foreverquote.xyz Open in urlscan Pro
188.114.97.3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request t17.php Show response foreverquote.xyz/brkt/	47 KB 16 KB	120ms 49ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://foreverquote.xyz/brkt/t17.php Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0721f51826a9cea9d3bc6cc2d224fa1cc39d9c5216bbb3a5e26cad2242aa1b48 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 94529a5dad5c0bd5-AMS content-encoding zstd content-type text/html; charset=UTF-8 date Sun, 25 May 2025 05:23:50 GMT nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} priority u=0,i report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=wKxCY1YgBFCLSqRda1AIn69NbnvxC2SK35XzxmLgtmVxTBEMRni6oNiWF1t63EeRfNDO1rvliHZqFn3pzV6vOsOBLeOHrs%2BpBTHkhCotQOc%3D"}]} server cloudflare server-timing cfExtPri vary Accept-Encoding
GET H2	200	tag.min.js Show response madurird.com/	100 KB 43 KB	140ms 39ms	Script application/javascript	139.45.197.106 RETN-AS RETN Limited
General Check archive.org Show headers Download Go to Full URL https://madurird.com/tag.min.js Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/brkt/t17.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.106 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB), Reverse DNS Software nginx / Resource Hash ea3540ede064dc49d98b9162c836d013a7a47e712f14cd155da2cdd2d4caaded Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers access-control-max-age 86400 content-encoding gzip access-control-allow-methods GET, POST, OPTIONS x-content-type-options nosniff expires Tue, 11 Jan 1994 10:00:00 GMT date Sun, 25 May 2025 05:23:50 GMT content-type application/javascript access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon strict-transport-security max-age=1 cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin *, * accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version pragma no-cache access-control-allow-credentials true x-trace-id 1b37fb5316f7104174c4c9a454be11f6 access-control-allow-origin * server nginx
GET H2	200	clappr.min.js Show response cdn.jsdelivr.net/npm/@clappr/player@0.8/dist/	616 KB 159 KB	67ms 29ms	Script application/javascript	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@clappr/player@0.8/dist/clappr.min.js Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/brkt/t17.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f0243f6e2395c077f4ae46ae4b1d969090d64106387b45cb39a28bbdb07e6752 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers access-control-expose-headers * content-encoding br etag W/"9a048-VUE4kN104YCisqBJlMQIdr2LF2k" age 2690 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Sun, 25 May 2025 05:23:50 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-eddf8230058-FRA, cache-ams2100122-AMS vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 162561 x-jsd-version 0.8.0
GET H2	200	p2p-engine.min.js Show response cdn.jsdelivr.net/npm/@swarmcloud/hls/	198 KB 62 KB	51ms 13ms	Script application/javascript	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@swarmcloud/hls/p2p-engine.min.js Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/brkt/t17.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3f45647a0cf7ff700978e1efc4d956c4456494f6a01479b387af0095a95ceaf5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers access-control-expose-headers * content-encoding br etag W/"318fe-MUV6haUGN+d/Umuas5b9AvQbFfE" age 22984 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Sun, 25 May 2025 05:23:50 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-eddf8230149-FRA, cache-ams2100122-AMS vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 62949 x-jsd-version 2.14.4
GET H2	200	level-selector.min.js Show response cdn.jsdelivr.net/clappr.level-selector/latest/	9 KB 3 KB	53ms 15ms	Script application/javascript	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/brkt/t17.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers access-control-expose-headers * content-encoding br etag W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw" age 2219537 x-content-type-options nosniff alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Sun, 25 May 2025 05:23:50 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-eddf8230115-FRA, cache-ams2100122-AMS vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 3219
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	61ms 23ms	Script text/javascript	2606:4700:10::6814:746 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: foreverquote.xyz URL: https://foreverquote.xyz/brkt/t17.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:746 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers cache-control max-age=28800 content-encoding gzip cf-cache-status HIT etag "-375139978" age 22060 cf-ray 94529a5eddce299d-AMS accept-ranges bytes content-length 4547 date Sun, 25 May 2025 05:23:50 GMT content-type text/javascript last-modified Thu, 16 Apr 2020 10:44:16 GMT vary Accept-Encoding server cloudflare
