Submitted URL: http://consultantdetach.top/dewaaa-qf/tb.php?ptulorth1654766762252
Effective URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Submission: On July 06 via manual from GB — Scanned from GB

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 54 HTTP transactions. The main IP is 2606:4700:3032::ac43:9871, located in United States and belongs to CLOUDFLARENET, US. The main domain is swqof5.cyou.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 1st 2022. Valid for: a year.
This is the only time swqof5.cyou was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
17 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 185.66.201.42 201702 (SKHOSTING-EU)
2 185.66.200.220 201702 (SKHOSTING-EU)
5 2a00:1450:400... 15169 (GOOGLE)
8 103.235.46.191 55967 (BAIDU Bei...)
3 2001:4860:480... 15169 (GOOGLE)
1 185.66.200.127 ()
54 11
Apex Domain
Subdomains
Transfer
17 263cdn.com
263cdn.com — Cisco Umbrella Rank: 317499
317 KB
8 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 7790
48 KB
7 jsdelivr.cc
cdn.jsdelivr.cc — Cisco Umbrella Rank: 269156
108 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
347 KB
4 swqof5.cyou
swqof5.cyou
13 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2733
452 B
3 consultantdetach.top
consultantdetach.top
4 KB
2 uprimp.com
uprimp.com — Cisco Umbrella Rank: 244627
936 B
2 qoaaa.com
qoaaa.com — Cisco Umbrella Rank: 319637
2 KB
2 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 9765
58 KB
1 advertica-cdn.com
aff-a.advertica-cdn.com
8 KB
54 11
Domain Requested by
17 263cdn.com swqof5.cyou
8 hm.baidu.com swqof5.cyou
7 cdn.jsdelivr.cc swqof5.cyou
5 www.googletagmanager.com swqof5.cyou
www.googletagmanager.com
4 swqof5.cyou consultantdetach.top
swqof5.cyou
cdn.jsdelivr.cc
3 region1.google-analytics.com www.googletagmanager.com
3 consultantdetach.top consultantdetach.top
2 uprimp.com swqof5.cyou
uprimp.com
2 qoaaa.com swqof5.cyou
qoaaa.com
2 1.bp.blogspot.com swqof5.cyou
1 aff-a.advertica-cdn.com qoaaa.com
54 11

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-07-01 -
2023-06-30
a year crt.sh
*.263cdn.com
E1
2022-06-15 -
2022-09-13
3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2022-06-20 -
2022-09-12
3 months crt.sh
qoaaa.com
R3
2022-06-06 -
2022-09-04
3 months crt.sh
uprimp.com
R3
2022-05-15 -
2022-08-13
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-20 -
2022-09-12
3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2021-11-15 -
2022-08-02
9 months crt.sh
aff-a.advertica-cdn.com
R3
2022-05-10 -
2022-08-08
3 months crt.sh

This page contains 3 frames:

Primary Page: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Frame ID: 469911E710E9B4E0AB24756AEBB2ADD3
Requests: 51 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=165711752140689&xtt=5486779
Frame ID: 885FFF6DE1D38D4A06C0563AB7856CA7
Requests: 1 HTTP requests in this frame

Frame: https://qoaaa.com//4fe48aebd6/4f59451604/?placementName=Banner&randomA=0_5475&maxw=0
Frame ID: 0725C7D1C9F3A0BED3AAFFA151204498
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

🎉⚡️🎁Dubai Electricity and Water Authority - DEWA Government Electricity Subsidy!👏🎁💸🎊

Page URL History Show full URLs

  1. http://consultantdetach.top/dewaaa-qf/tb.php?ptulorth1654766762252 Page URL
  2. https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
  • /npm/sweetalert2@([\d.]+)
  • sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

94 %
HTTPS

64 %
IPv6

11
Domains

11
Subdomains

11
IPs

4
Countries

905 kB
Transfer

1948 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://consultantdetach.top/dewaaa-qf/tb.php?ptulorth1654766762252 Page URL
  2. https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
tb.php
consultantdetach.top/dewaaa-qf/
1 KB
1 KB
Document
General
Full URL
http://consultantdetach.top/dewaaa-qf/tb.php?ptulorth1654766762252
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:4b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ef54a26f1ebc3914a5105d018d623c731de65d00152f685e798cbd7962353c7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
726902554fa77587-LHR
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Jul 2022 14:25:20 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKxsqlpKFjbbDO2b7K%2FLKVhTMQeCqZRCGCt%2F%2FZZUlnbdfrSBMzROhz9Emp2rUH2cpmHY1a3H7di35aim83t8u8XdecM3GwY5NlOMD2YSCNGw4mcwnexBEnQ1rfL6Fkfi9yeRrcxfcDAGwR221fUgxry2og%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
og2.js
consultantdetach.top/j/
2 KB
2 KB
Script
General
Full URL
http://consultantdetach.top/j/og2.js?_t=1657117520655
Requested by
Host: consultantdetach.top
URL: http://consultantdetach.top/dewaaa-qf/tb.php?ptulorth1654766762252
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:4b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff399ce0e73811942164279fbe3a4c16b016e7a3b8098d0173e732c19c5c1d4c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://consultantdetach.top/dewaaa-qf/tb.php?ptulorth1654766762252
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 14:25:20 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Sat, 11 Jun 2022 06:57:07 GMT
Server
cloudflare
ETag
W/"62a43cc3-850"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgAiXq3muIr4tBcgN9iwg%2BmlPT0%2FOFdTuQM7cRKDJ6TEOEvdUp%2BteN1fU4%2BcQLkphQvjfyi%2FJpB7mFNPA5lIygCRhImxpGCXcI3bWDNvMVJUzucZe1yeYZDS%2BFMa6emA2JIkMdSzdzr1Tt3%2B27yQ%2FZsJmA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=43200
CF-RAY
726902583cb17587-LHR
Expires
Thu, 07 Jul 2022 02:25:20 GMT
og2.php
consultantdetach.top/j/
73 B
761 B
XHR
General
Full URL
http://consultantdetach.top/j/og2.php?_t=1657117520971
Requested by
Host: consultantdetach.top
URL: http://consultantdetach.top/j/og2.js?_t=1657117520655
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:4b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://consultantdetach.top/dewaaa-qf/tb.php?ptulorth1654766762252
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Wed, 06 Jul 2022 14:25:21 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBlZigwYe5ZnLufhHUIKuq%2FMQlDJLNrgmNe8B%2B3rRdGAoqLKJd3lVrrtt%2FS529FXTxK5R9W291lLIMtbz6slJKMrh4p1iFU3Tsz0i5eL%2B%2FuKDUu8167KkHce12YBm%2FbJ5aIlxEGwQFoMDUkNG7Rz8j2cXA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/json
Connection
keep-alive
CF-RAY
7269025a3fbd7587-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request /
swqof5.cyou/vtCpyFwt/dewaaa-qf/
57 KB
11 KB
Document
General
Full URL
https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Requested by
Host: consultantdetach.top
URL: http://consultantdetach.top/j/og2.js?_t=1657117520655
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5948b9fa9b4646a5b3c10bb3254749d6a92a21d8ea8abb093969ed5a7184dadc

