badbunnies.xyz Open in urlscan Pro
199.36.158.100 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://badbunnies.xyz/farm/hijack/shipments/
Submission: On April 25 via api (April 25th 2024, 5:00:22 pm UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 53 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is badbunnies.xyz.
TLS certificate: Issued by GTS CA 1D4 on March 3rd 2024. Valid for: 3 months.

This is the only time badbunnies.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	18.239.36.90 18.239.36.90	16509 (AMAZON-02) (AMAZON-02)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2606:4700::68... 2606:4700::6811:381d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
53	10

33 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

badbunnies.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.36.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-90.ams58.r.cloudfront.net

api.x.immutable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o4504366448246784.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:381d (United States)

ASN13335 (CLOUDFLARENET, US)

eth-mainnet.g.alchemy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	badbunnies.xyz badbunnies.xyz	1 MB
4	alchemy.com eth-mainnet.g.alchemy.com — Cisco Umbrella Rank: 241805	517 B
4	immutable.com api.x.immutable.com — Cisco Umbrella Rank: 512407	5 KB
3	gstatic.com fonts.gstatic.com	73 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	376 B
2	sentry.io o4504366448246784.ingest.sentry.io	397 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	70 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2404	254 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	81 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
53	10

	Domain	Requested by
33	badbunnies.xyz	badbunnies.xyz
4	eth-mainnet.g.alchemy.com	badbunnies.xyz
4	api.x.immutable.com	badbunnies.xyz
3	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	badbunnies.xyz
2	o4504366448246784.ingest.sentry.io	badbunnies.xyz
2	connect.facebook.net	badbunnies.xyz connect.facebook.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	badbunnies.xyz
1	fonts.googleapis.com	badbunnies.xyz
53	10

This site contains links to these domains. Also see Links.

Domain
pawwarztcg.myshopify.com
medium.com

Subject Issuer	Validity	Valid
www.quiz101.ru GTS CA 1D4	`2024-03-03` - `2024-06-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-03` - `2024-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.x.immutable.com Amazon RSA 2048 M03	`2023-11-23` - `2024-12-21`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
g.alchemy.com E1	`2024-04-18` - `2024-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://badbunnies.xyz/farm/hijack/shipments/
Frame ID: F47B8E266D79F8CAA85E4D1A657AD9B8
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hijacking | Paw Warz

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

53
Requests

100 %
HTTPS

70 %
IPv6

10
Domains

10
Subdomains

10
IPs

2
Countries

1377 kB
Transfer

3898 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://pawwarztcg.myshopify.com/collections/bad-bunnies-paw-warz-season-01-collection
Title: MERCH

Search URL Search Domain Scan URL

URL: https://medium.com/@BadBunniesNFT
Title: Blog

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
badbunnies.xyz/farm/hijack/shipments/ 161 KB
23 KB 54ms
9ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aa30f55266cb622a41d6f0721580c04f3893131053827f87584e3f87186fc546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 23656
content-type: text/html; charset=utf-8
date: Thu, 25 Apr 2024 17:00:16 GMT
etag: "fcb45375db8f408b6e9fba70ba9ffc4f65a01a7ce6f05aca7a1ec092350d89a4-br"
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-etou8220148-FRA
x-timer: S1714064416.362276,VS0,VE1

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 41ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@300;400;500&family=Epilogue:wght@400;500;700&family=Bevan:wght@400&display=swap

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48dd33d06b72a1d7e23392df0847c50c211147437e8b2d3e100d2179c861fbd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Apr 2024 17:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Apr 2024 17:00:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Apr 2024 17:00:16 GMT

GET
H2 200 logo.png
badbunnies.xyz/assets/icons/ 49 KB
47 KB 159ms
158ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://badbunnies.xyz/assets/icons/logo.png

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

06135de1d0b863fd015e03f091c5bd35d08af54c3c9acdf7d6aa210886045681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220148-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:16 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064416.377803,VS0,VE146
etag: "ae1cf28902aaa81d84495d3b8752e4f1bc36855eec46baffde0f5ab493050392-br"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47969
x-cache-hits: 0

GET
H2 200 close.png
badbunnies.xyz/assets/icons/ 210 B
326 B 8ms
8ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://badbunnies.xyz/assets/icons/close.png

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c994b410a9e80ff0c0c78c0761c6507cdd89da53ee88516cf6499637c4bcaed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220148-FRA
strict-transport-security: max-age=31556926
date: Thu, 25 Apr 2024 17:00:16 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064416.377984,VS0,VE1
etag: "592a0ee6217bb5c54aab3827ed988fee92ce16199257af20c9e20a583bc1c030"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 210
x-cache-hits: 0

GET
H3 200 shop.png
badbunnies.xyz/assets/icons/ 470 B
773 B 11ms
10ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://badbunnies.xyz/assets/icons/shop.png

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d88a53c5764fc2385e9e2196fbf904ce0a2228e5bd87543ede6949337ff66208

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
date: Thu, 25 Apr 2024 17:00:16 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064416.394173,VS0,VE3
etag: "bb8757b43a93eafb5f58970b30ffc27cf065f797ceeb1ac4aa4765c21de80c2d"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 470
x-cache-hits: 0

GET
H3 200 gem.png
badbunnies.xyz/assets/icons/ 375 B
679 B 10ms
10ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://badbunnies.xyz/assets/icons/gem.png

