urlscan.io logo urlscan.io
SecurityTrails logo

events.kraftongame.com Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://events.kraftongame.com/?fbclid=PAAaZ5M5fQf5H6rzX66Y7wzcd7Ye7Jh1karyPzTWnOkE6QKuErfxARR0-kvNc_aem_th_AfXkkjcX3bAoxBOf8Bu...
Submission Tags: https://phish.report @phish_report Search All
Submission: On May 29 via api from FI — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 40 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is events.kraftongame.com.
TLS certificate: Issued by E1 on April 23rd 2023. Valid for: 3 months.
This is the only time events.kraftongame.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

3    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
events.kraftongame.com
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
22    109.123.255.184 (Germany)

ASN51167 (CONTABO, DE)
PTR: vmi1171864.contaboserver.net
mkanvpgt.lkazfef.ga
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    162.19.58.161 (France)

ASN16276 (OVH, FR)
PTR: ns3096669.ip-162-19-58.eu
i.ibb.co
1    162.19.88.68 (France)

ASN16276 (OVH, FR)
PTR: ns3221377.ip-162-19-88.eu
i.postimg.cc
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    65.21.235.194 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: cdn16.top4top.io
l.top4top.io
Apex Domain
Subdomains		 Transfer
22 lkazfef.ga
mkanvpgt.lkazfef.ga
3 MB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 320
fonts.googleapis.com — Cisco Umbrella Rank: 35
60 KB
3 ibb.co
i.ibb.co — Cisco Umbrella Rank: 12484
50 KB
3 kraftongame.com
events.kraftongame.com
15 KB
2 gstatic.com
fonts.gstatic.com
27 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 199
44 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
40 KB
1 top4top.io
l.top4top.io — Cisco Umbrella Rank: 941391
a.top4top.io Failed
20 KB
1 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 17824
9 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2440
7 KB
0 jquery.com Failed
code.jquery.com Failed
40 11
Domain Requested by
22 mkanvpgt.lkazfef.ga 1 redirects events.kraftongame.com
mkanvpgt.lkazfef.ga
3 i.ibb.co mkanvpgt.lkazfef.ga
3 events.kraftongame.com 1 redirects events.kraftongame.com
2 fonts.gstatic.com fonts.googleapis.com
2 ajax.googleapis.com mkanvpgt.lkazfef.ga
2 cdnjs.cloudflare.com mkanvpgt.lkazfef.ga
cdnjs.cloudflare.com
2 cdn.jsdelivr.net events.kraftongame.com
mkanvpgt.lkazfef.ga
1 l.top4top.io mkanvpgt.lkazfef.ga
1 fonts.googleapis.com mkanvpgt.lkazfef.ga
1 i.postimg.cc mkanvpgt.lkazfef.ga
1 stackpath.bootstrapcdn.com mkanvpgt.lkazfef.ga
0 a.top4top.io Failed mkanvpgt.lkazfef.ga
0 code.jquery.com Failed mkanvpgt.lkazfef.ga
40 13

This site contains no links.

Subject Issuer Validity Valid
kraftongame.com
E1		 2023-04-23 -
2023-07-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
mkanvpgt.lkazfef.ga
R3		 2023-05-26 -
2023-08-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
i.ibb.co
R3		 2023-04-11 -
2023-07-10		 3 months crt.sh
postimg.cc
R3		 2023-04-19 -
2023-07-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
*.top4top.co
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://events.kraftongame.com/?fbclid=PAAaZ5M5fQf5H6rzX66Y7wzcd7Ye7Jh1karyPzTWnOkE6QKuErfxARR0-kvNc_aem_th_AfXkkjcX3bAoxBOf8BuUyzNHC8ZH0C03k7feB-377YEo64fHLj8KcH0h-9r05n7neWsiX2i0VUtGd8bkyHB6153S
Frame ID: 18B6FE919006A177FE3E6157901781F9
Requests: 3 HTTP requests in this frame

Frame: https://mkanvpgt.lkazfef.ga/4tLKAw/
Frame ID: D59318E3D44125B4BFB128473CE2B5EE
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PUBG MOBILE | #1 BATTLE ROYALE MOBILE GAME