Request headers

Referer
http://consultantdetach.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7269025c1dc975c9-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 06 Jul 2022 14:25:21 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Y3V%2F9wQ%2F7WMloe96Za4uQp4ey84WNaYTEYIGhFnWCg1xwj%2Fotsck16sjK5QqrEmj1X4NnzRgInQGHz1nB9NUan%2FeC6ff5L6wfkEI3amuWGuq0E91kXJPKiDHFWk5z0HrSGgnRBPOxJf7w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery.min.js
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/
87 KB
32 KB
Script
General
Full URL
https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
date
Wed, 06 Jul 2022 14:25:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2172
x-guploader-uploadid
ADPycdsEkg-APYEyj35MB1MfuXlroibBOTMmMY-OVx3b5hnrPqCxX7TIrtaKDFa8ZpHoTtgaakWxD05X-DY2iEMKmIFHCWySbA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 07:30:17 GMT
server
cloudflare
etag
W/"3e4bb227fb55271bfe9c9d4a09147bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK80FkR49XaOzsN6aeJRPdHW7Aj1%2BhdG4CyYxAZc5e50MAaxCx5LGU4elcGFK%2FEdcYcXS9%2B2l4DZ79guJXifw5SsMDuuIBSIvhKhm3Xgkds28HitN6XdEGIIsuBfdgq7mdM2lmDTZeWUmKrnSu0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1647502217775195
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
89501
cf-ray
7269025e0e497552-LHR
expires
Wed, 06 Jul 2022 14:36:38 GMT
bootstrap.min.js
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/
62 KB
16 KB
Script
General
Full URL
https://cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4555d8dee9f8adc976e84a97dfe87e6bf5794b579f49bb56f133fed85f7d709

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
date
Wed, 06 Jul 2022 14:25:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3211
x-guploader-uploadid
ADPycdtaXO8Pt4mYxS4tkg36SiMjVR6jjL7hB9EkK5aPNXJ0rrhhBXOw5gRmhJXZ1IYlvDk2NYpvsCE76nxT_QCLJq2KEg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 07:36:54 GMT
server
cloudflare
etag
W/"c99230d2575380d7f95ff626606d2426"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTLn9kiux0oaXgBvL5DsA6%2BIj%2FxBo8zdr56ruP%2FV2iR2z%2BRuBh9oGcQgSsxLlqt6iTcnOH3MjtwjXUXhodXmbsSfMBrGkX%2FpMRUAy1TRl1LCL4RLQuPq8GjG3S0%2BqTwB%2FlgXqoq0scCFbmpDgek%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1647502614200576
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
63473
cf-ray
7269025e0e4a7552-LHR
expires
Wed, 06 Jul 2022 13:36:38 GMT
sweetalert2.all.min.js
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/
71 KB
20 KB
Script
General
Full URL
https://cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7274b0b5b7f411de46416a6c9941062f7a57aaf919fdeda367b5959f4ce8ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
date
Wed, 06 Jul 2022 14:25:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3308
x-guploader-uploadid
ADPycdveolyrLmPsOpTOe4R8xrc9XLzOm4WE6kDIQQ-Bffr1CkxSQNEa8J0yEWTsx8MoMM6ntSWdKYv4h0j_eGf8uii0qkm1aglD
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 07:40:39 GMT
server
cloudflare
etag
W/"80924b62e5b3ac73aa4849776b439770"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4VN1TiKm95psoEtONJm30flpYA5xy3Pky86qigVy%2Frd1rQJhDbSaPDK0kg5PhorBDiGLKt%2BhT7KoMz6k1%2BVyIQ9nPV%2F84UUhpzl%2FAma%2Fgkfy3LYI61nInWPM51QcOaiwUUXAwuPaavlCg6C1fw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1647502839791727
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
72765
cf-ray
7269025e0e4b7552-LHR
expires
Wed, 06 Jul 2022 13:36:33 GMT
lazyload.min.js
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/
5 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b219e4cd8f8f9216f159285019be30d6bfe475d92ca30b3561551aaa2174751d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
date
Wed, 06 Jul 2022 14:25:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1305
x-guploader-uploadid
ADPycduIPxBxn9HV1RvlxQW5n8gWMNt2gH6LJACR5zSppFALBLzrzJxa_8ctHWVRnxFIChP9qRRTmrjDnfJ9VGLfuaiuefHrtsZR
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 07:42:43 GMT
server
cloudflare
etag
W/"dc6de9813c714ba99733ca4fb5d3a1fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePo5dxi5IR2Z7z%2B1Ayten8HD76TwcnLca%2FC2rgq0xCyC%2B8delPqyRnyn%2FViWC5%2FWgNy1KzY6xrAcqtU4ieiRAAZQKV2qCZPgbs3Ey5LNW0uld%2BNn%2FOM8BEn2BUzulqIEsrB0Cd%2B%2B7q3i8Hwsz90%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1647502963816044
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
4798
cf-ray
7269025e0e507552-LHR
expires
Wed, 06 Jul 2022 13:36:30 GMT
popper.min.js
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/
21 KB
8 KB
Script
General
Full URL
https://cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e290dc4993b9ae7d34440db26be412b4bc4547a48ff635750d400164665d7fa6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
date
Wed, 06 Jul 2022 14:25:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3094
x-guploader-uploadid
ADPycds3YdIz1R1UN767siseN3QRg96xNyUpzXvJk9EJOVC4B_FNuk3QzAPM9M4PK3JBDjbzDnKqTH3BKTa3eeZtxS7M9edjuqUj
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 07:44:44 GMT
server
cloudflare
etag
W/"31c898c6d2ea13c30441657ff1900d81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiwpAn660eGRKJJnUs5mtyoVF6SzBlnP66MSHtQUZHMvp6ClzuNyxY6InqdEbHvsBoVcpoRYNvKoU%2F5zGno8vCweiVTKpVMzCAsnaYfktfmC9tskFf87dC56TKaT2HjimR0gViuSPqAUgvOuw%2BE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1647503084523089
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
21236
cf-ray
7269025e0e4d7552-LHR
expires
Wed, 06 Jul 2022 14:33:47 GMT
bootstrap.min.css
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/
158 KB
25 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7a9043f4bed303fe2974ac4e3ba10d6b214e70f7ae549786ba2d347de05f81

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
date
Wed, 06 Jul 2022 14:25:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3275
x-guploader-uploadid
ADPycdv7kv7cza5rB6NKcfu3OF6h0QG0KUb6y2IsWxw9rQV3Hfk7c1SOZ9hygJnwpBpuObJusH4eBfPNsQKZEO4luud5Ew
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Mar 2022 07:38:12 GMT
server
cloudflare
etag
W/"feba0d0760607b9e21393156949afcd9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsAS8mYtK2MmhFOXn6gUyEg%2FsKhtoHCJcoIlb6rO2Sug1F5KBdWUnG%2FFdv0qK2a1Y5Z8SAS1kc%2FQnUhDtIxzL%2FEkb34ZiOMfxFQ%2FFFe5m2fY3fVa%2FtxXXfAJcvBfSUh5bb1c3Wa5KmIVn0xBsUM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1647502692716912
content-type
text/css
cache-control
public, max-age=3600
x-goog-stored-content-length
161415
cf-ray
7269025e0e477552-LHR
expires
Wed, 06 Jul 2022 13:36:04 GMT
sr.css
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/
20 KB
5 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/sr.css
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc8608b12595091527884cbaabf357eebd2d000060eb87b84476f7a80e83187b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=3qMyMQ==, md5=dXELfHrgATxc2pmgBT7D2Q==
date
Wed, 06 Jul 2022 14:25:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1258
x-guploader-uploadid
ADPycduD-oecLGxdSVXxwsATms3sZ66KUyJQMx86RGpCbZYX3ICKx1iZA9il28jSUCwHCQ3gKHfrPibNdTgninyBBtinxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 22 Apr 2022 09:51:08 GMT
server
cloudflare
etag
W/"75710b7c7ae0013c5cda99a0053ec3d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u55L8kuR2bQuMN0DKlER%2BbLT0U8idr1aor8eoImayHQadgtjEMLEw8zlx%2BVKrisySMISSjLmAH%2FUYkhLruVzqR%2F9St6sEPHaEfJYPLcFIwipqCUz4QpwrycsLKIq6lc6hTBMrKb4e%2FiUK8MgQp8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1650621068399108
content-type
text/css
cache-control
public, max-age=3600
x-goog-stored-content-length
20647
cf-ray
7269025e0e487552-LHR
expires
Wed, 06 Jul 2022 14:25:15 GMT
dewaae.hea.png
263cdn.com/upload/
6 KB
7 KB
Image
General
Full URL
https://263cdn.com/upload/dewaae.hea.png
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6a9540fa6bb86bfe35a66096bc3b3d764f78b033f38b71e8968678705de2f92

