js
server
cloudflare
tenant.domainInfo
api.n-t-v-w.com/api/frontend/trpc/ 		28 B
447 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/mini.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d242137194749db304b6167388d502e8718f2491f5838c98f86b078d57b1eaa

Request headers

Authorization
Bearer null
sign
7da5b9ca1f76e439d0f5f9ea6f17340b160cc3287fa8e
tenantId
Referer
https://ci5zjlh.com/
X-Trace-ID
EDT1GDDM
X-Device-Type
DesktopOS
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
channelId
Client-Language
X-Tag

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
cf-ray
8e3395db1c01e515-TXL
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
28
server-timing
cfExtPri
date
Sat, 16 Nov 2024 01:07:39 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
access-control-allow-headers
*
tenant.domainInfo
api.n-t-v-w.com/api/frontend/trpc/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,channelid,client-language,content-type,sign,tenantid,x-device-type,x-tag,x-trace-id
Access-Control-Request-Method
GET
Origin
https://ci5zjlh.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
8e3395dacb90e515-TXL
date
Sat, 16 Nov 2024 01:07:39 GMT
priority
u=1,i
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
index-C2zCsVg0.js
ci5zjlh.com/assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/index-C2zCsVg0.js
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-Deu54kwU.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729fc3d779d4c0edb80dd86afddc5fb57062eddc4fb2e813fcf4d5706052a8fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QRRZvVtWlEzEVKeyvgQSp0A2y6IF5ra45YWqHKr7nfIRPBg1vUo3Q0HHAuLTtPB1rrlYWuVBPVi%2F4Kkd7iCOSWf8d%2FVu2cEwqBuKxxXYZSSJu1%2Bsa9Wvvih0fKRnXg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395de4a18e52b-TXL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35462&sent=91&recv=59&lost=0&retrans=0&sent_bytes=70059&recv_bytes=12209&delivery_rate=5779&cwnd=24000&unsent_bytes=0&cid=bc7a06bcac544e31&ts=2261&x=1", cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 01:07:40 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-C2zCsVg0.js
server
cloudflare
index-CSJWRess.css
ci5zjlh.com/assets/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ci5zjlh.com/assets/index-CSJWRess.css
Requested by
Host: ci5zjlh.com
URL: https://ci5zjlh.com/assets/index-Deu54kwU.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.15.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3432094bcfc8d88b093bea9f5191c099f72920065d2cef3cf8cae41b3d400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://ci5zjlh.com
Referer
https://ci5zjlh.com/download?&from=hedie.cc

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mdnisTvx260rjD7Q6YaxQmbh3%2FK9GV6bSxHOSY9%2B9GCKLMfi1Y8IsbhF87eR7z4Ahqfd4bGAzAo9uNIE3l6F3gvuKR0IZgT2NeVhj3E2pKGdrDJUJsH6yu%2FusG941A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3395de4a19e52b-TXL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35462&sent=93&recv=59&lost=0&retrans=0&sent_bytes=71738&recv_bytes=12209&delivery_rate=5779&cwnd=24000&unsent_bytes=0&cid=bc7a06bcac544e31&ts=2295&x=1", cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 01:07:40 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-CSJWRess.css
server
cloudflare
cloud-dark.svg
ci5zjlh.com/405/ 		0
0
limit-dark.png
ci5zjlh.com/405/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ci5zjlh.com
URL
blob:https://ci5zjlh.com/169e932c-7c7e-4114-8db0-9cb6f941318b
Domain
ci5zjlh.com
URL
https://ci5zjlh.com/405/cloud-dark.svg
Domain
ci5zjlh.com
URL
https://ci5zjlh.com/405/limit-dark.png

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isSamsungBrowser object| script object| VersionPolling object| diy object| turnstile object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ object| CapacitorPlatforms object| Capacitor function| Pusher boolean| __VUE__ object| Ionic boolean| __vite_is_modern_browser object| _refresh_btn object| MTpushInterface boolean| isOpenMainUI

2 Cookies

Domain/Path Name / Value
.hedie.cc/ Name: __cf_bm
Value: Y0GNjRvI1p8gKXN3yiIOabLtwh5uIK2fyldI5KkYnIU-1731719256-1.0.1.1-fxbh0gJVkdaqwaqF0dagW6dnjGYDkE4lkrGeFTcWFe4cBk8wapuvFwttiJP2v7H52mpmFGHv6GKa_KwJP_lhIA
.ci5zjlh.com/ Name: __cf_bm
Value: 0YiCOj2ouYpA7Xlwty3Nvw_dR2DSqrf4b6EXP15MZfE-1731719258-1.0.1.1-7R_1Tv9nC_tuabSSV85Mg6BV7rZMyAUAckmitNQBoCPzP2igTCNclaByjIB67IQ6mgs4zWtLgsk3ndW2XIJacg