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	52 B 186 B	299ms 99ms	Script text/html	149.56.240.130 OVH OVH SAS
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?3451427&@f16&@g1&@h1&@i1&@j1748150630269&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@tnl-NL&@u1600&@b1:45839127&@b3:1748150630&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fforeverquote.xyz%2Fbrkt%2Ft17.php&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 149.56.240.130 Montreal, Canada, ASN16276 (OVH OVH SAS, FR), Reverse DNS ns534298.ip-149-56-240.net Software / Resource Hash f83d06e0bde6568debe9c8ae28bc6ebb461aadb6489142f72b1c2ab05ff41775 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers Content-Length 52 Date Sun, 25 May 2025 05:23:50 GMT Content-Type text/html;charset=UTF-8 Connection close
POST H2	200	/ Show response oamsedsaiph.net/5/9180103/	4 KB 3 KB	370ms 27ms	XHR application/json	139.45.195.9 RETN-AS RETN Limited
General Check archive.org Show headers Download Go to Full URL https://oamsedsaiph.net/5/9180103/?oo=1&js_build=iclick-v1.1138.0&dmn=madurird.com&tt=2&ix=0 Requested by Host: madurird.com URL: https://madurird.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.9 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB), Reverse DNS Software nginx / Resource Hash 8119348d974707ae23f5557a67733509685b4d5c1130e9942d8c2e67652a4315 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://foreverquote.xyz/ Response headers access-control-max-age 86400 content-encoding gzip access-control-allow-methods GET, POST, OPTIONS expires Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT date Sun, 25 May 2025 05:23:50 GMT content-type application/json access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon link <https://my.rtmark.net>; rel="preconnect dns-prefetch" cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version pragma no-cache, no-cache access-control-allow-credentials true x-trace-id 01f881678b590f0fcee20681ee02b6c0 access-control-allow-origin https://foreverquote.xyz server nginx
GET H/1.1	404 Not Found	index.m3u8 Show response foz.foreverquote.site/h17/	10 B 0	429ms 429ms	XHR text/plain
General Check archive.org Show headers Download Go to Full URL https://foz.foreverquote.site/h17/index.m3u8 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/@clappr/player@0.8/dist/clappr.min.js Protocol HTTP/1.1 Server -, , ASN (), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers Access-Control-Expose-Headers Server, range, X-Run-Time, X-Sid, Content-Length, Location Cache-Control no-cache Pragma no-cache Connection keep-alive Access-Control-Allow-Methods GET, PUT, DELETE, OPTIONS Access-Control-Allow-Origin * Content-Length 10 Date Sun, 25 May 2025 05:23:50 GMT Server nginx/1.18.0 (Ubuntu) Access-Control-Allow-Headers x-vsaas-session, x-no-redirect, origin, authorization, accept, range, content-type, x-add-effective, session, x-originator, x-sid
GET H3	404	favicon.ico foreverquote.xyz/	796 B 959 B	24ms 24ms	Other text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://foreverquote.xyz/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/brkt/t17.php Response headers cache-control private, no-cache, no-store, must-revalidate, max-age=0 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding zstd cf-cache-status DYNAMIC pragma no-cache report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2GjpteYDf8t4nNCr2l7rgFJi%2BxKsnw0Uxhw%2BBtb90wgAgNIOLRe8qerU9UcDS5l9QS8btoDBF2Azh4xVTeqQvtHEnQPjvHHoa22ng6GCnNc%3D"}]} cf-ray 94529a614fb50bd5-AMS alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sun, 25 May 2025 05:23:50 GMT content-type text/html server cloudflare priority u=1,i
GET H2	200	gid.js Show response my.rtmark.net/	65 B 588 B	128ms 25ms	XHR application/json	2606:4700:4400::ac40:92ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?userId=0081d46034af45c6edd0387091ecae9e Requested by Host: madurird.com URL: https://madurird.com/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:92ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ecb90aad6876e9441f96f4fbf0cd90cc79bfa508bf431cf80f8dc1c7db0b4269 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers strict-transport-security max-age=1 access-control-expose-headers Authorization timing-allow-origin * content-encoding gzip cf-cache-status DYNAMIC access-control-allow-credentials true access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE x-content-type-options nosniff cf-ray 94529a64986bef92-AMS access-control-allow-origin https://foreverquote.xyz alt-svc h3=":443"; ma=86400 date Sun, 25 May 2025 05:23:51 GMT content-type application/json; charset=utf-8 server cloudflare access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
GET H2	202	/ madurird.com/	0 0	28ms 23ms	Fetch	139.45.197.106 RETN-AS RETN Limited
