ko.ras.edu.pl Open in urlscan Pro
172.67.159.134 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://crediti-e-finanza.it/
Effective URL:
https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
Submission: On November 13 via api (November 13th 2023, 8:20:25 am UTC) from NL — Scanned from IT

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 10 domains to perform 50 HTTP transactions. The main IP is 172.67.159.134, located in United States and belongs to CLOUDFLARENET, US. The main domain is ko.ras.edu.pl.
TLS certificate: Issued by GTS CA 1P5 on October 16th 2023. Valid for: 3 months.

This is the only time ko.ras.edu.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 1	172.67.165.218 172.67.165.218	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	104.21.59.147 104.21.59.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	157.90.27.45 157.90.27.45	24940 (HETZNER-AS) (HETZNER-AS)
4	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
15	172.67.159.134 172.67.159.134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.74.202 142.250.74.202	15169 (GOOGLE) (GOOGLE)
3	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
50	9

1 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

crediti-e-finanza.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

crediti-e-finanza.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
antibotcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.165.218 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vcpkp.mirfakpersei.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.21.59.147 (None, )

ASN13335 (CLOUDFLARENET, US)

vcpkp.abyssalforge.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnstatic.abyssalforge.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.90.27.45 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.45.27.90.157.clients.your-server.de

js2json.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
checkaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.67.159.134 (United States)

ASN13335 (CLOUDFLARENET, US)

ko.ras.edu.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.202 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	abyssalforge.top vcpkp.abyssalforge.top cdnstatic.abyssalforge.top	77 KB
15	ras.edu.pl ko.ras.edu.pl	472 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	114 KB
3	crediti-e-finanza.it 2 redirects crediti-e-finanza.it	5 KB
2	checkaf.com checkaf.com — Cisco Umbrella Rank: 265980 Failed
2	js2json.com js2json.com — Cisco Umbrella Rank: 246684	37 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 11595	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	mirfakpersei.top 1 redirects vcpkp.mirfakpersei.top	693 B
1	antibotcloud.com antibotcloud.com — Cisco Umbrella Rank: 805156	615 B
50	10

	Domain	Requested by
15	ko.ras.edu.pl	cdnstatic.abyssalforge.top ko.ras.edu.pl
14	vcpkp.abyssalforge.top	crediti-e-finanza.it vcpkp.abyssalforge.top cdnstatic.abyssalforge.top
4	www.gstatic.com	cdnstatic.abyssalforge.top
4	cdnstatic.abyssalforge.top	vcpkp.abyssalforge.top cdnstatic.abyssalforge.top
3	fonts.gstatic.com	fonts.googleapis.com
3	crediti-e-finanza.it	2 redirects
2	checkaf.com	js2json.com
2	js2json.com	vcpkp.abyssalforge.top
2	counter.yadro.ru	1 redirects
1	fonts.googleapis.com	ko.ras.edu.pl
1	vcpkp.mirfakpersei.top	1 redirects
1	antibotcloud.com	crediti-e-finanza.it
50	12

This site contains no links.

Subject Issuer	Validity	Valid
crediti-e-finanza.it GTS CA 1P5	`2023-11-13` - `2024-02-11`	3 months	crt.sh
antibotcloud.com E1	`2023-09-21` - `2023-12-20`	3 months	crt.sh
abyssalforge.top E1	`2023-10-11` - `2024-01-09`	3 months	crt.sh
js2json.com R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
checkaf.com R3	`2023-09-29` - `2023-12-28`	3 months	crt.sh
ras.edu.pl GTS CA 1P5	`2023-10-16` - `2024-01-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
Frame ID: 43FFB6CC89DAAED987888EAFFB30B9E5
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loveme

Page URL History Show full URLs

http://crediti-e-finanza.it/ HTTP 301
https://crediti-e-finanza.it/ Page URL
https://crediti-e-finanza.it/ HTTP 302
https://vcpkp.mirfakpersei.top/?pl=bUa_AGLMpkq33wlIOW_2KA HTTP 302
https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZCl... Page URL
https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZCl... Page URL
https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

94 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

9
IPs

5
Countries

707 kB
Transfer

1033 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://crediti-e-finanza.it/ HTTP 301
https://crediti-e-finanza.it/ Page URL
https://crediti-e-finanza.it/ HTTP 302
https://vcpkp.mirfakpersei.top/?pl=bUa_AGLMpkq33wlIOW_2KA HTTP 302
https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920 Page URL
https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920 Page URL
https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://crediti-e-finanza.it/ HTTP 301
https://crediti-e-finanza.it/

Request Chain 2

https://counter.yadro.ru/hit;enphones?t39.1;r;s1600*1200*24;uhttps%3A//crediti-e-finanza.it/;hAspettare.;0.8034567227448388 HTTP 302
https://counter.yadro.ru/hit;enphones?q;t39.1;r;s1600*1200*24;uhttps%3A//crediti-e-finanza.it/;hAspettare.;0.8034567227448388

Request Chain 4

https://crediti-e-finanza.it/ HTTP 302
https://vcpkp.mirfakpersei.top/?pl=bUa_AGLMpkq33wlIOW_2KA HTTP 302
https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
crediti-e-finanza.it/
Redirect Chain

http://crediti-e-finanza.it/
https://crediti-e-finanza.it/

6 KB
4 KB

237ms
196ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crediti-e-finanza.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 652bbabf88fc84d1747965d185845c3388873eed52d77c8c48bb0d6f0add7e7c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8255984ae9bd3751-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Nov 2023 08:20:20 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <https://antibotcloud.com/antibot7.php>; rel=dns-prefetch
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2F%2BgXq7cwwfHRgPE2rqbqIgskWe7vfcI8PB0vE6a%2BXaNCQXY4a5IYWi5H432sI0fgv3uNIO35bDjqPtbpEJPKNMWNusJ64safsmiX8jdChFnSSrGsMQOG5f953GwQ5MidlA1QLbxQg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-robots-tag: noindex

