play.google.com Open in urlscan Pro
2a00:1450:4001:830::200e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://walthamforestpestcontrol.uk/
Effective URL:
https://play.google.com/store/apps/details?id=com.tinder
Submission: On July 01 via automatic, source certstream-suspicious (July 1st 2023, 10:00:32 pm UTC) — Scanned from DE

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 11 domains to perform 53 HTTP transactions. The main IP is 2a00:1450:4001:830::200e, located in and belongs to . The main domain is play.google.com.
TLS certificate: Issued by GTS CA 1C3 on June 19th 2023. Valid for: 3 months.

This is the only time play.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700:303... 2606:4700:3034::ac43:a3d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 1	104.21.45.58 104.21.45.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	104.21.19.138 104.21.19.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	157.90.27.45 157.90.27.45	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.37.0.228 54.37.0.228	16276 (OVH) (OVH)
1 2	45.77.230.212 45.77.230.212	() ()
2	2a00:1450:400... 2a00:1450:4001:830::200e	() ()
53	10

3 2606:4700:3034::ac43:a3d6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

walthamforestpestcontrol.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.45.58 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mvgde.siriusprocyon.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.21.19.138 (None, )

ASN13335 (CLOUDFLARENET, US)

mvgde.mithrilminer.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnstatic.mithrilminer.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.90.27.45 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.45.27.90.157.clients.your-server.de

js2json.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cuyahogafallsfamilydentist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.37.0.228 (France) 1 redirects

ASN16276 (OVH, FR)

10.kingdrewhad.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.77.230.212 (None, ) 1 redirects

ASN- ()

appcloudvalue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (None, )

ASN- ()

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	mithrilminer.top mvgde.mithrilminer.top cdnstatic.mithrilminer.top	77 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com Failed	35 KB
4	js2json.com js2json.com — Cisco Umbrella Rank: 572106	29 KB
3	walthamforestpestcontrol.uk 1 redirects walthamforestpestcontrol.uk	5 KB
2	google.com play.google.com	150 KB
2	appcloudvalue.com 1 redirects appcloudvalue.com	698 B
2	kingdrewhad.live 1 redirects 10.kingdrewhad.live	2 KB
2	cuyahogafallsfamilydentist.com cuyahogafallsfamilydentist.com	33 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9378	1 KB
1	siriusprocyon.top 1 redirects mvgde.siriusprocyon.top	694 B
0	googleusercontent.com Failed play-lh.googleusercontent.com Failed
53	11

	Domain	Requested by
14	mvgde.mithrilminer.top	walthamforestpestcontrol.uk mvgde.mithrilminer.top cdnstatic.mithrilminer.top
4	www.gstatic.com	cdnstatic.mithrilminer.top play.google.com
4	cdnstatic.mithrilminer.top	mvgde.mithrilminer.top cdnstatic.mithrilminer.top
4	js2json.com	mvgde.mithrilminer.top js2json.com
3	walthamforestpestcontrol.uk	1 redirects walthamforestpestcontrol.uk
2	play.google.com	appcloudvalue.com walthamforestpestcontrol.uk
2	appcloudvalue.com	1 redirects 10.kingdrewhad.live
2	10.kingdrewhad.live	1 redirects cuyahogafallsfamilydentist.com
2	cuyahogafallsfamilydentist.com	cdnstatic.mithrilminer.top cuyahogafallsfamilydentist.com
2	counter.yadro.ru	1 redirects walthamforestpestcontrol.uk
1	mvgde.siriusprocyon.top	1 redirects
0	play-lh.googleusercontent.com Failed	play.google.com
0	fonts.gstatic.com Failed	play.google.com
53	13

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-11` - `2024-03-09`	a year	crt.sh
mithrilminer.top GTS CA 1P5	`2023-06-21` - `2023-09-19`	3 months	crt.sh
js2json.com R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
cuyahogafallsfamilydentist.com GTS CA 1P5	`2023-05-24` - `2023-08-22`	3 months	crt.sh
*.kingdrewhad.live R3	`2023-07-01` - `2023-09-29`	3 months	crt.sh
appcloudvalue.com R3	`2023-06-10` - `2023-09-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://play.google.com/store/apps/details?id=com.tinder
Frame ID: A0AE20F2BB53A2CC64420D6044A036E7
Requests: 50 HTTP requests in this frame

Frame: https://cuyahogafallsfamilydentist.com/media/mainstream/frame.html
Frame ID: 49019272605BA143E3C4B55B32DA6F55
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://walthamforestpestcontrol.uk/ Page URL
https://walthamforestpestcontrol.uk/ HTTP 301
https://mvgde.siriusprocyon.top/?pl=wyqwIiui3U-oMKNOfTV6Dg HTTP 302
https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok... Page URL
https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok... Page URL
https://cuyahogafallsfamilydentist.com/?u=pe7k605&o=3u0gcu2 Page URL
https://10.kingdrewhad.live/ikwruqnr/izc/gpo/yuw/reg/uur/scn/article10.html?u=pe7k605&o=3u0gcu2&f=1&sid=... Page URL
https://10.kingdrewhad.live/web/?sid=t2~mu5y24sebiweaamusi0n3ont HTTP 302
https://appcloudvalue.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpb7ji6x... HTTP 302
https://appcloudvalue.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJm... Page URL
https://play.google.com/store/apps/details?id=com.tinder Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