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=th7FnA==, md5=ZDMwqPxOAR5gZkPOXdTaMQ==
date
Wed, 06 Jul 2022 14:25:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdth6FHmnaW3LNt_rufKgB6UtAWvs54COI5_LVQRZopYWqic2AH1IzQu6uYj9pH8VFZgU3YjvftdkfeZKpivARYe7_BRpHA_
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6254
last-modified
Wed, 15 Jun 2022 21:51:52 GMT
server
cloudflare
etag
"643330a8fc4e011e606643ce5dd4da31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MlljaEUjjxCC75MH%2BM90A0NI8OuPm0TrIuKMQu1xN6Wr78uEH6TxPGDGT5GLDC9JdoNWA3qH7EmSUsrX9YFWPMWEKF7yQ7rc8UaxuvoFbgFMBU8nl%2BIp1VTOd81MjWzRJmZMIPB5UVa"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329912127957
content-type
image/png
cache-control
public, max-age=14400
x-goog-stored-content-length
6254
accept-ranges
bytes
cf-ray
7269025f8d9474bd-LHR
expires
Wed, 06 Jul 2022 14:25:40 GMT
dewaae.heb.png
263cdn.com/upload/
5 KB
6 KB
Image
General
Full URL
https://263cdn.com/upload/dewaae.heb.png
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10a34e7d702d14304fdcc9b9770de6b4ee5b8d8edf1a842b9f1fda4c9f6c1ceb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=iF/7/Q==, md5=qHwHyT/gJ1wtF1pIxrwiJw==
date
Wed, 06 Jul 2022 14:25:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdtABeHnE84eZoPW59WWUnO7RJTpKZkooPNkHtrBfTlJdP1dQD00ftQW6aLasdBpPX3eP9lvhRGw7JkM-dht5QwHYq3n5U9_
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5378
last-modified
Wed, 15 Jun 2022 21:51:52 GMT
server
cloudflare
etag
"a87c07c93fe0275c2d175a48c6bc2227"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEMbkf0nA8k%2B3PQF897%2FBhRxMsZAIctyfkFOsPPg%2BUkzz7Ee1G3DWh6yuIAd%2B0vm9t7e39qq2kRiT9P1Fqv%2BxyhMLedwwlQPfjGd4%2BvrZ2Z01dHsmSQI5FbQgINa%2BO1ZRavBhOA1607u"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329912149231
content-type
image/png
cache-control
public, max-age=14400
x-goog-stored-content-length
5378
accept-ranges
bytes
cf-ray
7269025f8d9874bd-LHR
expires
Wed, 06 Jul 2022 14:25:40 GMT
dewaae.hec.png
263cdn.com/upload/
5 KB
6 KB
Image
General
Full URL
https://263cdn.com/upload/dewaae.hec.png
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceff50987076bc7d9ad4288047aee8256ddd995a9508a3ae67c18ce0ffac9426

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=d7xRTA==, md5=MJRwQfUKwvcAqw8/zkaHvQ==
date
Wed, 06 Jul 2022 14:25:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdtmiJ5PEVOG2MJMHFB7SMJFyE96kavNJ33ENHd9T3XLYHOWX97nJ_IviT73lB_nwsZqcYNPO_dG7l36K2jo9skkOn00VFWK
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5606
last-modified
Wed, 15 Jun 2022 21:51:52 GMT
server
cloudflare
etag
"30947041f50ac2f700ab0f3fce4687bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiJHIDsgpIH%2FvaIO5sOQgTCANMLjcqv2T3ej%2FJdNWLfeG%2FDgNegiB1E8ssrj4xy5%2FO54RoSQwOLR6rDEdLGofXBxJhzyk8xWapBBVnlxCxzo43lwnSzhgik5uxaYt%2BTzeVhEevrQ%2B6it"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329912180776
content-type
image/png
cache-control
public, max-age=14400
x-goog-stored-content-length
5606
accept-ranges
bytes
cf-ray
7269025f8d9974bd-LHR
expires
Wed, 06 Jul 2022 14:25:40 GMT
dewaae.logo.jpg
263cdn.com/upload/
62 KB
62 KB
Image
General
Full URL
https://263cdn.com/upload/dewaae.logo.jpg
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1a2319e8b8d301e675e17b80312733a4be3dd7aeca5dd1abc2e1919d1e9fc1d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=fcsMYw==, md5=w6frwLUmcaaB34IOOHft5g==
date
Wed, 06 Jul 2022 14:25:22 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycduliEgOzyOj-6-FaBk_lQZD7gyFMZNrX5TZcxIedjomNwsFMrRDKLJTdaE6ASOL8D3LBzyGf1KebH_7FlVe8tB7aw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63195
last-modified
Wed, 15 Jun 2022 21:51:52 GMT
server
cloudflare
etag
"c3a7ebc0b52671a681df820e3877ede6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKFFVAsdDQXRDJpbtLnIWFAwI5wQR4LMj%2B8jDgjBzxlpymP3BeOUVVXTMnIa69MxKtQqHpcvqAsPOGVfFrE3gKNiB3MiDyA70%2FyjUUNJk1bZwUHqiLKNjVSIOkcbnCK8BqatM312KDz6"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329912298782
content-type
image/jpeg
cache-control
public, max-age=14400
x-goog-stored-content-length
63195
accept-ranges
bytes
cf-ray
7269025f8d9a74bd-LHR
expires
Wed, 06 Jul 2022 15:25:21 GMT
Germany_outbox.png
1.bp.blogspot.com/-mhFwYo28B2Q/YKppmIsu7ZI/AAAAAAAABgQ/c7DWa0Yxwm49LJDcNEkzDr503wyn4hLtACLcBGAsYHQ/s16000/
44 KB
44 KB
Image
General
Full URL
https://1.bp.blogspot.com/-mhFwYo28B2Q/YKppmIsu7ZI/AAAAAAAABgQ/c7DWa0Yxwm49LJDcNEkzDr503wyn4hLtACLcBGAsYHQ/s16000/Germany_outbox.png
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9b7f1ddc36af29778df73a309d2861822456de3eb416e6921a5c44e68435a42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 13:39:26 GMT
x-content-type-options
nosniff
age
2755
content-disposition
inline;filename="Germany_outbox.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44729
x-xss-protection
0
server
fife
etag
"v605"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 27 Jun 2022 04:45:08 GMT
dewaae.box1.png
263cdn.com/upload/
45 KB
46 KB
Image
General
Full URL
https://263cdn.com/upload/dewaae.box1.png
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79d16c114ffcc10201dfb2f25e8ebf02b47798367e7cbd95a59a4b8d1a5235c5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=ocX0AA==, md5=Upe79/a59f4qbvcZhusZyQ==
date
Wed, 06 Jul 2022 14:25:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycdsw-4tzaOBY1ewZfe8SAKpbqCvOjhsyGGTMMjW96qvOT8D6-UbE7Lv82ApgPPNe6nH5ugfhVPaXqLXuq1kvPZ_FoNSbq0XT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46271
last-modified
Wed, 15 Jun 2022 21:51:51 GMT
server
cloudflare
etag
"5297bbf7f6b9f5fe2a6ef71986eb19c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrltvcHkGHjLzmrLJtLSR3RlHkExnBHa8sigzGw2EWgO8RBI1ko4p7fo0zJNICPvND5uomGg5ipajeZq1xgxLzFm2R5IH%2BfqCTxDL7CWAETska2m4wCswSRYezn6AKj4pfTkyDis22VF"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329911535516
content-type
image/png
cache-control
public, max-age=14400
x-goog-stored-content-length
46271
accept-ranges
bytes
cf-ray
7269025f8d9d74bd-LHR
expires
Wed, 06 Jul 2022 14:25:40 GMT
dewaae.box2.png
263cdn.com/upload/
4 KB
5 KB
Image
General
Full URL
https://263cdn.com/upload/dewaae.box2.png
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f71bb22a1d780765e2ff3c2d97f1b8734e4143b6206495958bc9530db5c33142