Redirect headers

CF-RAY: 8255984a7cb50e4a-MXP
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 13 Nov 2023 08:20:20 GMT
Expires: Mon, 13 Nov 2023 09:20:20 GMT
Location: https://crediti-e-finanza.it/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUBVoU9AIh86M3irvimANNk%2FoQ8%2FrvuMJfJBuQttXu68mfyFQAdJfSVPhcCXnWtbpKCJt6Mfav0n730tz4HOx%2FGEt2OT1WsUGY4b8M0pWcdxZnHzaMv7lhOEc6PkYxovQIaktYrrvg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://crediti-e-finanza.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit;enphones
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;enphones?t39.1;r;s1600*1200*24;uhttps%3A//crediti-e-finanza.it/;hAspettare.;0.8034567227448388
https://counter.yadro.ru/hit;enphones?q;t39.1;r;s1600*1200*24;uhttps%3A//crediti-e-finanza.it/;hAspettare.;0.8034567227448388

138 B
624 B

68ms
68ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;enphones?q;t39.1;r;s1600*1200*24;uhttps%3A//crediti-e-finanza.it/;hAspettare.;0.8034567227448388

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://crediti-e-finanza.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Nov 2023 08:20:20 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 138
Expires: Sat, 12 Nov 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Nov 2023 08:20:20 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;enphones?q;t39.1;r;s1600*1200*24;uhttps%3A//crediti-e-finanza.it/;hAspettare.;0.8034567227448388
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sat, 12 Nov 2022 21:00:00 GMT

POST
H2 200 antibot7.php
antibotcloud.com/ 72 B
615 B 156ms
103ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://antibotcloud.com/antibot7.php
Requested by: Host: crediti-e-finanza.it
URL: https://crediti-e-finanza.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://crediti-e-finanza.it/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type: application/x-www-form-urlencoded;

Response headers

date: Mon, 13 Nov 2023 08:20:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5BCYJ0E4SA9g9x5VwkVHNKq0MsKv3O432p4GyUv8zdJwsPbs%2Fd5A8GoDLFdjT0AyTv%2FKfTJocjwgG7%2BoWFuJjWqwHZdVCXVG62AEiQQ%2F7USbRQucL5eP8q21jWMLxbdJ5Rz"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8255984cad920dfe-MXP
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

/ Show response
vcpkp.abyssalforge.top/eyes-robot/
Redirect Chain

https://crediti-e-finanza.it/
https://vcpkp.mirfakpersei.top/?pl=bUa_AGLMpkq33wlIOW_2KA
https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920

1 KB
905 B

107ms
57ms

Document
text/html

104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
Requested by: Host: crediti-e-finanza.it
URL: https://crediti-e-finanza.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59a434273024c1bb3507cc5dff5bd4980fd44680e86ca69803822bc0277125ec

Request headers

Referer: https://crediti-e-finanza.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8255984f7e05374f-MXP
content-encoding: br
content-type: text/html
date: Mon, 13 Nov 2023 08:20:21 GMT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F04IpMNV44HkmFKayC5dgAzcAPWw9tmSYCCfzng81jCsHbGW9WQk5bXNG6ZGFmxCkm1gu9MtjKYRXFGnnSwujRREz1bTvc5tF1E9r0uajDOGL1unhs1U7VM0g7equMG3oeqcMWDGrBV9"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8255984ea9310da5-MRS
content-length: 0
date: Mon, 13 Nov 2023 08:20:20 GMT
location: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qEUhbFKpac9L5bi2nLDpMktHVidXcvgX6VQmpm%2FkNpl6AnsQqyN%2Bn2QH5DylN%2FgA5QoYVFbGd%2FBSVvJnXjOblGYYItSgcD3%2FRpEPg%2BiMPhbCqSks%2BZ22pnrtEqFDRDknGOLyK6K2iz7"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 trls.js Show response
vcpkp.abyssalforge.top/eyes-robot/assets/ 11 KB
2 KB 44ms
41ms Script
application/javascript 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vcpkp.abyssalforge.top/eyes-robot/assets/trls.js
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654ca8f2-2af6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQ%2BzXp2nWumZoGf1qY6kgMmLm%2B3w1y97ndzb0hdg6C1BtkmUZtH6uX0dlmzYoouQ6%2BJw4gyHz8SvB6y4vYPD96pIBD9g2nSxltXnjcMn30MGmQTGO6pD3rvheaHfovtamUoVuofuKMBy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8255984fde51374f-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
vcpkp.abyssalforge.top/eyes-robot/assets/ 3 KB
1 KB 65ms
63ms Stylesheet
text/css 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vcpkp.abyssalforge.top/eyes-robot/assets/style.css
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654ca8f2-cf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjC0GXJI8oaYTSRb8FKbnAAtcR4fEMwQr1ycJJv0npwWd8NsAmHprPnj1DBwMbVF4ppDdH2NlhOt5qcPibzBNCo%2B9d4HNIhD4TmrclUeLjTw9aT9BvvcAA5nxBZb6n43k486l4ctVSas"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8255984fde50374f-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 1.png
vcpkp.abyssalforge.top/eyes-robot/assets/ 10 KB
11 KB 60ms
59ms Image
image/png 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcpkp.abyssalforge.top/eyes-robot/assets/1.png
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654ca8f2-295f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DD9HmeuXeOarQePwxz46shTwmYumLyRH9i14a9iWx0OdzatDmcza6MGL9fs2vaIBTn5h3eguNJnBODrc3DPmqOOHuGQFfmBSISLuQvw0%2FqhjR5toP5Y0NP0nsdVcf1mFyVzltNAabRJo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8255984fde52374f-MXP
alt-svc: h3=":443"; ma=86400
content-length: 10591

GET
H2 200 2.png
vcpkp.abyssalforge.top/eyes-robot/assets/ 1 KB
1 KB 57ms
56ms Image
image/png 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcpkp.abyssalforge.top/eyes-robot/assets/2.png
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654ca8f2-425"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIgrgn91i65MzqNsA4NHQk6RBj1qoSf8aih178pj%2Fzul2aE7Ym3x2X6F%2Bz3Xn8WeGSyV%2F88LlOqmS8%2FPvyyfdA8LdzehIkfaWnca3w0qK9tGeny34oeHqM1OSbFZVsr%2BBu2XZ0TRnujR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8255984fde54374f-MXP
alt-svc: h3=":443"; ma=86400
content-length: 1061

