urlscan.io logo urlscan.io
SecurityTrails logo

badlion.pockethost.app Open in urlscan Pro
2600:9000:2646:6c00:12:3dd:a740:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://badlion.pockethost.app/
Effective URL: https://badlion.pockethost.app/
Submission: On June 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 7 domains to perform 45 HTTP transactions. The main IP is 2600:9000:2646:6c00:12:3dd:a740:93a1, located in United States and belongs to AMAZON-02, US. The main domain is badlion.pockethost.app.
TLS certificate: Issued by Amazon RSA 2048 M03 on April 29th 2024. Valid for: a year.
This is the only time badlion.pockethost.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2600:9000:2646:6c00:12:3dd:a740:93a1 (United States)

ASN16509 (AMAZON-02, US)
badlion.pockethost.app
3    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    172.67.130.120 (United States)

ASN13335 (CLOUDFLARENET, US)
chatwoot.pockethost.cloud
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
www.gstatic.com
3    18.245.46.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-35.fra56.r.cloudfront.net
sbl.onfastspring.com
1    18.245.46.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-110.fra56.r.cloudfront.net
epml.onfastspring.com
6    209.38.184.8 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
badlion.coreapi.pockethost.cloud
1    2600:9000:2670:800:1b:32b6:8340:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.assets.pockethost.app
2    54.160.49.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-49-193.compute-1.amazonaws.com
pockethostapp.onfastspring.com
5    2606:4700:4400::ac40:911d (United States)

ASN13335 (CLOUDFLARENET, US)
pocket-core-api-production.fra1.cdn.digitaloceanspaces.com
Domain Requested by
6 badlion.coreapi.pockethost.cloud badlion.pockethost.app
5 pocket-core-api-production.fra1.cdn.digitaloceanspaces.com badlion.pockethost.app
5 www.gstatic.com badlion.pockethost.app
www.gstatic.com
4 fonts.gstatic.com badlion.pockethost.app
3 sbl.onfastspring.com badlion.pockethost.app
sbl.onfastspring.com
3 www.googletagmanager.com badlion.pockethost.app
www.googletagmanager.com
3 badlion.pockethost.app badlion.pockethost.app
2 pockethostapp.onfastspring.com badlion.pockethost.app
sbl.onfastspring.com
2 chatwoot.pockethost.cloud badlion.pockethost.app
chatwoot.pockethost.cloud
1 cdn.assets.pockethost.app badlion.pockethost.app
1 epml.onfastspring.com badlion.pockethost.app
1 region1.google-analytics.com www.googletagmanager.com
45 12

This site contains no links.

Subject Issuer Validity Valid
pockethost.app
Amazon RSA 2048 M03		 2024-04-29 -
2025-05-28		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
pockethost.cloud
GTS CA 1P5		 2024-06-01 -
2024-08-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.fastspring.com
Amazon RSA 2048 M02		 2023-12-12 -
2025-01-09		 a year crt.sh
*.coreapi.pockethost.cloud
R11		 2024-06-09 -
2024-09-07		 3 months crt.sh
cdn.assets.pockethost.app
Amazon RSA 2048 M02		 2023-10-25 -
2024-11-22		 a year crt.sh
*.onfastspring.com
Amazon RSA 2048 M03		 2024-05-31 -
2025-06-28		 a year crt.sh
*.fra1.cdn.digitaloceanspaces.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-04 -
2025-06-20		 a year crt.sh

This page contains 2 frames:

Primary Page: https://badlion.pockethost.app/
Frame ID: 13C41B1A6C583E489D413C68788372DB
Requests: 41 HTTP requests in this frame

Frame: https://chatwoot.pockethost.cloud/widget?website_token=Yn8A5Gxgwhb8CCo5VSfZEwZ9
Frame ID: 693491258665B7255E0089C9E68E150E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pockethost X Badlion

Page URL History Show full URLs

  1. http://badlion.pockethost.app/ HTTP 307
    https://badlion.pockethost.app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