53
Requests

64 %
HTTPS

40 %
IPv6

11
Domains

13
Subdomains

10
IPs

5
Countries

331 kB
Transfer

1271 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://walthamforestpestcontrol.uk/ Page URL
https://walthamforestpestcontrol.uk/ HTTP 301
https://mvgde.siriusprocyon.top/?pl=wyqwIiui3U-oMKNOfTV6Dg HTTP 302
https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128 Page URL
https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128 Page URL
https://cuyahogafallsfamilydentist.com/?u=pe7k605&o=3u0gcu2 Page URL
https://10.kingdrewhad.live/ikwruqnr/izc/gpo/yuw/reg/uur/scn/article10.html?u=pe7k605&o=3u0gcu2&f=1&sid=t2~mu5y24sebiweaamusi0n3ont&fp=lVjcc%2FTyzdq%2FTofD4Zewr5C9InGjeTjrS67wyKD3vJ2HuFc3zihxI6embgX0dQRPFekO44z%2FNpyAcpFYjyTiSPiW4wGIq5%2BG6T37o7FOYu5GB8VdHhwSPVsW%2BDAakTmHkxTzXejYXUJmTVMks5MQY4vUndoqF2kvjvtTYg0DU2VcD%2Bh5PNPRZUG1F0JYVAQUmqPaEOm%2F8ohIp5GDFKIdzhPVwvqiFsh6TuLP3WbxqHEHCSpdHB81OfMc9AQGcSfc%2BlgaPgWMBvYOL5i4lQ32F0O0n3woEWsZg4geas6G2f6MLT1HtFDhLawdkoyB0RvuYC%2BuzVF5le3ej8f4CZx%2FW2zlpI5GpaXoKVQuiM4K9JZhb%2FpChcvNh%2FHE5CzYslncWqvwzPGiyJQl7maHAKTveIRZINbMoTWVpIZewvHlns%2Bg4TQEg54kyh%2BNAvP3Negb1gyKOfYRQsBW0XSdTPgKVgZb98cjRTbgAyOZ7oNftwfSWlmAZIgygmS4AZ5Vf%2Fdnm1imxp%2FqC7ND6nTMK99YkRauMQHu%2FkLt8meKrUR1ixSX7nvhu2OhWjxfvqm4fJbyD1Wjqi9AfO9OZ%2BTuWiVIzh6I28NnCbOq5QOnVisXW90%2F9zk0suYpBnUp4TTJ4%2F4bPMpAwJYc0MAwpv4ZUO%2FmkpkTzBaX9MxHKMoJoP5n05%2BE17nl87iw5v6hRKJeZ01LdmHvI5piiiHJ68iKJEAY%2F%2BxwFsK3kLgJvm14%2Fu9S%2B%2FxrDHh%2FOB9xEV7qtTY3qwSEYEJsfpTdUeidifTaLWRd9qRP2bmM%2FlPZ7EtxYIql%2BjTFmZM9Yb3M348JPnHTgZkhc4jm%2B9KZGOWhnEV2H8KUTxJaEavkmIej12URF34hSP4Grg0dJAXNIXl2ZfDZbc4vt%2F07%2Bg4usPXkFY%2BFo4wdJave1Q92F7As7Mnh5WfbrB5ShmQvHztGeiakq1KKp82FbDi7L1u1EkQA1ErpVX6onyLGwK7A9utFEi2B%2FOPzjqwPBa52FETekFq34yCzfxn6b8VAoK%2BpDsmqj8PmI%2BsUM02rNtJg1SDLA4vZINt8hxarqeAZE0QG6mnQMlxohkAXDGMb1vcfdPU2IVapTZcd1tD1NNSwPBkXKp90CCavYsZ2cNiEI04boV%2BnhK8wR1f%2FGp39Y4uUK9crVvS5dzXRWJlldpr%2FrOvaYC0rFJAps1nAFEbgnfdyePRjGn2FMWALPBQolD4DTN5TJDqWfVRCvtAOV0Hd49pqas%2BcX0nVf2lpjOah%2FL7lWgLZ48jXy0RI2vrhscf%2FnYaFJrKUfq3rGO1RKMXcEppTkiE82eG5h7vpIqRlEop2AsACJ%2FyEeWpUhyQk4Jx36cbdHVT2q%2B6pMMgmhJ6G%2BLMR%2BJK%2BGbzVb2Ik%2Ff5GLg2qFSMNmqVHW%2B3v5tRGNEaY6GUMAJ2YQ9vooo1Az8k2UObs%2FbloHiQYWJo5e0vXzFIISn7okGdweybBd0gH%2F4lRHxHzN7v5rqh3ihxYlmnhDEjtA0JD5VHNBHpTkQuGmQ09mj0RhU8XROx2P%2BKuxoP1UCtGibU2FM71MMmzPcmY6RmaRAQT4AknTKLDP0C5eUzBfVjkSAcKkVDKM1Gm120pB1HElH5hqjFR7%2B9edNFH7Xh9aY9GzdlmC7AwaA3TG5R3FREhieXoZIJmEZmYLV3WmWqz2BFi9xvxTVkXRf7YcMAKGiTG%2FhhTMJq0U0gwRJWQy2JO7Qf84LXL26zSKDneneTlDOawlgaU%2By4GhLgWJRnISxWadBSoF83U3m8i%2F0Xv8LrA%2BEHDN%2B2bKsIwdVNmmMU4PumhTjaZZbTsxgfGZA6%2FIYp0frZPqYIbyvayWCbQFycnIy%2BfzzR5S6FCoovXAdR2PHFR0CSozimbnWIDGQ9eWpdDhKCvljxEJUZQ0tHqk6A3I7PB1xSrqP1CBetX9eoo5XwC0k2rNckvm1yET%2FV0TDMZCBcAcwKkRLsJJJFBvdSz3D0hW9seaULPKnv4m%2FTbGG%2BhhzIGUg8nlZNxmdjv15%2FGWSlHP8g%3D Page URL
https://10.kingdrewhad.live/web/?sid=t2~mu5y24sebiweaamusi0n3ont HTTP 302
https://appcloudvalue.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpb7ji6xtLUUCtaRCX47avwoA%3D%3D HTTP 302
https://appcloudvalue.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpb7ji6xtLUUCtaRCX47avwoA%3D%3D Page URL
https://play.google.com/store/apps/details?id=com.tinder Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://counter.yadro.ru/hit;lootraff?r;s1600*1200*24;uhttps%3A//walthamforestpestcontrol.uk/;hWarten.;0.8925369422437959 HTTP 302
https://counter.yadro.ru/hit;lootraff?q;r;s1600*1200*24;uhttps%3A//walthamforestpestcontrol.uk/;hWarten.;0.8925369422437959

Request Chain 3

https://walthamforestpestcontrol.uk/ HTTP 301
https://mvgde.siriusprocyon.top/?pl=wyqwIiui3U-oMKNOfTV6Dg HTTP 302
https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128

Request Chain 34

https://10.kingdrewhad.live/web/?sid=t2~mu5y24sebiweaamusi0n3ont HTTP 302
https://appcloudvalue.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpb7ji6xtLUUCtaRCX47avwoA%3D%3D HTTP 302
https://appcloudvalue.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpb7ji6xtLUUCtaRCX47avwoA%3D%3D

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
walthamforestpestcontrol.uk/ 6 KB
3 KB 708ms
632ms Document
text/html 2606:4700:3034::ac43:a3d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://walthamforestpestcontrol.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a3d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b282aaeb437645b96b015205899e4d30558718e2e5f26e15bb3c5299d9822b1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e01ebfec959694c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 01 Jul 2023 22:00:27 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: </antibot777--/ab.php>; rel=dns-prefetch
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6i1aVK3DJUx6HPiAY9jLetUtffqvdE4oj9bZJ2dVA1HNFm35D8V8qfB6WDb1CwIkIIFinxI6jSSVH7IiJsvNNxN%2B9mToMAEOPkNctr6lbhrNETQJ74ux4gIlCyfpKO7h4KFeSRys7vNwIjRknU1prN%2F9kjWf22I6H%2Bg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-robots-tag: noindex

GET
H/1.1

200
OK

hit;lootraff
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;lootraff?r;s1600*1200*24;uhttps%3A//walthamforestpestcontrol.uk/;hWarten.;0.8925369422437959
https://counter.yadro.ru/hit;lootraff?q;r;s1600*1200*24;uhttps%3A//walthamforestpestcontrol.uk/;hWarten.;0.8925369422437959

43 B
528 B

54ms
54ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;lootraff?q;r;s1600*1200*24;uhttps%3A//walthamforestpestcontrol.uk/;hWarten.;0.8925369422437959

Requested by

Host: walthamforestpestcontrol.uk
URL: https://walthamforestpestcontrol.uk/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://walthamforestpestcontrol.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Jul 2023 22:00:27 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Fri, 01 Jul 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 01 Jul 2023 22:00:27 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;lootraff?q;r;s1600*1200*24;uhttps%3A//walthamforestpestcontrol.uk/;hWarten.;0.8925369422437959
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Fri, 01 Jul 2022 21:00:00 GMT

POST
H2 200 ab.php
walthamforestpestcontrol.uk/antibot777--/ 72 B
495 B 648ms
647ms XHR
text/html 2606:4700:3034::ac43:a3d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://walthamforestpestcontrol.uk/antibot777--/ab.php
Requested by: Host: walthamforestpestcontrol.uk
URL: https://walthamforestpestcontrol.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a3d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://walthamforestpestcontrol.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded;

Response headers

date: Sat, 01 Jul 2023 22:00:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-cms: AntiBot.Cloud (See: https://antibot.cloud/)
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CAqFHVmahPzABaPovkCNtAPkOsn8OwriFZV5l90fYA9ejv%2FRD9tfJvKFzCYYQZ7uBGMoNJxQsMvOGtDAGLBs%2FLT7m9R1ILQ%2Fqrlfxe9E3dnAmmQGZ017LalbGCdhyU90p%2FcouRB7w7nEGPVxImMTSfvDMWtP2Y9PwM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex
access-control-allow-headers: *
cf-ray: 7e01ec03b894694c-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

/ Show response
mvgde.mithrilminer.top/eyes-robot/
Redirect Chain

https://walthamforestpestcontrol.uk/
https://mvgde.siriusprocyon.top/?pl=wyqwIiui3U-oMKNOfTV6Dg
https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128

1 KB
921 B

132ms
46ms

Document
text/html

104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
Requested by: Host: walthamforestpestcontrol.uk
URL: https://walthamforestpestcontrol.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59a434273024c1bb3507cc5dff5bd4980fd44680e86ca69803822bc0277125ec