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

40
Requests

93 %
HTTPS

64 %
IPv6

11
Domains

13
Subdomains

12
IPs

4
Countries

3286 kB
Transfer

3719 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://events.kraftongame.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651633200 HTTP 302
  • https://events.kraftongame.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js?ts=1651633200
Request Chain 2
  • https://mkanvpgt.lkazfef.ga/4tLKAw HTTP 301
  • https://mkanvpgt.lkazfef.ga/4tLKAw/

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
events.kraftongame.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://events.kraftongame.com/?fbclid=PAAaZ5M5fQf5H6rzX66Y7wzcd7Ye7Jh1karyPzTWnOkE6QKuErfxARR0-kvNc_aem_th_AfXkkjcX3bAoxBOf8BuUyzNHC8ZH0C03k7feB-377YEo64fHLj8KcH0h-9r05n7neWsiX2i0VUtGd8bkyHB6153S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31e9327ba1ef537333dd7b0731333fc4861a94ecc793fad362abb9b476ee8069

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cf1d6cf38af0b70-AMS
content-encoding
br
content-type
text/html
date
Mon, 29 May 2023 21:30:32 GMT
last-modified
Fri, 26 May 2023 04:14:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4RR5pjIL7rqgfgMMVjSxt8POwZ5m3qI0FXYiIPuq5IigLloaRSUIJLacMwDPdCWPf1xG2C9CvTeOGoq2465ci9n3N9C1NfCszXowo8zSafp%2FwnEwXAP57q7tXpde9wpK22kTb6sTMfZC6L0NNVqjcHWMSim"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/ 		138 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.1.3/dist/css/bootstrap.min.css
Requested by
Host: events.kraftongame.com
URL: https://events.kraftongame.com/?fbclid=PAAaZ5M5fQf5H6rzX66Y7wzcd7Ye7Jh1karyPzTWnOkE6QKuErfxARR0-kvNc_aem_th_AfXkkjcX3bAoxBOf8BuUyzNHC8ZH0C03k7feB-377YEo64fHLj8KcH0h-9r05n7neWsiX2i0VUtGd8bkyHB6153S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://events.kraftongame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 May 2023 21:30:32 GMT
x-content-type-options
nosniff
content-encoding
br
age
6036950
x-jsd-version
4.1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23347
x-served-by
cache-fra-eddf8230071-FRA, cache-bom4747-BOM
x-jsd-version-type
version
etag
W/"22688-Z1/PKPn783E507LAtnb5b2AaQgM"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
invisible.js
events.kraftongame.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/
Redirect Chain
  • https://events.kraftongame.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651633200
  • https://events.kraftongame.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js?ts=1651633200
30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.kraftongame.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js?ts=1651633200
Requested by
Host: events.kraftongame.com
URL: https://events.kraftongame.com/?fbclid=PAAaZ5M5fQf5H6rzX66Y7wzcd7Ye7Jh1karyPzTWnOkE6QKuErfxARR0-kvNc_aem_th_AfXkkjcX3bAoxBOf8BuUyzNHC8ZH0C03k7feB-377YEo64fHLj8KcH0h-9r05n7neWsiX2i0VUtGd8bkyHB6153S
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165605f681a868b74b37c8d368017cb518befa41bf617fb051f7e655896e6714
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://events.kraftongame.com/?fbclid=PAAaZ5M5fQf5H6rzX66Y7wzcd7Ye7Jh1karyPzTWnOkE6QKuErfxARR0-kvNc_aem_th_AfXkkjcX3bAoxBOf8BuUyzNHC8ZH0C03k7feB-377YEo64fHLj8KcH0h-9r05n7neWsiX2i0VUtGd8bkyHB6153S
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:32 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKYc9AO%2BrBkRMzOHtnPL4RST30%2Fx4zk23LNbpvt7DJc26GjAks%2FChL3%2FHLMVW6cjPm%2FkvLiPNBoVO4mQBJWfNzSkMO7kpu47Ab7Ipsv41lqqbgQ7PzC4PkXPTT24x6WM7VuAiZ5RFjszoW6SnRHywRXM0pno"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7cf1d6cfc9a60b70-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 29 May 2023 21:30:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGvLrbEhpjmRnOocFGkOxLI0dvdk0FOWTYf9%2B6QYGr7sL%2BR6kEBe26a%2FbdAOBNZjUlkwkeZc6A5SC7t0Shpf7YnKBDsz2D3CrbqWUxa%2FV%2BiZQQUpq1ER7jBN0Q%2BFlFqcBsq2l0ysnpGvl348Q4fdZBymIiXQ"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js?ts=1651633200
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7cf1d6cf99610b70-AMS
alt-svc
h3=":443"; ma=86400
/
mkanvpgt.lkazfef.ga/4tLKAw/ Frame D593
Redirect Chain
  • https://mkanvpgt.lkazfef.ga/4tLKAw
  • https://mkanvpgt.lkazfef.ga/4tLKAw/
20 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/
Requested by
Host: events.kraftongame.com
URL: https://events.kraftongame.com/?fbclid=PAAaZ5M5fQf5H6rzX66Y7wzcd7Ye7Jh1karyPzTWnOkE6QKuErfxARR0-kvNc_aem_th_AfXkkjcX3bAoxBOf8BuUyzNHC8ZH0C03k7feB-377YEo64fHLj8KcH0h-9r05n7neWsiX2i0VUtGd8bkyHB6153S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
4e39fc8dc6b66058e254f88b46cc37de7ef579424a6b159b3c2ac177a3bc9f37