GET
H3 200 static-pl.js Show response
vcpkp.abyssalforge.top/shared-js/assets/ 3 KB
2 KB 26ms
26ms Script
application/javascript 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vcpkp.abyssalforge.top/shared-js/assets/static-pl.js
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93972bbc62d530dd23e06c5174b3e9ed4fb5719279ecef774d0a7eacf1040a18

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5642
etag: W/"654ca8f2-bf3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAeKJ3uUEH8hwiRim0Y8IOORb%2BRGyXi0OWAlF5JTT6joCtYa1Iou9AtmadiYjagYEAe2lQy6PmRHEcMNevtywLVXxm8NQSPlHS%2Bjq3RscFL09ye6Br%2BqrNoHYcGsFHAqigR04DjkV%2BI5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 825598502b310d9c-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 script.js Show response
js2json.com/ 48 KB
18 KB 145ms
47ms Script
application/javascript 157.90.27.45
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js2json.com/script.js
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.27.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.45.27.90.157.clients.your-server.de
Software: openresty /
Resource Hash: b959b437fda46525d706e56bce45eb610d27a5fffe82dde0e1bef399c437631a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 image.png
vcpkp.abyssalforge.top/eyes-robot/assets/ 11 KB
11 KB 41ms
41ms Image
image/png 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcpkp.abyssalforge.top/eyes-robot/assets/image.png
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/eyes-robot/assets/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/eyes-robot/assets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654ca8f2-2b23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4c4IS0HXPtMMcqCVueTLeA24l2mPhGu22qcZnmV4QIYT4xoUBlqa6KedeXPacr%2Ferp%2FeEl2FBxCYEWUqQMz9DUo45JpF%2BysduU5xs5asQHXFuQTiaWgVajHYbofI2yNemUnDT%2BtGP79G"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 825598504b6e0d9c-MXP
alt-svc: h3=":443"; ma=86400
content-length: 11043

GET
H2 200 ps.js Show response
cdnstatic.abyssalforge.top/ps/ 24 KB
9 KB 56ms
47ms Script
application/javascript 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.abyssalforge.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.abyssalforge.top
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/shared-js/assets/static-pl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afc64d4b855ea1eb683bfae922bda97502f15860377179dfecca77463eb9f2a5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0neuJCm0pZahorRrcAlm5d%2BuUJKTo5VALLGpa135Pu%2FOJrcxAKAfcWmjkd96bO74okj0FUaT12XKobkTWfrlsp8AatPV63uZk3ZOtWETegnAf3IaMyEEzsobsMpPwsK2MNKPe7M0bY7gxBA0vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 825598506eb0374f-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 config.js Show response
cdnstatic.abyssalforge.top/ps/ 366 B
679 B 44ms
44ms Script
application/javascript 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.abyssalforge.top/ps/config.js?id=bUa_AGLMpkq33wlIOW_2KA
Requested by: Host: cdnstatic.abyssalforge.top
URL: https://cdnstatic.abyssalforge.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.abyssalforge.top
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28191615ad584e701c9eea9dd088d8812f9750ada00eb4e770aa75932a75cbe1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqjWefYssPvYtsjTqQItZCebJOob6sSpEH3qwQOFEIUDR9y%2Fo0TMk%2FN4ZDe9XwF2UPq86FW%2FRYLVTLHTDRXc2Y0bRqvmIxLKd8O5wQV7lNET6pIDErdoTNCXrq%2BwoB0cznJpJ28ThJqRviY6Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 82559850bbe70d9c-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.4.1/ 21 KB
7 KB 87ms
26ms Script
text/javascript 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.4.1/firebase-app.js

Requested by

Host: cdnstatic.abyssalforge.top
URL: https://cdnstatic.abyssalforge.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.abyssalforge.top

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6763
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 12:29:47 GMT

OPTIONS data
checkaf.com/ 0
0

POST data
checkaf.com/ 0
0

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.4.1/ 40 KB
11 KB 27ms
26ms Script
text/javascript 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 22:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10908
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 22:58:36 GMT

GET
H3 200 / Show response
vcpkp.abyssalforge.top/eyes-robot/ 1 KB
891 B 42ms
41ms Document
text/html 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
Requested by: Host: cdnstatic.abyssalforge.top
URL: https://cdnstatic.abyssalforge.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.abyssalforge.top
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59a434273024c1bb3507cc5dff5bd4980fd44680e86ca69803822bc0277125ec