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=Tgagww==, md5=cXyp/H57SgvG7mQ4vobrAw==
date
Wed, 06 Jul 2022 14:25:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycduoGWL4M-kyhtcMdFj4qFZwJXJjeUYxnf9UFCNxVezJqDsn3wL6vi4t7Jce6aahNhlkdYT4Ay9O9WK7goq3QwKWmTEVKTf4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4567
last-modified
Wed, 15 Jun 2022 21:51:51 GMT
server
cloudflare
etag
"717ca9fc7e7b4a0bc6ee6438be86eb03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrEPL%2Fk0Xab4nx%2FyuToECBdHGXqyeZvcCg0laFjmhfUSOOzJVnBmnhTDuYr0cFOekCVLg9cvaizHcN5wQiX75n%2FqXWLEaxjMdrFnVHgn26uUrbuipe%2FjAZRP3YAQEKKA0sTVPV6tGIrC"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329911567626
content-type
image/png
cache-control
public, max-age=14400
x-goog-stored-content-length
4567
accept-ranges
bytes
cf-ray
7269025f8da074bd-LHR
expires
Wed, 06 Jul 2022 14:25:40 GMT
Germany_inbox.png
1.bp.blogspot.com/-rJwuzcnw3VI/YKppmA0KHEI/AAAAAAAABgM/g534cHj8oxsuYau_w-e69RyO0APgsmLlwCLcBGAsYHQ/s16000/
14 KB
14 KB
Image
General
Full URL
https://1.bp.blogspot.com/-rJwuzcnw3VI/YKppmA0KHEI/AAAAAAAABgM/g534cHj8oxsuYau_w-e69RyO0APgsmLlwCLcBGAsYHQ/s16000/Germany_inbox.png
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
32bc695a4583118b2adca0fe87d1f4844905692f48f5f2a0eece23f205536e60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:58:00 GMT
x-content-type-options
nosniff
age
5241
content-disposition
inline;filename="Germany_inbox.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14208
x-xss-protection
0
server
fife
etag
"v605"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 13 Nov 2021 04:28:47 GMT
dewaae.box3.png
263cdn.com/upload/
26 KB
27 KB
Image
General
Full URL
https://263cdn.com/upload/dewaae.box3.png
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
249bbda47040d97604c46b6baf287593843757e7f8c475d3f190570c7515ba64

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=CLX+uQ==, md5=yWlLp1YMha0YFqkFqGb6QA==
date
Wed, 06 Jul 2022 14:25:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
796
x-guploader-uploadid
ADPycdvaVspEgUya9MkQSnUpIpq1CDSdYoh7jegzmWbHASkLh-GlbO2l-0U5rkBcQARdAp8vjjdrRyd6eoFpb-Rm0C-Mr6VMzALj
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26290
last-modified
Wed, 15 Jun 2022 21:51:51 GMT
server
cloudflare
etag
"c9694ba7560c85ad1816a905a866fa40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFT7ROlFNDZVe0Vle5zcbtKnb4JHRqNQulhOqY7VeagLEyaSs4m7lWB685pGPyQbq4hL1F2RUtyHEl4hBjdR8M%2BiqCGvuyLMSUp0MmADo%2FQG%2FrhQ8KvG7TV%2B8PyjG8HFJytTMelWkPcT"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329911573033
content-type
image/png
cache-control
public, max-age=14400
x-goog-stored-content-length
26290
accept-ranges
bytes
cf-ray
72690260aa36067e-LHR
expires
Wed, 06 Jul 2022 14:25:40 GMT
responsive.js
qoaaa.com/js/
3 KB
1013 B
Script
General
Full URL
https://qoaaa.com/js/responsive.js
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.201.42 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
affilist.com
Software
nginx /
Resource Hash
4987d5f43ecfeeb96384876eb9247b9653c4cb66628a594cfe87e922ab0a18b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:25:21 GMT
content-encoding
br
last-modified
Tue, 21 Dec 2021 14:23:16 GMT
server
nginx
etag
W/"61c1e354-b1d"
content-type
application/javascript
bnr.php
uprimp.com/
427 B
681 B
Script
General
Full URL
https://uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.220.skhosting.eu
Software
nginx /
Resource Hash
a0a4745f2a2b942a9a132bf8e4bc638bd51bf14b2872eec593d0fb50e9f91de7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:25:21 GMT
last-modified
Wed, 06 Jul 2022 14:25:21 GMT
server
nginx
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
Wed, 06 Jul 2022 14:25:21 GMT
aiji1.jpg
263cdn.com/upload/
14 KB
15 KB
Image
General
Full URL
https://263cdn.com/upload/aiji1.jpg
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a20d2000d206ef86e56435fe605f49cda98785b84aa2f539b7492ac40ca4af

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=ITNPJg==, md5=0xHtiQ26kcDN2N3bPYnMmg==
date
Wed, 06 Jul 2022 14:25:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2200
x-guploader-uploadid
ADPycdtCui1eixvAU7tcEjkjPrFp9imhJbmr11VLd_N5a9YeFDObOfHkofaY-W1KWJIDONFs8pHRwjbXp7CwsKqBGIqbTLdRVMdT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14340
last-modified
Wed, 15 Jun 2022 21:48:31 GMT
server
cloudflare
etag
"d311ed890dba91c0cdd8dddb3d89cc9a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKPV9mNSd36HEsWvV%2FISd3bZCD8gLE1CFtki77PAsWeOLA0wVCGXIfdvDW%2BekCkLCL4Vt19LnTQqmU9ndtziMYLvjyJBt5KcTTSRQ6BOfLu2UZCK9uoKyoRG1tifHqSlnNzu9W0VLtjA"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329711535508
content-type
image/jpeg
cache-control
public, max-age=14400
x-goog-stored-content-length
14340
accept-ranges
bytes
cf-ray
72690260aa34067e-LHR
expires
Wed, 06 Jul 2022 14:32:14 GMT
aiji2.jpg
263cdn.com/upload/
20 KB
21 KB
Image
General
Full URL
https://263cdn.com/upload/aiji2.jpg
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c80fad36d38f0cced671a7e4ae2069a98e20cc5be0cef8c9d09309761361f629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=9e67Iw==, md5=BISBIjq4/erWtKb+NTRjoQ==
date
Wed, 06 Jul 2022 14:25:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2201
x-guploader-uploadid
ADPycdsRu8XKSmDaHl88g6W32282kx57lLO17hCA5Zz1FFOYVO6wesSiyVCPd2e9EU4jOYsS-njRcFrRcAP1CP9CbAou41v9TZ1H
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20120
last-modified
Wed, 15 Jun 2022 21:48:31 GMT
server
cloudflare
etag
"048481223ab8fdead6b4a6fe353463a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15FJCsfYuXtSVa8Rocc5t5z2TYNBapFoJhEazDtT7blglnpy9UULdyPN9RS3fJjFYsD1aUojDJaypa00oKIdkXjY5shGgr5LxqK%2FiTeRUNy4AxiZmbG48Py6R%2BZ0X2WHdMqMgQXyTZUt"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329711676494
content-type
image/jpeg
cache-control
public, max-age=14400
x-goog-stored-content-length
20120
accept-ranges
bytes
cf-ray
72690260aa22067e-LHR
expires
Wed, 06 Jul 2022 14:32:14 GMT
aiji10.jpg
263cdn.com/upload/
18 KB
19 KB
Image
General
Full URL
https://263cdn.com/upload/aiji10.jpg
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3e86c821401369cba776c71cc29b795e73bef9afdc1af0045e2eeccaf670116