45
Requests

80 %
HTTPS

54 %
IPv6

7
Domains

12
Subdomains

14
IPs

2
Countries

3431 kB
Transfer

11619 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://badlion.pockethost.app/ HTTP 307
    https://badlion.pockethost.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
badlion.pockethost.app/
Redirect Chain
  • http://badlion.pockethost.app/
  • https://badlion.pockethost.app/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://badlion.pockethost.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:6c00:12:3dd:a740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fd964d161a28869aba76111e790799816646af3d8b0f2e0a31f6851b47eb44f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
72685
content-encoding
br
content-type
text/html
date
Tue, 18 Jun 2024 06:01:13 GMT
etag
W/"1d9bb1c7d0d3dfa5c89c9de8005b5968"
last-modified
Fri, 07 Jun 2024 12:16:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
x-amz-cf-id
8AJa0ADkrwuijCMqeMQtoK_GUBTOwEcfP7mIX_PeCnzCT-ihv73Tng==
x-amz-cf-pop
FRA60-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://badlion.pockethost.app/
Non-Authoritative-Reason
HSTS
flutter.js
badlion.pockethost.app/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://badlion.pockethost.app/flutter.js
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:6c00:12:3dd:a740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e89bd8789a8f2ea7f00394fddb6c173e1661513e1c1c62fc31b6c4f89b7e74a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 19:45:07 GMT
content-encoding
gzip
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jun 2024 12:16:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
23459
x-amz-server-side-encryption
AES256
etag
W/"383e55f7f3cce5be08fcf1f3881f585c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
FgyToqESMcnAP0i_SP92-o9pDhp1CzN9hP1qIwJDv5LhhAcwKRj5fA==
gtm.js
www.googletagmanager.com/ 		261 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NNRRV33
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a8a6a8f818f6059d4b85c41e369d76946f1b6d25d536c8f1377201141dafe82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:12:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94084
x-xss-protection
0
last-modified
Wed, 19 Jun 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jun 2024 02:12:37 GMT
sdk.js
chatwoot.pockethost.cloud/packs/js/ 		108 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chatwoot.pockethost.cloud/packs/js/sdk.js
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f834df4cce740e5a660bad40858dadd593e467711d04388779103c5d66c181
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:12:37 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 18 Mar 2024 12:56:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2972692
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhhPU5sMPwB148BHM0wuotDl8DuneEpROzCYcZQ25t3omf3e6Cw17qzpyHOSkdQv7EtqJNJhOwaDj2AWFUT9f7iBrW96tukRoxHctIV1XgHJyBYATDj4db6nn5CXovi%2BVoNjjJExrgIMRSbL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31556952
cf-ray
895ffec54b9d68fb-FRA
alt-svc
h3=":443"; ma=86400
widget
chatwoot.pockethost.cloud/ Frame 6934 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://chatwoot.pockethost.cloud/widget?website_token=Yn8A5Gxgwhb8CCo5VSfZEwZ9
Requested by
Host: chatwoot.pockethost.cloud
URL: https://chatwoot.pockethost.cloud/packs/js/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://badlion.pockethost.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
895ffec5ab1d03e0-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 02:12:37 GMT
link
</packs/js/widget-3d3bcb7903db33f41b87.js>; rel=preload; as=script; nopush,</packs/css/widget-1c901c95.css>; rel=preload; as=style; nopush
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oilNPN0okw1OtPBrsvlWc2HebpBLeCeenfIdhfmVZOKPJ2tvAKwS%2BtTFYWG0TK6SSWenQzeOad9jyUQ8VPPk9AGV1WcMmk1xCZSH0izM6LwViEIaEdBiIE7IW8k9dWex%2FRCe4Y0oNK%2B%2B3SgM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
d8b339a656562092d463b12f5de1dc61
x-runtime
0.064567
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		297 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E3NB0S0HLK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNRRV33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
baa5e75177df49e48c7670172e34b7f76da4c214ca0c24788f93f30f9ff40ad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:12:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103316
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 19 Jun 2024 02:12:37 GMT
js
www.googletagmanager.com/gtag/ 		264 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16561386363&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNRRV33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6dee5b9124ad3e7093de10acefa53304dee25e95b91c8d12ba85dd949a06280f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:12:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93558
x-xss-protection
0
last-modified
Wed, 19 Jun 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jun 2024 02:12:37 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-E3NB0S0HLK&gtm=45je46h0v880075449z8890402404za200zb890402404&_p=1718763157299&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1335405203.1718763158&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718763157&sct=1&seg=0&dl=https%3A%2F%2Fbadlion.pockethost.app%2F&dt=Pockethost%20X%20Badlion&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=506&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E3NB0S0HLK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 02:12:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://badlion.pockethost.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.png
badlion.pockethost.app/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://badlion.pockethost.app/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:6c00:12:3dd:a740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c226db3bdfa496c0e540276d9f7b2692d9853cc94d5c4ca7ee590f57c49fa124

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 07:58:31 GMT
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jun 2024 12:16:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
66619
x-amz-server-side-encryption
AES256
etag
"38f52e7a9710537850e89a13127ce894"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2781
x-amz-cf-id
t_tC-86C6PM8nPhGiQGVaIp8JUcCRn9RGLKtNEH0be8Ld8kihQFdmA==
main.dart.js
badlion.pockethost.app/ 		3 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://badlion.pockethost.app/main.dart.js
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/flutter.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0b421132a65abb29822d03abf5b3d9b99e4d783a8d7e539276689b99d77c406