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

577951893a4e607626504ec49d860ebce0ce6788796ef57743dd73cb5d5486db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
date: Thu, 25 Apr 2024 17:00:16 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064416.406148,VS0,VE1
etag: "b65bad77baeddfc4f41b47ff70bd89a55a6446f0458f4581ecdb2eddfc453b41"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 375
x-cache-hits: 0

GET
H3 200 settings.png
badbunnies.xyz/assets/icons/ 520 B
822 B 11ms
10ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://badbunnies.xyz/assets/icons/settings.png

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e01a5e785da8474b430b62396694d0c80be363704f6959edcde6b48819d8dd55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
date: Thu, 25 Apr 2024 17:00:16 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064416.421583,VS0,VE1
etag: "71ac66c87efdd4c7775c0bd5254a222c2fc49ee9e7cb79d8581c2f743ce79090"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 520
x-cache-hits: 0

GET
H3 200 star.png
badbunnies.xyz/assets/icons/ 405 B
710 B 133ms
132ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://badbunnies.xyz/assets/icons/star.png

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a25ed16432e3c604fbeccd94564012b6e495da221b5b4c2694842cefa8c89bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
date: Thu, 25 Apr 2024 17:00:16 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064416.423545,VS0,VE120
etag: "aa089124ee56b771a2432f71295b5486235d4c2886a95a92724e6fa29ec3d3c8"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 405
x-cache-hits: 0

GET
H3 200 hand.png
badbunnies.xyz/assets/icons/ 673 B
977 B 13ms
12ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://badbunnies.xyz/assets/icons/hand.png

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

955978835a35d09d7d24640eba6bf55f2e538fc9ee17dcaa2156306995b52f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
date: Thu, 25 Apr 2024 17:00:16 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064416.423841,VS0,VE2
etag: "8f92253f7348634e870b5db46fcb59b235556c11333ba98f2ac8dffcd3334b53"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 673
x-cache-hits: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
81 KB 82ms
44ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S5B14G3KJP

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb5914e47011d214ffe43f6027e56d6655ef84ecc871daf4339a988bdf89e92c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 17:00:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82819
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Apr 2024 17:00:16 GMT

GET
H3 200 webpack-runtime-afea82b936e19cd4cb9c.js Show response
badbunnies.xyz/ 9 KB
4 KB 20ms
18ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/webpack-runtime-afea82b936e19cd4cb9c.js

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9e28cfc7c85f652551687d81d7487e22e4efcedcce5d279a915e04fa5eb64217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:16 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064416.424864,VS0,VE1
etag: "65d7e7dd040bc0a668524edfac2490d1132e86d56df803f964bb25a88167d592-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3457
x-cache-hits: 0

GET
H3 200 framework-1077ad53b503283ccbe5.js Show response
badbunnies.xyz/ 138 KB
39 KB 21ms
20ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/framework-1077ad53b503283ccbe5.js

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

56b9f8c8b56c285b52a859cc04e3302b68d523cf10f4fe9cde782c472f93a3f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:16 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064416.424853,VS0,VE2
etag: "5a1ac5b9bb5cfa12114afce4a07189237ebbbe3520dc09d192a62b377ea3ab57-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 39638
x-cache-hits: 0

GET
H3 200 2f30b699-b17dca102ece18e2bf3f.js Show response
badbunnies.xyz/ 75 KB
14 KB 14ms
13ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/2f30b699-b17dca102ece18e2bf3f.js

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f7730efe0c4d6ad26a2da84325fe387621905bc5e884ab53efb9855d67969362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:16 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064416.424820,VS0,VE1
etag: "e7ca055ac19054f6dada30b50e6a1d24937b06f7c09e05c225223d300b1e7d4e-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14391
x-cache-hits: 0

GET
H3 200 75fc9c18-ff20e68088ee62cd0fd3.js Show response
badbunnies.xyz/ 59 KB
18 KB 17ms
16ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/75fc9c18-ff20e68088ee62cd0fd3.js

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8a6aff0c5aa9f412293cd5c8ed8958b2d072e6bb20be366c71659c24dcb82380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:16 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064416.424798,VS0,VE1
etag: "2d31adcf4a07c93c6d7c13445391490c244fb5487bd1eb5af14e0a99e4751583-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17607
x-cache-hits: 0

GET
H3 200 57c2a601-b244e0918778718163ec.js Show response
badbunnies.xyz/ 297 KB
74 KB 17ms
16ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/57c2a601-b244e0918778718163ec.js

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e01daf9a92438468626e648bd666c6d04e6518094f46c4acfdccb7b484c98225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:16 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064416.424772,VS0,VE1
etag: "59463b4a3f86d24bc7a5d22d6b32f386bd408633e1de945f12565472d565d869-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 75069
x-cache-hits: 0

GET
H3 200 app-834961167d3fcf3cf704.js Show response
badbunnies.xyz/ 2 MB
396 KB 18ms
17ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/app-834961167d3fcf3cf704.js

