urlscan.io logo urlscan.io
SecurityTrails logo

kambistories.cyou Open in urlscan Pro
2a02:4780:11:1120:0:2032:81f1:7  Public Scan

Go To Rescan Add Verdict Report
URL: https://kambistories.cyou/
Submission: On December 08 via manual from AE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 33 HTTP transactions. The main IP is 2a02:4780:11:1120:0:2032:81f1:7, located in Mumbai, India and belongs to AS-HOSTINGER, CY. The main domain is kambistories.cyou.
TLS certificate: Issued by R3 on November 22nd 2023. Valid for: 3 months.
This is the only time kambistories.cyou was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2a02:4780:11:... 47583 (AS-HOSTINGER)
2 192.243.59.13 39572 (ADVANCEDH...)
1 3 185.94.236.245 42567 (MOJHOST-EU)
1 204.11.56.48 ()
2 2a00:1178:1:4... 35415 (WEBZILLA)
2 7 2a00:1178:1:4... 35415 (WEBZILLA)
4 67.216.91.19 35415 (WEBZILLA)
2 67.216.91.5 35415 (WEBZILLA)
1 205.185.216.42 20446 (STACKPATH...)
1 192.0.77.48 2635 (AUTOMATTIC)
33 11
11    2a02:4780:11:1120:0:2032:81f1:7 (Mumbai, India)

ASN47583 (AS-HOSTINGER, CY)
kambistories.cyou
2    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
flickerbridge.com
3    185.94.236.245 (Netherlands)

ASN42567 (MOJHOST-EU, NL)
poweredby.jads.co
1    204.11.56.48 (None, )

ASN- ()
illfated-feed.com
2    2a00:1178:1:4b::1a (Netherlands)

ASN35415 (WEBZILLA, NL)
crafty-math.com
7    2a00:1178:1:4b::19 (Netherlands)

ASN35415 (WEBZILLA, NL)
crookedchange.com
4    67.216.91.19 (United States)

ASN35415 (WEBZILLA, NL)
www.lavish-brilliant.pro
2    67.216.91.5 (United States)

ASN35415 (WEBZILLA, NL)
10945-2.s.cdn15.com
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
i.jads.co
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
Apex Domain
Subdomains		 Transfer
11 kambistories.cyou
kambistories.cyou
171 KB
7 crookedchange.com
crookedchange.com
62 KB
4 lavish-brilliant.pro
www.lavish-brilliant.pro
106 KB
4 jads.co
poweredby.jads.co — Cisco Umbrella Rank: 39089
i.jads.co — Cisco Umbrella Rank: 89744
526 KB
2 cdn15.com
10945-2.s.cdn15.com — Cisco Umbrella Rank: 283313
97 KB
2 crafty-math.com
crafty-math.com
14 KB
2 flickerbridge.com
flickerbridge.com
1 w.org
s.w.org — Cisco Umbrella Rank: 3043
2 KB
1 illfated-feed.com
illfated-feed.com
33 9
Domain Requested by
11 kambistories.cyou kambistories.cyou
7 crookedchange.com 2 redirects kambistories.cyou
crookedchange.com
4 www.lavish-brilliant.pro crafty-math.com
crookedchange.com
3 poweredby.jads.co 1 redirects kambistories.cyou
poweredby.jads.co
2 10945-2.s.cdn15.com kambistories.cyou
2 crafty-math.com kambistories.cyou
crafty-math.com
2 flickerbridge.com kambistories.cyou
1 s.w.org kambistories.cyou
1 i.jads.co poweredby.jads.co
1 illfated-feed.com kambistories.cyou
33 10

This site contains no links.

Subject Issuer Validity Valid
kambistories.cyou
R3		 2023-11-22 -
2024-02-20		 3 months crt.sh
flickerbridge.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
illfated-feed.com
ZeroSSL ECC Domain Secure Site CA		 2023-10-13 -
2024-01-11		 3 months crt.sh
crafty-math.com
R3		 2023-11-26 -
2024-02-24		 3 months crt.sh
crookedchange.com
R3		 2023-11-26 -
2024-02-24		 3 months crt.sh
www.lavish-brilliant.pro
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh
*.jads.co
Sectigo RSA Domain Validation Secure Server CA		 2022-12-26 -
2024-01-26		 a year crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA		 2022-12-06 -
2024-01-06		 a year crt.sh

This page contains 3 frames:

Primary Page: https://kambistories.cyou/
Frame ID: B4FCDAB8733B8B75426C7D8257683647
Requests: 32 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1029518
Frame ID: 73A8398314149E70AAF33D13C7D67175
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1029518
Frame ID: ECA4754670DC1BD444A0B695E06BB88B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kambi stories

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Page Statistics

33
Requests

85 %
HTTPS

30 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

977 kB
Transfer

1607 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://poweredby.jads.co/js/jads.js HTTP 301
  • https://poweredby.jads.co/js/jads2.js
Request Chain 26
  • https://crookedchange.com/c.H-VzzAaBGCl_tEZFzG9Hh-ZJEKlLkMP_TOUP1QMRj-kTzUMVyWZ_jYdZDa0bm-ZdneBf2gP_Tikj2kMlD-AnmoZpnqJ_2sPtTuEvy-MxDyAzwAJ_mClDtEZFz-1HoIdJHKR_wMcNyOUPz-QRSSUTyUR_iWUXyYRZj-EbwcOdTeQ_1gLhTiIju-clym5njoZ_Gq4rxsNtS-5vjwbx2y0_lAMBkCZDj-cFmGVHhId_GKlL2MZNX-MPlQMRkSY_yUMVTWUX0-MZDakblcM_keYfygOhT-Qj1kNlzmk_loMpkqYr1-NtTuIv5wM_zyNzfAOBD-UDxEMFzGA_uIaJnKBLn-JNnOBPhQe_TS0T5UNVj-AXwYJZnaB_hcedWe9f1-dhFiBjlkc_kmNnsoapW-NrrsPtTuA_mwcxmyVz2-PBTCEDyEM_DGAHwIJJn-NLpMZNDOM_9QJRnSNTz-PVTWUXmYc_3aQb9cMdS-Zf6gbh2i5_lkSlWmQn9-NpDqYrxsO_DuMvzwNxw- HTTP 302
  • https://10945-2.s.cdn15.com/creatives/215409/294579/552933_85130.jpg
Request Chain 33
  • https://crookedchange.com/ckH.VlzmanG-lptqZrzs9_huZvEwlxk-PzTAUBzCN_jEEFxGOHC-ZJjKdLDM1_sOcPnQlRn-YTzUEVwWd_GYZZ4abbW-kd4eefWg0_ziajHkll3-anSoZpmqc_HsYt9uMvC-ZxmycznAY_9CMDCEZFp-bHWIcJ9Ka_HMRN0OcPH-MRlSMT0UE_lWMXkYYZl-MbkcYdxeM_Dgkh0iNjS-0lymLnnoM_uqYr2sRtu-MvTwUxuyY_2A9BtCJDT-JFGGYH3IJ_lKYLXMRNp-dPmQVRzSJ_TUJVGWNXz-EZ5aNbDcA_leMfkgYhy-OjDkQlymO_TocplqMrk-Yt1uMvzwU_5yNzjARBf-MDGEIFwGZ_TIgJuKcLG-5NnOJPnQB_hSeTTU0Vw-JXnYBZhae_Wc9d1edfF-BhlicjkkN_smanWoNpr-PrTsAtmuc_mwVx2yPzT-ABmCcD2El_kGMHzI0Jm-cL3MMN9ON_SQZRzSdTD-0VxWJXnYp_vabbmcVdJ-ZfDg0h0iN_jkEl4mMnz-Mp3q HTTP 302
  • https://10945-2.s.cdn15.com/creatives/71940/284297/535964_0b0e8.png