Request headers

Referer
https://events.kraftongame.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 May 2023 21:30:32 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
707
content-type
text/html
date
Mon, 29 May 2023 21:30:32 GMT
location
https://mkanvpgt.lkazfef.ga/4tLKAw/
server
LiteSpeed
style.css
mkanvpgt.lkazfef.ga/4tLKAw/css/ Frame D593 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/css/style.css
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
e7c0f28d8b02be3ebb53b4e938d316d75e4b66779ece7328490edd5c14fd5e01

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:32 GMT
content-encoding
br
last-modified
Tue, 18 Apr 2023 01:03:14 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2456
expires
Mon, 05 Jun 2023 21:30:32 GMT
animate.css
mkanvpgt.lkazfef.ga/4tLKAw/css/ Frame D593 		76 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/css/animate.css
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:32 GMT
content-encoding
br
last-modified
Tue, 18 Apr 2023 01:03:10 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4458
expires
Mon, 05 Jun 2023 21:30:32 GMT
facebook.css
mkanvpgt.lkazfef.ga/4tLKAw/css/login/ Frame D593 		3 KB
743 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/css/login/facebook.css
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
161a69202cb14200a9c537031931baed56c85bb81841dc6f3272e21a50dbbdca

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:32 GMT
content-encoding
br
last-modified
Tue, 18 Apr 2023 01:03:18 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
687
expires
Mon, 05 Jun 2023 21:30:32 GMT
twitter.css
mkanvpgt.lkazfef.ga/4tLKAw/css/login/ Frame D593 		2 KB
650 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/css/login/twitter.css
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
08361f2643f0a426bf832bf3001c2ea80d0ec005173e56e89ae63e37d3bd5fcc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:32 GMT
content-encoding
br
last-modified
Tue, 18 Apr 2023 01:03:22 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
592
expires
Mon, 05 Jun 2023 21:30:32 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame D593 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
1549920
cdn-cachedat
11/18/2022 06:18:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b3a57c6aca414a3b87fe0638b631146d
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7cf1d6d47ff00a49-AMS
cdn-requestpullsuccess
True
material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ Frame D593 		69 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
365046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5845
last-modified
Mon, 04 May 2020 16:12:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed9-1149f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBzRAeeyxdYr30a8d3B4tyOrQOQS%2BKI5o3KnQp0rk2R2anGInmqpRK%2BtVyAJVfgXRNHusXLhE0BO0zV1Z4jcJYnfbxTCkQeVqTIBqgVLWnNX4AZzP1b97gMrikpryuP5%2FKLRyO1tAhJFFswMi1SULshG"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7cf1d6d47aad0e90-AMS
expires
Sat, 18 May 2024 21:30:33 GMT
1.jpg
mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/ Frame D593 		188 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/1.jpg
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
34dbfdb095398fce622b80aa0c3c8c1be53248593da1470e3174e0530b3165bf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:32 GMT
last-modified
Tue, 18 Apr 2023 01:04:16 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
192794
expires
Mon, 05 Jun 2023 21:30:32 GMT
2.jpg
mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/ Frame D593 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/2.jpg
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
3574e3165dd2f2e1b937684fdc5c3a1cad95613f9d6fe1cd73b192c5a9276a99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:32 GMT
last-modified
Tue, 18 Apr 2023 01:04:18 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
151139
expires
Mon, 05 Jun 2023 21:30:32 GMT
3.jpg
mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/ Frame D593 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/3.jpg
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
9e9082a5b2fd3f9a3c6ad66aa77600ba5fb33403c04bd739c30c42c1006ad286