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fff3f374196720105f1ce6ada4a8a0dbd9ccf18af80c0a689ea50aa1dda51ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:16 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064416.424754,VS0,VE1
etag: "e7215e745252ce9933cac3454512fcdd7339042a9dcb8845ed39534772172053-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 405308
x-cache-hits: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 41ms
16ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 25 Apr 2024 17:00:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=12, mss=1294, tbw=2794, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: esPWmVbwgVxOTUBY5KA8jdYwUfu+7fmS5vZ2Sj/t8LIDOyxYdgmHR2gAbD6oOd6Keh2EGvBrp8uduRVR9BJ2fA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 background.png
badbunnies.xyz/assets/images/ 489 KB
489 KB 50ms
49ms Image
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://badbunnies.xyz/assets/images/background.png

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

15611693a14ef2a34ef10ec5f72f29f6696073fd4b4d3724a292b85ae6c67774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: gzip
date: Thu, 25 Apr 2024 17:00:16 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064416.426116,VS0,VE2
etag: "5434e3eb4f5135494eb1fe90c5364a935031a28f838c5f8c35d58a361c50764b"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 500325
x-cache-hits: 0

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 20 KB
20 KB 74ms
21ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B4-Lwz3bWuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@300;400;500&family=Epilogue:wght@400;500;700&family=Bevan:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://badbunnies.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 11:51:34 GMT
x-content-type-options: nosniff
age: 104922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20432
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:38:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Apr 2025 11:51:34 GMT

GET
H2 200 HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2
fonts.gstatic.com/s/barlowcondensed/v12/ 20 KB
20 KB 71ms
18ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@300;400;500&family=Epilogue:wght@400;500;700&family=Bevan:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://badbunnies.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 12:37:26 GMT
x-content-type-options: nosniff
age: 274970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20200
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:28:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Apr 2025 12:37:26 GMT

GET
H2 200 O4ZRFGj5hxF0EhjimlIksgg.woff2
fonts.gstatic.com/s/epilogue/v17/ 32 KB
33 KB 60ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/epilogue/v17/O4ZRFGj5hxF0EhjimlIksgg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@300;400;500&family=Epilogue:wght@400;500;700&family=Bevan:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b04ad9bd13dad8818015a0225db1c058bb93ebc88c53fb7785ef4d7d7e0505b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://badbunnies.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 14:28:51 GMT
x-content-type-options: nosniff
age: 9085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33172
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 20:28:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Apr 2025 14:28:51 GMT

GET
H2 200 5327302930715835 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 132ms
131ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/5327302930715835?v=2.9.154&r=stable&domain=badbunnies.xyz&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

752d418ab0218b26a8e810ef5d4b6246617a465df6fbebd10c2972c41bedaaa5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 25 Apr 2024 17:00:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=40, mss=1294, tbw=63221, tp=-1, tpl=-1, uplat=121, ullat=0
pragma: public
x-fb-debug: EIoA0j/PMbJjCIcT3EbPW0MADyZ/Q3Z0MHA2DKieMuSaP8VqeVx1lFBCKyCyqyPpSVBQkIlm+33gEJCqeKyWEg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk Show response
api.x.immutable.com/v1/projects/ 122 B
759 B 243ms
156ms XHR
application/json 18.239.36.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.x.immutable.com/v1/projects/sdk?version=imx-sdk-js-2.1.1&id=&details=eyJicm93c2VyIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiZG9tYWluIjoiYmFkYnVubmllcy54eXoiLCJ0eiI6IkV1cm9wZS9CZXJsaW4iLCJzY3JlZW4iOiIxNjAweDEyMDAifQ==

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.36.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-36-90.ams58.r.cloudfront.net

Software

Resource Hash

4657e0ccf6c8aa008d04caf5189ca39751d7813bcbebd37ceb2ff444a22b2c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://badbunnies.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 17:00:17 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amzn-remapped-content-length: 122
x-amzn-remapped-server: istio-envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 1e08f1d5-9aaf-4c4f-bbb0-54a9a9360bed
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
x-amz-apigw-id: WyrVNFLwCYcEl1w=
content-length: 122
x-xss-protection: 1; mode=block
x-trace-id: 0ccb93b53876b1c7c12f073b4289266f
vary: Origin
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
x-amzn-remapped-date: Thu, 25 Apr 2024 17:00:17 GMT
x-amz-cf-id: cTW5O83bVe189LmW7KjN_EnnUgoD6g140gHfCLA0HNxQlyqWQc7Ogg==

POST
H2 200 / Show response
o4504366448246784.ingest.sentry.io/api/4504366450475008/envelope/ 2 B
299 B 50ms
10ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4504366448246784.ingest.sentry.io/api/4504366450475008/envelope/?sentry_key=290077b43c1841fb9e40ab75c2f8c00a&sentry_version=7&sentry_client=sentry.javascript.react%2F7.61.1

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://badbunnies.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Apr 2024 17:00:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 200 app-data.json Show response
badbunnies.xyz/page-data/ 50 B
350 B 10ms
9ms XHR
application/json 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/page-data/app-data.json

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a8dd8a02a852f441a2a7a413dd5bb1314c5f7c6df2cbeb1c5ae66bf841f5e2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://badbunnies.xyz/farm/hijack/shipments/
baggage: sentry-environment=production,sentry-release=imx-badbunnies%401.0.9,sentry-public_key=290077b43c1841fb9e40ab75c2f8c00a,sentry-trace_id=2d3bb567353f467e94ba6199e6ac5d16,sentry-sample_rate=0.5,sentry-sampled=true
sentry-trace: 2d3bb567353f467e94ba6199e6ac5d16-9b62e0bcbede94dd-1
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
date: Thu, 25 Apr 2024 17:00:16 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064417.908442,VS0,VE2
etag: "194170b53b4777c5efa0ef21c09653a8752f54619c72cb289b2e5e2cc19ccefa"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 50
x-cache-hits: 0