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=+oavVQ==, md5=jVQJrET7hc27WtRbmokOpw==
date
Wed, 06 Jul 2022 14:25:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
337
x-guploader-uploadid
ADPycdvC6KPXKCVAXVcTUF4aIaygnKwmnCnjiUrDo0xg9JQjObOznBYFKp5Zwzgnt_wLIKIvuzymsFywwEIVi3OMcRnr9m-pWLsE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18332
last-modified
Wed, 15 Jun 2022 21:48:31 GMT
server
cloudflare
etag
"8d5409ac44fb85cdbb5ad45b9a890ea7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXjUiPeCvoc9gfpV%2F7Upf9thLR5FT4wpelCq2SmmCzLc2wAcO9RZgaah4CkPz1fmK4fJGoK4WUHR5azqWa3BeBg2WAh3bPDrOiaDA7mqhkwEctIL0JHHJPBnQ03AYUDw1C8PIW7kO8M2"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329711620489
content-type
image/jpeg
cache-control
public, max-age=14400
x-goog-stored-content-length
18332
accept-ranges
bytes
cf-ray
72690260aa25067e-LHR
expires
Wed, 06 Jul 2022 15:19:45 GMT
aiji4.jpg
263cdn.com/upload/
15 KB
16 KB
Image
General
Full URL
https://263cdn.com/upload/aiji4.jpg
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88ad3754c7f15c2a0ca12baddc845897a27bbc59d7647c5ae74391971a99d9e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=GMz2uw==, md5=BmIZdzQnbT/iTQBkleUUZA==
date
Wed, 06 Jul 2022 14:25:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2200
x-guploader-uploadid
ADPycdsl-yjYTc8pViTAOa5s4YVbE_u38wuLw6CpAklrjJzW_NYwFBREBN8RX1LTXFL_3rXUio3uhHisGz4hm2OuhBcUllZlSRse
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15311
last-modified
Wed, 15 Jun 2022 21:48:31 GMT
server
cloudflare
etag
"0662197734276d3fe24d006495e51464"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWYPTFAevXbrOIOdsiumWYc7XJSp4n%2FTxIRf9PS4oaPpdLtD2z0aJxbQ86PhFJSzoMHeb%2BJVQeBfBrf10dIQPrbICM2L65Lg%2BwXwEsrjQIripyVsk15yuiaoeqtKrBdyewUbotAnmbu3"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329711874411
content-type
image/jpeg
cache-control
public, max-age=14400
x-goog-stored-content-length
15311
accept-ranges
bytes
cf-ray
72690260aa28067e-LHR
expires
Wed, 06 Jul 2022 14:22:50 GMT
aiji5.jpg
263cdn.com/upload/
9 KB
10 KB
Image
General
Full URL
https://263cdn.com/upload/aiji5.jpg
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce58ae019d98cce21e4024278b7ff604a239cc4ce62ed26aa5191696fab33c42

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=gF/70A==, md5=szc26GJrXTUdgj+aA6mlNA==
date
Wed, 06 Jul 2022 14:25:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2200
x-guploader-uploadid
ADPycdtqP44js-PZcbo8bkV3dzmqHAoIJe1qTVD7x0aldsprTqMQeywwGViH7lQ6SwxgFUNjWhVIxZC8VHt3d8suGYcJydwQgnp9
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9724
last-modified
Wed, 15 Jun 2022 21:48:31 GMT
server
cloudflare
etag
"b33736e8626b5d351d823f9a03a9a534"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCsUGUWnypxyOHKeyMQDzIv%2BWQ4Mrk%2BfA1Fc5WX1YjY2UdxkSEANItXdULDtYIK3aXvSNp1P0Xte0SpM7Nt9DNgm8vA%2Bt59tv8PQRuCe62ldp8XmzBsNKoOlj%2BMngLXCh9kmF1qSzMok"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329711908920
content-type
image/jpeg
cache-control
public, max-age=14400
x-goog-stored-content-length
9724
accept-ranges
bytes
cf-ray
72690260aa29067e-LHR
expires
Wed, 06 Jul 2022 14:22:50 GMT
aiji6.jpg
263cdn.com/upload/
14 KB
15 KB
Image
General
Full URL
https://263cdn.com/upload/aiji6.jpg
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6c2d757857dff2d118381c3d0c4362bb6cdcb3a6630f54120b461c9d7fdf4b9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=V6aBAg==, md5=qrNArpsJ8yB4w6vmICMfSw==
date
Wed, 06 Jul 2022 14:25:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2200
x-guploader-uploadid
ADPycdt1jhU2xMg3qWYq4qurn-aAC5uMjYoAcKY_Bemd-h4VLGmmNjIGoV0-Pw8J8cfvZ4jHJxVqfHtplHP9yYisBChOS4gEiPEC
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14226
last-modified
Wed, 15 Jun 2022 21:48:32 GMT
server
cloudflare
etag
"aab340ae9b09f32078c3abe620231f4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHMrr1HKbtSHqDDEGKrVz%2F0DDi6bNSo5jHDub7GMQrnMVIrEgrrbJmv%2FcchFlkD%2By5hUrPQHJ%2FZAViSdtvFVnfZP6rWrMDXIHZLBZ7TYV0US2DbLRkrKyai1MtC35IM580Wv4hs4jBKG"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329712128207
content-type
image/jpeg
cache-control
public, max-age=14400
x-goog-stored-content-length
14226
accept-ranges
bytes
cf-ray
72690260aa2a067e-LHR
expires
Wed, 06 Jul 2022 14:22:50 GMT
aiji7.jpg
263cdn.com/upload/
8 KB
9 KB
Image
General
Full URL
https://263cdn.com/upload/aiji7.jpg
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af367e3741cb490341341975fe4ca2b9b9cc18b7365d1420de4b5049ed663167

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=BRhdHA==, md5=VZCT3gIGsnp5PujNpBAQIw==
date
Wed, 06 Jul 2022 14:25:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2200
x-guploader-uploadid
ADPycdsM48Iwcwj8EpKvcmb2ERJOx1D-zHEucPqbFkFHwvBj9UhXEA8eBB8ounbG0uUtTjJkQ8KTk4AvJFyRQDdjaaxj9_AXx1xW
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8051
last-modified
Wed, 15 Jun 2022 21:48:32 GMT
server
cloudflare
etag
"559093de0206b27a793ee8cda4101023"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqG1PGm4n%2FP7WMoH9dekCaIUT9SfVdvDHNc%2BSXW1Z063ianx7dvY%2Fo2nBnbPqXcu8R2iwS4uzqMuia4xvjRtQOb%2BslvCCk6OKOX4%2BSy1UQhTZdhUuWhaRh5Eb6v9F8g4EP3LyZIc1xJT"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329712137464
content-type
image/jpeg
cache-control
public, max-age=14400
x-goog-stored-content-length
8051
accept-ranges
bytes
cf-ray
72690260aa2c067e-LHR
expires
Wed, 06 Jul 2022 14:22:50 GMT
aiji8.jpg
263cdn.com/upload/
16 KB
17 KB
Image
General
Full URL
https://263cdn.com/upload/aiji8.jpg
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9486368f2db81b386c37d2fd24fadeafa2d33aed89217b01c0dd8b474ea9a300