General Check archive.org Show headers Download Go to Full URL https://madurird.com/?rb=hta0bKq2HCHFRzfVHesCpUlFUO56Tp9Der0SUgDA8AdTENvhe37TEGEVAG5Ueoz5ct7aPfnJtMW2sPs1sY2i3YgORXGKMyUrgoHiVVhgNQ1BfpAxYfW9Aa4aAiAsBay0g7jCTBASRHEj8S3tVmEj9kvkWDWTnc2489CDiE3quYdyY5LXIxNAYQgKHH5pfO1uVE3ux1B1QLfvfM3vamAonf6HLcq41wvdvEayTVlJZX-jDzztGrd1UqxxRnZLXzOnzYnZJRi4nIbqMSk_B9C-Gjg8aLDG_tgCMuVsCca0eUICA9BNPdGjHCG2F7-d2MC6nb5QIXGD1ogjRljO&request_ab2=0&zoneid=9180103&js_build=iclick-v1.1138.0&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1285&sah=1200&wx=490&wy=490&cw=1600&wfc=1&pl=https%3A%2F%2Fforeverquote.xyz%2Fbrkt%2Ft17.php&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FAmsterdam&bto=-120&tt=2&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.1138.0&navlng=nl-NL&vsbl=true&pnt=0&pnrc=0&bml=1&bmi=1&bs=6b42ea99-3e23-44bd-b46f-53c98269b821&wasm=1&userId=0081d46034af45c6edd0387091ecae9e&is_mobile=false&m=link Requested by Host: madurird.com URL: https://madurird.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.106 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB), Reverse DNS Software nginx / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Referer https://foreverquote.xyz/ Response headers access-control-max-age 86400 cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version pragma no-cache access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS x-trace-id c7216821e2a8e059771bc61415e74f98 expires Tue, 11 Jan 1994 10:00:00 GMT access-control-allow-origin https://foreverquote.xyz content-length 0 date Sun, 25 May 2025 05:23:51 GMT server nginx access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| BLOCKED_URL string| FORWARDING_URL string| b object| _Hasync object| v9nnfvc966e string| key object| gmd10fqtosm object| zfgformats object| zfgdlpopup function| chfh function| chfh2 string| _HST_cntval object| Histats object| Clappr function| Zepto function| $ function| P2PEngineHls function| P2pEngineHls function| LevelSelector object| p2pConfig object| player object| __ds3dcv__ object| i1jaj1t6zz object| zfgstorage function| onClickTrigger boolean| zfgloadedpopup object| _HistatsCounterGraphics_0_setValues boolean| zfgonclickfirst function| _9ktjdd1jrjp object| syncCallbacks string| isSyncing

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			foreverquote.xyz/	1970-01-21 14:21:26	Name: HstCfa3451427 Value: 1748150630269
			foreverquote.xyz/	1970-01-21 14:21:26	Name: HstCla3451427 Value: 1748150630269
			foreverquote.xyz/	1970-01-21 14:21:26	Name: HstCmu3451427 Value: 1748150630269
			foreverquote.xyz/	1970-01-21 14:21:26	Name: HstPn3451427 Value: 1
			foreverquote.xyz/	1970-01-21 14:21:26	Name: HstPt3451427 Value: 1
			foreverquote.xyz/	1970-01-21 14:21:26	Name: HstCnv3451427 Value: 1
			foreverquote.xyz/	1970-01-21 14:21:26	Name: HstCns3451427 Value: 1
			oamsedsaiph.net/	1970-01-21 14:21:26	Name: OAID Value: 0081d46034af45c6edd0387091ecae9e
			oamsedsaiph.net/	1970-01-21 14:21:26	Name: oaidts Value: 1748150630
			my.rtmark.net/	1970-01-21 14:21:26	Name: ID Value: 0081d46034af45c6edd0387091ecae9e
			foreverquote.xyz/	1970-01-21 05:35:50	Name: prefetchAd_9180103 Value: true
			madurird.com/	1970-01-21 14:21:26	Name: OAID Value: 0081d46034af45c6edd0387091ecae9e
			madurird.com/	1970-01-21 14:21:26	Name: oaidts Value: 1748150631
			madurird.com/	1970-01-21 05:45:55	Name: syncedCookie Value: true

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://foreverquote.xyz/brkt/t17.php Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B0F0016C050000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://foreverquote.xyz/brkt/t17.php Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B01C006C050000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://foreverquote.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://foreverquote.xyz/brkt/t17.php Message: [GroupMarkerNotSet(crbug.com/242999)!:A04073036C050000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://foz.foreverquote.site/h17/index.m3u8 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
foreverquote.xyz
madurird.com
my.rtmark.net
oamsedsaiph.net
s10.histats.com
s4.histats.com
139.45.195.9
139.45.197.106
149.56.240.130
188.114.97.3
2606:4700:10::6814:746
2606:4700:4400::ac40:92ea
2a04:4e42:400::485
0721f51826a9cea9d3bc6cc2d224fa1cc39d9c5216bbb3a5e26cad2242aa1b48
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3f45647a0cf7ff700978e1efc4d956c4456494f6a01479b387af0095a95ceaf5
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b
8119348d974707ae23f5557a67733509685b4d5c1130e9942d8c2e67652a4315
c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400
ea3540ede064dc49d98b9162c836d013a7a47e712f14cd155da2cdd2d4caaded
ecb90aad6876e9441f96f4fbf0cd90cc79bfa508bf431cf80f8dc1c7db0b4269
f0243f6e2395c077f4ae46ae4b1d969090d64106387b45cb39a28bbdb07e6752
f83d06e0bde6568debe9c8ae28bc6ebb461aadb6489142f72b1c2ab05ff41775