GET
H3 200 page-data.json Show response
badbunnies.xyz/page-data/farm/hijack/shipments/ 391 B
537 B 121ms
120ms XHR
application/json 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/page-data/farm/hijack/shipments/page-data.json

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

03a2b5702fae195c2f32e38fe6ca94642289ce78439c8d2a528cadae160dd65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://badbunnies.xyz/farm/hijack/shipments/
baggage: sentry-environment=production,sentry-release=imx-badbunnies%401.0.9,sentry-public_key=290077b43c1841fb9e40ab75c2f8c00a,sentry-trace_id=2d3bb567353f467e94ba6199e6ac5d16,sentry-sample_rate=0.5,sentry-sampled=true
sentry-trace: 2d3bb567353f467e94ba6199e6ac5d16-a304567a4b6b6581-1
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:17 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064417.909080,VS0,VE113
etag: "a24f17d5e3f77f088d774ec15554cf77f871e06902061f6f1f83d8d758132558-br"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: application/json
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 229
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 57ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=5327302930715835&ev=PageView&dl=https%3A%2F%2Fbadbunnies.xyz%2Ffarm%2Fhijack%2Fshipments%2F&rl=&if=false&ts=1714064417034&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1714064417033.591783814&ler=empty&cdl=API_unavailable&it=1714064416512&coo=false&rqm=GET

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1294, tbw=2764, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 25 Apr 2024 17:00:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 commons-fee2853eb5c8d0d946b0.js Show response
badbunnies.xyz/ 24 KB
9 KB 9ms
8ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/commons-fee2853eb5c8d0d946b0.js

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/webpack-runtime-afea82b936e19cd4cb9c.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9614f83796fa9bb9f6c273bef9ad1850723227b235d3d9a360711b1797457676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:17 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064417.044829,VS0,VE1
etag: "720fe95e81a3244169411c81cd1e4b49f848a9e42236be3fbfbefb8d3c4f0e68-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9347
x-cache-hits: 0

GET
H3 200 953457396d1754cc8fcc7a4886893c8f1ffadb76-f16dae1e6b819664bec2.js Show response
badbunnies.xyz/ 16 KB
5 KB 11ms
10ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/953457396d1754cc8fcc7a4886893c8f1ffadb76-f16dae1e6b819664bec2.js

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/webpack-runtime-afea82b936e19cd4cb9c.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2aae8d93803605fe598dc60b5e329f2c3827fabbfd8bc8b176dceef2707ce917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:17 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064417.045146,VS0,VE2
etag: "aa4da5ec31662c1a6494f55cf891ca57cbcbeece41fdacff4cf006c58eff22a9-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5046
x-cache-hits: 0

GET
H3 200 fd16c4ab0e283267cb3d12f4ca10e80c65d4f0e1-276cbab35dac27d84336.js Show response
badbunnies.xyz/ 19 KB
4 KB 13ms
10ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/fd16c4ab0e283267cb3d12f4ca10e80c65d4f0e1-276cbab35dac27d84336.js

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/webpack-runtime-afea82b936e19cd4cb9c.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3793ee0c0389b3bd4ce049c6afe400e71b26bc7a4e501888a2af1b57392bf31b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:17 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064417.048388,VS0,VE1
etag: "b17409ae57ead934acbb3983c878aebea1605cf6cf1feb32af047cca0429523e-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3670
x-cache-hits: 0

GET
H3 200 71e28b36da507bdc375991e5c7dc89722df59149-7a3840fc58ad6e0095ee.js Show response
badbunnies.xyz/ 16 KB
5 KB 13ms
12ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/71e28b36da507bdc375991e5c7dc89722df59149-7a3840fc58ad6e0095ee.js

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/webpack-runtime-afea82b936e19cd4cb9c.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1e0f6c42c0543874e46d182625c6bcbfd7e9d200c0ad37c0f1e3ef024b885bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:17 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064417.048699,VS0,VE2
etag: "e9f87f850c32c3bd2d3dbffe3dcc4154e7b583990e6ad25f3bbffa932479522b-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4784
x-cache-hits: 0

GET
H3 200 component---src-pages-farm-hijack-shipments-js-746494d3732af0410fd5.js Show response
badbunnies.xyz/ 4 KB
2 KB 12ms
11ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/component---src-pages-farm-hijack-shipments-js-746494d3732af0410fd5.js

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/webpack-runtime-afea82b936e19cd4cb9c.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d26461d3462ed1a420ef715e62a7f16f60ff12aec6c347d5d83a3708e46338d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:17 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064417.048697,VS0,VE2
etag: "1b062aa89c75169cf03e138ef7395cdde87632d0ce0c19f3cb70ee0041223596-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1425
x-cache-hits: 0

GET
H3 200 shipments Show response
badbunnies.xyz/api/farming/ 2 B
865 B 286ms
286ms XHR
application/json 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/api/farming/shipments