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=j0rdKQ==, md5=bGEcT887IArkF+ScWN7bQQ==
date
Wed, 06 Jul 2022 14:25:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336
x-guploader-uploadid
ADPycdsMy9mWhF1fjX74vziLAUAENFSmD9nVqivKaPmAUP0OStn08AnfJmkEleBA_eJvjnnOYVW0-aDcl68YgfLyZ5ld4fFOZ58n
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16548
last-modified
Wed, 15 Jun 2022 21:48:32 GMT
server
cloudflare
etag
"6c611c4fcf3b200ae417e49c58dedb41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIV8c1T2bpwBMuu2Ve5GzWJ6xOp9axH9nRGedEe04wSvEtm1BVvRCk9PCCEpy6DnwujfE4DUeO3NV%2BqVOzHpQSplO0bv1JfWhpP0HRus2icunlfdjZ%2FeaqyrNWOXz%2FXbGkBChdwJCbFd"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329712246607
content-type
image/jpeg
cache-control
public, max-age=14400
x-goog-stored-content-length
16548
accept-ranges
bytes
cf-ray
72690260aa2e067e-LHR
expires
Wed, 06 Jul 2022 15:19:46 GMT
aiji9.jpg
263cdn.com/upload/
19 KB
20 KB
Image
General
Full URL
https://263cdn.com/upload/aiji9.jpg
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19b1c1316a94129a42378a7173993990f46e1e4cb0d149852530cdb4c258806c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=SJfEqA==, md5=bUb6vQfPC7eevk1T1m+BBQ==
date
Wed, 06 Jul 2022 14:25:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2200
x-guploader-uploadid
ADPycds2_UhZ0GBdCPQft8xlOn8dnJvTzoZNwrc0rdj_bDLyQRZClg_CaY2QLTA3FCqdQb9Linz3oTIW1X_nNdBQkWC5fbLGfudI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19353
last-modified
Wed, 15 Jun 2022 21:48:32 GMT
server
cloudflare
etag
"6d46fabd07cf0bb79ebe4d53d66f8105"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCoPtBk%2FU64lGvjb1NfqZjgm0THjEUxGxKgE42kzLGUJOS%2FsGjZ%2BdVWbpExVZkEy%2BBAvQMxbum9nMSfVReKUen3sMdR2Nlk6CLlJVr1PWm4yRkiXYgXmtUA31MT0a3RbV6zf%2B9H2UlVv"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329712318436
content-type
image/jpeg
cache-control
public, max-age=14400
x-goog-stored-content-length
19353
accept-ranges
bytes
cf-ray
72690260aa30067e-LHR
expires
Wed, 06 Jul 2022 14:22:50 GMT
aiji3.jpg
263cdn.com/upload/
17 KB
18 KB
Image
General
Full URL
https://263cdn.com/upload/aiji3.jpg
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:531a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b5225b10878f4c28d3364eb3c83683d27609be43d47b40562d46a9b187e5e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=8ynjPg==, md5=b9ThBtgVeApjgUc4MQU9Vw==
date
Wed, 06 Jul 2022 14:25:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336
x-guploader-uploadid
ADPycdsS8hFPPYYKylzohmyTQnJHiMzAPtkZbPwNW-9nkFgvKUNZJ92-54yUn2tCW9cd0ZE__0S5oPiyEoH08gYfAiQhnYxssoFo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17370
last-modified
Wed, 15 Jun 2022 21:48:31 GMT
server
cloudflare
etag
"6fd4e106d815780a6381473831053d57"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFj%2F2ndENwZDgd2hZQbame98nkou4w1fLSnUYg1HL4IlDI%2FsKIdNfBGuoGRei5rRZIckx7eGbNhtgww4zpHv2qoKKLYjW1fvpjDwxvHEL5N7Gz57aUs%2ByCthrV%2B0nkjmxWwmFtU2KR%2Bz"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655329711674777
content-type
image/jpeg
cache-control
public, max-age=14400
x-goog-stored-content-length
17370
accept-ranges
bytes
cf-ray
72690260aa33067e-LHR
expires
Wed, 06 Jul 2022 15:19:46 GMT
email-decode.min.js
swqof5.cyou/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://swqof5.cyou/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 01 Jul 2022 16:37:43 GMT
server
cloudflare
etag
W/"62bf22d7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgYDmdNIDImElMl74CH62UE%2BFu%2BwY6pDSlFRDFFzFOdiueJ2YZRE4FjorR4%2BTxVSbiUJ7KDxGdedLMvcWDsXugp%2BYSVoNDwQyBx4Pou1zPncOXCnIJCKksMcE9GxP0%2FV0Q8xHWoEoCrvHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7269025ebbd775c9-LHR
vary
Accept-Encoding
expires
Fri, 08 Jul 2022 14:25:21 GMT
js
www.googletagmanager.com/gtag/
196 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YSJ6N8TB0B
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12fe027926c6914794127659ce18a75b9bfb9ff52a20596328c9c2151d346d16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:25:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71149
x-xss-protection
0
expires
Wed, 06 Jul 2022 14:25:21 GMT
js
www.googletagmanager.com/gtag/
193 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21996dbc7977d538334b449075b9335799611a5174bbdabe8540f3491b63172d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:25:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70567
x-xss-protection
0
expires
Wed, 06 Jul 2022 14:25:21 GMT
js
www.googletagmanager.com/gtag/
193 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
712160c94c71a76504516ca80f518cdee95f46af4ce93c1cdcef3d7eed84067a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:25:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70571
x-xss-protection
0
expires
Wed, 06 Jul 2022 14:25:21 GMT
bnr_xload.php
uprimp.com/ Frame 885F
0
255 B
Document
General
Full URL
https://uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=165711752140689&xtt=5486779
Requested by
Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.220.skhosting.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://swqof5.cyou/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
date
Wed, 06 Jul 2022 14:25:21 GMT
expires
Wed, 06 Jul 2022 14:25:21 GMT
last-modified
Wed, 06 Jul 2022 14:25:21 GMT
pragma
no-cache
server
nginx
x-robots-tag
noindex, nofollow, noarchive, nosnippet
yuming.js
swqof5.cyou/vtCpyFwt/dewaaa-qf/
268 B
775 B
XHR
General
Full URL
https://swqof5.cyou/vtCpyFwt/dewaaa-qf/yuming.js?1657117521916&_=1657117521702
Requested by
Host: cdn.jsdelivr.cc
URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bda45e4d33945806bf64cd6897f2a01c0d4587a6634905f0762925f8666765d

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:25:22 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Jun 2022 10:42:28 GMT
server
cloudflare
etag
W/"629f2b94-10c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIDe%2B%2B%2BsNTxbiK5x5NnotKQpJ287nkkDpnVObYdsLsspA1M1DukskpSt%2FyTedzZtemyUEY5IgPgR9YJTmI1cG5C9EeLPga3EAva18Q%2FpTBYSsHep5SPS9NHxTNuNxS%2FLItZjPp9V142WyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
726902602835778f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 07 Jul 2022 02:25:22 GMT
hm.js
hm.baidu.com/
30 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?9e84975b629767c58a8becc81600bb23
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
2ebc87cf941b86d8561caf3cb629eadd5f446400eaf265e6744e0b0a84f54538
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 14:25:22 GMT
Content-Encoding
gzip
Server
apache
Etag
0ff47dcf55511ece998e10cd01bf460a
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11388
hm.js
hm.baidu.com/
30 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?0bfeeef5a79626897a33b81d90da60f2
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
49d9e64062f5b612a5c19631450f10e74b9ea2ebdc0c6223b3ab44d0bbb5c76d
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 14:25:22 GMT
Content-Encoding
gzip
Server
apache
Etag
5e7546602eda46e0dad80a362992d1bd
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11382
hm.js
hm.baidu.com/
30 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
bb54bfdc8f6e3f3d07d385289f36fc17b16f898018817d920922b37be4046230
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 14:25:23 GMT
Content-Encoding
gzip
Server
apache
Etag
2a50c958088c8340f6dad9c6cfd65515
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11339
hm.js
hm.baidu.com/
30 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?e8430a361305901aaf21019d086a2e3f
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
dd25398c21d3cdf5231a0b6e9fc201d93534178f81917836baa82855bef78474
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 14:25:23 GMT
Content-Encoding
gzip
Server
apache
Etag
0eb09d8c8e54b01bc2a95191c9715228
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11346
js
www.googletagmanager.com/gtag/
196 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YSJ6N8TB0B&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac4ab31d04bf2308f0cf754b9379c1c43e61b4f999d5c29dfdfc7c998476b403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:25:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71201
x-xss-protection
0
expires
Wed, 06 Jul 2022 14:25:22 GMT
js
www.googletagmanager.com/gtag/
193 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
22659fa4e32073e97afe97f0ba6efef2c192d6f77f581d0871a187217917d700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:25:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70568
x-xss-protection
0
expires
Wed, 06 Jul 2022 14:25:22 GMT
collect
region1.google-analytics.com/g/
0
344 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G&gtm=2oe6t0&_p=65228384&_z=ccd.v9B&cid=1236627528.1657117522&ul=en-us&sr=1600x1200&_s=1&sid=1657117522&sct=1&seg=0&dl=https%3A%2F%2Fswqof5.cyou%2FvtCpyFwt%2Fdewaaa-qf%2F%3F_t%3D1657117521158&dr=http%3A%2F%2Fconsultantdetach.top%2F&dt=%F0%9F%8E%89%E2%9A%A1%EF%B8%8F%F0%9F%8E%81Dubai%20Electricity%20and%20Water%20Authority%20-%20DEWA%20Government%20Electricity%20Subsidy!%F0%9F%91%8F%F0%9F%8E%81%F0%9F%92%B8%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:25:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://swqof5.cyou
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tb2.php
swqof5.cyou/vtCpyFwt/j/
236 B
604 B
XHR
General
Full URL
https://swqof5.cyou/vtCpyFwt/j/tb2.php?c=dewaaa-qf&np=taoluming&_=1657117521703
Requested by
Host: cdn.jsdelivr.cc
URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:9871 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e61f94c7f14c38b125cacd6c34540c3c37babf505b0bd4da7e8af46fa3a43be9