Request headers

Referer: https://walthamforestpestcontrol.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e01ec0ccbb730e4-FRA
content-encoding: br
content-type: text/html
date: Sat, 01 Jul 2023 22:00:28 GMT
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOnTEiuKFhVMJDB8k0XXdWjXEHDHyvrxjIbOKEQ3a9OWmkHZ6aDp9mAaRcuf6VAJFO%2FrWJC%2F4NqIEJHi48SkjGrJzqF5PW%2BkwmUz0YQ8SjK9PAzGFSJ%2BGOlMSwN0kR3k9YCYi3QHZOpT"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e01ec0be9c43807-FRA
content-length: 0
date: Sat, 01 Jul 2023 22:00:28 GMT
location: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVTm6HlTad%2BjtkUbJ%2Fx13PYPg0zz7oXPmUQh5oMYgeVt935IHAuz6bgG0907hnz6d1ueGQriI%2F7AFJ4U%2BZd3yb%2BkL0D6Cavnng7OG3HcE6K5TZWI9VrAyl0W694qr8zaK50F9a2VlRcjIg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 trls.js Show response
mvgde.mithrilminer.top/eyes-robot/assets/ 11 KB
2 KB 33ms
31ms Script
application/javascript 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mvgde.mithrilminer.top/eyes-robot/assets/trls.js
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1183
etag: W/"649c0dba-2af6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrdSLQb7PPBvfrSbDI0hnaxp5BNLsTLsuqLXW7DpYfaMK38MD3zjRMtqgOMUUHYzsuzQO67spNwzbyRJ2%2F3EOFzEnIvb86C65XvAc3rhmCFXqQ%2FzmAJGsELexL1Ra%2B4hySv469YfaeQz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e01ec0d1c1830e4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
mvgde.mithrilminer.top/eyes-robot/assets/ 3 KB
1 KB 30ms
30ms Stylesheet
text/css 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mvgde.mithrilminer.top/eyes-robot/assets/style.css
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3601
etag: W/"649c0dba-cf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sgnulaGv1EsL19eqxoW%2BIxCodGqRcuBb2BvmQ9JwCChbU%2FC3mAF%2Fnhg7eO6EiZtltT%2BICh2wjGFMI4S4Eu09JniZtcZ1XosjK8PWeNQsM3NOk3YBVK62s6ePSNtsNKKR2CIItBBZB2g"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e01ec0d1c1a30e4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 1.png
mvgde.mithrilminer.top/eyes-robot/assets/ 10 KB
11 KB 32ms
32ms Image
image/png 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mvgde.mithrilminer.top/eyes-robot/assets/1.png
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3602
etag: "649c0dba-295f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZhwjTpGTn1U%2FJ1W7ly1zqlgJe7baAfcieUmlFT0FsFa2dtpOsIlMP48%2BLmroRvSAbliFdiMxeq9KRXfiKV4pVFbMWBDF11Ci2Nnwo%2F%2F91W2h1V5GdQRKu%2FmBPAzGdR%2BOCoXJ%2BDHK%2F4U"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e01ec0d4c5930e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10591

GET
H2 200 2.png
mvgde.mithrilminer.top/eyes-robot/assets/ 1 KB
1 KB 33ms
32ms Image
image/png 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mvgde.mithrilminer.top/eyes-robot/assets/2.png
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3602
etag: "649c0dba-425"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CW4ZOEF0noD%2BlmlX75S1z006Sf5a3Co98Yvn7HXBIZQQbNOlT4r7c89vzIAqcZQFncPF%2FKFYKjDMyJ8Bve47PWJXG81c9PnUKkkUFeGahT54f80rvkpNbD2ZLjj1N2TZjH1rFXQtTfP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e01ec0d4c5d30e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1061

GET
H2 200 static-pl.js Show response
mvgde.mithrilminer.top/shared-js/assets/ 3 KB
1 KB 32ms
32ms Script
application/javascript 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mvgde.mithrilminer.top/shared-js/assets/static-pl.js
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93972bbc62d530dd23e06c5174b3e9ed4fb5719279ecef774d0a7eacf1040a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1184
etag: W/"649c0dba-bf3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAS61h3rKH3nypgh73jeNpP9tf737D5ZeQdfPlENyccvwcPDdJ4K1hNh1R9nzKLsCtpMNkhvFrsKKC7E6tnoiU%2FZOwR3nu6ZjT28%2FIJioVijgG8X9zX1%2FPlpjQMGbg%2Bn66rFsnik3IJ4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e01ec0d4c5630e4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 script.js Show response
js2json.com/ 34 KB
15 KB 167ms
52ms Script
application/javascript 157.90.27.45
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js2json.com/script.js
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.27.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.45.27.90.157.clients.your-server.de
Software: openresty /
Resource Hash: 1775c3f55747c7ed1ca2b59a49756cb3f25bdda6fdefaf2e0cfc4687350c0f2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 image.png
mvgde.mithrilminer.top/eyes-robot/assets/ 11 KB
11 KB 32ms
32ms Image
image/png 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mvgde.mithrilminer.top/eyes-robot/assets/image.png
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/eyes-robot/assets/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/eyes-robot/assets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3602
etag: "649c0dba-2b23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eQ3RsuoK2Ow69bzZ25C6wDjlz8yJhfYDOFI7Jpi4fCzd2aoZoufHtLoXd6TKYGHp03bbATXx3pZCXQB046%2FRaUtewnxR2NyEH%2FvE94WGXX0i5XYMBW6hcFwrYHzibvpuV%2FfhMV03aNW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e01ec0d4c5f30e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11043

GET
H2 200 ps.js Show response
cdnstatic.mithrilminer.top/ps/ 24 KB
9 KB 78ms
64ms Script
application/javascript 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.mithrilminer.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.mithrilminer.top
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/shared-js/assets/static-pl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcefbf98be16a355cb078767d566ed12ea16eb05e319e36d0f8df22325f8557c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpcsXmPlDigMucTMJ01G%2BtsHOB7XxZIWNb15LdCBuBYG%2BHV%2F4C0dVLHINLZlrS6G0ISQ8HWQ3S4DvYBJUOSJ%2FWcf4AfC9s6BkDC01kE02O4E4RyVqcJLOTzd7J%2Bh5fKTZ10af%2F9ZwRwmZgeF0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 7e01ec0d9cbf30e4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 config.js Show response
cdnstatic.mithrilminer.top/ps/ 364 B
710 B 40ms
40ms Script
application/javascript 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.mithrilminer.top/ps/config.js?id=wyqwIiui3U-oMKNOfTV6Dg
Requested by: Host: cdnstatic.mithrilminer.top
URL: https://cdnstatic.mithrilminer.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.mithrilminer.top
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc8f01c22a60dbb9098f8be9baa7e484bce7ec5335a6dcf02fee212202fb2045

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cxMHJ3104wj%2BQ9SZQFLzMhPnJcMkkDU2d91pYXs8PPN6lait72GJa%2FqGCIHE7pH29yu6zomjcXaTfAUUVJReVQ7GVW3l%2Brvbip4vX2eMi91Jkefxqsl2V40roGU4We0vgdMS4EhitFw3dDBxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 7e01ec0e0e283a8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.4.1/ 21 KB
7 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.4.1/firebase-app.js

Requested by

Host: cdnstatic.mithrilminer.top
URL: https://cdnstatic.mithrilminer.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.mithrilminer.top

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:57:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6763
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 30 Jun 2024 18:57:38 GMT

OPTIONS data
js2json.com/ Frame 0
0

POST data
js2json.com/ 0
0

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.4.1/ 40 KB
11 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10908
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:13:16 GMT

GET
H3 200 / Show response
mvgde.mithrilminer.top/eyes-robot/ 1 KB
884 B 36ms
35ms Document
text/html 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
Requested by: Host: cdnstatic.mithrilminer.top
URL: https://cdnstatic.mithrilminer.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.mithrilminer.top
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59a434273024c1bb3507cc5dff5bd4980fd44680e86ca69803822bc0277125ec