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kambistories.cyou/ 		233 KB
95 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kambistories.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1120:0:2032:81f1:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/8.2.5
Resource Hash
812ac69f97e787a4e35e94312888c063f94253d5c0c5cfa858c9c5bf129a21e6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 08 Dec 2023 10:37:08 GMT
etag
"1581938-1701950622;br"
link
<https://kambistories.cyou/wp-json/>; rel="https://api.w.org/"
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
hit
x-powered-by
PHP/8.2.5
wp-emoji-release.min.js
kambistories.cyou/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kambistories.cyou/wp-includes/js/wp-emoji-release.min.js?ver=6.2.3
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1120:0:2032:81f1:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 10:37:08 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 25 Jul 2023 07:54:39 GMT
server
LiteSpeed
etag
"4904-64bf7fbf-4645fcb5d22a5320;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4605
expires
Fri, 15 Dec 2023 10:37:08 GMT
a6053d9890b5b2c99f2c7b7e9db69aeb.css
kambistories.cyou/wp-content/fonts/ 		5 KB
656 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kambistories.cyou/wp-content/fonts/a6053d9890b5b2c99f2c7b7e9db69aeb.css?ver=20201110
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1120:0:2032:81f1:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5b8cae0a047dd12633febdf4915fb547469e0dff5bfce5cc73316d4cbacbf8f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 10:37:08 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 25 Jul 2023 08:29:01 GMT
server
LiteSpeed
etag
"13fc-64bf87cd-5011827d8cff1cf5;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
517
expires
Fri, 15 Dec 2023 10:37:08 GMT
style.min.css
kambistories.cyou/wp-includes/css/dist/block-library/ 		95 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kambistories.cyou/wp-includes/css/dist/block-library/style.min.css?ver=6.2.3
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1120:0:2032:81f1:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 10:37:08 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 25 Jul 2023 07:54:39 GMT
server
LiteSpeed
etag
"17ced-64bf7fbf-79786dce9e472e9c;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
11505
expires
Fri, 15 Dec 2023 10:37:08 GMT
classic-themes.min.css
kambistories.cyou/wp-includes/css/ 		291 B
352 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kambistories.cyou/wp-includes/css/classic-themes.min.css?ver=6.2.3
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1120:0:2032:81f1:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 10:37:08 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 25 Jul 2023 07:54:39 GMT
server
LiteSpeed
etag
"123-64bf7fbf-7e5a96343171ba81;;;"
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
291
expires
Fri, 15 Dec 2023 10:37:08 GMT
style.css
kambistories.cyou/wp-content/themes/maxwell/ 		76 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kambistories.cyou/wp-content/themes/maxwell/style.css?ver=2.3.9
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1120:0:2032:81f1:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b61052df87d4fe5798fca9d6e6b37a991756abfc7f46cacc2a687e9eeafc3882
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 10:37:08 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 25 Jul 2023 08:28:36 GMT
server
LiteSpeed
etag
"12ee1-64bf87b4-9cf1dcb731cfc610;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
11798
expires
Fri, 15 Dec 2023 10:37:08 GMT
safari-flexbox-fixes.css
kambistories.cyou/wp-content/themes/maxwell/assets/css/ 		568 B
277 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kambistories.cyou/wp-content/themes/maxwell/assets/css/safari-flexbox-fixes.css?ver=20200827
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1120:0:2032:81f1:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
93002c788c3471d4912c1046840e115db6b703be1244ccd49d14100388c9524a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 10:37:08 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 25 Jul 2023 08:28:36 GMT
server
LiteSpeed
etag
"238-64bf87b4-67fe574128b4d658;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
214
expires
Fri, 15 Dec 2023 10:37:08 GMT
svgxuse.min.js
kambistories.cyou/wp-content/themes/maxwell/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kambistories.cyou/wp-content/themes/maxwell/assets/js/svgxuse.min.js?ver=1.2.6
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:11:1120:0:2032:81f1:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 10:37:08 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 25 Jul 2023 08:28:36 GMT
server
LiteSpeed
etag
"b6f-64bf87b4-284a660af25a1dd8;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1109
expires
Fri, 15 Dec 2023 10:37:08 GMT
49920a3256fea1b1a321be8adf37195e.js
flickerbridge.com/49/92/0a/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://flickerbridge.com/49/92/0a/49920a3256fea1b1a321be8adf37195e.js
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 10:37:09 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
jads2.js
poweredby.jads.co/js/
Redirect Chain
  • https://poweredby.jads.co/js/jads.js
  • https://poweredby.jads.co/js/jads2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads2.js
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
HTTP/1.1
Server
185.94.236.245 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 10:37:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 21:26:09 GMT
Server
nginx
ETag
W/"650b6371-eae"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close