Request headers

Referer: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 825598524dfc0d9c-MXP
content-encoding: br
content-type: text/html
date: Mon, 13 Nov 2023 08:20:21 GMT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vHSJ5aQEO8%2B0VvL%2FlrQHCbOiK6oyko28Azz6YqSq%2BAYBpqeVixghG9D5LxLale5ZMLO42A1TVruJ%2F%2F8xrEJeEAyyQN2u%2FbF2f%2B07C%2FjGhPdNuyhkZzx%2Fk9aH2DPj8ZO8zR4VMPbB4jm"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 trls.js Show response
vcpkp.abyssalforge.top/eyes-robot/assets/ 11 KB
2 KB 25ms
24ms Script
application/javascript 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vcpkp.abyssalforge.top/eyes-robot/assets/trls.js
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"654ca8f2-2af6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AsWd9vHBEk3s9V%2BZiyc58ltxI3fnnYPAnmQWDWqmUYVfapIsV81%2BjeB%2FBmr5olf%2Fkn%2BCFea0YlU7e9CS7RbCsPahflGdLRA6jGTBfGU8Ha8LIA7yqS0%2BONFygTdV9usJekEWvw8QAFZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 825598529e5a0d9c-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.css
vcpkp.abyssalforge.top/eyes-robot/assets/ 3 KB
1 KB 45ms
44ms Stylesheet
text/css 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vcpkp.abyssalforge.top/eyes-robot/assets/style.css
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"654ca8f2-cf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5Wp%2FbwqDQ6w218kLjtSUsdbGYUXnvUB3kdG92nGL6%2B91RO4pDmdRHZ3I0jUAjyq4E%2B5%2BHacCRBZ1MA%2F7j3SJ3s9Tvc2kkUVIAzqWTMmIoJcUd%2F5Ou2HML5XMjSBCA90Rnti3MyLSK7t"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 825598529e5c0d9c-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 1.png
vcpkp.abyssalforge.top/eyes-robot/assets/ 10 KB
11 KB 26ms
25ms Image
image/png 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcpkp.abyssalforge.top/eyes-robot/assets/1.png
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "654ca8f2-295f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SU4oUIiIddCen%2BSRK9ZWH9fFGQqmL85mdwjlrog6nUHV%2BmHSbKI9rdgoFnCUO7LDG2DD5zggUlqxz8fRkSt9EQLLiiDgOFsgojcoRiVWhZ0D6Pq75%2BzFEyHrQ1xIRKh1P7iC8vWbhm2X"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 825598529e5d0d9c-MXP
alt-svc: h3=":443"; ma=86400
content-length: 10591

GET
H3 200 2.png
vcpkp.abyssalforge.top/eyes-robot/assets/ 1 KB
1 KB 51ms
50ms Image
image/png 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcpkp.abyssalforge.top/eyes-robot/assets/2.png
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "654ca8f2-425"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQ5Z0bw%2FAXKBbNSBj3QHw5W1bqKMhvynRQ3IDpFM9wJHgnM5mCrPfXxx1qX0D%2BtEF4iM4gocrrvyYOXb2u1HYv%2FrEYsiU2Oo8i1OcC9l2cbuLiRoqQSaiGwmb9PnCk15ZhqeqJW3zCpu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 825598529e5e0d9c-MXP
alt-svc: h3=":443"; ma=86400
content-length: 1061

GET
H3 200 static-pl.js Show response
vcpkp.abyssalforge.top/shared-js/assets/ 3 KB
1 KB 24ms
23ms Script
application/javascript 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vcpkp.abyssalforge.top/shared-js/assets/static-pl.js
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93972bbc62d530dd23e06c5174b3e9ed4fb5719279ecef774d0a7eacf1040a18

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5642
etag: W/"654ca8f2-bf3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKmf3rGd%2BV1SH6gEvlTZGkAcuX6PJlak0uABB22Et99et7Tj%2BpTWhud7lFjibi8Xk30BrzPUZ99oWkT2xg5bwPXFURMje7CBJgn1579PYPGeCiLs32gzs2FWN78lV%2FIcrzKCHf%2Fe%2FAK%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82559852ce9d0d9c-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 script.js Show response
js2json.com/ 48 KB
18 KB 43ms
41ms Script
application/javascript 157.90.27.45
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js2json.com/script.js
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/eyes-robot/?pl=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&hash=Jv-JtEiNLnmJSfevZClo_g&exp=1699863920
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.27.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.45.27.90.157.clients.your-server.de
Software: openresty /
Resource Hash: b959b437fda46525d706e56bce45eb610d27a5fffe82dde0e1bef399c437631a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 image.png
vcpkp.abyssalforge.top/eyes-robot/assets/ 11 KB
11 KB 31ms
31ms Image
image/png 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcpkp.abyssalforge.top/eyes-robot/assets/image.png
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/eyes-robot/assets/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/eyes-robot/assets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:40:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "654ca8f2-2b23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVgA2pREMVSefxr10RQ%2B30OnUtqVppYSOrD0wyDyLcaIL0ymiDGAnscZ9a%2BHS4u0k3m%2FzPVl4WrEfU55VvhNPr%2Fo1Q8MyCsnUz%2F0eVKEC6ogVzCUHo1k2znUnN0KT2TOGHjowbxZRMCP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82559852eec80d9c-MXP
alt-svc: h3=":443"; ma=86400
content-length: 11043

GET
H3 200 ps.js Show response
cdnstatic.abyssalforge.top/ps/ 24 KB
9 KB 48ms
45ms Script
application/javascript 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.abyssalforge.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.abyssalforge.top
Requested by: Host: vcpkp.abyssalforge.top
URL: https://vcpkp.abyssalforge.top/shared-js/assets/static-pl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afc64d4b855ea1eb683bfae922bda97502f15860377179dfecca77463eb9f2a5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEbV77B6K7E2xgcJT9NfyYFZjvRbu9jk8LOune1pRZEUqU8lbT7VYdzmuuNNA1TMbcgjYB3G5LMk1%2B29c3vd%2FeM1zrQ4Hx%2F51R0SsqcQYGUEO2gjWjNvQDQC9Lv6qsU%2FTPGD4WDZG9l8ujl%2BaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 825598530eee0d9c-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 config.js Show response
cdnstatic.abyssalforge.top/ps/ 366 B
680 B 45ms
45ms Script
application/javascript 104.21.59.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.abyssalforge.top/ps/config.js?id=bUa_AGLMpkq33wlIOW_2KA
Requested by: Host: cdnstatic.abyssalforge.top
URL: https://cdnstatic.abyssalforge.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.abyssalforge.top
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.59.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28191615ad584e701c9eea9dd088d8812f9750ada00eb4e770aa75932a75cbe1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:21 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRCvE2XeqE4LQNCw%2FXhhU32N7wDocRXOtPmiXmo8Jx6oRJmYeLqHtzy1RxSpJjIpzQ%2BWJIW%2BAWIC1%2B1jlV2or76yFz5MdxW8XSTtPbTgwm9Q6LXfq6BsR39c3Enb3YlZeweEgDpV69%2BW9tteWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 825598539f6f0d9c-MXP
alt-svc: h3=":443"; ma=86400