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:25:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BVBfvEli1JB4UV0hjW6BruHcqeTQs%2FJS4aVEsgKQSTrLhrdXN26C5nStKmdgfnJoqwZIdORBQ6PdMkahKUffd3k1VQqmcnYb1BLW1dJDoTrarzR%2Ff6X2YaeYfqVbHsIm%2BWDe1MK1hwqyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
726902617b26778f-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN&gtm=2oe6t0&_p=65228384&_z=ccd.v9B&cid=1236627528.1657117522&ul=en-us&sr=1600x1200&_s=1&sid=1657117522&sct=1&seg=0&dl=https%3A%2F%2Fswqof5.cyou%2FvtCpyFwt%2Fdewaaa-qf%2F%3F_t%3D1657117521158&dr=http%3A%2F%2Fconsultantdetach.top%2F&dt=%F0%9F%8E%89%E2%9A%A1%EF%B8%8F%F0%9F%8E%81Dubai%20Electricity%20and%20Water%20Authority%20-%20DEWA%20Government%20Electricity%20Subsidy!%F0%9F%91%8F%F0%9F%8E%81%F0%9F%92%B8%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:25:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://swqof5.cyou
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YSJ6N8TB0B&gtm=2oe6t0&_p=65228384&_z=ccd.v9B&cid=1236627528.1657117522&ul=en-us&sr=1600x1200&_s=1&sid=1657117522&sct=1&seg=0&dl=https%3A%2F%2Fswqof5.cyou%2FvtCpyFwt%2Fdewaaa-qf%2F%3F_t%3D1657117521158&dr=http%3A%2F%2Fconsultantdetach.top%2F&dt=%F0%9F%8E%89%E2%9A%A1%EF%B8%8F%F0%9F%8E%81Dubai%20Electricity%20and%20Water%20Authority%20-%20DEWA%20Government%20Electricity%20Subsidy!%F0%9F%91%8F%F0%9F%8E%81%F0%9F%92%B8%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YSJ6N8TB0B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:25:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://swqof5.cyou
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=3089873&si=0bfeeef5a79626897a33b81d90da60f2&su=http%3A%2F%2Fconsultantdetach.top%2F&v=1.2.95&lv=1&sn=65048&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fswqof5.cyou%2FvtCpyFwt%2Fdewaaa-qf%2F%3F_t%3D1657117521158%231657117522419&tt=%F0%9F%8E%89%E2%9A%A1%EF%B8%8F%F0%9F%8E%81Dubai%20Electricity%20and%20Water%20Authority%20-%20DEWA%20Government%20Electricity%20Subsidy!%F0%9F%91%8F%F0%9F%8E%81%F0%9F%92%B8%F0%9F%8E%8A
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Jul 2022 14:25:23 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1281283257&si=e8430a361305901aaf21019d086a2e3f&su=http%3A%2F%2Fconsultantdetach.top%2F&v=1.2.95&lv=1&sn=65048&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fswqof5.cyou%2FvtCpyFwt%2Fdewaaa-qf%2F%3F_t%3D1657117521158%231657117522419&tt=%F0%9F%8E%89%E2%9A%A1%EF%B8%8F%F0%9F%8E%81Dubai%20Electricity%20and%20Water%20Authority%20-%20DEWA%20Government%20Electricity%20Subsidy!%F0%9F%91%8F%F0%9F%8E%81%F0%9F%92%B8%F0%9F%8E%8A
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Jul 2022 14:25:23 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=829729381&si=9e84975b629767c58a8becc81600bb23&su=http%3A%2F%2Fconsultantdetach.top%2F&v=1.2.95&lv=1&sn=65049&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fswqof5.cyou%2FvtCpyFwt%2Fdewaaa-qf%2F%3F_t%3D1657117521158%231657117522419&tt=%F0%9F%8E%89%E2%9A%A1%EF%B8%8F%F0%9F%8E%81Dubai%20Electricity%20and%20Water%20Authority%20-%20DEWA%20Government%20Electricity%20Subsidy!%F0%9F%91%8F%F0%9F%8E%81%F0%9F%92%B8%F0%9F%8E%8A
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Jul 2022 14:25:23 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1160756278&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fconsultantdetach.top%2F&v=1.2.95&lv=1&sn=65049&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fswqof5.cyou%2FvtCpyFwt%2Fdewaaa-qf%2F%3F_t%3D1657117521158%231657117522419&tt=%F0%9F%8E%89%E2%9A%A1%EF%B8%8F%F0%9F%8E%81Dubai%20Electricity%20and%20Water%20Authority%20-%20DEWA%20Government%20Electricity%20Subsidy!%F0%9F%91%8F%F0%9F%8E%81%F0%9F%92%B8%F0%9F%8E%8A
Requested by
Host: swqof5.cyou
URL: https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://swqof5.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Jul 2022 14:25:24 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
/
qoaaa.com//4fe48aebd6/4f59451604/ Frame 0725
458 B
821 B
Document
General
Full URL
https://qoaaa.com//4fe48aebd6/4f59451604/?placementName=Banner&randomA=0_5475&maxw=0
Requested by
Host: qoaaa.com
URL: https://qoaaa.com/js/responsive.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.201.42 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
affilist.com
Software
nginx /
Resource Hash
02c1d812c633cc5697a6a154870306acb1142c0957bcd548009608343de84a38

Request headers

Referer
https://swqof5.cyou/vtCpyFwt/dewaaa-qf/?_t=1657117521158
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 06 Jul 2022 14:25:24 GMT
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
server
nginx
x-robots-tag
noindex,nofollow
1150_99889DW113-EN-300x50.jpeg
aff-a.advertica-cdn.com/generic/ Frame 0725
8 KB
8 KB
Image
General
Full URL
https://aff-a.advertica-cdn.com/generic/1150_99889DW113-EN-300x50.jpeg
Requested by
Host: qoaaa.com
URL: https://qoaaa.com//4fe48aebd6/4f59451604/?placementName=Banner&randomA=0_5475&maxw=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.127 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
603ae0ea050f491dc79e69dc5cbde27e8b84ab23326d23540d3f876757ba7101

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://qoaaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:25:24 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 14:27:49 GMT
server
nginx
etag
W/"5fe9eb65-1e5c"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-server
cdnbts
expires
Fri, 05 Aug 2022 14:25:24 GMT