Redirect headers

Location
jads2.js
Date
Fri, 08 Dec 2023 10:37:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
TjQwwGMTQV
illfated-feed.com/avW/5Kw.YhWxdylsQu2U9UkWZ/TJ9g6GbA2U5tlhSKWbQ_9jNLDFM/1/M/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://illfated-feed.com/avW/5Kw.YhWxdylsQu2U9UkWZ/TJ9g6GbA2U5tlhSKWbQ_9jNLDFM/1/M/TjQwwGMTQV
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
204.11.56.48 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
NAQT
illfated-feed.com/bxX.VLs/dbGYlx0/Y/Woc_/-eemb9suYZ/U/lNkLP/TMQG1iM/jcYa2-MAj/Q/teN/DZUzyxNJjeYHy/ 		0
0
zlQgyFMGzXEqxU
crafty-math.com/cZDz9.6GbD2l5rlYSLWoQC9lNcDRMe0/M/j/MMxDM_CD0P0yM/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crafty-math.com/cZDz9.6GbD2l5rlYSLWoQC9lNcDRMe0/M/j/MMxDM_CD0P0yM/zlQgyFMGzXEqxU
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a00:1178:1:4b::1a , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
bcdff83b32a84e31e9f9c2fb45bed0cd545eca8e8e870bb457a1d8f148b7ced5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 10:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 08 Dec 2023 10:37:08 GMT
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
expires
Mon, 26 Jul 2011 05:00:00 GMT
Qs
crookedchange.com/aiW.5zwfYyWpdClHQY2S9ukPZJTf9A6_b/2O5wlRSIWfQH9SNUDaMz1/MUTlQewaM/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/aiW.5zwfYyWpdClHQY2S9ukPZJTf9A6_b/2O5wlRSIWfQH9SNUDaMz1/MUTlQewaM/Qs
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a00:1178:1:4b::19 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e61d1dbe0ec975ca1905a41119a9a60cde62bf807e52b56df3f5c501f3ade428
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 10:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Mon, 26 Jul 2011 05:00:00 GMT
xKOQDNMuzrMwAq
crookedchange.com/b.XIVGsYdyGAlo0RYzWRcs/FeOmr9LuIZPUDlmkcPxTAQN2/MyTyghz/M/jNkgt-NUDTY/ 		179 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/b.XIVGsYdyGAlo0RYzWRcs/FeOmr9LuIZPUDlmkcPxTAQN2/MyTyghz/M/jNkgt-NUDTY/xKOQDNMuzrMwAq
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a00:1178:1:4b::19 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e85dc7e2404298bb7f33f71cf42d969d59af88c5b5a0f66372f05d62496ad475
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 10:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 08 Dec 2023 10:37:08 GMT
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
https://kambistories.cyou
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
expires
Mon, 26 Jul 2011 05:00:00 GMT
invoke.js
flickerbridge.com/a8d4243de156c31ffca420e13ee671a1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://flickerbridge.com/a8d4243de156c31ffca420e13ee671a1/invoke.js
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://kambistories.cyou/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 08 Dec 2023 10:37:09 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
Yf2gx_p.ZiWj5k0lZ-GnFo0pYqT_9sytcumvl-kxPyWzEA3_NCDDNEjFO-DHYIzJNKW_EM1NOOGPY-4RMS2TIU4_OWGXUY1ZY-jbRcldYej_YgwhZijjA-wlZmmnMox_
crookedchange.com/ 		0
322 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/Yf2gx_p.ZiWj5k0lZ-GnFo0pYqT_9sytcumvl-kxPyWzEA3_NCDDNEjFO-DHYIzJNKW_EM1NOOGPY-4RMS2TIU4_OWGXUY1ZY-jbRcldYej_YgwhZijjA-wlZmmnMox_
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/aiW.5zwfYyWpdClHQY2S9ukPZJTf9A6_b/2O5wlRSIWfQH9SNUDaMz1/MUTlQewaM/Qs
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a00:1178:1:4b::19 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kambistories.cyou/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 10:37:08 GMT
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
b0e5baf8bab5.js
www.lavish-brilliant.pro/dea777/ 		70 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.lavish-brilliant.pro/dea777/b0e5baf8bab5.js
Requested by
Host: crafty-math.com
URL: https://crafty-math.com/cZDz9.6GbD2l5rlYSLWoQC9lNcDRMe0/M/j/MMxDM_CD0P0yM/zlQgyFMGzXEqxU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.216.91.19 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
ucdn/1.24.0 /
Resource Hash
fa3d9217b919b7bde1ce0caff090696f23e7a73d474a053651772710e9e12f72