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:33 GMT
last-modified
Tue, 18 Apr 2023 01:04:20 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
115425
expires
Mon, 05 Jun 2023 21:30:33 GMT
4.jpg
mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/ Frame D593 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/4.jpg
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
ba03b9a84b26e1e8ea92761e2d8b28794e00b62d33f602cbcc7798961c4b7b12

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:32 GMT
last-modified
Tue, 18 Apr 2023 01:04:20 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
122115
expires
Mon, 05 Jun 2023 21:30:33 GMT
5.jpg
mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/ Frame D593 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/5.jpg
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
baccc0a4afd6cecf3f4e62e616b4eb873ac1a692161a5825a1f5bbdb77b691ff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:32 GMT
last-modified
Tue, 18 Apr 2023 01:04:22 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
113922
expires
Mon, 05 Jun 2023 21:30:32 GMT
6.jpg
mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/ Frame D593 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/6.jpg
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
88491093eafaa4d8ca320cf15158aa71fa9b14a5f815c97031231beeb0f433dd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:33 GMT
last-modified
Tue, 18 Apr 2023 01:04:22 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
104010
expires
Mon, 05 Jun 2023 21:30:33 GMT
7.jpg
mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/ Frame D593 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/7.jpg
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
5ec09aacbec856b9d6a5b2d3577b8839f5ed5f82d572e6dafefbab745eaafb55

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:33 GMT
last-modified
Tue, 18 Apr 2023 01:04:24 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
115121
expires
Mon, 05 Jun 2023 21:30:33 GMT
8.jpg
mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/ Frame D593 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/8.jpg
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
33094dff60c5fd6ce509a28476515c09a4a7395465ba5cfed1da67199939f47c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:33 GMT
last-modified
Tue, 18 Apr 2023 01:04:24 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
106348
expires
Mon, 05 Jun 2023 21:30:33 GMT
9.jpg
mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/ Frame D593 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/img/rewards/9.jpg
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
9bca856a991eed4ab7ecbe9d5c0ddafafc5b8f76557fbcdb71844d0c740b0cec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:32 GMT
last-modified
Tue, 18 Apr 2023 01:04:26 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
103709
expires
Mon, 05 Jun 2023 21:30:33 GMT
ci.png
cdn.jsdelivr.net/gh/gungrate/m17@main/ Frame D593 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/gungrate/m17@main/ci.png
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
463d92bbfc3e876ea26d546153bd8020770811366e5471202c3709014a81ee25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 29 May 2023 21:30:33 GMT
x-content-type-options
nosniff
age
23433
x-jsd-version
main
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
17152
x-served-by
cache-fra-eddf8230103-FRA, cache-bom4747-BOM
x-jsd-version-type
branch
etag
W/"4300-BpiflTcBXUu6O8537Q62rKno59w"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
popup-close.png
mkanvpgt.lkazfef.ga/4tLKAw/img/ Frame D593 		422 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/img/popup-close.png
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
fd5d4a16b40eb27ac0372e93f5f0f9faa21032d1004a980838024f99798b37c8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:32 GMT
last-modified
Tue, 18 Apr 2023 01:03:56 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
422
expires
Mon, 05 Jun 2023 21:30:33 GMT
facebook-text.png
i.ibb.co/Wg8qQxh/ Frame D593 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/Wg8qQxh/facebook-text.png
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:33 GMT
last-modified
Mon, 18 Oct 2021 19:35:50 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
28789
expires
Thu, 31 Dec 2037 23:55:55 GMT
i-audio-center2-758d33ee.png
i.postimg.cc/8k4dRx2V/ Frame D593 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/8k4dRx2V/i-audio-center2-758d33ee.png
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221377.ip-162-19-88.eu
Software
nginx /
Resource Hash
a8dc86784d373935098d3844e0c770bae23bd0be8f31109f355d90916dd6a393