POST
H2 200 data
checkaf.com/ 0
0 32ms
31ms Fetch 157.90.27.45
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://checkaf.com/data
Requested by: Host: js2json.com
URL: https://js2json.com/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.27.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.45.27.90.157.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

Referer: https://vcpkp.abyssalforge.top/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vcpkp.abyssalforge.top
date: Mon, 13 Nov 2023 08:20:21 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: openresty
content-length: 0
vary: Origin

OPTIONS
H2 204 data
checkaf.com/ 0
0 31ms
31ms Preflight 157.90.27.45
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://checkaf.com/data
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.27.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.45.27.90.157.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vcpkp.abyssalforge.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://vcpkp.abyssalforge.top
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Mon, 13 Nov 2023 08:20:21 GMT
server: openresty
vary: Origin

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.4.1/ 21 KB
7 KB 26ms
26ms Script
text/javascript 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.4.1/firebase-app.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 12:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6763
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 12:29:47 GMT

GET
H3 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.4.1/ 40 KB
11 KB 26ms
26ms Script
text/javascript 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://vcpkp.abyssalforge.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 22:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10908
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 22:58:36 GMT

GET
H2 200 Primary Request / Show response
ko.ras.edu.pl/ 5 KB
2 KB 154ms
97ms Document
text/html 172.67.159.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
Requested by: Host: cdnstatic.abyssalforge.top
URL: https://cdnstatic.abyssalforge.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=bUa_AGLMpkq33wlIOW_2KA&sm=eyes-robot&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.abyssalforge.top
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.159.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00d2dd2b6e4ff843c72d00c336e119471137c9fefa2a816872f4a70a495c2dda

Request headers

Referer: https://vcpkp.abyssalforge.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 82559854ad5b4c55-MXP
content-encoding: br
content-type: text/html
date: Mon, 13 Nov 2023 08:20:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QknfeAA4tSdOIQDEYAVRDgo1q3uQs%2BQksWiTIT16LcR7PaDURVwQABe9lwzqTLSBjNLwURt5dOjM1qCLMb%2BnTj2Pe%2F8ePioh8SpcoKYEUeFOZ1K6LvAodAjZlET0sqoc"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 105ms
36ms Stylesheet
text/css 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700

Requested by

Host: ko.ras.edu.pl
URL: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

ESF /

Resource Hash

c6bf13530b5151f439201d81f8b15868b1c9a9a732769bc00ece14942ccd3c34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ko.ras.edu.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Nov 2023 08:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 08:15:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Nov 2023 08:20:22 GMT

GET
H2 200 style.css
ko.ras.edu.pl/media/dating/dirtysinder/css/ 16 KB
4 KB 1369ms
1367ms Stylesheet
text/css 172.67.159.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko.ras.edu.pl/media/dating/dirtysinder/css/style.css

Requested by

Host: ko.ras.edu.pl
URL: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.159.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c0fba4352f346a81523df1f943addecb49b9f082cd6fee3962b1681a7fbd5f5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:23 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 179720F5888A598F
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Feb 2023 09:31:06 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:30.645185Z
etag: W/"fdf9ef7b632886c1ab15b32f6196cc81"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTAoEtuAKaFx4M%2FZuWVOdMY2a0hVQJjByatjMHV48jt7qESWzgzo6vHgFBabv3UywM51JBMV5KtG4%2B9LzNvrH2a4WJxcBaoux%2Bx4d40zE1KsrY4kGH6OCJk%2FEtQ1R8Bq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 825598555e284c55-MXP
x-amz-meta-mc-attrs: atime:1676843512#999936088/gid:0/gname:root/mode:33188/mtime:1655386830#645185000/uid:0/uname:root
expires: Tue, 12 Nov 2024 08:20:23 GMT

GET
H2 200 flag-icon.css
ko.ras.edu.pl/util/flag-icon/css/ 40 KB
3 KB 1316ms
1315ms Stylesheet
text/css 172.67.159.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko.ras.edu.pl/util/flag-icon/css/flag-icon.css

Requested by

Host: ko.ras.edu.pl
URL: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.159.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:23 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 179720F53B22F5C5
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Apr 2023 12:33:17 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:14.684017Z
etag: W/"0a47b937981e7389e3ebe63e4a503066"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuCgieRx4FUFECzUNeVMaCar33mNMSg5W7Amq1oFSI8UPQuRpMOQOXBSRY5sVWyc127p6DGr0upyhXemiHFyu0h03vroITIiqiPSVC3W4%2BhSZecjTVpdAigPB5yeI9UD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 825598555e2b4c55-MXP
x-amz-meta-mc-attrs: atime:1679347483#860229624/gid:0/gname:root/mode:33188/mtime:1655386274#684017000/uid:0/uname:root
expires: Tue, 12 Nov 2024 08:20:22 GMT

GET
H2 200 js.cookie.js Show response
ko.ras.edu.pl/cookie/ 4 KB
3 KB 84ms
83ms Script
application/javascript 172.67.159.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko.ras.edu.pl/cookie/js.cookie.js

Requested by

Host: ko.ras.edu.pl
URL: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.159.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 179720F5395D43D2
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 15:19:53 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-07-21T10:00:37.354375Z
etag: W/"a7e9883924072f15259de6888d5ef515"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbw8FTTnin8cmiMFIUrr79AeDIR7JzCldOp4bA7oinU9wPflYtw1b0ps5AeKZWLCTRS%2FDmB6crJRYJsjY7nJ%2ByK%2B49occ%2BQmFI7PzkgDwjCQmOkciqdS%2B%2BEzzn%2BCx7WW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 825598555e2d4c55-MXP
x-amz-meta-mc-attrs: atime:1693134513#248036972/gid:0/gname:root/mode:33188/mtime:1658397637#354375000/uid:0/uname:root
expires: Tue, 12 Nov 2024 08:20:21 GMT

GET
H2 200 utils.js Show response
ko.ras.edu.pl/util/ 7 KB
3 KB 1353ms
1352ms Script
application/javascript 172.67.159.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko.ras.edu.pl/util/utils.js