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: 0
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
date: Thu, 25 Apr 2024 17:00:17 GMT
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-cache: MISS
cross-origin-resource-policy: same-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2
x-xss-protection: 0
x-served-by: cache-fra-etou8220138-FRA
referrer-policy: no-referrer
server: Google Frontend
cross-origin-opener-policy: same-origin
x-timer: S1714064417.128898,VS0,VE247
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding,cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-cloud-trace-context: dc594de2755e5d802eead062e05cf9af
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
accept-ranges: bytes
x-orig-accept-language: de-DE,de;q=0.9;q=0.9
x-country-code: DE
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 13ms
10ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=5327302930715835&ev=ViewContent&dl=https%3A%2F%2Fbadbunnies.xyz%2Ffarm%2Fhijack%2Fshipments%2F&rl=&if=false&ts=1714064417118&sw=1600&sh=1200&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.1.1714064417033.591783814&ler=empty&cdl=API_unavailable&it=1714064416512&coo=false&rqm=GET

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/farm/hijack/shipments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1294, tbw=3117, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 25 Apr 2024 17:00:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 200 CVkzxiEwTvz55ai6NGOr94pUJs5B07Ar
eth-mainnet.g.alchemy.com/v2/ 0
0 264ms
149ms Preflight 2606:4700::6811:381d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eth-mainnet.g.alchemy.com/v2/CVkzxiEwTvz55ai6NGOr94pUJs5B07Ar
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:381d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://badbunnies.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://badbunnies.xyz
access-control-max-age: 1800
cf-cache-status: DYNAMIC
cf-ray: 879fe370391890fe-FRA
date: Thu, 25 Apr 2024 17:00:17 GMT
server: cloudflare
vary: Origin

POST
H2 200 CVkzxiEwTvz55ai6NGOr94pUJs5B07Ar Show response
eth-mainnet.g.alchemy.com/v2/ 40 B
261 B 232ms
232ms Fetch
application/json 2606:4700::6811:381d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eth-mainnet.g.alchemy.com/v2/CVkzxiEwTvz55ai6NGOr94pUJs5B07Ar
Requested by: Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:381d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 232d3c5ffae1c27fcf2ee357eafeabae4064d579ef40673d047b7c4cabd30406

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://badbunnies.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Thu, 25 Apr 2024 17:00:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-alchemy-trace-id: 7b63f4bab9678b66ebc5344e450229da
vary: Origin
content-type: application/json
access-control-allow-origin: https://badbunnies.xyz
access-control-allow-credentials: true
cf-ray: 879fe3712a0e90fe-FRA
content-length: 40

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 185ms
53ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S5B14G3KJP&gtm=45je44o0v895553313za200&_p=1714064416419&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=408574757.1714064417&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&dp=%2Ffarm%2Fhijack%2Fshipments%2F&sid=1714064417&sct=1&seg=0&dl=https%3A%2F%2Fbadbunnies.xyz%2Ffarm%2Fhijack%2Fshipments%2F&dt=Hijacking%20%7C%20Paw%20Warz&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=895
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5B14G3KJP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 25 Apr 2024 17:00:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://badbunnies.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 favicon-32x32.png
badbunnies.xyz/ 2 KB
3 KB 45ms
45ms Other
image/png 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/favicon-32x32.png?v=f94b829fafcfd8de53d7535a5301c91f

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5431ed74f5ea41c01e38dac53735d8e39f9955dae0d50f48aaa4d5b05693267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
date: Thu, 25 Apr 2024 17:00:17 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064417.216218,VS0,VE1
etag: "dfda71e8dd8e3c9130624c6c7c90796571313fe2b0b5ca9f94cd366aebca2a7e"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2257
x-cache-hits: 0

GET
H3 200 / Show response
badbunnies.xyz/api/events/close/ 2 B
865 B 1110ms
1110ms XHR
application/json 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/api/events/close/

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: 0
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
date: Thu, 25 Apr 2024 17:00:18 GMT
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
x-cache: MISS
cross-origin-resource-policy: same-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2
x-xss-protection: 0
x-served-by: cache-fra-etou8220138-FRA
referrer-policy: no-referrer
server: Google Frontend
cross-origin-opener-policy: same-origin
x-timer: S1714064417.221565,VS0,VE1090
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding,cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-cloud-trace-context: 4c53b7dff4e95d55e63ea5c321896a14
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
accept-ranges: bytes
x-orig-accept-language: de-DE,de;q=0.9;q=0.9
x-country-code: DE
x-cache-hits: 0

GET
H2 200 tokens Show response
api.x.immutable.com/v1/ 4 KB
2 KB 172ms
172ms XHR
application/json 18.239.36.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.x.immutable.com/v1/tokens

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.36.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-36-90.ams58.r.cloudfront.net

Software

Resource Hash

022e181baabbf536493ea2ff87a9af354845ebb94315a7dedcb491e63923d295

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://badbunnies.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 17:00:17 GMT
content-encoding: br
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amzn-remapped-server: istio-envoy
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: a0bd034d-87cf-4d5a-ba0d-9e7914ff126a
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 5
x-amz-apigw-id: WyrVPFCGCYcEbhQ=
x-xss-protection: 1; mode=block
vary: Accept-Encoding,Origin
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
x-amzn-remapped-date: Thu, 25 Apr 2024 17:00:17 GMT
x-amz-cf-id: bZypSoG5jtQKJ2GqDBjDE_cRGzLjb_rjF9vtuXSOCyuVZcUb7ivlrQ==