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:33 GMT
last-modified
Sun, 08 May 2022 12:51:24 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
8929
expires
Thu, 31 Dec 2037 23:55:55 GMT
twitter-text.png
i.ibb.co/V9rgBqw/ Frame D593 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/V9rgBqw/twitter-text.png
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:33 GMT
last-modified
Mon, 18 Oct 2021 19:35:41 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
4298
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame D593 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 28 May 2023 06:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 May 2024 06:18:42 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ Frame D593 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 22:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169628
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29707
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 22:23:25 GMT
script.js
mkanvpgt.lkazfef.ga/4tLKAw/js/ Frame D593 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/js/script.js
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
4987c7fe2e0bb3dc1e590ec42a5f6e1cab21a4070b186190b6902df44b545463

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:32 GMT
content-encoding
br
last-modified
Tue, 18 Apr 2023 01:03:30 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
999
expires
Mon, 05 Jun 2023 21:30:32 GMT
showHide.js
mkanvpgt.lkazfef.ga/4tLKAw/js/ Frame D593 		1 KB
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/js/showHide.js
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
8023fc37af7de956061342860b38dd1646ce1f1fa7ecc2ce703e2b544b2bd283

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:32 GMT
content-encoding
br
last-modified
Tue, 18 Apr 2023 01:03:32 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
209
expires
Mon, 05 Jun 2023 21:30:32 GMT
jquery-1.10.2.min.js
code.jquery.com/ Frame D593 		0
0
gun.mp4
mkanvpgt.lkazfef.ga/4tLKAw/projectgun/ Frame D593 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/projectgun/gun.mp4
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
6ec31c78b16d701cf7530ae920b168e9672bed0aa1bc9b9ffabe23b546839da9