Requested by

Host: ko.ras.edu.pl
URL: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.159.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:23 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 179720F588E96081
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Feb 2023 09:36:45 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-07-29T09:04:49.684136Z
etag: W/"01816d15ca03032751161a746e2fb7c3"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLKFgvzMNJB166qwgIdPo9J1osrrkvSRLF4%2B9910VqA9mroNSXbEPVBFEejpDkdNGhhTAHSPAtplXwVg003jXpX7MwNAkEgFSrfzGFn3Od2AHiIzTQ4ahUCp2Z3qnADK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 825598555e304c55-MXP
x-amz-meta-mc-attrs: atime:1676885559#334512232/gid:0/gname:root/mode:33188/mtime:1659085489#684136000/uid:0/uname:root
expires: Tue, 12 Nov 2024 08:20:23 GMT

GET
H2 200 logo-loveme_black1.svg
ko.ras.edu.pl/media/dating/dirtysinder/images/ 4 KB
3 KB 87ms
86ms Image
image/svg+xml 172.67.159.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ko.ras.edu.pl/media/dating/dirtysinder/images/logo-loveme_black1.svg

Requested by

Host: ko.ras.edu.pl
URL: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.159.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fd4d4a7fe6c0d2743ef52f04eddd31432c86c95fd79f39fe8bdffb7d8fba0b3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:22 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 179720F53B46D9C1
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Apr 2023 12:28:53 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:30.429185Z
etag: W/"586f137204e47e4f50e5492ae49dd67c"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQj9V7fhZoeV87VR8v58qgGxlKurBM7Rpb61V3OlLOtsot%2FsWnI9LjER%2BnlEAH1a%2BC5Fu3nTKLaWJqYOFIx0IkShz0A2N1Y%2BeE7W5WapYYFeZUi1OGpiAGXrtvOKP8Ua"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 825598555e324c55-MXP
x-amz-meta-mc-attrs: atime:1679349481#947641636/gid:0/gname:root/mode:33188/mtime:1655386830#429185000/uid:0/uname:root
expires: Tue, 12 Nov 2024 08:20:21 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
ko.ras.edu.pl/media/dating/dirtysinder/js/ 84 KB
31 KB 89ms
88ms Script
application/javascript 172.67.159.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko.ras.edu.pl/media/dating/dirtysinder/js/jquery-2.2.4.min.js

Requested by

Host: ko.ras.edu.pl
URL: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.159.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 179720F53983E4A3
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 15:22:03 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-07-29T09:14:52.969156Z
etag: W/"2f6b11a7e914718e0290410e85366fe9"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2NheonQRyL%2BF40ozaRXjv%2BmnJmC3y9%2Fkii8tPF8eVYFF94MvAoW9yQ26QUez3w2wnhXWs2A5pnCFwsGfhcKxBdSF2nE9iijHg%2B%2BEEvp7QkPi0Q69C5JJMDvAXRt0Gig"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 825598555e334c55-MXP
x-amz-meta-mc-attrs: atime:1693134505#148011626/gid:0/gname:root/mode:33188/mtime:1659086092#969156000/uid:0/uname:root
expires: Tue, 12 Nov 2024 08:20:21 GMT

GET
H3 200 trls.js Show response
ko.ras.edu.pl/media/dating/dirtysinder/js/ 17 KB
8 KB 1227ms
1226ms Script
application/javascript 172.67.159.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko.ras.edu.pl/media/dating/dirtysinder/js/trls.js

Requested by

Host: ko.ras.edu.pl
URL: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.159.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a7eb7795296faf56df1f30f1c6771b7eaa9290c60127e3e9d86696668ea48c8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:23 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 179720F5428C15C7
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Feb 2023 09:31:06 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-07-29T09:14:53.225156Z
etag: W/"0d71a75c3acc2f59514014dd333c64c8"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BarMigwwWNMkwH1ysvDyRcsc2pq%2BLrjuiNZFg7Ni5xcvSAyqukK5VoDjdb1G4xzgbe4trUCypVnvqpc9pWVBC3tvTJQlSsSVnMZQpyt6UA5iOo5vVDJBVj1i6VRLrNB5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 82559855ebba0e5b-MXP
x-amz-meta-mc-attrs: atime:1676801238#996470130/gid:0/gname:root/mode:33188/mtime:1659086093#225156000/uid:0/uname:root
expires: Tue, 12 Nov 2024 08:20:23 GMT

GET
H3 200 main.js Show response
ko.ras.edu.pl/media/dating/dirtysinder/js/ 3 KB
2 KB 247ms
247ms Script
application/javascript 172.67.159.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko.ras.edu.pl/media/dating/dirtysinder/js/main.js

Requested by

Host: ko.ras.edu.pl
URL: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.159.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c03acf3d158e2105bd0881aab875eadf0cca1167beb22d930888b28f34ae5a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 179720F5403AE42F
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 15:22:03 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-07-29T09:14:53.041156Z
etag: W/"4ff0f5ad435331f44d0b0691647bc6f9"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srnOUubP6qj1yTTY1dGhdftCUXfy4nLbaI8JDQHUNs38E0lToWCnu5BxRAIt5Zq7eg3WVKHSq5ExKhSsyUaYmCiOdIXgLdxeREJIuzczBlrUb9mKELHiald4j8re3aAl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 82559855fbd10e5b-MXP
x-amz-meta-mc-attrs: atime:1693134505#148011626/gid:0/gname:root/mode:33188/mtime:1659086093#41156000/uid:0/uname:root
expires: Tue, 12 Nov 2024 08:20:22 GMT

GET
H3 200 bb.js Show response
ko.ras.edu.pl/media/ 639 B
1 KB 26ms
25ms Script
application/javascript 172.67.159.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko.ras.edu.pl/media/bb.js