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 18:15:05 GMT
content-encoding
gzip
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jun 2024 12:16:53 GMT
server
AmazonS3
age
28658
x-amz-cf-pop
FRA60-P5
etag
W/"bbfc766b7c555f7ec2ea4a372941156f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
T-ckAjrNzhhuqrtXIXf_ym33uKjY_6f1jjFV-oVqv4zfyE1ANzhgzQ==
canvaskit.js
www.gstatic.com/flutter-canvaskit/f6344b75dcf861d8bf1f1322780b8811f982e31a/chromium/ 		91 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/flutter-canvaskit/f6344b75dcf861d8bf1f1322780b8811f982e31a/chromium/canvaskit.js
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
155cde139018d01b4ae16c67542595943ce4c118bde1e8799e01e03bfa1a4653
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:37:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
38117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26059
x-xss-protection
0
last-modified
Tue, 07 May 2024 21:21:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="flutter-team"
vary
Accept-Encoding
report-to
{"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jun 2025 15:37:21 GMT
FontManifest.json
badlion.pockethost.app/assets/ 		544 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://badlion.pockethost.app/assets/FontManifest.json
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a36c358b44dec9cdcf5afb64326c948d7ce4cbb8aabe9422ed0d57b3644e106

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 07:50:17 GMT
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jun 2024 12:16:37 GMT
server
AmazonS3
age
66619
x-amz-cf-pop
FRA60-P5
etag
"3ddd9b2ab1c2ae162d46e3cc7b78ba88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
accept-ranges
bytes
content-length
544
x-amz-cf-id
b0bS_5FqQV0LIlMKYQYwPcu64EZvbtBo6mzwFU6e2Aru8oLQdmGM4w==
MaterialIcons-Regular.otf
badlion.pockethost.app/assets/fonts/ 		10 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://badlion.pockethost.app/assets/fonts/MaterialIcons-Regular.otf
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec01b2bf2f7617e23fdcfb139d890ce125809515043e60a36b8abfac0ed758a3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 08:01:37 GMT
content-encoding
gzip
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jun 2024 12:16:39 GMT
server
AmazonS3
age
66445
x-amz-cf-pop
FRA60-P5
etag
W/"965b4ea447c8c3e0f4818112e939e241"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/otf
x-amz-cf-id
Mjz_kBV7--Zc5b7oXdcTFdAX9mAPxK5oyrc91_XpmldkAGJuhpwuyg==
fa-brands-400.ttf
badlion.pockethost.app/assets/packages/font_awesome_flutter/lib/fonts/ 		124 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://badlion.pockethost.app/assets/packages/font_awesome_flutter/lib/fonts/fa-brands-400.ttf
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e8ec1b6f298fcd6f970e7588f2e0c5087fb8aab9cc68d41f013b0263f8d692c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 08:01:37 GMT
content-encoding
gzip
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jun 2024 12:16:43 GMT
server
AmazonS3
age
66445
x-amz-cf-pop
FRA60-P5
etag
W/"c6ac80bdc5b2896345377c9439f91d54"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
x-amz-cf-id
A69ORseR0CqUgvYXHFK4t4WCEl6bkSLa--q_rfl-ZLMYJ2DTUAGGYw==
fa-regular-400.ttf
badlion.pockethost.app/assets/packages/font_awesome_flutter/lib/fonts/ 		30 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://badlion.pockethost.app/assets/packages/font_awesome_flutter/lib/fonts/fa-regular-400.ttf
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eaa5619f0462c2fa2b110a662e937cc1420a87ce3620da53c15a654fdbf90969