4 Console Messages

Source Level URL
Text
network error URL: https://ci5zjlh.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.n-t-v-w.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Message:
Failed to load resource: the server responded with a status of 405 ()
network error URL: https://api.n-t-v-w.com/api/frontend/trpc/channel.info?input=%7B%22json%22%3A%7B%22id%22%3A0%2C%22tenantId%22%3A0%2C%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Message:
Failed to load resource: the server responded with a status of 405 ()
network error URL: https://api.n-t-v-w.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22ci5zjlh.com%22%7D%7D
Message:
Failed to load resource: the server responded with a status of 405 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.n-t-v-w.com
cdnjs.cloudflare.com
challenges.cloudflare.com
ci5zjlh.com
hedie.cc
ci5zjlh.com
104.17.24.14
104.18.14.194
104.18.15.194
104.18.26.31
104.18.95.41
2606:4700::6812:ec2
06190daf3e538daeef217f28691ae6eddccf709cc513e43d8eff1013f0a18862
1057b17aec08a7191d134000203947f195a8aa7c84c39f1164cee8d01279762a
15842fe1091a48fce474adc7a25380c2bd5326a9d5a5f5c789f8e9bcc023b947
1b2529c653f216397e16fe2519f773a1fe204db22cbbbda5b410e6a9d0047527
1c318e6914f231dbdbc65dfadbce972eb471d1a6f1b6235750b88984ddcfdad0
1ee4947bae28f87f22e0f400ac7ae540d0162c4102402eaafe7d3aa6a3420c7e
26f29086844c509b2dea8dc0565c2230e6ce08ffee662ad5c963d009face55e0
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c7c8e0a60afd5191f348e1de02c091cd885b076875b581a8a6a8bf86b8726f5
312119def22536dd02ed9bbfb23131853391cf20e9922c0edf625519338a72ff
322c578f400c38f758c655d513daff4edfa1695bb5a81c949bc2d0d910e808ee
34a3f23956c2a665cf8f8bf36d7b7dea28d04e3ceed26cdf8a3db8e56f8fb3ce
3f7ed18bfb2367f3d4d093f8a54112939d1c44f69a5170a7af655429264b4a7d
4ee13e7deef5a6408f23e52fd2654e723ef5cb5352f115b037099aaaa1511df2
61b92a460f53d45805993e6fc957d0eed4cd3342294f361422c049586bdc6738
729fc3d779d4c0edb80dd86afddc5fb57062eddc4fb2e813fcf4d5706052a8fb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a07694fac8f5142583394251622a697390bd681a140ae34578dae7b12e0b31d
7ca85c0dc913ffde00195b8d4c2ee6b1f5067d2d136c5d2818164d5085390c12
87961cdea86a01343641519b11b2a07be473a2e7002ef8b20d0a468dfcd0f32d
8d242137194749db304b6167388d502e8718f2491f5838c98f86b078d57b1eaa
8e0036adb530513dcfdcfb8d0121fd3614a10ffaa8f3b07ed6776ba917a41776
920cbdf782168b5a13073f919eb275f19884dac5599531b66389575717203046
95f99592f1e1d933dd836158720ba5a971eac815767df96e234ae2303580d00b
9faf673113292d24752db2af256ce2cf2de78bb2c65498675ca7898f7c077b35
b1a18be61e193719c44ea1d26f8173df15d630a3e581b5b97231590283f06b55
b7595c3d2e94df7416308fa2ccf5ae8832137c76d2e9a8b02e6ed2cb2d92e2f7
bad3432094bcfc8d88b093bea9f5191c099f72920065d2cef3cf8cae41b3d400
c196f801ba1d18837279526b9f118930f94e8d8c2d54aa22321c92c9495d85a9
c4c26210c0347a902e40b557af13bc633a8950292b1e787fb3dbf2c025b2874e
d34a409f95b93ffa5dca2ecf5c9d9da1a16087ac821524b114516abbc552268f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed4f6dad41ae25e9ed007f23a32449ec63008235363e5cad680768a4e99b12ac
eefad98c9c63780a055ddc1d0a3c206a94e3da3658a4fe5d4f1d41669d1847a8
fcd3e01034ff0a13c669f2326b65b8c68a50966768dc66e15b275d0c5e8d42de