Request headers

Referer
https://kambistories.cyou/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 08 Dec 2023 10:37:09 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
NPExnnH9cKtNgtj3Kt995NAx1F6/2diXGF8SGSllWDXOe41Qymi26r4j68hUHBQHmCejt68hfABshn5wu1aEatkvHsYVOdjknf22rnC5R8s=
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
88, 27221
cache-control
max-age=315178083, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
b0e5baf8bab5.js
www.lavish-brilliant.pro/dea777/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lavish-brilliant.pro/dea777/b0e5baf8bab5.js
Requested by
Host: crafty-math.com
URL: https://crafty-math.com/cZDz9.6GbD2l5rlYSLWoQC9lNcDRMe0/M/j/MMxDM_CD0P0yM/zlQgyFMGzXEqxU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.216.91.19 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
ucdn/1.24.0 /
Resource Hash
fa3d9217b919b7bde1ce0caff090696f23e7a73d474a053651772710e9e12f72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 10:37:09 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
NPExnnH9cKtNgtj3Kt995NAx1F6/2diXGF8SGSllWDXOe41Qymi26r4j68hUHBQHmCejt68hfABshn5wu1aEatkvHsYVOdjknf22rnC5R8s=
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
88, 25551
cache-control
max-age=315178083, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
kambistories.cyou/wp-content/fonts/titillium-web/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kambistories.cyou/wp-content/fonts/titillium-web/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/wp-content/fonts/a6053d9890b5b2c99f2c7b7e9db69aeb.css?ver=20201110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1120:0:2032:81f1:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://kambistories.cyou/wp-content/fonts/a6053d9890b5b2c99f2c7b7e9db69aeb.css?ver=20201110
Origin
https://kambistories.cyou
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 10:37:09 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 25 Jul 2023 08:28:59 GMT
server
LiteSpeed
etag
"3054-64bf87cb-2afca53f26181d47;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
12372
expires
Fri, 15 Dec 2023 10:37:09 GMT
Yf2gx_p.ZiWj5k0lZ-GnFo0pYqT_9sytcumvl-kxPyTzNAj_OCWDQE2FM-DHhIiJNKG_FMkNMOWPM-5ROSWTFUl_ZWmXJYkZN-jbAcwdZej_Qg1hOiDjR-ilNmWnEo1_
crafty-math.com/ 		0
322 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crafty-math.com/Yf2gx_p.ZiWj5k0lZ-GnFo0pYqT_9sytcumvl-kxPyTzNAj_OCWDQE2FM-DHhIiJNKG_FMkNMOWPM-5ROSWTFUl_ZWmXJYkZN-jbAcwdZej_Qg1hOiDjR-ilNmWnEo1_
Requested by
Host: crafty-math.com
URL: https://crafty-math.com/cZDz9.6GbD2l5rlYSLWoQC9lNcDRMe0/M/j/MMxDM_CD0P0yM/zlQgyFMGzXEqxU
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a00:1178:1:4b::1a , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kambistories.cyou/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 10:37:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
server
nginx
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
b0e5baf8bab5.js
www.lavish-brilliant.pro/dea777/ 		70 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.lavish-brilliant.pro/dea777/b0e5baf8bab5.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XIVGsYdyGAlo0RYzWRcs/FeOmr9LuIZPUDlmkcPxTAQN2/MyTyghz/M/jNkgt-NUDTY/xKOQDNMuzrMwAq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.216.91.19 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
ucdn/1.24.0 /
Resource Hash
fa3d9217b919b7bde1ce0caff090696f23e7a73d474a053651772710e9e12f72