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 08:01:37 GMT
content-encoding
gzip
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jun 2024 12:16:43 GMT
server
AmazonS3
age
66445
x-amz-cf-pop
FRA60-P5
etag
W/"2f141ffd94f3ef0ed716615fd537e708"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
x-amz-cf-id
kVrwR0jSbFR6Q2kAx0w-5X55qIs8M0XZ-O9yiF1j-60OxlJVvpvv5g==
fa-solid-900.ttf
badlion.pockethost.app/assets/packages/font_awesome_flutter/lib/fonts/ 		183 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://badlion.pockethost.app/assets/packages/font_awesome_flutter/lib/fonts/fa-solid-900.ttf
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
655c5e9e289ddb7c56dd94e09dc6b74a46b29ac9cf1638d1952dd9df8251b9b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 08:01:37 GMT
content-encoding
gzip
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jun 2024 12:16:43 GMT
server
AmazonS3
age
66445
x-amz-cf-pop
FRA60-P5
etag
W/"0ebc4e7ca5e040da671730a59b181135"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
x-amz-cf-id
WOM_wNcbzQ3eirn9G0WzM6LflQSV4wTsrDzvVWofRmO9vB2E0SITsg==
KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf
fonts.gstatic.com/s/roboto/v20/ 		167 KB
90 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91230
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 15:09:48 GMT
canvaskit.wasm
www.gstatic.com/flutter-canvaskit/f6344b75dcf861d8bf1f1322780b8811f982e31a/chromium/ 		5 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/flutter-canvaskit/f6344b75dcf861d8bf1f1322780b8811f982e31a/chromium/canvaskit.wasm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/flutter-canvaskit/f6344b75dcf861d8bf1f1322780b8811f982e31a/chromium/canvaskit.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
086c9d3823481d35f2c929703519707ea220ea16082f70178ccf9ba2b662df35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
39660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1528594
x-xss-protection
0
last-modified
Tue, 07 May 2024 21:22:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="flutter-team"
vary
Accept-Encoding
report-to
{"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-type
application/wasm
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jun 2025 15:11:38 GMT
AssetManifest.json
badlion.pockethost.app/assets/ 		2 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://badlion.pockethost.app/assets/AssetManifest.json
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a04d8c12b19e53b7804998c1f2f4e4e3ca34a17ef128b1df86ace7f48a5f836a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 11:32:40 GMT
content-encoding
br
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jun 2024 12:16:36 GMT
server
AmazonS3
age
52847
x-amz-cf-pop
FRA60-P5
etag
W/"a9fd083a3b5467a20458fcc9ddd83cb5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
x-amz-cf-id
3Uf3i4sfYMUmKF26VlFj5B9XcihkpO_6D-FCmDxrKJGO4K72eu7HCA==
firebase-app.js
www.gstatic.com/firebasejs/10.11.1/ 		99 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.11.1/firebase-app.js
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
0724e976e9d544c811e7f452831d0d0660e8fb8a249ef5a50927d30e691fc35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Origin
https://badlion.pockethost.app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 08:26:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22509
x-xss-protection
0
last-modified
Thu, 25 Apr 2024 15:11:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jun 2025 08:26:24 GMT
firebase-app-check.js
www.gstatic.com/firebasejs/10.11.1/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.11.1/firebase-app-check.js
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
2d6dc4ec8cf2f800e672c32d97049c00c445fc0f9b7c3350ad174ed43acf5eaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Origin
https://badlion.pockethost.app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:47:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7707
x-xss-protection
0
last-modified
Thu, 25 Apr 2024 15:11:26 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jun 2025 14:47:29 GMT
firebase-auth.js
www.gstatic.com/firebasejs/10.11.1/ 		147 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.11.1/firebase-auth.js
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
0ae2ea9371912768623756128ebc290fb6252540d194aa33fdeda40d0f6548a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Origin
https://badlion.pockethost.app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40023
x-xss-protection
0
last-modified
Thu, 25 Apr 2024 15:11:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jun 2025 14:54:43 GMT
e7d1b7879cdd87c63fcc8d266ac809e8e4af507694633638de3c89fc9120b4ab.ttf
fonts.gstatic.com/s/a/ 		96 KB
59 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/a/e7d1b7879cdd87c63fcc8d266ac809e8e4af507694633638de3c89fc9120b4ab.ttf
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7d1b7879cdd87c63fcc8d266ac809e8e4af507694633638de3c89fc9120b4ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60641
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 18:14:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:54:25 GMT
6abf952398b1b975b6240a487842fe98cfae04b48e0958a9ce553e49ae6bb8e0.ttf
fonts.gstatic.com/s/a/ 		97 KB
58 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/a/6abf952398b1b975b6240a487842fe98cfae04b48e0958a9ce553e49ae6bb8e0.ttf
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6abf952398b1b975b6240a487842fe98cfae04b48e0958a9ce553e49ae6bb8e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40936
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59149
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 18:13:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:50:23 GMT
70912d3aa6f6d974980b50d4a984b453706d6bc9708ba07f386f3b48db2aa828.ttf
fonts.gstatic.com/s/a/ 		96 KB
57 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/a/70912d3aa6f6d974980b50d4a984b453706d6bc9708ba07f386f3b48db2aa828.ttf
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70912d3aa6f6d974980b50d4a984b453706d6bc9708ba07f386f3b48db2aa828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:25:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58301
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 18:13:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 15:25:52 GMT
fastspring-builder.min.js
sbl.onfastspring.com/sbl/0.9.5/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sbl.onfastspring.com/sbl/0.9.5/fastspring-builder.min.js
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-35.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae3791ea33b6a6ec32a61c4c4383bd1251d0763fdc48d6dff6e52df53c9bf9ef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 09:50:11 GMT
content-encoding
gzip
via
1.1 16cea8ae3ccd098a5d0b3b2c45b25a84.cloudfront.net (CloudFront)
last-modified
Thu, 15 Feb 2024 18:06:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
58951
x-amz-server-side-encryption
AES256
etag
W/"98a1eacd4af03f458fa1df3dea129f2a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
m7yKHUJWhVbD_5wELoXnhEddyutKwdzoqzFcieRWJuB4n8CVoJrYBw==
epml.min.js
epml.onfastspring.com/epml/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epml.onfastspring.com/epml/epml.min.js
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14f3188cdf064247244c0bcead45d933df0202d7946c11def4d25e30d51d5871