Request headers

Referer: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e01ec0f6fc73a8b-FRA
content-encoding: br
content-type: text/html
date: Sat, 01 Jul 2023 22:00:29 GMT
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uy1BUQJB1w98jirQHTAOBnLAAQCGkbhZ6y8CbjQYwgz4qU%2F%2B39XjP%2Fc65jpSrvVUgQ8Bkg0bVADqTVTYzdvY2meLSZ4y8XNo79TcKAxDSMRR6apsVr6hHZlQ%2BL2y3KPtNwDHeM6kD40r"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 trls.js Show response
mvgde.mithrilminer.top/eyes-robot/assets/ 11 KB
2 KB 29ms
28ms Script
application/javascript 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mvgde.mithrilminer.top/eyes-robot/assets/trls.js
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4300
etag: W/"649c0dba-2af6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sjh%2BtOfEVlNvBfCxyKU1Dyikzc%2FvDUA28Rp88v9Fub8JoQbeo83bWfAlpbu6piak5YHnBqbhXTqNmPcSxIw8GCtB%2B%2FgJWf%2BPegM9%2BkrrrNg1u037UBVJQNV2ky9ltVI61J7lAX9Mogi%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e01ec0fa8073a8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.css
mvgde.mithrilminer.top/eyes-robot/assets/ 3 KB
1 KB 29ms
29ms Stylesheet
text/css 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mvgde.mithrilminer.top/eyes-robot/assets/style.css
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4300
etag: W/"649c0dba-cf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPg5zoRhxBfh4rwYdNWDad%2B9ZPutyQcuXNo9nrNWBi78389d81n0zoywJS0Pmr90H7jNI2q5B8LrgWb4E81QTkO8cRAf%2Brl9wAIZMJ1tqNYGGSkh%2B%2F11qKWIr%2FMn13sYGd85spO1Yk3t"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e01ec0fa8083a8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 1.png
mvgde.mithrilminer.top/eyes-robot/assets/ 10 KB
11 KB 29ms
28ms Image
image/png 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mvgde.mithrilminer.top/eyes-robot/assets/1.png
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5111
etag: "649c0dba-295f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XusLPwwX7KQ4KBhFFhKj1Bn7WYpw%2FtVR36j40FszsMVG5L3bAqSUBK9fpp8zQN6lkZwGCNlQON5ZCSypb9rTcS324Q2yNu7nxxCDlmcwM7%2BjF3e2GxnWvuOFoEz2HppTr2ouDxtRDu%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e01ec0fd8343a8b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10591

GET
H3 200 2.png
mvgde.mithrilminer.top/eyes-robot/assets/ 1 KB
1 KB 29ms
28ms Image
image/png 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mvgde.mithrilminer.top/eyes-robot/assets/2.png
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5111
etag: "649c0dba-425"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wZSn8X7P6OBkHs68QJMoTqafaNEGoA8v2MmV5m%2F6XvD8vnTY0RbMhg9lVrwAQJ94DXj2hGMDkoNoMQFnoDvYIC6c3UKoMkhfiSSuO9%2FwfsdklVZK92b9WStdSRM549EaennW7uZ6Bal"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e01ec0fd8353a8b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1061

GET
H3 200 static-pl.js Show response
mvgde.mithrilminer.top/shared-js/assets/ 3 KB
1 KB 51ms
50ms Script
application/javascript 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mvgde.mithrilminer.top/shared-js/assets/static-pl.js
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93972bbc62d530dd23e06c5174b3e9ed4fb5719279ecef774d0a7eacf1040a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"649c0dba-bf3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1B3lzdaep9rkFXZrWzX2oQ376bCBZl7z%2Fj1SEgPAphelUEUq69A2S8zOUlpP4%2FmYO7%2FP58C1DRCV5htT4rUFRkKqE8VDbqumrUc6e8lpTywf7xuxYDHUHmOyODPgnzIYoCgPZ8MYxnS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e01ec0fd8323a8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 script.js Show response
js2json.com/ 34 KB
15 KB 48ms
47ms Script
application/javascript 157.90.27.45
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js2json.com/script.js
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=JoWzwvm7UkohRF8E5Ok_9A&exp=1688249128
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.27.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.45.27.90.157.clients.your-server.de
Software: openresty /
Resource Hash: 1775c3f55747c7ed1ca2b59a49756cb3f25bdda6fdefaf2e0cfc4687350c0f2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 image.png
mvgde.mithrilminer.top/eyes-robot/assets/ 11 KB
11 KB 50ms
50ms Image
image/png 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mvgde.mithrilminer.top/eyes-robot/assets/image.png
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/eyes-robot/assets/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/eyes-robot/assets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 10:38:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5111
etag: "649c0dba-2b23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mN1uOwsfJmElcKDk1dDbDxpvxFb%2Fh5tiAJIxOeQyKUzWO1ivK5gGIpfZimbam8GeLiWksEzSU2wVxof%2FozafYgATxkRug7wza9SgJUEEXE0OizGqXZ88TtbacTeEmhLtBgEJUu3dOIFb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e01ec0fd8363a8b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11043

GET
H3 200 ps.js Show response
cdnstatic.mithrilminer.top/ps/ 24 KB
9 KB 48ms
48ms Script
application/javascript 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.mithrilminer.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.mithrilminer.top
Requested by: Host: mvgde.mithrilminer.top
URL: https://mvgde.mithrilminer.top/shared-js/assets/static-pl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcefbf98be16a355cb078767d566ed12ea16eb05e319e36d0f8df22325f8557c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WgLvEeR5Z9XzCplaBHzcjOY1uQQGWIEQIj0%2BS9JsBgrnf%2BlgvHnMdr%2Bf8W8xJXlEWuwxr8sB9FRs0Sm%2FQl5UTAxpUiUL5G4rTj%2BgdRGw%2FL%2F6y%2BaR16sdnLgSfP2ubdkVhAtmV4I2XyaviW0pow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 7e01ec10287b3a8b-FRA
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 data
js2json.com/ Frame 0
0 37ms
37ms Preflight 157.90.27.45
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js2json.com/data
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.27.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.45.27.90.157.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mvgde.mithrilminer.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://mvgde.mithrilminer.top
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Sat, 01 Jul 2023 22:00:29 GMT
server: openresty
vary: Origin

POST
H2 200 data
js2json.com/ 0
0 38ms
37ms Fetch 157.90.27.45
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js2json.com/data
Requested by: Host: js2json.com
URL: https://js2json.com/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.27.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.45.27.90.157.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

Referer: https://mvgde.mithrilminer.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://mvgde.mithrilminer.top
date: Sat, 01 Jul 2023 22:00:29 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: openresty
content-length: 0
vary: Origin

GET
H3 200 config.js Show response
cdnstatic.mithrilminer.top/ps/ 364 B
676 B 38ms
38ms Script
application/javascript 104.21.19.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.mithrilminer.top/ps/config.js?id=wyqwIiui3U-oMKNOfTV6Dg
Requested by: Host: cdnstatic.mithrilminer.top
URL: https://cdnstatic.mithrilminer.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.mithrilminer.top
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc8f01c22a60dbb9098f8be9baa7e484bce7ec5335a6dcf02fee212202fb2045

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 22:00:29 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48f9Zs%2Fa9GKCEgT82aYurjc0VpVbtUpG2Q5duJtuJb9vL2qz4F%2BmWm7IdzfLPJj84A03UBCEQlXqzVCpGqpdNu4xxMnDkMI7t4JABh4xpZ3RetH0%2FsfjnUeDWK4EZmlAXmGGN8MfxUkbS6dr7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 7e01ec1078ca3a8b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.4.1/ 21 KB
7 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.4.1/firebase-app.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:57:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6763
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 30 Jun 2024 18:57:38 GMT

GET
H3 200 firebase-messaging.js
www.gstatic.com/firebasejs/8.4.1/ 40 KB
11 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mvgde.mithrilminer.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 01:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10908
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 24 Jun 2024 01:13:16 GMT

GET
H2 200 / Show response
cuyahogafallsfamilydentist.com/ 88 KB
32 KB 140ms
68ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cuyahogafallsfamilydentist.com/?u=pe7k605&o=3u0gcu2
Requested by: Host: cdnstatic.mithrilminer.top
URL: https://cdnstatic.mithrilminer.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.mithrilminer.top
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7f9125c47d17299a907c11d56d26edef69479665c383f21d3d066ffa259b912