GET
H2 200 tokens Show response
api.x.immutable.com/v1/ 25 B
628 B 178ms
177ms XHR
application/json 18.239.36.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.x.immutable.com/v1/tokens?cursor=eyJjb250cmFjdF9hZGRyZXNzIjoiMHgzYjYwNDc0N2FkMTcyMGMwMWRlZDA0NTU3MjhiNjJjMGQyZjEwMGYwIiwibmFtZSI6IldBR01JIEdhbWVzIiwic3ltYm9sIjoiV0FHTUkifQ

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.36.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-36-90.ams58.r.cloudfront.net

Software

Resource Hash

f34e89b18015cb2f15505a7ee59360e40d2418f318acdb9c8dc7aaa2f7c3bafc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://badbunnies.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 17:00:17 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amzn-remapped-content-length: 25
x-amzn-remapped-server: istio-envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: bd29e5df-872e-4ef9-adeb-52f0d47a769d
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 9
x-amz-apigw-id: WyrVRHO1iYcEYBg=
content-length: 25
x-xss-protection: 1; mode=block
vary: Origin
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
x-amzn-remapped-date: Thu, 25 Apr 2024 17:00:17 GMT
x-amz-cf-id: 15UZLOviU1Pu1TX7_jsmiKFJuJvBk3hT4wgLxyg9N48UhQXuv7zhGQ==

GET
H2 200 tokens Show response
api.x.immutable.com/v1/ 4 KB
2 KB 480ms
480ms XHR
application/json 18.239.36.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.x.immutable.com/v1/tokens?cursor=

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.36.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-36-90.ams58.r.cloudfront.net

Software

Resource Hash

022e181baabbf536493ea2ff87a9af354845ebb94315a7dedcb491e63923d295

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://badbunnies.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 17:00:17 GMT
content-encoding: br
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amzn-remapped-server: istio-envoy
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: c48d52fd-f86e-4853-af3b-328f31be56c1
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 2
x-amz-apigw-id: WyrVTHYaCYcEfGA=
x-xss-protection: 1; mode=block
vary: Accept-Encoding,Origin
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
x-amzn-remapped-date: Thu, 25 Apr 2024 17:00:17 GMT
x-amz-cf-id: cAWelSz9g-gD_29MXfW97FhMWVeIa3DxMk1TQYjv0UrwmJwQ06BcTA==

POST
H2 200 CVkzxiEwTvz55ai6NGOr94pUJs5B07Ar Show response
eth-mainnet.g.alchemy.com/v2/ 40 B
256 B 174ms
174ms Fetch
application/json 2606:4700::6811:381d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eth-mainnet.g.alchemy.com/v2/CVkzxiEwTvz55ai6NGOr94pUJs5B07Ar
Requested by: Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:381d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a4669af37a3c1cd71840208dc31862c98048cf79d8c02a6fb57ef7279411c76

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://badbunnies.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Thu, 25 Apr 2024 17:00:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-alchemy-trace-id: 85593a492cec398b403efe7d2c225af7
vary: Origin
content-type: application/json
access-control-allow-origin: https://badbunnies.xyz
access-control-allow-credentials: true
cf-ray: 879fe373ed3690fe-FRA
content-length: 40

OPTIONS
H2 200 CVkzxiEwTvz55ai6NGOr94pUJs5B07Ar
eth-mainnet.g.alchemy.com/v2/ 0
0 207ms
206ms Preflight 2606:4700::6811:381d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eth-mainnet.g.alchemy.com/v2/CVkzxiEwTvz55ai6NGOr94pUJs5B07Ar
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:381d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://badbunnies.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://badbunnies.xyz
access-control-max-age: 1800
cf-cache-status: DYNAMIC
cf-ray: 879fe3729bd590fe-FRA
date: Thu, 25 Apr 2024 17:00:17 GMT
server: cloudflare
vary: Origin

POST
H2 200 / Show response
o4504366448246784.ingest.sentry.io/api/4504366450475008/envelope/ 41 B
98 B 51ms
50ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4504366448246784.ingest.sentry.io/api/4504366450475008/envelope/?sentry_key=290077b43c1841fb9e40ab75c2f8c00a&sentry_version=7&sentry_client=sentry.javascript.react%2F7.61.1

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

abfaf186c772682795016c5a89cb428145a515696b156dc06c73f6598fa32620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://badbunnies.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Apr 2024 17:00:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H3 200 page-data.json
badbunnies.xyz/page-data/my/rewards/ 0
526 B 122ms
122ms Other
application/json 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/page-data/my/rewards/page-data.json

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Origin: https://badbunnies.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:20 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064420.207024,VS0,VE114
etag: "8a7f513e0922ee93f96de001943b6df982f6b5d0ec36c9aee1faa2e8e4ccf071-br"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: application/json
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 220
x-cache-hits: 0

GET
H3 200 page-data.json
badbunnies.xyz/page-data/gangs/ 0
523 B 18ms
17ms Other
application/json 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/page-data/gangs/page-data.json

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Origin: https://badbunnies.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:20 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064420.213266,VS0,VE2
etag: "ae0acfd4f7f02aea21fa92f87c89f3c566b51dac014f6fe364589b85efc8b21f-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 218
x-cache-hits: 0

GET
H3 200 page-data.json
badbunnies.xyz/page-data/contact/ 0
522 B 15ms
14ms Other
application/json 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/page-data/contact/page-data.json