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:40:36 GMT
content-encoding
br
via
1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
last-modified
Thu, 15 Feb 2024 18:06:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
72199
x-amz-server-side-encryption
AES256
etag
W/"f97d76b7942b22686d4c4f961a001dfe"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
4BlTN3AyzCbwxTMizAQ47dSC0ENoUUiS6ND203PkD4FdeSH7HcZiEQ==
/
badlion.coreapi.pockethost.cloud/api/games/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://badlion.coreapi.pockethost.cloud/api/games/
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.38.184.8 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
5f6e761b2fcbf4a44c99a65a712729a435804b6e01d9b566d044df124891bf12
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept-language
en-US,en-US;q=0.8,en;q=0.7
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://badlion.pockethost.app/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:12:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
x-frame-options
DENY
vary
Accept, Cookie, origin
content-type
application/json
allow
GET, HEAD, OPTIONS
access-control-allow-origin
*
content-length
1101
/
badlion.coreapi.pockethost.cloud/api/subscription-products/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://badlion.coreapi.pockethost.cloud/api/subscription-products/
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.38.184.8 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
35c7e7f77411a7c30fe34b47b162295c0d173ea52f4ae47a26e2aac0013eb3b6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept-language
en-US,en-US;q=0.8,en;q=0.7
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://badlion.pockethost.app/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:12:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
x-frame-options
DENY
vary
Accept, Cookie, origin
content-type
application/json
allow
GET, HEAD, OPTIONS
access-control-allow-origin
*
content-length
1393
/
badlion.coreapi.pockethost.cloud/api/regions/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://badlion.coreapi.pockethost.cloud/api/regions/
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.38.184.8 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
fda8f6d5fe0a49e9f71f0a94e7c56e3a470a8baccc089dbc3eb2af429e386a6f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
accept-language
en-US,en-US;q=0.8,en;q=0.7
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://badlion.pockethost.app/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:12:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
x-frame-options
DENY
vary
Accept, Cookie, origin
content-type
application/json
allow
GET, HEAD, OPTIONS
access-control-allow-origin
*
content-length
2593
/
badlion.coreapi.pockethost.cloud/api/games/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://badlion.coreapi.pockethost.cloud/api/games/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.38.184.8 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://badlion.pockethost.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
accept, authorization, content-type, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 02:12:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
origin
/
badlion.coreapi.pockethost.cloud/api/subscription-products/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://badlion.coreapi.pockethost.cloud/api/subscription-products/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.38.184.8 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://badlion.pockethost.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
accept, authorization, content-type, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 02:12:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
origin
/
badlion.coreapi.pockethost.cloud/api/regions/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://badlion.coreapi.pockethost.cloud/api/regions/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.38.184.8 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://badlion.pockethost.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
accept, authorization, content-type, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 02:12:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
origin
badlion-logo_256.png
cdn.assets.pockethost.app/badlion-hosting/ 		26 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.assets.pockethost.app/badlion-hosting/badlion-logo_256.png
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:800:1b:32b6:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcec6fb2f3491117a41d8782f2656803d154a6b3b3a3004c7411329d67acc2e8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 01:22:09 GMT
via
1.1 c5b802393a68d17f06973bb92695544a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
67757
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26732
last-modified
Mon, 06 May 2024 10:02:25 GMT
server
AmazonS3
etag
"c88ac0fdba63c8ab0932246d33eecb72"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
z3aPvmfpls9WL1D4tkFoQDKNQOE19rXmB_ruusVHWYnbQCFeT1P6kw==
builder
pockethostapp.onfastspring.com/popup-badlion/ 		12 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pockethostapp.onfastspring.com/popup-badlion/builder
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.49.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-49-193.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a84315bf020669f65573cf070b9ce648bd574d5404936c5ab647d89c077365f0
Security Headers
Name Value
Strict-Transport-Security max-age=31537000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 02:12:40 GMT
strict-transport-security
max-age=31537000;includeSubDomains
content-encoding
gzip
last-modified
Wed, 19 Jun 2024 02:12:40 GMT
server
nginx
x-fs-trace
FSXR5C4GWSUNH2FPYL6KZFEPWCUY;Root=1-66723e97-1e83244063e37d5a7eae91f6
etag
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
https://badlion.pockethost.app
cache-control
no-transform, max-age=600
x-robots-tag
noindex, nofollow, noarchive
content-length
1793
favicon.png
badlion.pockethost.app/ 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://badlion.pockethost.app/favicon.png
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c226db3bdfa496c0e540276d9f7b2692d9853cc94d5c4ca7ee590f57c49fa124