Requested by

Host: ko.ras.edu.pl
URL: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.159.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:22 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 179695A45751C8A4
age: 153180
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Apr 2023 12:27:44 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-07-28T17:55:13.852764Z
etag: W/"0d553e4bac91c74bfee2dbabba61e99e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZUVDlErDnyUOMjstfO58GiMvBhnbPj7TpAsw7LC9zFt7yhInOe3K%2FoaeQIHolkg47lZRiuwcxb0gZahZrvy%2FggWMX%2FCEG9G%2BrJx58p%2BjOFuKQAMg6mcTYF%2FHMlA1lMA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 825598578d7a0e5b-MXP
x-amz-meta-mc-attrs: atime:1679338323#885197229/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root
expires: Sun, 10 Nov 2024 13:47:22 GMT

GET
H3 200 exit1.js Show response
ko.ras.edu.pl/media/exit-new/ 3 KB
2 KB 25ms
24ms Script
application/javascript 172.67.159.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko.ras.edu.pl/media/exit-new/exit1.js

Requested by

Host: ko.ras.edu.pl
URL: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.159.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17963E48A1E7C00F
age: 249231
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 15:23:09 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z
etag: W/"625e5e2950612f771e246beb33c9ea61"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEsYonA1heA%2B%2B0UnknmBywL3G4o59wLaYP4Z2mvYU4iNR2jhk%2FzE%2Boqo%2FbxeSlL9B8F3dQ3Wi6LiByr9%2Bkww%2Bgg7jRdvdsShGoLjl3Y8wQLXGGxDf3CX7lPJeDm4DBeW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 82559857bdb20e5b-MXP
x-amz-meta-mc-attrs: atime:1693134511#160030446/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root
expires: Sat, 09 Nov 2024 11:06:31 GMT

GET
H3 200 1.jpg
ko.ras.edu.pl/media/dating/dirtysinder/images/ 142 KB
142 KB 37ms
36ms Image
image/jpeg 172.67.159.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ko.ras.edu.pl/media/dating/dirtysinder/images/1.jpg

Requested by

Host: ko.ras.edu.pl
URL: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.159.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37a751df9353725b7e06bec81bc5c9f42c77c21701e4717465a13f4df5c0540d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 179720F58BB9B241
alt-svc: h3=":443"; ma=86400
content-length: 144999
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 15:22:03 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:27.657179Z
etag: "d7c3dbb1072324f863945d8511916660"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0E9Ze3bsvw%2Bt32VfafhJOzhkB06UwpLaHnlihm%2F7PBe5NQNQD8QNPPYNVLEhX5UqIwnEo7GWsSM9L0lSNnXHsfgmyfur1q9bJjIfb7HXfoWhGc1lgs7%2F2ZpxI8bwfcIg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8255985dfc310e5b-MXP
x-amz-meta-mc-attrs: atime:1693134505#144011613/gid:0/gname:root/mode:33188/mtime:1655386827#657179000/uid:0/uname:root
expires: Tue, 12 Nov 2024 08:20:23 GMT

GET
H3 200 2.jpg
ko.ras.edu.pl/media/dating/dirtysinder/images/ 121 KB
122 KB 103ms
101ms Image
image/jpeg 172.67.159.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ko.ras.edu.pl/media/dating/dirtysinder/images/2.jpg

Requested by

Host: ko.ras.edu.pl
URL: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.159.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2949d919c1cbfea9a960e5a7a9fe4fe5086c1f9073c278d7e653980917a5a740

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:23 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 179720F58D9DE22F
alt-svc: h3=":443"; ma=86400
content-length: 124409
x-amz-id-2: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Apr 2023 12:28:53 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:28.689181Z
etag: "5dbe2191356b93f88f1d7bf68e119848"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HQA%2Fi8Y7hjeVXSeSBtrHgy7WGc1Mb8nr%2B9kAf7Wmt7u78AIU%2FOJAFexBHdi1Y7jpn5IjDazXrc8t39UObpV0bHXbGq3vm2rlL1Of2nBIixbXuHBhHBMbgMqhTAgJYQ6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8255985dfc330e5b-MXP
x-amz-meta-mc-attrs: atime:1679349481#947641636/gid:0/gname:root/mode:33188/mtime:1655386828#689181000/uid:0/uname:root
expires: Tue, 12 Nov 2024 08:20:23 GMT

GET
H3 200 3.jpg
ko.ras.edu.pl/media/dating/dirtysinder/images/ 146 KB
147 KB 131ms
130ms Image
image/jpeg 172.67.159.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ko.ras.edu.pl/media/dating/dirtysinder/images/3.jpg

Requested by

Host: ko.ras.edu.pl
URL: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.159.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f31c428593d808f5dd1697233414338d03fdc0f7f88334ef3be339efc2ebda2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ko.ras.edu.pl/?u=dubkd0x&o=vkmb9vn&t=test-datingUSA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:23 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 179720F58FE320AC
alt-svc: h3=":443"; ma=86400
content-length: 149377
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Feb 2023 09:31:06 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-06-16T13:40:28.841181Z
etag: "1d9b9c419c00167969ce9b891aeb923b"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zG53lWLUZ5g1u%2FoaQVUncyVnHhqhclmK9dpOe5OXtfTcwwO3hc9CcnW3hpp9Fmpdzo9ARjghWsYwH8xLp6IBbuCCSylEeq2WEVFTFsFzXu4%2BMXBwY6TL50ugbhNMZk1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8255985dfc350e5b-MXP
x-amz-meta-mc-attrs: atime:1676843512#999936088/gid:0/gname:root/mode:33188/mtime:1655386828#841181000/uid:0/uname:root
expires: Tue, 12 Nov 2024 08:20:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 117ms
56ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ko.ras.edu.pl
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 233848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 15:22:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 89ms
28ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ko.ras.edu.pl
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:44 GMT
x-content-type-options: nosniff
age: 13719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:44 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 101ms
40ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ko.ras.edu.pl
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:01:37 GMT
x-content-type-options: nosniff
age: 386326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Nov 2024 21:01:37 GMT

GET
H3 200 it.svg
ko.ras.edu.pl/util/flag-icon/flags/4x3/ 324 B
950 B 87ms
86ms Image
image/svg+xml 172.67.159.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ko.ras.edu.pl/util/flag-icon/flags/4x3/it.svg