Request headers

Referer: https://mvgde.mithrilminer.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7e01ec12edf03637-FRA
content-encoding: br
content-type: text/html
date: Sat, 01 Jul 2023 22:00:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEWPxhmtgRiaELLpwxpNbyTRomeKMq36SiQdCoBnTaulx%2FEvl6dNKYo%2BD7GOM2hFKiAeYRouhd7wMSDmbgG0tK3tHriRAxptSqj9ON%2F%2BAGQZaIsv1EFCYMTyY7L4nURRxi1y5rZyOzwDnZOwLo7zd%2FJ4KpbfqFSAGudEv8o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 frame.html Show response
cuyahogafallsfamilydentist.com/media/mainstream/ Frame 4901 39 B
707 B 62ms
61ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cuyahogafallsfamilydentist.com/media/mainstream/frame.html

Requested by

Host: cuyahogafallsfamilydentist.com
URL: https://cuyahogafallsfamilydentist.com/?u=pe7k605&o=3u0gcu2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cuyahogafallsfamilydentist.com/?u=pe7k605&o=3u0gcu2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
cf-cache-status: DYNAMIC
cf-ray: 7e01ec136ea03637-FRA
content-encoding: br
content-security-policy: block-all-mixed-content
content-type: text/html
date: Sat, 01 Jul 2023 22:00:30 GMT
expires: Sun, 30 Jun 2024 22:00:30 GMT
last-modified: Mon, 20 Feb 2023 09:34:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuJQ9FuuCMxAPM0kdhdPIS5zT7FA1MNfzDa%2BpdJKOghIpTgdyagrwpbnHJbuHA8%2FhLEJJbfkmCsd1klOnzw3ExCzsY6AC4Z%2FVyeviqmV8BYp5t1oVXV1l9b1xkPqBzVmkddSroRFtFArKN814AKMI9SDUDfmXomy9G4KU88%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Accept-Encoding
x-amz-meta-mc-attrs: atime:1676843338#351669788/gid:0/gname:root/mode:33279/mtime:1655387452#842583333/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:52.842583333Z
x-amz-request-id: 176DDCFBCA43BE31
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK article10.html
10.kingdrewhad.live/ikwruqnr/izc/gpo/yuw/reg/uur/scn/ 1 KB
2 KB 823ms
123ms Document
text/html 54.37.0.228
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://10.kingdrewhad.live/ikwruqnr/izc/gpo/yuw/reg/uur/scn/article10.html?u=pe7k605&o=3u0gcu2&f=1&sid=t2~mu5y24sebiweaamusi0n3ont&fp=lVjcc%2FTyzdq%2FTofD4Zewr5C9InGjeTjrS67wyKD3vJ2HuFc3zihxI6embgX0dQRPFekO44z%2FNpyAcpFYjyTiSPiW4wGIq5%2BG6T37o7FOYu5GB8VdHhwSPVsW%2BDAakTmHkxTzXejYXUJmTVMks5MQY4vUndoqF2kvjvtTYg0DU2VcD%2Bh5PNPRZUG1F0JYVAQUmqPaEOm%2F8ohIp5GDFKIdzhPVwvqiFsh6TuLP3WbxqHEHCSpdHB81OfMc9AQGcSfc%2BlgaPgWMBvYOL5i4lQ32F0O0n3woEWsZg4geas6G2f6MLT1HtFDhLawdkoyB0RvuYC%2BuzVF5le3ej8f4CZx%2FW2zlpI5GpaXoKVQuiM4K9JZhb%2FpChcvNh%2FHE5CzYslncWqvwzPGiyJQl7maHAKTveIRZINbMoTWVpIZewvHlns%2Bg4TQEg54kyh%2BNAvP3Negb1gyKOfYRQsBW0XSdTPgKVgZb98cjRTbgAyOZ7oNftwfSWlmAZIgygmS4AZ5Vf%2Fdnm1imxp%2FqC7ND6nTMK99YkRauMQHu%2FkLt8meKrUR1ixSX7nvhu2OhWjxfvqm4fJbyD1Wjqi9AfO9OZ%2BTuWiVIzh6I28NnCbOq5QOnVisXW90%2F9zk0suYpBnUp4TTJ4%2F4bPMpAwJYc0MAwpv4ZUO%2FmkpkTzBaX9MxHKMoJoP5n05%2BE17nl87iw5v6hRKJeZ01LdmHvI5piiiHJ68iKJEAY%2F%2BxwFsK3kLgJvm14%2Fu9S%2B%2FxrDHh%2FOB9xEV7qtTY3qwSEYEJsfpTdUeidifTaLWRd9qRP2bmM%2FlPZ7EtxYIql%2BjTFmZM9Yb3M348JPnHTgZkhc4jm%2B9KZGOWhnEV2H8KUTxJaEavkmIej12URF34hSP4Grg0dJAXNIXl2ZfDZbc4vt%2F07%2Bg4usPXkFY%2BFo4wdJave1Q92F7As7Mnh5WfbrB5ShmQvHztGeiakq1KKp82FbDi7L1u1EkQA1ErpVX6onyLGwK7A9utFEi2B%2FOPzjqwPBa52FETekFq34yCzfxn6b8VAoK%2BpDsmqj8PmI%2BsUM02rNtJg1SDLA4vZINt8hxarqeAZE0QG6mnQMlxohkAXDGMb1vcfdPU2IVapTZcd1tD1NNSwPBkXKp90CCavYsZ2cNiEI04boV%2BnhK8wR1f%2FGp39Y4uUK9crVvS5dzXRWJlldpr%2FrOvaYC0rFJAps1nAFEbgnfdyePRjGn2FMWALPBQolD4DTN5TJDqWfVRCvtAOV0Hd49pqas%2BcX0nVf2lpjOah%2FL7lWgLZ48jXy0RI2vrhscf%2FnYaFJrKUfq3rGO1RKMXcEppTkiE82eG5h7vpIqRlEop2AsACJ%2FyEeWpUhyQk4Jx36cbdHVT2q%2B6pMMgmhJ6G%2BLMR%2BJK%2BGbzVb2Ik%2Ff5GLg2qFSMNmqVHW%2B3v5tRGNEaY6GUMAJ2YQ9vooo1Az8k2UObs%2FbloHiQYWJo5e0vXzFIISn7okGdweybBd0gH%2F4lRHxHzN7v5rqh3ihxYlmnhDEjtA0JD5VHNBHpTkQuGmQ09mj0RhU8XROx2P%2BKuxoP1UCtGibU2FM71MMmzPcmY6RmaRAQT4AknTKLDP0C5eUzBfVjkSAcKkVDKM1Gm120pB1HElH5hqjFR7%2B9edNFH7Xh9aY9GzdlmC7AwaA3TG5R3FREhieXoZIJmEZmYLV3WmWqz2BFi9xvxTVkXRf7YcMAKGiTG%2FhhTMJq0U0gwRJWQy2JO7Qf84LXL26zSKDneneTlDOawlgaU%2By4GhLgWJRnISxWadBSoF83U3m8i%2F0Xv8LrA%2BEHDN%2B2bKsIwdVNmmMU4PumhTjaZZbTsxgfGZA6%2FIYp0frZPqYIbyvayWCbQFycnIy%2BfzzR5S6FCoovXAdR2PHFR0CSozimbnWIDGQ9eWpdDhKCvljxEJUZQ0tHqk6A3I7PB1xSrqP1CBetX9eoo5XwC0k2rNckvm1yET%2FV0TDMZCBcAcwKkRLsJJJFBvdSz3D0hW9seaULPKnv4m%2FTbGG%2BhhzIGUg8nlZNxmdjv15%2FGWSlHP8g%3D
Requested by: Host: cuyahogafallsfamilydentist.com
URL: https://cuyahogafallsfamilydentist.com/?u=pe7k605&o=3u0gcu2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.37.0.228 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://cuyahogafallsfamilydentist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 1413
Content-Type: text/html
Date: Sat, 01 Jul 2023 22:00:31 GMT
Server: nginx
cache-control: private

GET
H/1.1

200
OK

away.php
appcloudvalue.com/
Redirect Chain

https://10.kingdrewhad.live/web/?sid=t2~mu5y24sebiweaamusi0n3ont
https://appcloudvalue.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpb7ji6xtLUUCtaRCX47avwoA%3D%3D
https://appcloudvalue.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpb7ji6xtLUUCtaRCX47avwoA%3D%3D