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/create
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 07:58:31 GMT
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
last-modified
Fri, 07 Jun 2024 12:16:51 GMT
server
AmazonS3
age
66619
x-amz-cf-pop
FRA60-P5
etag
"38f52e7a9710537850e89a13127ce894"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2781
x-amz-cf-id
t_tC-86C6PM8nPhGiQGVaIp8JUcCRn9RGLKtNEH0be8Ld8kihQFdmA==
Minecraft_Java_Banner.png
pocket-core-api-production.fra1.cdn.digitaloceanspaces.com/media/images/ 		317 KB
318 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pocket-core-api-production.fra1.cdn.digitaloceanspaces.com/media/images/Minecraft_Java_Banner.png
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89859c68c2675878c83acb43a923d77818f191d5c66a3b0541bd22d87b747ce9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:12:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
REVALIDATED
x-amz-request-id
tx000008055dd760927b54a-006669f500-fc3a5b91-fra1b
x-envoy-upstream-healthchecked-cluster
content-length
324660
last-modified
Sun, 10 Dec 2023 22:11:18 GMT
server
cloudflare
etag
"2f2abc1ec33589ba24e2a70289408483"
access-control-max-age
60
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
x-do-cdn-uuid
3145a7c6-d2f2-424d-9d21-c4815738f229
x-rgw-object-type
Normal
cache-control
max-age=86400
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
cf-ray
895ffed499f8694b-FRA
minecraft_java_icon.png
pocket-core-api-production.fra1.cdn.digitaloceanspaces.com/media/images/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pocket-core-api-production.fra1.cdn.digitaloceanspaces.com/media/images/minecraft_java_icon.png
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
038ad58f608fdc7e88d834cc7d22aa5e7fb0bd4b4225f5392cf0e8053f7a998b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:12:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
REVALIDATED
x-amz-request-id
tx00000c3c9dd12647d7684-006669f5ba-fc4853e4-fra1b
x-envoy-upstream-healthchecked-cluster
content-length
8870
last-modified
Wed, 15 May 2024 13:25:08 GMT
server
cloudflare
etag
"2c8389ee95ca8f3daebecd1a71a50fa1"
access-control-max-age
60
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
x-do-cdn-uuid
3145a7c6-d2f2-424d-9d21-c4815738f229
x-rgw-object-type
Normal
cache-control
max-age=86400
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
cf-ray
895ffed499f7694b-FRA
baby-badlion.png
pocket-core-api-production.fra1.cdn.digitaloceanspaces.com/media/images/ 		326 KB
327 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pocket-core-api-production.fra1.cdn.digitaloceanspaces.com/media/images/baby-badlion.png
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
249485168e41663fca44cd06d286a44790891264f1233618032d6baadd5c0cd5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:12:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
REVALIDATED
x-amz-request-id
tx0000042b38052a28e9a5c-006669f31b-fc4853e4-fra1b
x-envoy-upstream-healthchecked-cluster
content-length
333790
last-modified
Mon, 13 May 2024 10:01:58 GMT
server
cloudflare
etag
"c737f40eb110dc18891d845cb1f656ed"
access-control-max-age
60
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
x-do-cdn-uuid
3145a7c6-d2f2-424d-9d21-c4815738f229
x-rgw-object-type
Normal
cache-control
max-age=86400
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
cf-ray
895ffed4ea23694b-FRA
teen-lion.png
pocket-core-api-production.fra1.cdn.digitaloceanspaces.com/media/images/ 		249 KB
250 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pocket-core-api-production.fra1.cdn.digitaloceanspaces.com/media/images/teen-lion.png
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e9bca8aae96dd2cfa3d194374597bc59ed38432da7d9e05a7ad17945316cac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:12:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
REVALIDATED
x-amz-request-id
tx00000d89b1381f7d2983f-006669f72b-fc3a5b91-fra1b
x-envoy-upstream-healthchecked-cluster
content-length
255048
last-modified
Mon, 13 May 2024 10:05:16 GMT
server
cloudflare
etag
"bf47c5d7d610d493c870b142debfb527"
access-control-max-age
60
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
x-do-cdn-uuid
3145a7c6-d2f2-424d-9d21-c4815738f229
x-rgw-object-type
Normal
cache-control
max-age=86400
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
cf-ray
895ffed4ea25694b-FRA
adult-badlion.png
pocket-core-api-production.fra1.cdn.digitaloceanspaces.com/media/images/ 		292 KB
292 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pocket-core-api-production.fra1.cdn.digitaloceanspaces.com/media/images/adult-badlion.png
Requested by
Host: badlion.pockethost.app
URL: https://badlion.pockethost.app/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:911d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a10e8ace23372a6c051c003fa667e2209c13d5fd01eeffa5d214b693bb4cf0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 02:12:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
REVALIDATED
x-amz-request-id
tx0000013bc1bd5f69ee3c0-006655c7fe-fa131ebc-fra1b
x-envoy-upstream-healthchecked-cluster
content-length
298800
last-modified
Mon, 13 May 2024 10:09:03 GMT
server
cloudflare
etag
"a0b2d2780c51b2a087315b5c23820620"
access-control-max-age
60
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
x-do-cdn-uuid
3145a7c6-d2f2-424d-9d21-c4815738f229
x-rgw-object-type
Normal
cache-control
max-age=86400
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
cf-ray
895ffed4ea26694b-FRA
giga-badlion.png
pocket-core-api-production.fra1.cdn.digitaloceanspaces.com/media/images/ 		0
0
builder
pockethostapp.onfastspring.com/popup-badlion/ 		12 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pockethostapp.onfastspring.com/popup-badlion/builder
Requested by
Host: sbl.onfastspring.com
URL: https://sbl.onfastspring.com/sbl/0.9.5/fastspring-builder.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.49.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-49-193.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4b1ac774034ba124d40b5c45b57c46a001101cdfbb944a0710e1f0c041ad29e7
Security Headers
Name Value
Strict-Transport-Security max-age=31537000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://badlion.pockethost.app/
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 02:12:40 GMT
strict-transport-security
max-age=31537000;includeSubDomains
content-encoding
gzip
last-modified
Wed, 19 Jun 2024 02:12:40 GMT
server
nginx
x-fs-trace
FSZW2ZNFCONBCYJBHFAOOATM6W7A;Root=1-66723e98-701cd0af60f4837b442364cc
etag
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
https://badlion.pockethost.app
cache-control
no-transform, max-age=600
x-robots-tag
noindex, nofollow, noarchive
content-length
1799
fastspring.css
sbl.onfastspring.com/sbl/0.9.5/ 		614 B
975 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sbl.onfastspring.com/sbl/0.9.5/fastspring.css
Requested by
Host: sbl.onfastspring.com
URL: https://sbl.onfastspring.com/sbl/0.9.5/fastspring-builder.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-35.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e949d6cd6cac34b1bda23bdd60f8fd1503e4d1b7f8bb92e93139558298df0494