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Origin: https://badbunnies.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:20 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064420.213528,VS0,VE1
etag: "90996918f4db6a2b46bbb5095605394c7db259b24b7bfd5e32d1202c35443495-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 216
x-cache-hits: 0

GET
H3 200 page-data.json
badbunnies.xyz/page-data/cards/ 0
5 KB 17ms
16ms Other
application/json 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://badbunnies.xyz/page-data/cards/page-data.json

Requested by

Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://badbunnies.xyz/farm/hijack/shipments/
Origin: https://badbunnies.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 25 Apr 2024 17:00:20 GMT
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064420.214104,VS0,VE1
etag: "9161d8052411ca56b7f68dbc779abe0f92d098685578b2c5b6133323ade5636d-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4712
x-cache-hits: 0

GET
H3 200 page-data.json Show response
badbunnies.xyz/page-data/contact/ 363 B
0 1ms
0ms XHR
application/json 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://badbunnies.xyz/page-data/contact/page-data.json
Requested by: Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 03f9730a39386eff0d58b3ff4f9f1eba114dd66dd1bd7eb670dc1628e6a70086

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://badbunnies.xyz/farm/hijack/shipments/
baggage: sentry-environment=production,sentry-release=imx-badbunnies%401.0.9,sentry-public_key=290077b43c1841fb9e40ab75c2f8c00a,sentry-trace_id=2d3bb567353f467e94ba6199e6ac5d16
sentry-trace: 2d3bb567353f467e94ba6199e6ac5d16-9e7c4a8f698ff45c-1
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
date: Thu, 25 Apr 2024 17:00:20 GMT
content-encoding: br
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064420.213528,VS0,VE1
etag: "90996918f4db6a2b46bbb5095605394c7db259b24b7bfd5e32d1202c35443495-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 216
x-cache-hits: 0

GET
H3 200 page-data.json Show response
badbunnies.xyz/page-data/cards/ 33 KB
0 1ms
1ms XHR
application/json 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://badbunnies.xyz/page-data/cards/page-data.json
Requested by: Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dc368108d9ef923b1416b5189bd0624c4b7543f4b12531569696fa6141ca4923

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://badbunnies.xyz/farm/hijack/shipments/
baggage: sentry-environment=production,sentry-release=imx-badbunnies%401.0.9,sentry-public_key=290077b43c1841fb9e40ab75c2f8c00a,sentry-trace_id=2d3bb567353f467e94ba6199e6ac5d16
sentry-trace: 2d3bb567353f467e94ba6199e6ac5d16-86eb30d93ffc5137-1
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
date: Thu, 25 Apr 2024 17:00:20 GMT
content-encoding: br
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064420.214104,VS0,VE1
etag: "9161d8052411ca56b7f68dbc779abe0f92d098685578b2c5b6133323ade5636d-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4712
x-cache-hits: 0

GET
H3 200 page-data.json Show response
badbunnies.xyz/page-data/gangs/ 359 B
0 2ms
2ms XHR
application/json 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://badbunnies.xyz/page-data/gangs/page-data.json
Requested by: Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7ec9a59c99c9a99a2c572ecd5adfe03dfb711db9f3a29bff843115e11e048ea3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://badbunnies.xyz/farm/hijack/shipments/
baggage: sentry-environment=production,sentry-release=imx-badbunnies%401.0.9,sentry-public_key=290077b43c1841fb9e40ab75c2f8c00a,sentry-trace_id=2d3bb567353f467e94ba6199e6ac5d16
sentry-trace: 2d3bb567353f467e94ba6199e6ac5d16-a56489b0c9f91798-1
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
date: Thu, 25 Apr 2024 17:00:20 GMT
content-encoding: br
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064420.213266,VS0,VE2
etag: "ae0acfd4f7f02aea21fa92f87c89f3c566b51dac014f6fe364589b85efc8b21f-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 218
x-cache-hits: 0

GET
H3 200 page-data.json Show response
badbunnies.xyz/page-data/my/rewards/ 369 B
0 0ms
0ms XHR
application/json 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://badbunnies.xyz/page-data/my/rewards/page-data.json
Requested by: Host: badbunnies.xyz
URL: https://badbunnies.xyz/app-834961167d3fcf3cf704.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d8c6556c7faf1c6e2b57201f87422387f4e44721b12db2fb98866de39a93013d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://badbunnies.xyz/farm/hijack/shipments/
baggage: sentry-environment=production,sentry-release=imx-badbunnies%401.0.9,sentry-public_key=290077b43c1841fb9e40ab75c2f8c00a,sentry-trace_id=2d3bb567353f467e94ba6199e6ac5d16
sentry-trace: 2d3bb567353f467e94ba6199e6ac5d16-a0019da3bbd726be-1
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220138-FRA
date: Thu, 25 Apr 2024 17:00:20 GMT
content-encoding: br
last-modified: Tue, 02 Apr 2024 05:52:41 GMT
x-timer: S1714064420.207024,VS0,VE114
etag: "8a7f513e0922ee93f96de001943b6df982f6b5d0ec36c9aee1faa2e8e4ccf071-br"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: application/json
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 220
x-cache-hits: 0

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.badbunnies.xyz/	1970-01-20 22:17:20	Name: _fbp Value: fb.1.1714064417033.591783814
.badbunnies.xyz/	1970-01-21 05:43:44	Name: _ga_S5B14G3KJP Value: GS1.1.1714064417.1.0.1714064417.0.0.0
.badbunnies.xyz/	1970-01-21 05:43:44	Name: _ga Value: GA1.1.408574757.1714064417