257 B
408 B

35ms
35ms

Document
text/html

45.77.230.212

General

Check archive.org

Show headers Download Go to

Full URL: https://appcloudvalue.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpb7ji6xtLUUCtaRCX47avwoA%3D%3D
Requested by: Host: 10.kingdrewhad.live
URL: https://10.kingdrewhad.live/ikwruqnr/izc/gpo/yuw/reg/uur/scn/article10.html?u=pe7k605&o=3u0gcu2&f=1&sid=t2~mu5y24sebiweaamusi0n3ont&fp=lVjcc%2FTyzdq%2FTofD4Zewr5C9InGjeTjrS67wyKD3vJ2HuFc3zihxI6embgX0dQRPFekO44z%2FNpyAcpFYjyTiSPiW4wGIq5%2BG6T37o7FOYu5GB8VdHhwSPVsW%2BDAakTmHkxTzXejYXUJmTVMks5MQY4vUndoqF2kvjvtTYg0DU2VcD%2Bh5PNPRZUG1F0JYVAQUmqPaEOm%2F8ohIp5GDFKIdzhPVwvqiFsh6TuLP3WbxqHEHCSpdHB81OfMc9AQGcSfc%2BlgaPgWMBvYOL5i4lQ32F0O0n3woEWsZg4geas6G2f6MLT1HtFDhLawdkoyB0RvuYC%2BuzVF5le3ej8f4CZx%2FW2zlpI5GpaXoKVQuiM4K9JZhb%2FpChcvNh%2FHE5CzYslncWqvwzPGiyJQl7maHAKTveIRZINbMoTWVpIZewvHlns%2Bg4TQEg54kyh%2BNAvP3Negb1gyKOfYRQsBW0XSdTPgKVgZb98cjRTbgAyOZ7oNftwfSWlmAZIgygmS4AZ5Vf%2Fdnm1imxp%2FqC7ND6nTMK99YkRauMQHu%2FkLt8meKrUR1ixSX7nvhu2OhWjxfvqm4fJbyD1Wjqi9AfO9OZ%2BTuWiVIzh6I28NnCbOq5QOnVisXW90%2F9zk0suYpBnUp4TTJ4%2F4bPMpAwJYc0MAwpv4ZUO%2FmkpkTzBaX9MxHKMoJoP5n05%2BE17nl87iw5v6hRKJeZ01LdmHvI5piiiHJ68iKJEAY%2F%2BxwFsK3kLgJvm14%2Fu9S%2B%2FxrDHh%2FOB9xEV7qtTY3qwSEYEJsfpTdUeidifTaLWRd9qRP2bmM%2FlPZ7EtxYIql%2BjTFmZM9Yb3M348JPnHTgZkhc4jm%2B9KZGOWhnEV2H8KUTxJaEavkmIej12URF34hSP4Grg0dJAXNIXl2ZfDZbc4vt%2F07%2Bg4usPXkFY%2BFo4wdJave1Q92F7As7Mnh5WfbrB5ShmQvHztGeiakq1KKp82FbDi7L1u1EkQA1ErpVX6onyLGwK7A9utFEi2B%2FOPzjqwPBa52FETekFq34yCzfxn6b8VAoK%2BpDsmqj8PmI%2BsUM02rNtJg1SDLA4vZINt8hxarqeAZE0QG6mnQMlxohkAXDGMb1vcfdPU2IVapTZcd1tD1NNSwPBkXKp90CCavYsZ2cNiEI04boV%2BnhK8wR1f%2FGp39Y4uUK9crVvS5dzXRWJlldpr%2FrOvaYC0rFJAps1nAFEbgnfdyePRjGn2FMWALPBQolD4DTN5TJDqWfVRCvtAOV0Hd49pqas%2BcX0nVf2lpjOah%2FL7lWgLZ48jXy0RI2vrhscf%2FnYaFJrKUfq3rGO1RKMXcEppTkiE82eG5h7vpIqRlEop2AsACJ%2FyEeWpUhyQk4Jx36cbdHVT2q%2B6pMMgmhJ6G%2BLMR%2BJK%2BGbzVb2Ik%2Ff5GLg2qFSMNmqVHW%2B3v5tRGNEaY6GUMAJ2YQ9vooo1Az8k2UObs%2FbloHiQYWJo5e0vXzFIISn7okGdweybBd0gH%2F4lRHxHzN7v5rqh3ihxYlmnhDEjtA0JD5VHNBHpTkQuGmQ09mj0RhU8XROx2P%2BKuxoP1UCtGibU2FM71MMmzPcmY6RmaRAQT4AknTKLDP0C5eUzBfVjkSAcKkVDKM1Gm120pB1HElH5hqjFR7%2B9edNFH7Xh9aY9GzdlmC7AwaA3TG5R3FREhieXoZIJmEZmYLV3WmWqz2BFi9xvxTVkXRf7YcMAKGiTG%2FhhTMJq0U0gwRJWQy2JO7Qf84LXL26zSKDneneTlDOawlgaU%2By4GhLgWJRnISxWadBSoF83U3m8i%2F0Xv8LrA%2BEHDN%2B2bKsIwdVNmmMU4PumhTjaZZbTsxgfGZA6%2FIYp0frZPqYIbyvayWCbQFycnIy%2BfzzR5S6FCoovXAdR2PHFR0CSozimbnWIDGQ9eWpdDhKCvljxEJUZQ0tHqk6A3I7PB1xSrqP1CBetX9eoo5XwC0k2rNckvm1yET%2FV0TDMZCBcAcwKkRLsJJJFBvdSz3D0hW9seaULPKnv4m%2FTbGG%2BhhzIGUg8nlZNxmdjv15%2FGWSlHP8g%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.77.230.212 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Referer: https://10.kingdrewhad.live/ikwruqnr/izc/gpo/yuw/reg/uur/scn/article10.html?u=pe7k605&o=3u0gcu2&f=1&sid=t2~mu5y24sebiweaamusi0n3ont&fp=lVjcc%2FTyzdq%2FTofD4Zewr5C9InGjeTjrS67wyKD3vJ2HuFc3zihxI6embgX0dQRPFekO44z%2FNpyAcpFYjyTiSPiW4wGIq5%2BG6T37o7FOYu5GB8VdHhwSPVsW%2BDAakTmHkxTzXejYXUJmTVMks5MQY4vUndoqF2kvjvtTYg0DU2VcD%2Bh5PNPRZUG1F0JYVAQUmqPaEOm%2F8ohIp5GDFKIdzhPVwvqiFsh6TuLP3WbxqHEHCSpdHB81OfMc9AQGcSfc%2BlgaPgWMBvYOL5i4lQ32F0O0n3woEWsZg4geas6G2f6MLT1HtFDhLawdkoyB0RvuYC%2BuzVF5le3ej8f4CZx%2FW2zlpI5GpaXoKVQuiM4K9JZhb%2FpChcvNh%2FHE5CzYslncWqvwzPGiyJQl7maHAKTveIRZINbMoTWVpIZewvHlns%2Bg4TQEg54kyh%2BNAvP3Negb1gyKOfYRQsBW0XSdTPgKVgZb98cjRTbgAyOZ7oNftwfSWlmAZIgygmS4AZ5Vf%2Fdnm1imxp%2FqC7ND6nTMK99YkRauMQHu%2FkLt8meKrUR1ixSX7nvhu2OhWjxfvqm4fJbyD1Wjqi9AfO9OZ%2BTuWiVIzh6I28NnCbOq5QOnVisXW90%2F9zk0suYpBnUp4TTJ4%2F4bPMpAwJYc0MAwpv4ZUO%2FmkpkTzBaX9MxHKMoJoP5n05%2BE17nl87iw5v6hRKJeZ01LdmHvI5piiiHJ68iKJEAY%2F%2BxwFsK3kLgJvm14%2Fu9S%2B%2FxrDHh%2FOB9xEV7qtTY3qwSEYEJsfpTdUeidifTaLWRd9qRP2bmM%2FlPZ7EtxYIql%2BjTFmZM9Yb3M348JPnHTgZkhc4jm%2B9KZGOWhnEV2H8KUTxJaEavkmIej12URF34hSP4Grg0dJAXNIXl2ZfDZbc4vt%2F07%2Bg4usPXkFY%2BFo4wdJave1Q92F7As7Mnh5WfbrB5ShmQvHztGeiakq1KKp82FbDi7L1u1EkQA1ErpVX6onyLGwK7A9utFEi2B%2FOPzjqwPBa52FETekFq34yCzfxn6b8VAoK%2BpDsmqj8PmI%2BsUM02rNtJg1SDLA4vZINt8hxarqeAZE0QG6mnQMlxohkAXDGMb1vcfdPU2IVapTZcd1tD1NNSwPBkXKp90CCavYsZ2cNiEI04boV%2BnhK8wR1f%2FGp39Y4uUK9crVvS5dzXRWJlldpr%2FrOvaYC0rFJAps1nAFEbgnfdyePRjGn2FMWALPBQolD4DTN5TJDqWfVRCvtAOV0Hd49pqas%2BcX0nVf2lpjOah%2FL7lWgLZ48jXy0RI2vrhscf%2FnYaFJrKUfq3rGO1RKMXcEppTkiE82eG5h7vpIqRlEop2AsACJ%2FyEeWpUhyQk4Jx36cbdHVT2q%2B6pMMgmhJ6G%2BLMR%2BJK%2BGbzVb2Ik%2Ff5GLg2qFSMNmqVHW%2B3v5tRGNEaY6GUMAJ2YQ9vooo1Az8k2UObs%2FbloHiQYWJo5e0vXzFIISn7okGdweybBd0gH%2F4lRHxHzN7v5rqh3ihxYlmnhDEjtA0JD5VHNBHpTkQuGmQ09mj0RhU8XROx2P%2BKuxoP1UCtGibU2FM71MMmzPcmY6RmaRAQT4AknTKLDP0C5eUzBfVjkSAcKkVDKM1Gm120pB1HElH5hqjFR7%2B9edNFH7Xh9aY9GzdlmC7AwaA3TG5R3FREhieXoZIJmEZmYLV3WmWqz2BFi9xvxTVkXRf7YcMAKGiTG%2FhhTMJq0U0gwRJWQy2JO7Qf84LXL26zSKDneneTlDOawlgaU%2By4GhLgWJRnISxWadBSoF83U3m8i%2F0Xv8LrA%2BEHDN%2B2bKsIwdVNmmMU4PumhTjaZZbTsxgfGZA6%2FIYp0frZPqYIbyvayWCbQFycnIy%2BfzzR5S6FCoovXAdR2PHFR0CSozimbnWIDGQ9eWpdDhKCvljxEJUZQ0tHqk6A3I7PB1xSrqP1CBetX9eoo5XwC0k2rNckvm1yET%2FV0TDMZCBcAcwKkRLsJJJFBvdSz3D0hW9seaULPKnv4m%2FTbGG%2BhhzIGUg8nlZNxmdjv15%2FGWSlHP8g%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 01 Jul 2023 22:00:31 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 01 Jul 2023 22:00:31 GMT
Location: /away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpb7ji6xtLUUCtaRCX47avwoA%3D%3D
Server: openresty
Transfer-Encoding: chunked