Request headers

Referer
https://kambistories.cyou/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 08 Dec 2023 10:37:09 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
NPExnnH9cKtNgtj3Kt995NAx1F6/2diXGF8SGSllWDXOe41Qymi26r4j68hUHBQHmCejt68hfABshn5wu1aEatkvHsYVOdjknf22rnC5R8s=
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
88, 27221
cache-control
max-age=315178083, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
b0e5baf8bab5.js
www.lavish-brilliant.pro/dea777/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lavish-brilliant.pro/dea777/b0e5baf8bab5.js
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XIVGsYdyGAlo0RYzWRcs/FeOmr9LuIZPUDlmkcPxTAQN2/MyTyghz/M/jNkgt-NUDTY/xKOQDNMuzrMwAq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.216.91.19 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
ucdn/1.24.0 /
Resource Hash
fa3d9217b919b7bde1ce0caff090696f23e7a73d474a053651772710e9e12f72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 10:37:09 GMT
content-encoding
br
server
ucdn/1.24.0
x-ureq-id
NPExnnH9cKtNgtj3Kt995NAx1F6/2diXGF8SGSllWDXOe41Qymi26r4j68hUHBQHmCejt68hfABshn5wu1aEatkvHsYVOdjknf22rnC5R8s=
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-vhostid
88, 25551
cache-control
max-age=315178083, public
access-control-allow-credentials
true
x-served-from
l1
access-control-allow-headers
Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
Yb2-xdpeZ.Wf5g0_ZiGjFk0lY-Tn9oypcqm_lsktPuWvY-0xOyGzUA5_NCDDEE5FO-WHZImJOKD_AM4NMOmPF-lRNSDTNUl_NWmXQY4ZN-TbQc2dZeD_VgmhZimjM-xl
crookedchange.com/ 		0
322 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/Yb2-xdpeZ.Wf5g0_ZiGjFk0lY-Tn9oypcqm_lsktPuWvY-0xOyGzUA5_NCDDEE5FO-WHZImJOKD_AM4NMOmPF-lRNSDTNUl_NWmXQY4ZN-TbQc2dZeD_VgmhZimjM-xl
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XIVGsYdyGAlo0RYzWRcs/FeOmr9LuIZPUDlmkcPxTAQN2/MyTyghz/M/jNkgt-NUDTY/xKOQDNMuzrMwAq
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a00:1178:1:4b::19 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kambistories.cyou/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 10:37:08 GMT
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
YQ2Rx-p.ZTWU5V0WZ_GYFZ0aYbT-9dyecfmgl_kiPjTkAl3-NnjoIpwqM_zsBtmuMvT-AxzyZzDAd_jCZDTEhFi-ZHDIkJ5KM_zMcN4ONPT-cRzSMTTUA_zWYXmYMZx-
crookedchange.com/ 		0
322 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://crookedchange.com/YQ2Rx-p.ZTWU5V0WZ_GYFZ0aYbT-9dyecfmgl_kiPjTkAl3-NnjoIpwqM_zsBtmuMvT-AxzyZzDAd_jCZDTEhFi-ZHDIkJ5KM_zMcN4ONPT-cRzSMTTUA_zWYXmYMZx-
Requested by
Host: crookedchange.com
URL: https://crookedchange.com/b.XIVGsYdyGAlo0RYzWRcs/FeOmr9LuIZPUDlmkcPxTAQN2/MyTyghz/M/jNkgt-NUDTY/xKOQDNMuzrMwAq
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a00:1178:1:4b::19 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kambistories.cyou/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 10:37:08 GMT
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
truncated
/ 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf245e3d670cc0220fa53fe33770b35e643c203a03630c685391ab3dab40b5a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7625d2873ff74aa19885e86e164fc7ee122587bbe54dbb57c82a7d3b31b4b22f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
552933_85130.jpg
10945-2.s.cdn15.com/creatives/215409/294579/
Redirect Chain
  • https://crookedchange.com/c.H-VzzAaBGCl_tEZFzG9Hh-ZJEKlLkMP_TOUP1QMRj-kTzUMVyWZ_jYdZDa0bm-ZdneBf2gP_Tikj2kMlD-AnmoZpnqJ_2sPtTuEvy-MxDyAzwAJ_mClDtEZFz-1HoIdJHKR_wMcNyOUPz-QRSSUTyUR_iWUXyYRZj-EbwcOdT...
  • https://10945-2.s.cdn15.com/creatives/215409/294579/552933_85130.jpg
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10945-2.s.cdn15.com/creatives/215409/294579/552933_85130.jpg
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
H2
Server
67.216.91.5 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
ucdn/1.24.0 /
Resource Hash
fea380abaee7876ecf5d8f70ef5478f43c7e3ed9988bb2768861c6faa6b24c4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 10:37:09 GMT
x-openstack-request-id
tx321176a720d44201b31d7-006561ab3f
content-length
9829
x-trans-id
tx321176a720d44201b31d7-006561ab3f
last-modified
Fri, 24 Nov 2023 11:49:38 GMT
server
ucdn/1.24.0
x-ureq-id
NPExnnH9cKtNgtj3Kt995NAx1F6/2diXGF8SGSllWDXS76PXHVPjYArwjZATc0Lb3Jw9vgU5poa+xem12s6kTppoQosFRHg7MChOCzn8QdY=
etag
"d85c69837b3049f8f1fd044a41b243a0"
x-served-from
l1
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/jpeg
x-vhostid
103, 27153
access-control-allow-origin
*
x-timestamp
1700826577.94007
cache-control
max-age=12978929
accept-ranges
bytes
expires
Mon, 06 May 2024 15:52:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 10:37:09 GMT
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
location
https://10945-2.s.cdn15.com/creatives/215409/294579/552933_85130.jpg
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
KtkpALODe433f0j1zMF-OMWl42E.woff2
kambistories.cyou/wp-content/fonts/amaranth/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kambistories.cyou/wp-content/fonts/amaranth/KtkpALODe433f0j1zMF-OMWl42E.woff2
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/wp-content/fonts/a6053d9890b5b2c99f2c7b7e9db69aeb.css?ver=20201110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1120:0:2032:81f1:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a0dc04140461fa731240dad9796d0156e28691f33853a622223e98f77f525e0d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://kambistories.cyou/wp-content/fonts/a6053d9890b5b2c99f2c7b7e9db69aeb.css?ver=20201110
Origin
https://kambistories.cyou
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 10:37:09 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 25 Jul 2023 08:28:58 GMT
server
LiteSpeed
etag
"5ab0-64bf87ca-28a5129ab941e52a;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
23216
expires
Fri, 15 Dec 2023 10:37:09 GMT
NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
kambistories.cyou/wp-content/fonts/titillium-web/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kambistories.cyou/wp-content/fonts/titillium-web/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/wp-content/fonts/a6053d9890b5b2c99f2c7b7e9db69aeb.css?ver=20201110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:11:1120:0:2032:81f1:7 Mumbai, India, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://kambistories.cyou/wp-content/fonts/a6053d9890b5b2c99f2c7b7e9db69aeb.css?ver=20201110
Origin
https://kambistories.cyou
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 10:37:09 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 25 Jul 2023 08:29:00 GMT
server
LiteSpeed
etag
"2e14-64bf87cc-6a80ff08d027d096;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
11796
expires
Fri, 15 Dec 2023 10:37:09 GMT
adshow.php
poweredby.jads.co/ Frame 73A8 		0
0
adshow.php
poweredby.jads.co/ Frame ECA4 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=1029518
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.245 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
a21f6d5725eaa05368319ee00d06639e368d6fdcf99247ae8c89fd98130858bc