Request headers

Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1755452/1755453
date
Mon, 29 May 2023 21:30:32 GMT
last-modified
Tue, 18 Apr 2023 01:04:42 GMT
server
LiteSpeed
Content-Length
1755453
content-type
video/mp4
navbar.jpg
i.ibb.co/Cmq3C1n/ Frame D593 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/Cmq3C1n/navbar.jpg
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.161 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096669.ip-162-19-58.eu
Software
nginx /
Resource Hash
126d3fa5577d5b577a8125c19fd08105da20687f29a6b454020824a6ae0f34a0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:33 GMT
last-modified
Sun, 19 Jun 2022 04:24:15 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
17004
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ Frame D593 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a8e7fe41b58cbb8cb18a9f93e59b4f3ac0a7a7cc33130104f81cfb294795095e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 May 2023 21:30:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 May 2023 21:23:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 May 2023 21:30:33 GMT
container.jpg
mkanvpgt.lkazfef.ga/4tLKAw/img/ Frame D593 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/img/container.jpg
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
1a38d83043f0d62f30ce1799ee4e8fc2e2db287f695d909ee14468133577eb7d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:33 GMT
last-modified
Tue, 18 Apr 2023 01:03:52 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
63696
expires
Mon, 05 Jun 2023 21:30:33 GMT
event-theme.png
mkanvpgt.lkazfef.ga/4tLKAw/img/ Frame D593 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/img/event-theme.png
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
d6468d096dc0acf899b15d5dbedf9ac290d6a9c623251cf98716ce2dab1387c1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:33 GMT
last-modified
Tue, 18 Apr 2023 01:03:54 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
122494
expires
Mon, 05 Jun 2023 21:30:33 GMT
LYjNdG7kmE0gfaN9pQ.woff2
fonts.gstatic.com/s/teko/v16/ Frame D593 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/teko/v16/LYjNdG7kmE0gfaN9pQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mkanvpgt.lkazfef.ga
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 11:25:04 GMT
x-content-type-options
nosniff
age
209129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13324
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 11:25:04 GMT
btn_item.png
mkanvpgt.lkazfef.ga/4tLKAw/img/ Frame D593 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mkanvpgt.lkazfef.ga/4tLKAw/img/btn_item.png
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
109.123.255.184 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1171864.contaboserver.net
Software
LiteSpeed /
Resource Hash
2e946d52810006976bf56a72d974bd217ccca551037bf21f5f54474841daee5c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mkanvpgt.lkazfef.ga/4tLKAw/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:33 GMT
last-modified
Tue, 18 Apr 2023 01:03:50 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2910
expires
Mon, 05 Jun 2023 21:30:33 GMT
LYjCdG7kmE0gdVBesCRgqA.woff2
fonts.gstatic.com/s/teko/v16/ Frame D593 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/teko/v16/LYjCdG7kmE0gdVBesCRgqA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mkanvpgt.lkazfef.ga
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 05:25:27 GMT
x-content-type-options
nosniff
age
230706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13196
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 May 2024 05:25:27 GMT
Material-Design-Iconic-Font.woff2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/ Frame D593 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2107314599f31197adccda24c508f48d662707b8e5d9fa482f19deda91413957
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
Origin
https://mkanvpgt.lkazfef.ga
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 21:30:33 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
579694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
38384
last-modified
Mon, 04 May 2020 16:12:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed9-95f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOaI%2FdBiqjb5Lv%2B2W%2Buvla20%2BrGfJxbI1fOho44BMC69P0cpsqXsnlSXtgECROYqex%2BYMYlcYQ%2BseCddOUoNGstJT6XrgZm5cw4z3NOtGBY%2FfDl2KnA1dRzMJcP3iWxVgURxbhhlAuir3A4EnG38m0BM"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7cf1d6d58a03b8e5-AMS
expires
Sat, 18 May 2024 21:30:33 GMT
m_1725u5z7i1.mp3
l.top4top.io/ Frame D593 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://l.top4top.io/m_1725u5z7i1.mp3
Requested by
Host: mkanvpgt.lkazfef.ga
URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.21.235.194 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn16.top4top.io
Software
nginx /
Resource Hash
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

Request headers

Referer
https://mkanvpgt.lkazfef.ga/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range
bytes=0-

Response headers

x-file-id
x34392023x
date
Mon, 29 May 2023 21:30:33 GMT
last-modified
Mon, 21 Sep 2020 07:16:33 GMT
server
nginx
etag
"5f685351-4d45"
content-type
audio/mpeg
Content-Range
bytes 0-19780/19781
cache-control
max-age=7200
content-disposition
inline; filename="open_reward_tab.mp3"
Content-Length
19781
expires
Mon, 29 May 2023 23:30:33 GMT
m_1725zobal2.mp3
a.top4top.io/ Frame D593 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
code.jquery.com
URL
http://code.jquery.com/jquery-1.10.2.min.js
Domain
a.top4top.io
URL
https://a.top4top.io/m_1725zobal2.mp3