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 09:08:51 GMT
via
1.1 16cea8ae3ccd098a5d0b3b2c45b25a84.cloudfront.net (CloudFront)
last-modified
Thu, 15 Feb 2024 18:06:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
61439
x-amz-server-side-encryption
AES256
etag
"0d36c2739324aecc812d76bbd0a38132"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
614
x-amz-cf-id
RverXwQnZrMoQWPlWtJdv7If-FBvlnhZtXPfYWmbechbXKiNkcSiyQ==
spin.svg
sbl.onfastspring.com/pinhole/ 		4 KB
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sbl.onfastspring.com/pinhole/spin.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-35.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2ea9a55b25162f88177141d074841f48a6883ae24c6c6560b163bfac705013a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://badlion.pockethost.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:39:06 GMT
content-encoding
gzip
via
1.1 16cea8ae3ccd098a5d0b3b2c45b25a84.cloudfront.net (CloudFront)
last-modified
Thu, 15 Feb 2024 18:06:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
73470
x-amz-server-side-encryption
AES256
etag
W/"e20c27b5d8a7703edacf4ddb6db909c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
JyfL0qS3xobTucSZORtqEMcOBtvaYEExOnHD4ZnCr7COY_cCsPftJQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pocket-core-api-production.fra1.cdn.digitaloceanspaces.com
URL
https://pocket-core-api-production.fra1.cdn.digitaloceanspaces.com/media/images/giga-badlion.png

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| dataLayer function| gtag object| chatwootSettings object| _flutter object| regeneratorRuntime object| chatwootSDK object| $chatwoot object| google_tag_manager object| google_tag_data function| playAudioAlert function| onYouTubeIframeAPIReady object| gaGlobal function| CanvasKitInit object| flutterCanvasKit object| firebase_core object| firebase_app_check object| firebase_auth function| onPopupClosedEvent function| onDataCallback object| fastspring

5 Cookies

Domain/Path Name / Value
.pockethost.app/ Name: _gcl_au
Value: 1.1.1938306194.1718763158
.pockethost.app/ Name: _ga
Value: GA1.1.1335405203.1718763158
.pockethost.app/ Name: firebase_auth_token
Value:
badlion.pockethost.app/ Name: cw_conversation
Value: eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiI2OTVhNzhmMi1jODQwLTQwZDktOTE3My1mMmM5MDU2NmY5NzQiLCJpbmJveF9pZCI6OX0.fpAOJcj9SbJdPGMWdhUSgYI3PjgZlTjlOUUutwToQns
.pockethost.app/ Name: _ga_E3NB0S0HLK
Value: GS1.1.1718763157.1.1.1718763160.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