Requested by

Host: ko.ras.edu.pl
URL: https://ko.ras.edu.pl/util/flag-icon/css/flag-icon.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.159.134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a8e4c60eeb8dc3de5fb2fd2213b108036e11075776c40a8015d45880136e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ko.ras.edu.pl/util/flag-icon/css/flag-icon.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:20:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 179720F58DB0F68A
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Sep 2023 15:26:17 GMT
server: cloudflare
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:42.192073Z
etag: W/"55f474f9472dae770fae980fc52ae66a"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jGsKLfIRuOB1zsb9Hk8udHmVV%2F9%2F6jOZxGQkB9T1rh%2FtrKbUKXfWIov8x1spx4TGikSaJaOmLVz%2FJ54tDoivI8nhjF86H1mK8rohrBidStJHrjHX8Prwxy%2FhbMZ%2FyvM"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 8255985e2c540e5b-MXP
x-amz-meta-mc-attrs: atime:1693134513#300037135/gid:0/gname:root/mode:33188/mtime:1655386302#192073000/uid:0/uname:root
expires: Tue, 12 Nov 2024 08:20:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: checkaf.com
URL: https://checkaf.com/data

Domain: checkaf.com
URL: https://checkaf.com/data

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
crediti-e-finanza.it/	1970-01-21 00:56:39	Name: antibot_uid Value: b19f855bd27fd0bc77a10652bf225e1b
crediti-e-finanza.it/	1970-01-20 16:25:27	Name: antibot_country Value: IT
crediti-e-finanza.it/	1970-01-20 16:25:27	Name: antibot_lang Value: it
crediti-e-finanza.it/	1970-01-20 16:25:27	Name: antibot_ptr Value: 194.34.233.120
crediti-e-finanza.it/	1970-01-20 16:25:27	Name: antibot_0f95d2ba7392c01240d4c7aa794f14c1 Value: c146264c5992f2a351736a0e5357cce7
.yadro.ru/	1970-01-21 00:55:58	Name: FTID Value: 1bKTn42SibOg1bKTn4001OdJ
.yadro.ru/	1970-01-21 00:55:58	Name: VID Value: 2jgRK_1ihPeg1bKTn4001OeD
crediti-e-finanza.it/	1970-01-20 16:12:30	Name: antibot_referer Value: https%3A%2F%2Fcrediti-e-finanza.it%2F
crediti-e-finanza.it/	1970-01-20 16:12:30	Name: antibot_hits Value: 2
crediti-e-finanza.it/	1970-01-20 16:12:30	Name: antibot_unique_20231113 Value: 1
vcpkp.mirfakpersei.top/	1970-01-20 16:16:49	Name: bUa_AGLMpkq33wlIOW_2KA Value: 5
vcpkp.mirfakpersei.top/	1970-01-21 01:47:03	Name: __pl Value: b52b0716-c884-4a2e-900b-28da950cb9b8
vcpkp.mirfakpersei.top/	1970-01-20 16:11:07	Name: __cap Value: 1
cdnstatic.abyssalforge.top/	1970-01-21 01:47:03	Name: __psu Value: c746ad58-f940-40f8-be1a-213a38f5f7af
ko.ras.edu.pl/	1969-12-31 23:59:59	Name: sid Value: t5~0zwq4hthdmvdwcgr2jh2onig

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

antibotcloud.com
cdnstatic.abyssalforge.top
checkaf.com
counter.yadro.ru
crediti-e-finanza.it
fonts.googleapis.com
fonts.gstatic.com
js2json.com
ko.ras.edu.pl
vcpkp.abyssalforge.top
vcpkp.mirfakpersei.top
www.gstatic.com
checkaf.com
104.21.59.147
142.250.185.195
142.250.74.202
157.90.27.45
172.217.18.99
172.67.159.134
172.67.165.218
188.114.96.3
188.114.97.3
88.212.201.198
00d2dd2b6e4ff843c72d00c336e119471137c9fefa2a816872f4a70a495c2dda
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
1a7eb7795296faf56df1f30f1c6771b7eaa9290c60127e3e9d86696668ea48c8
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
28191615ad584e701c9eea9dd088d8812f9750ada00eb4e770aa75932a75cbe1
2949d919c1cbfea9a960e5a7a9fe4fe5086c1f9073c278d7e653980917a5a740
29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896
2a8e4c60eeb8dc3de5fb2fd2213b108036e11075776c40a8015d45880136e370
2c03acf3d158e2105bd0881aab875eadf0cca1167beb22d930888b28f34ae5a5
2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b
37a751df9353725b7e06bec81bc5c9f42c77c21701e4717465a13f4df5c0540d
3fd4d4a7fe6c0d2743ef52f04eddd31432c86c95fd79f39fe8bdffb7d8fba0b3
59a434273024c1bb3507cc5dff5bd4980fd44680e86ca69803822bc0277125ec
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
652bbabf88fc84d1747965d185845c3388873eed52d77c8c48bb0d6f0add7e7c
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8f31c428593d808f5dd1697233414338d03fdc0f7f88334ef3be339efc2ebda2
93972bbc62d530dd23e06c5174b3e9ed4fb5719279ecef774d0a7eacf1040a18
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c0fba4352f346a81523df1f943addecb49b9f082cd6fee3962b1681a7fbd5f5
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
afc64d4b855ea1eb683bfae922bda97502f15860377179dfecca77463eb9f2a5
b959b437fda46525d706e56bce45eb610d27a5fffe82dde0e1bef399c437631a
c6bf13530b5151f439201d81f8b15868b1c9a9a732769bc00ece14942ccd3c34
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

ko.ras.edu.pl Open in urlscan Pro 172.67.159.134 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

94 %HTTPS

0 %IPv6

10 Domains

12 Subdomains

9 IPs

5 Countries

707 kBTransfer

1033 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ko.ras.edu.pl Open in urlscan Pro
172.67.159.134 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

94 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

9
IPs

5
Countries

707 kB
Transfer

1033 kB
Size

15
Cookies

50 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!