Request headers

Referer
https://kambistories.cyou/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 08 Dec 2023 10:37:10 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40
13017-1563402140-0190869001563402140.gif
i.jads.co/network/user47819/ Frame ECA4 		521 KB
521 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/network/user47819/13017-1563402140-0190869001563402140.gif
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=1029518
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f5c68bc2e0189952cca28f70b4bd796128ab4f3f4e2bb31c1210c178827b48ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 10:37:10 GMT
Last-Modified
Wed, 17 Jul 2019 22:22:20 GMT
ETag
"1563402140"
X-HW
1702031830.dop227.fr8.t,1702031830.cds269.fr8.shn,1702031830.dop227.fr8.t,1702031830.cds217.fr8.c
Content-Type
image/gif
Cache-Control
max-age=4639553
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
533201
1f468-1f3fc-200d-2708-fe0f.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f468-1f3fc-200d-2708-fe0f.svg
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
906fa41e0f1fb0bdc509e0829ddc2c07d1f9dde99dc6f30e28645011535578d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Fri, 08 Dec 2023 10:37:12 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:53:43 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
535964_0b0e8.png
10945-2.s.cdn15.com/creatives/71940/284297/
Redirect Chain
  • https://crookedchange.com/ckH.VlzmanG-lptqZrzs9_huZvEwlxk-PzTAUBzCN_jEEFxGOHC-ZJjKdLDM1_sOcPnQlRn-YTzUEVwWd_GYZZ4abbW-kd4eefWg0_ziajHkll3-anSoZpmqc_HsYt9uMvC-ZxmycznAY_9CMDCEZFp-bHWIcJ9Ka_HMRN0OcPH...
  • https://10945-2.s.cdn15.com/creatives/71940/284297/535964_0b0e8.png
86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10945-2.s.cdn15.com/creatives/71940/284297/535964_0b0e8.png
Requested by
Host: kambistories.cyou
URL: https://kambistories.cyou/
Protocol
H2
Server
67.216.91.5 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
ucdn/1.24.0 /
Resource Hash
812f346ba204c09c2bcfc54774e6eabde275329b49238b59846e2516edc69e9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kambistories.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 10:37:12 GMT
x-openstack-request-id
tx9e4bedbd14894a9ca2327-00651c064d
content-length
88493
x-trans-id
tx9e4bedbd14894a9ca2327-00651c064d
last-modified
Tue, 03 Oct 2023 12:15:42 GMT
server
ucdn/1.24.0
x-ureq-id
NPExnnH9cKtNgtj3Kt995NAx1F6/2diXGF8SGSllWDXS76PXHVPjYArwjZATc0Lbl2gt7OBpn6Egk6/67wqfsHPHTsOtb6I7W+XkRFdNTsaeg5WYqdCp+qGsmZT1WBSH
etag
"64db2d0b95248182d902dc6473f5af61"
x-served-from
l1
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
x-vhostid
93, 33022
access-control-allow-origin
*
x-timestamp
1696335341.86801
cache-control
max-age=8414716
accept-ranges
bytes
expires
Thu, 14 Mar 2024 20:02:28 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 10:37:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
server
nginx
location
https://10945-2.s.cdn15.com/creatives/71940/284297/535964_0b0e8.png
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
illfated-feed.com
URL
https://illfated-feed.com/bxX.VLs/dbGYlx0/Y/Woc_/-eemb9suYZ/U/lNkLP/TMQG1iM/jcYa2-MAj/Q/teN/DZUzyxNJjeYHy/NAQT
Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=1029518