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/5327302930715835?v=2.9.154&r=stable&domain=badbunnies.xyz&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.x.immutable.com
badbunnies.xyz
connect.facebook.net
eth-mainnet.g.alchemy.com
fonts.googleapis.com
fonts.gstatic.com
o4504366448246784.ingest.sentry.io
region1.google-analytics.com
www.facebook.com
www.googletagmanager.com
18.239.36.90
199.36.158.100
2001:4860:4802:34::36
2606:4700::6811:381d
2a00:1450:4001:806::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.120.195.249
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
022e181baabbf536493ea2ff87a9af354845ebb94315a7dedcb491e63923d295
03a2b5702fae195c2f32e38fe6ca94642289ce78439c8d2a528cadae160dd65f
03f9730a39386eff0d58b3ff4f9f1eba114dd66dd1bd7eb670dc1628e6a70086
06135de1d0b863fd015e03f091c5bd35d08af54c3c9acdf7d6aa210886045681
15611693a14ef2a34ef10ec5f72f29f6696073fd4b4d3724a292b85ae6c67774
1e0f6c42c0543874e46d182625c6bcbfd7e9d200c0ad37c0f1e3ef024b885bb7
232d3c5ffae1c27fcf2ee357eafeabae4064d579ef40673d047b7c4cabd30406
2aae8d93803605fe598dc60b5e329f2c3827fabbfd8bc8b176dceef2707ce917
2d2c4912162eaa41299aaf5063ecb92a26d76071fe6d1f77742b32c833daab99
3793ee0c0389b3bd4ce049c6afe400e71b26bc7a4e501888a2af1b57392bf31b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4657e0ccf6c8aa008d04caf5189ca39751d7813bcbebd37ceb2ff444a22b2c66
48dd33d06b72a1d7e23392df0847c50c211147437e8b2d3e100d2179c861fbd9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
56b9f8c8b56c285b52a859cc04e3302b68d523cf10f4fe9cde782c472f93a3f8
577951893a4e607626504ec49d860ebce0ce6788796ef57743dd73cb5d5486db
752d418ab0218b26a8e810ef5d4b6246617a465df6fbebd10c2972c41bedaaa5
7a4669af37a3c1cd71840208dc31862c98048cf79d8c02a6fb57ef7279411c76
7ec9a59c99c9a99a2c572ecd5adfe03dfb711db9f3a29bff843115e11e048ea3
8a6aff0c5aa9f412293cd5c8ed8958b2d072e6bb20be366c71659c24dcb82380
8d26461d3462ed1a420ef715e62a7f16f60ff12aec6c347d5d83a3708e46338d
955978835a35d09d7d24640eba6bf55f2e538fc9ee17dcaa2156306995b52f89
9614f83796fa9bb9f6c273bef9ad1850723227b235d3d9a360711b1797457676
9e28cfc7c85f652551687d81d7487e22e4efcedcce5d279a915e04fa5eb64217
a25ed16432e3c604fbeccd94564012b6e495da221b5b4c2694842cefa8c89bf6
a8dd8a02a852f441a2a7a413dd5bb1314c5f7c6df2cbeb1c5ae66bf841f5e2b3
aa30f55266cb622a41d6f0721580c04f3893131053827f87584e3f87186fc546
abfaf186c772682795016c5a89cb428145a515696b156dc06c73f6598fa32620
af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff
b04ad9bd13dad8818015a0225db1c058bb93ebc88c53fb7785ef4d7d7e0505b7
c994b410a9e80ff0c0c78c0761c6507cdd89da53ee88516cf6499637c4bcaed1
d88a53c5764fc2385e9e2196fbf904ce0a2228e5bd87543ede6949337ff66208
d8c6556c7faf1c6e2b57201f87422387f4e44721b12db2fb98866de39a93013d
dc368108d9ef923b1416b5189bd0624c4b7543f4b12531569696fa6141ca4923
e01a5e785da8474b430b62396694d0c80be363704f6959edcde6b48819d8dd55
e01daf9a92438468626e648bd666c6d04e6518094f46c4acfdccb7b484c98225
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f34e89b18015cb2f15505a7ee59360e40d2418f318acdb9c8dc7aaa2f7c3bafc
f5431ed74f5ea41c01e38dac53735d8e39f9955dae0d50f48aaa4d5b05693267
f7730efe0c4d6ad26a2da84325fe387621905bc5e884ab53efb9855d67969362
fb5914e47011d214ffe43f6027e56d6655ef84ecc871daf4339a988bdf89e92c
fff3f374196720105f1ce6ada4a8a0dbd9ccf18af80c0a689ea50aa1dda51ff7

badbunnies.xyz Open in urlscan Pro 199.36.158.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

70 %IPv6

10 Domains

10 Subdomains

10 IPs

2 Countries

1377 kBTransfer

3898 kBSize

3 Cookies

2 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

badbunnies.xyz Open in urlscan Pro
199.36.158.100 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

70 %
IPv6

10
Domains

10
Subdomains

10
IPs

2
Countries

1377 kB
Transfer

3898 kB
Size

3
Cookies

53 HTTP transactions
0 data transactions