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| SHA256 object| __CF

0 Cookies

2 Console Messages

Source Level URL
Text
rendering warning URL: https://events.kraftongame.com/?fbclid=PAAaZ5M5fQf5H6rzX66Y7wzcd7Ye7Jh1karyPzTWnOkE6QKuErfxARR0-kvNc_aem_th_AfXkkjcX3bAoxBOf8BuUyzNHC8ZH0C03k7feB-377YEo64fHLj8KcH0h-9r05n7neWsiX2i0VUtGd8bkyHB6153S(Line 12)
Message:
The key "" is not recognized and ignored.
security error URL: https://mkanvpgt.lkazfef.ga/4tLKAw/
Message:
Mixed Content: The page at 'https://events.kraftongame.com/?fbclid=PAAaZ5M5fQf5H6rzX66Y7wzcd7Ye7Jh1karyPzTWnOkE6QKuErfxARR0-kvNc_aem_th_AfXkkjcX3bAoxBOf8BuUyzNHC8ZH0C03k7feB-377YEo64fHLj8KcH0h-9r05n7neWsiX2i0VUtGd8bkyHB6153S' was loaded over HTTPS, but requested an insecure script 'http://code.jquery.com/jquery-1.10.2.min.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.top4top.io
ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
events.kraftongame.com
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
i.postimg.cc
l.top4top.io
mkanvpgt.lkazfef.ga
stackpath.bootstrapcdn.com
a.top4top.io
code.jquery.com
109.123.255.184
162.19.58.161
162.19.88.68
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:828::200a
2a04:4e42:600::485
2a06:98c1:3120::3
65.21.235.194
08361f2643f0a426bf832bf3001c2ea80d0ec005173e56e89ae63e37d3bd5fcc
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
126d3fa5577d5b577a8125c19fd08105da20687f29a6b454020824a6ae0f34a0
161a69202cb14200a9c537031931baed56c85bb81841dc6f3272e21a50dbbdca
165605f681a868b74b37c8d368017cb518befa41bf617fb051f7e655896e6714
1a38d83043f0d62f30ce1799ee4e8fc2e2db287f695d909ee14468133577eb7d
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
2107314599f31197adccda24c508f48d662707b8e5d9fa482f19deda91413957
2e946d52810006976bf56a72d974bd217ccca551037bf21f5f54474841daee5c
31e9327ba1ef537333dd7b0731333fc4861a94ecc793fad362abb9b476ee8069
33094dff60c5fd6ce509a28476515c09a4a7395465ba5cfed1da67199939f47c
34dbfdb095398fce622b80aa0c3c8c1be53248593da1470e3174e0530b3165bf
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
3574e3165dd2f2e1b937684fdc5c3a1cad95613f9d6fe1cd73b192c5a9276a99
463d92bbfc3e876ea26d546153bd8020770811366e5471202c3709014a81ee25
4987c7fe2e0bb3dc1e590ec42a5f6e1cab21a4070b186190b6902df44b545463
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
4e39fc8dc6b66058e254f88b46cc37de7ef579424a6b159b3c2ac177a3bc9f37
5ec09aacbec856b9d6a5b2d3577b8839f5ed5f82d572e6dafefbab745eaafb55
6ec31c78b16d701cf7530ae920b168e9672bed0aa1bc9b9ffabe23b546839da9
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8023fc37af7de956061342860b38dd1646ce1f1fa7ecc2ce703e2b544b2bd283
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88491093eafaa4d8ca320cf15158aa71fa9b14a5f815c97031231beeb0f433dd
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9bca856a991eed4ab7ecbe9d5c0ddafafc5b8f76557fbcdb71844d0c740b0cec
9e9082a5b2fd3f9a3c6ad66aa77600ba5fb33403c04bd739c30c42c1006ad286
a3bf77e9dea5a047c348fa98ccbeb5d5e07de3541ce0a2dfb243690da964804c
a8dc86784d373935098d3844e0c770bae23bd0be8f31109f355d90916dd6a393
a8e7fe41b58cbb8cb18a9f93e59b4f3ac0a7a7cc33130104f81cfb294795095e
ba03b9a84b26e1e8ea92761e2d8b28794e00b62d33f602cbcc7798961c4b7b12
baccc0a4afd6cecf3f4e62e616b4eb873ac1a692161a5825a1f5bbdb77b691ff
d6468d096dc0acf899b15d5dbedf9ac290d6a9c623251cf98716ce2dab1387c1
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e7c0f28d8b02be3ebb53b4e938d316d75e4b66779ece7328490edd5c14fd5e01
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab
fd5d4a16b40eb27ac0372e93f5f0f9faa21032d1004a980838024f99798b37c8