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| _wpemojiSettings function| _storage object| atOptions object| twemoji object| wp string| dea777 boolean| ppuDisableTrigger object| regeneratorRuntime boolean| acc126 function| x7$3x function| g6rbFg number| w6A_7$ function| V2ZW0 function| N4kk object| agxdzt object| adsbyjuicy function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| A function| B function| V function| ea function| fa function| P function| W function| X function| da function| la function| m function| ca function| ha function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code function| GS function| HZ object| Xa object| Ya function| Za function| Be function| ShSh function| Rn function| MA function| cV function| re function| GA function| Ae function| Ac function| rPE function| cp function| Fe function| Ge object| a string| x number| mhz function| arrive function| unbindArrive function| leave function| unbindLeave

4 Cookies

Domain/Path Name / Value
.jads.co/ Name: surferid
Value: 5ec35ad6c13d50a36d1cf784e6849b77
.jads.co/ Name: imps13017
Value: 1
.jads.co/ Name: juicy_data_1
Value: YToxOntpOjc4MzgyMztpOjE3MDIyOTEwMjk7fQ%3D%3D
.jads.co/ Name: juicy_data
Value: YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D

4 Console Messages

Source Level URL
Text
javascript warning URL: https://kambistories.cyou/(Line 111)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://flickerbridge.com/a8d4243de156c31ffca420e13ee671a1/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://kambistories.cyou/(Line 111)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://flickerbridge.com/a8d4243de156c31ffca420e13ee671a1/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://flickerbridge.com/49/92/0a/49920a3256fea1b1a321be8adf37195e.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://flickerbridge.com/a8d4243de156c31ffca420e13ee671a1/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10945-2.s.cdn15.com
crafty-math.com
crookedchange.com
flickerbridge.com
i.jads.co
illfated-feed.com
kambistories.cyou
poweredby.jads.co
s.w.org
www.lavish-brilliant.pro
illfated-feed.com
poweredby.jads.co
185.94.236.245
192.0.77.48
192.243.59.13
204.11.56.48
205.185.216.42
2a00:1178:1:4b::19
2a00:1178:1:4b::1a
2a02:4780:11:1120:0:2032:81f1:7
67.216.91.19
67.216.91.5
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
5b8cae0a047dd12633febdf4915fb547469e0dff5bfce5cc73316d4cbacbf8f8
7625d2873ff74aa19885e86e164fc7ee122587bbe54dbb57c82a7d3b31b4b22f
812ac69f97e787a4e35e94312888c063f94253d5c0c5cfa858c9c5bf129a21e6
812f346ba204c09c2bcfc54774e6eabde275329b49238b59846e2516edc69e9a
906fa41e0f1fb0bdc509e0829ddc2c07d1f9dde99dc6f30e28645011535578d1
93002c788c3471d4912c1046840e115db6b703be1244ccd49d14100388c9524a
a0dc04140461fa731240dad9796d0156e28691f33853a622223e98f77f525e0d
a21f6d5725eaa05368319ee00d06639e368d6fdcf99247ae8c89fd98130858bc
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
b61052df87d4fe5798fca9d6e6b37a991756abfc7f46cacc2a687e9eeafc3882
bcdff83b32a84e31e9f9c2fb45bed0cd545eca8e8e870bb457a1d8f148b7ced5
cf245e3d670cc0220fa53fe33770b35e643c203a03630c685391ab3dab40b5a2
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61d1dbe0ec975ca1905a41119a9a60cde62bf807e52b56df3f5c501f3ade428
e85dc7e2404298bb7f33f71cf42d969d59af88c5b5a0f66372f05d62496ad475
f5c68bc2e0189952cca28f70b4bd796128ab4f3f4e2bb31c1210c178827b48ec
fa3d9217b919b7bde1ce0caff090696f23e7a73d474a053651772710e9e12f72
fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f
fea380abaee7876ecf5d8f70ef5478f43c7e3ed9988bb2768861c6faa6b24c4e