badlion.coreapi.pockethost.cloud
badlion.pockethost.app
cdn.assets.pockethost.app
chatwoot.pockethost.cloud
epml.onfastspring.com
fonts.gstatic.com
pocket-core-api-production.fra1.cdn.digitaloceanspaces.com
pockethostapp.onfastspring.com
region1.google-analytics.com
sbl.onfastspring.com
www.googletagmanager.com
www.gstatic.com
pocket-core-api-production.fra1.cdn.digitaloceanspaces.com
142.250.186.131
172.67.130.120
18.245.46.110
18.245.46.35
2001:4860:4802:34::36
209.38.184.8
2600:9000:2646:6c00:12:3dd:a740:93a1
2600:9000:2670:800:1b:32b6:8340:93a1
2606:4700:4400::ac40:911d
2a00:1450:4001:81d::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2008
54.160.49.193
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
038ad58f608fdc7e88d834cc7d22aa5e7fb0bd4b4225f5392cf0e8053f7a998b
0724e976e9d544c811e7f452831d0d0660e8fb8a249ef5a50927d30e691fc35f
086c9d3823481d35f2c929703519707ea220ea16082f70178ccf9ba2b662df35
0ae2ea9371912768623756128ebc290fb6252540d194aa33fdeda40d0f6548a7
14f3188cdf064247244c0bcead45d933df0202d7946c11def4d25e30d51d5871
155cde139018d01b4ae16c67542595943ce4c118bde1e8799e01e03bfa1a4653
249485168e41663fca44cd06d286a44790891264f1233618032d6baadd5c0cd5
2a36c358b44dec9cdcf5afb64326c948d7ce4cbb8aabe9422ed0d57b3644e106
2d6dc4ec8cf2f800e672c32d97049c00c445fc0f9b7c3350ad174ed43acf5eaf
35c7e7f77411a7c30fe34b47b162295c0d173ea52f4ae47a26e2aac0013eb3b6
3e8ec1b6f298fcd6f970e7588f2e0c5087fb8aab9cc68d41f013b0263f8d692c
4b1ac774034ba124d40b5c45b57c46a001101cdfbb944a0710e1f0c041ad29e7
4fd964d161a28869aba76111e790799816646af3d8b0f2e0a31f6851b47eb44f
5e89bd8789a8f2ea7f00394fddb6c173e1661513e1c1c62fc31b6c4f89b7e74a
5f6e761b2fcbf4a44c99a65a712729a435804b6e01d9b566d044df124891bf12
655c5e9e289ddb7c56dd94e09dc6b74a46b29ac9cf1638d1952dd9df8251b9b5
69f834df4cce740e5a660bad40858dadd593e467711d04388779103c5d66c181
6a8a6a8f818f6059d4b85c41e369d76946f1b6d25d536c8f1377201141dafe82
6abf952398b1b975b6240a487842fe98cfae04b48e0958a9ce553e49ae6bb8e0
6dee5b9124ad3e7093de10acefa53304dee25e95b91c8d12ba85dd949a06280f
70912d3aa6f6d974980b50d4a984b453706d6bc9708ba07f386f3b48db2aa828
7e9bca8aae96dd2cfa3d194374597bc59ed38432da7d9e05a7ad17945316cac5
89859c68c2675878c83acb43a923d77818f191d5c66a3b0541bd22d87b747ce9
a04d8c12b19e53b7804998c1f2f4e4e3ca34a17ef128b1df86ace7f48a5f836a
a84315bf020669f65573cf070b9ce648bd574d5404936c5ab647d89c077365f0
a8a10e8ace23372a6c051c003fa667e2209c13d5fd01eeffa5d214b693bb4cf0
ae3791ea33b6a6ec32a61c4c4383bd1251d0763fdc48d6dff6e52df53c9bf9ef
baa5e75177df49e48c7670172e34b7f76da4c214ca0c24788f93f30f9ff40ad7
bcec6fb2f3491117a41d8782f2656803d154a6b3b3a3004c7411329d67acc2e8
c226db3bdfa496c0e540276d9f7b2692d9853cc94d5c4ca7ee590f57c49fa124
d0b421132a65abb29822d03abf5b3d9b99e4d783a8d7e539276689b99d77c406
e2ea9a55b25162f88177141d074841f48a6883ae24c6c6560b163bfac705013a
e7d1b7879cdd87c63fcc8d266ac809e8e4af507694633638de3c89fc9120b4ab
e949d6cd6cac34b1bda23bdd60f8fd1503e4d1b7f8bb92e93139558298df0494
eaa5619f0462c2fa2b110a662e937cc1420a87ce3620da53c15a654fdbf90969
ec01b2bf2f7617e23fdcfb139d890ce125809515043e60a36b8abfac0ed758a3
fda8f6d5fe0a49e9f71f0a94e7c56e3a470a8baccc089dbc3eb2af429e386a6f