GET
H2 200 Primary Request details
play.google.com/store/apps/ 857 KB
150 KB 297ms
92ms Document
text/html 2a00:1450:4001:830::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/store/apps/details?id=com.tinder

Requested by

Host: appcloudvalue.com
URL: https://appcloudvalue.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpb7ji6xtLUUCtaRCX47avwoA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport script-src 'report-sample' 'nonce-3DEpXWXc0eATBgO2OScbfA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://clients2.google.com https://payments.sandbox.google.com https://payments.google.com https://maps.googleapis.com https://translate.googleapis.com https://translate.google.com https://support.google.com https://www.gstatic.cn https://families.google.com https://clients1.google.com https://myaccount.google.com https://accounts.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport script-src 'report-sample' 'nonce-3DEpXWXc0eATBgO2OScbfA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://clients2.google.com https://payments.sandbox.google.com https://payments.google.com https://maps.googleapis.com https://translate.googleapis.com https://translate.google.com https://support.google.com https://www.gstatic.cn https://families.google.com https://clients1.google.com https://myaccount.google.com https://accounts.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-site
date: Sat, 01 Jul 2023 22:00:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 204 cspreport
play.google.com/_/PlayStoreUi/ 0
214 B 49ms
49ms Other
text/html 2a00:1450:4001:830::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/_/PlayStoreUi/cspreport

Requested by

Host: walthamforestpestcontrol.uk
URL: https://walthamforestpestcontrol.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport, script-src 'report-sample' 'nonce-7d_YHEf2jM59qmSkRYPs7w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://clients2.google.com https://payments.sandbox.google.com https://payments.google.com https://maps.googleapis.com https://translate.googleapis.com https://translate.google.com https://support.google.com https://www.gstatic.cn https://families.google.com https://clients1.google.com https://myaccount.google.com https://accounts.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://play.google.com/store/apps/details?id=com.tinder
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 01 Jul 2023 22:00:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport, script-src 'report-sample' 'nonce-7d_YHEf2jM59qmSkRYPs7w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://clients2.google.com https://payments.sandbox.google.com https://payments.google.com https://maps.googleapis.com https://translate.googleapis.com https://translate.google.com https://support.google.com https://www.gstatic.cn https://families.google.com https://clients1.google.com https://myaccount.google.com https://accounts.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin-allow-popups
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET m=_b,_tp,_r
www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.de.WEMFTuxyRng.2021.O/am=xuVh9ENAm19sAQ/d=1/excm=_b,_r,_tp,appdetailsview/ed=1/dg=0/wt=2/ujg=1/rs=AB1caFVacmb-1cFyMrQGMrXXZSwAC6eVgQ/ 0
0

GET logo_avatar_anonymous_color_1x_web_32dp.png
fonts.gstatic.com/s/i/productlogos/avatar_anonymous/v4/web-32dp/ 0
0

GET fDpoqIbZ884ylRnMK8Lx9Fu4DsLQk5yt4f9WkxeOAPpGnzc9BTi_YKkMsLvoMdx7Uzg=w240-h480-rw
play-lh.googleusercontent.com/ 0
0

GET rz5pvuMQnBEVfxyPTplkMeGp3PzBLaNKQnbpC85tMM_DDPFrkAfqncW7TYekAnxo8r5goMNJBkCAYndVAUg=w48-h16-rw
play-lh.googleusercontent.com/ 0
0

GET xOy2Z3uQ52wH37-6KRD1EGtoPaBUtEgAIzc1I9ZRY4xPkyAG3z6XrecjE98cPvVXHLM=w526-h296-rw
play-lh.googleusercontent.com/ 0
0

GET uVoPW59IYjG-5sdNHZa13Dwa4KDNyKru9irgzkBrItbutFL2gINz3h-bwhI8stmcXQ=w526-h296-rw
play-lh.googleusercontent.com/ 0
0

GET e67gNQOVVuGCc9nlVNFwU7NBYIKuCCDL7H77f2Ullbvfof6qezIDVcpZvsRSpWaDIRY=w526-h296-rw
play-lh.googleusercontent.com/ 0
0

GET fWw1KwKsR56C_nTXVusQCs9FFFUUpqm4H7FW0u1YxrDlCixC0retRsS4ONN0XJBc1A=w526-h296-rw
play-lh.googleusercontent.com/ 0
0

GET ATzsJ3aXv_2VKpHCWif84UdvnO_gcNPnnuDDY7JwJbremi4rroR-zMlQzrR4AsHb208=w526-h296-rw
play-lh.googleusercontent.com/ 0
0

GET tp-kYXccKK_BB8mHG0UcULMQ3MlWv9748hnYYRe2nKQQRxGmg9vxSdSSY8IizHuxbhE=w526-h296-rw
play-lh.googleusercontent.com/ 0
0

GET y8ihoadwxsqnR8UucGDjDrXcsGy6tZ1s1oBAj4x9J4vGQNjaScbEIaeE_u5bxlbVJig=w526-h296-rw
play-lh.googleusercontent.com/ 0
0

GET YF4gN30Jilfh5C01yrQITYSUQtoTmaptIjL0oXAFOG0ds8Ic2v_b53c7uhmbkJr9Mdgu=w526-h296-rw
play-lh.googleusercontent.com/ 0
0