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| bootstrap function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| _0x57c5 function| _0x5233 function| _0x2060cc function| lazyload function| LazyLoad function| Popper number| qs function| gtag object| dataLayer string| brand_country object| dayNames object| monthNames string| minutos_y string| segundos object| modalOptions number| g_share_step boolean| g_banner_ad number| g_share_type number| type_op number| cl number| p_e number| p_s object| all_p_e object| b string| a undefined| c undefined| e boolean| box_ini number| count number| windraw number| intentos boolean| puedo object| boxRoot number| datetime number| maxParticleCount number| particleSpeed function| startConfetti function| stopConfetti function| toggleConfetti function| removeConfetti object| colors boolean| streamingConfetti object| animationTimer object| particles number| waveAngle number| share_number function| stepfinal function| goToUrlFinish function| getBrowser function| getPlatform function| d function| f function| set_Cookie function| get_Cookie function| move function| swal_box function| resetParticle function| startConfettiInner function| stopConfettiInner function| removeConfettiInner function| toggleConfettiInner function| drawParticles function| updateParticles function| showShare function| continueBtn function| swalert function| shareOkBtn function| shareBtn function| wxalert function| getMainHost function| hh1 function| jp function| fh object| _hmt function| ReplaceWithPolyfill string| randaffilistX45 object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal object| paths string| project string| np object| nptimes string| Ads string| Web string| j string| j2 string| tj string| tj2 boolean| _bdhm_loaded_0bfeeef5a79626897a33b81d90da60f2 object| mini_tangram_log_4owfm1 boolean| _bdhm_loaded_e8430a361305901aaf21019d086a2e3f object| mini_tangram_log_m6eo12 boolean| _bdhm_loaded_9e84975b629767c58a8becc81600bb23 object| mini_tangram_log_usssv7 boolean| _bdhm_loaded_8b68846a3ac1709b0ec7199084ee5ea8 object| mini_tangram_log_cuslxk

13 Cookies

Domain/Path Name / Value
.swqof5.cyou/ Name: _ga_0C230YDF7G
Value: GS1.1.1657117522.1.0.1657117522.0
.swqof5.cyou/ Name: _ga
Value: GA1.1.1236627528.1657117522
.swqof5.cyou/ Name: _ga_LW7434MYMN
Value: GS1.1.1657117522.1.0.1657117522.0
.swqof5.cyou/ Name: _ga_YSJ6N8TB0B
Value: GS1.1.1657117522.1.0.1657117522.0
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 08E3BD2F96BEE481
.swqof5.cyou/ Name: Hm_lvt_0bfeeef5a79626897a33b81d90da60f2
Value: 1657117523
.swqof5.cyou/ Name: Hm_lpvt_0bfeeef5a79626897a33b81d90da60f2
Value: 1657117523
.swqof5.cyou/ Name: Hm_lvt_e8430a361305901aaf21019d086a2e3f
Value: 1657117523
.swqof5.cyou/ Name: Hm_lpvt_e8430a361305901aaf21019d086a2e3f
Value: 1657117523
.swqof5.cyou/ Name: Hm_lvt_9e84975b629767c58a8becc81600bb23
Value: 1657117524
.swqof5.cyou/ Name: Hm_lpvt_9e84975b629767c58a8becc81600bb23
Value: 1657117524
.swqof5.cyou/ Name: Hm_lvt_8b68846a3ac1709b0ec7199084ee5ea8
Value: 1657117524
.swqof5.cyou/ Name: Hm_lpvt_8b68846a3ac1709b0ec7199084ee5ea8
Value: 1657117524

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
263cdn.com
aff-a.advertica-cdn.com
cdn.jsdelivr.cc
consultantdetach.top
hm.baidu.com
qoaaa.com
region1.google-analytics.com
swqof5.cyou
uprimp.com
www.googletagmanager.com
103.235.46.191
185.66.200.127
185.66.200.220
185.66.201.42
2001:4860:4802:34::36
2606:4700:3030::6815:d63
2606:4700:3032::ac43:9871
2606:4700:3037::6815:4b33
2606:4700:3037::6815:531a
2a00:1450:4001:800::2008
2a00:1450:4001:830::2001
02c1d812c633cc5697a6a154870306acb1142c0957bcd548009608343de84a38
04b5225b10878f4c28d3364eb3c83683d27609be43d47b40562d46a9b187e5e1
0b7274b0b5b7f411de46416a6c9941062f7a57aaf919fdeda367b5959f4ce8ef
10a34e7d702d14304fdcc9b9770de6b4ee5b8d8edf1a842b9f1fda4c9f6c1ceb
12fe027926c6914794127659ce18a75b9bfb9ff52a20596328c9c2151d346d16
19b1c1316a94129a42378a7173993990f46e1e4cb0d149852530cdb4c258806c
21996dbc7977d538334b449075b9335799611a5174bbdabe8540f3491b63172d
22659fa4e32073e97afe97f0ba6efef2c192d6f77f581d0871a187217917d700
249bbda47040d97604c46b6baf287593843757e7f8c475d3f190570c7515ba64
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ebc87cf941b86d8561caf3cb629eadd5f446400eaf265e6744e0b0a84f54538
32bc695a4583118b2adca0fe87d1f4844905692f48f5f2a0eece23f205536e60
36a20d2000d206ef86e56435fe605f49cda98785b84aa2f539b7492ac40ca4af
3ef54a26f1ebc3914a5105d018d623c731de65d00152f685e798cbd7962353c7
4987d5f43ecfeeb96384876eb9247b9653c4cb66628a594cfe87e922ab0a18b5
49d9e64062f5b612a5c19631450f10e74b9ea2ebdc0c6223b3ab44d0bbb5c76d
5948b9fa9b4646a5b3c10bb3254749d6a92a21d8ea8abb093969ed5a7184dadc
5bda45e4d33945806bf64cd6897f2a01c0d4587a6634905f0762925f8666765d
603ae0ea050f491dc79e69dc5cbde27e8b84ab23326d23540d3f876757ba7101
712160c94c71a76504516ca80f518cdee95f46af4ce93c1cdcef3d7eed84067a
79d16c114ffcc10201dfb2f25e8ebf02b47798367e7cbd95a59a4b8d1a5235c5
7d7a9043f4bed303fe2974ac4e3ba10d6b214e70f7ae549786ba2d347de05f81
88ad3754c7f15c2a0ca12baddc845897a27bbc59d7647c5ae74391971a99d9e1
9486368f2db81b386c37d2fd24fadeafa2d33aed89217b01c0dd8b474ea9a300
9b7f1ddc36af29778df73a309d2861822456de3eb416e6921a5c44e68435a42f
a0a4745f2a2b942a9a132bf8e4bc638bd51bf14b2872eec593d0fb50e9f91de7
a4555d8dee9f8adc976e84a97dfe87e6bf5794b579f49bb56f133fed85f7d709
a6c2d757857dff2d118381c3d0c4362bb6cdcb3a6630f54120b461c9d7fdf4b9
ac4ab31d04bf2308f0cf754b9379c1c43e61b4f999d5c29dfdfc7c998476b403
af367e3741cb490341341975fe4ca2b9b9cc18b7365d1420de4b5049ed663167
b219e4cd8f8f9216f159285019be30d6bfe475d92ca30b3561551aaa2174751d
bb54bfdc8f6e3f3d07d385289f36fc17b16f898018817d920922b37be4046230
c3e86c821401369cba776c71cc29b795e73bef9afdc1af0045e2eeccaf670116
c6a9540fa6bb86bfe35a66096bc3b3d764f78b033f38b71e8968678705de2f92
c80fad36d38f0cced671a7e4ae2069a98e20cc5be0cef8c9d09309761361f629
ce58ae019d98cce21e4024278b7ff604a239cc4ce62ed26aa5191696fab33c42
ceff50987076bc7d9ad4288047aee8256ddd995a9508a3ae67c18ce0ffac9426
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1a2319e8b8d301e675e17b80312733a4be3dd7aeca5dd1abc2e1919d1e9fc1d
dc8608b12595091527884cbaabf357eebd2d000060eb87b84476f7a80e83187b
dd25398c21d3cdf5231a0b6e9fc201d93534178f81917836baa82855bef78474
e290dc4993b9ae7d34440db26be412b4bc4547a48ff635750d400164665d7fa6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61f94c7f14c38b125cacd6c34540c3c37babf505b0bd4da7e8af46fa3a43be9
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f71bb22a1d780765e2ff3c2d97f1b8734e4143b6206495958bc9530db5c33142
ff399ce0e73811942164279fbe3a4c16b016e7a3b8098d0173e732c19c5c1d4c