GET iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw
play-lh.googleusercontent.com/ 0
0

GET 12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw
play-lh.googleusercontent.com/ 0
0

GET W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw
play-lh.googleusercontent.com/ 0
0

GET ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw
play-lh.googleusercontent.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js2json.com
URL: https://js2json.com/data

Domain: js2json.com
URL: https://js2json.com/data

Domain: www.gstatic.com
URL: https://www.gstatic.com/_/boq-play/_/js/k=boq-play.PlayStoreUi.de.WEMFTuxyRng.2021.O/am=xuVh9ENAm19sAQ/d=1/excm=_b,_r,_tp,appdetailsview/ed=1/dg=0/wt=2/ujg=1/rs=AB1caFVacmb-1cFyMrQGMrXXZSwAC6eVgQ/m=_b,_tp,_r

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/i/productlogos/avatar_anonymous/v4/web-32dp/logo_avatar_anonymous_color_1x_web_32dp.png

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/fDpoqIbZ884ylRnMK8Lx9Fu4DsLQk5yt4f9WkxeOAPpGnzc9BTi_YKkMsLvoMdx7Uzg=w240-h480-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/rz5pvuMQnBEVfxyPTplkMeGp3PzBLaNKQnbpC85tMM_DDPFrkAfqncW7TYekAnxo8r5goMNJBkCAYndVAUg=w48-h16-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/xOy2Z3uQ52wH37-6KRD1EGtoPaBUtEgAIzc1I9ZRY4xPkyAG3z6XrecjE98cPvVXHLM=w526-h296-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/uVoPW59IYjG-5sdNHZa13Dwa4KDNyKru9irgzkBrItbutFL2gINz3h-bwhI8stmcXQ=w526-h296-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/e67gNQOVVuGCc9nlVNFwU7NBYIKuCCDL7H77f2Ullbvfof6qezIDVcpZvsRSpWaDIRY=w526-h296-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/fWw1KwKsR56C_nTXVusQCs9FFFUUpqm4H7FW0u1YxrDlCixC0retRsS4ONN0XJBc1A=w526-h296-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/ATzsJ3aXv_2VKpHCWif84UdvnO_gcNPnnuDDY7JwJbremi4rroR-zMlQzrR4AsHb208=w526-h296-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/tp-kYXccKK_BB8mHG0UcULMQ3MlWv9748hnYYRe2nKQQRxGmg9vxSdSSY8IizHuxbhE=w526-h296-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/y8ihoadwxsqnR8UucGDjDrXcsGy6tZ1s1oBAj4x9J4vGQNjaScbEIaeE_u5bxlbVJig=w526-h296-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/YF4gN30Jilfh5C01yrQITYSUQtoTmaptIjL0oXAFOG0ds8Ic2v_b53c7uhmbkJr9Mdgu=w526-h296-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/iFstqoxDElUVv4T3KxkxP3OTcuFvWF5ZQQjT7aIxy4n2uaVigCCykxeG6EZV9FQ10X1itPj1oORm=s20-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/12USW7aflgz466ifDehKTnMoAep_VHxDmKJ6jEBoDZWCSefOC-ThRX14Mqe0r8KF9XCzrpMqJts=s20-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/W5DPtvB8Fhmkn5LbFZki_OHL3ZI1Rdc-AFul19UK4f7np2NMjLE5QquD6H0HAeEJ977u3WH4yaQ=s20-rw

Domain: play-lh.googleusercontent.com
URL: https://play-lh.googleusercontent.com/ohRyQRA9rNfhp7xLW0MtW1soD8SEX45Oec7MyH3FaxtukWUG_6GKVpvh3JiugzryLi7Bia02HPw=s20-rw

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
walthamforestpestcontrol.uk/	1970-01-20 21:43:04	Name: antibot_uid Value: 5602886b82d0eecd3ee120c8fd405429
walthamforestpestcontrol.uk/	1970-01-20 13:11:52	Name: antibot_country Value: DE
walthamforestpestcontrol.uk/	1970-01-20 13:11:52	Name: antibot_lang Value: de
walthamforestpestcontrol.uk/	1970-01-20 13:11:52	Name: antibot_ptr Value: 2001%3A1b60%3A0002%3A0240%3A3247%3A0000%3A0000%3A0003
.yadro.ru/	1970-01-20 21:43:01	Name: FTID Value: 1aeA7x3aQ_8b1aeA7x001NlV
.yadro.ru/	1970-01-20 21:43:01	Name: VID Value: 0196y90DASub1aeA7x001Nm0
walthamforestpestcontrol.uk/	1970-01-20 13:11:52	Name: antibot_035697f1de2f4d50360aed1cfa93b03f Value: ee65b7c2d766d92f6a4513c05164cd34
walthamforestpestcontrol.uk/	1970-01-20 12:58:55	Name: antibot_referer Value: https%3A%2F%2Fwalthamforestpestcontrol.uk%2F
walthamforestpestcontrol.uk/	1970-01-20 12:58:55	Name: antibot_hits Value: 2
walthamforestpestcontrol.uk/	1970-01-20 12:58:55	Name: antibot_unique_20230702 Value: 1
mvgde.siriusprocyon.top/	1970-01-20 13:03:14	Name: wyqwIiui3U-oMKNOfTV6Dg Value: 5
mvgde.siriusprocyon.top/	1970-01-20 22:33:28	Name: __pl Value: 9fa558c2-3012-44b0-a72b-94b72dfa3169
mvgde.siriusprocyon.top/	1970-01-20 12:57:32	Name: __cap Value: 1
cdnstatic.mithrilminer.top/	1970-01-20 22:33:28	Name: __psu Value: c8f96bbd-1b51-466d-9d3b-3afde6f3a4ac
cuyahogafallsfamilydentist.com/	1969-12-31 23:59:59	Name: sid Value: t2~mu5y24sebiweaamusi0n3ont
cuyahogafallsfamilydentist.com/	1969-12-31 23:59:59	Name: p1 Value: https://kingdrewhad.live/ikwruqnr/
cuyahogafallsfamilydentist.com/	1969-12-31 23:59:59	Name: s1 Value: sa3pisuxwg61jlfl

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10.kingdrewhad.live
appcloudvalue.com
cdnstatic.mithrilminer.top
counter.yadro.ru
cuyahogafallsfamilydentist.com
fonts.gstatic.com
js2json.com
mvgde.mithrilminer.top
mvgde.siriusprocyon.top
play-lh.googleusercontent.com
play.google.com
walthamforestpestcontrol.uk
www.gstatic.com
fonts.gstatic.com
js2json.com
play-lh.googleusercontent.com
www.gstatic.com
104.21.19.138
104.21.45.58
157.90.27.45
2606:4700:3034::ac43:a3d6
2a00:1450:4001:829::2003
2a00:1450:4001:830::200e
2a06:98c1:3121::3
45.77.230.212
54.37.0.228
88.212.201.198
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
1775c3f55747c7ed1ca2b59a49756cb3f25bdda6fdefaf2e0cfc4687350c0f2f
29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b
59a434273024c1bb3507cc5dff5bd4980fd44680e86ca69803822bc0277125ec
8b282aaeb437645b96b015205899e4d30558718e2e5f26e15bb3c5299d9822b1
93972bbc62d530dd23e06c5174b3e9ed4fb5719279ecef774d0a7eacf1040a18
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
bc8f01c22a60dbb9098f8be9baa7e484bce7ec5335a6dcf02fee212202fb2045
bcefbf98be16a355cb078767d566ed12ea16eb05e319e36d0f8df22325f8557c
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
d7f9125c47d17299a907c11d56d26edef69479665c383f21d3d066ffa259b912
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

play.google.com Open in urlscan Pro 2a00:1450:4001:830::200e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

64 %HTTPS

40 %IPv6

11 Domains

13 Subdomains

10 IPs

5 Countries

331 kBTransfer

1271 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

play.google.com Open in urlscan Pro
2a00:1450:4001:830::200e Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

64 %
HTTPS

40 %
IPv6

11
Domains

13
Subdomains

10
IPs

5
Countries

331 kB
Transfer

1271 kB
Size

17
Cookies

53 HTTP transactions
0 data transactions