uctvxyyhzan8epd.bar Open in urlscan Pro
2606:4700:3037::ac43:94c6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cupboardseed.top/bae3XndGfmYAZWACA3wFNxAjLglgMQc4L1J0WDNFPRs-DSchXhocUxkABy0YZi43?gfz1633437057296
Effective URL:
http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
Submission: On October 05 via manual (October 5th 2021, 12:36:16 pm UTC) from SD — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3037::ac43:94c6, located in United States and belongs to CLOUDFLARENET, US. The main domain is uctvxyyhzan8epd.bar.

This is the only time uctvxyyhzan8epd.bar was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3037::ac43:9161	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3037::ac43:94c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3030::6815:d63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	185.66.201.59 185.66.201.59	201702 (SKHOSTING-EU) (SKHOSTING-EU)
2	185.66.200.220 185.66.200.220	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
6	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
47	9

1 2606:4700:3037::ac43:9161 (United States)

ASN13335 (CLOUDFLARENET, US)

cupboardseed.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::ac43:94c6 (United States)

ASN13335 (CLOUDFLARENET, US)

uctvxyyhzan8epd.bar	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::6815:d63 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.201.59 (Komárno, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.59.skhosting.eu

benfly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.200.220 (Komárno, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu

uprimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	blogspot.com 1.bp.blogspot.com	729 KB
8	googletagmanager.com www.googletagmanager.com	60 KB
6	baidu.com hm.baidu.com	47 KB
6	jsdelivr.cc cdn.jsdelivr.cc	102 KB
4	uctvxyyhzan8epd.bar uctvxyyhzan8epd.bar	22 KB
2	uprimp.com uprimp.com	881 B
2	benfly.net benfly.net	8 KB
1	google-analytics.com www.google-analytics.com	371 B
1	cupboardseed.top cupboardseed.top	1 KB
47	9

	Domain	Requested by
17	1.bp.blogspot.com	uctvxyyhzan8epd.bar
8	www.googletagmanager.com	uctvxyyhzan8epd.bar
6	hm.baidu.com	uctvxyyhzan8epd.bar
6	cdn.jsdelivr.cc	uctvxyyhzan8epd.bar
4	uctvxyyhzan8epd.bar	cupboardseed.top uctvxyyhzan8epd.bar cdn.jsdelivr.cc
2	uprimp.com	uctvxyyhzan8epd.bar uprimp.com
2	benfly.net	uctvxyyhzan8epd.bar benfly.net
1	www.google-analytics.com	www.googletagmanager.com
1	cupboardseed.top
47	9

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-10` - `2022-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
uprimp.com R3	`2021-09-01` - `2021-11-30`	3 months	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-07-01` - `2022-08-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
Frame ID: 48A9B8C314B9FC6E2E1CFC3F975CCE67
Requests: 45 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=163343737097135&xtt=33448
Frame ID: 1B02698663B30ABBAAA2ECC74726100B
Requests: 1 HTTP requests in this frame

Frame: http://benfly.net//4fe48aebd6/4f59451604/?placementName=default&randomA=0_7506&maxw=0
Frame ID: 8069E3D5F8C36FD75C54B92338AE37E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🎉110-jähriges Jubiläum der Bank of Khartoum!🎊

Page URL History Show full URLs

http://cupboardseed.top/bae3XndGfmYAZWACA3wFNxAjLglgMQc4L1J0WDNFPRs-DSchXhocUxkABy0YZi43?gfz16334370... Page URL
http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

85 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

971 kB
Transfer

1546 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cupboardseed.top/bae3XndGfmYAZWACA3wFNxAjLglgMQc4L1J0WDNFPRs-DSchXhocUxkABy0YZi43?gfz1633437057296 Page URL
http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK bae3XndGfmYAZWACA3wFNxAjLglgMQc4L1J0WDNFPRs-DSchXhocUxkABy0YZi43
cupboardseed.top/ 772 B
1 KB 47ms
35ms Document
text/html 2606:4700:3037::ac43:9161
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cupboardseed.top/bae3XndGfmYAZWACA3wFNxAjLglgMQc4L1J0WDNFPRs-DSchXhocUxkABy0YZi43?gfz1633437057296
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:9161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: cupboardseed.top
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 05 Oct 2021 12:36:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acWV4qGNYtWyfdRnbvIqm%2B1LY2tvfZbjYB6dYnlQYmOvmSuiEsIMqhKLsv6qZYslTyH7GD6dGRGzpu9gfghX0Ns0Dh2fh8Hx4lyUSmrBczpWug%2B3e1TMe1v%2FsP8SEHVrEim%2Fo%2FupruIK79HvZGtb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6996b1abdbe21f3d-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK Primary Request / Show response
uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/ 85 KB
16 KB 92ms
76ms Document
text/html 2606:4700:3037::ac43:94c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
Requested by: Host: cupboardseed.top
URL: http://cupboardseed.top/bae3XndGfmYAZWACA3wFNxAjLglgMQc4L1J0WDNFPRs-DSchXhocUxkABy0YZi43?gfz1633437057296
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:94c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43de71aaacabf6d792e522d1afd8026b5d98edf07f2406d4ca84363f524930ae

Request headers

Host: uctvxyyhzan8epd.bar
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://cupboardseed.top/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://cupboardseed.top/

Response headers

Date: Tue, 05 Oct 2021 12:36:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmMfk69t1VFJOh3lCnPYai2Xs9yzWLib85eP4M%2FU3KF65qXGaiPSFnvxh3xlY%2Bu076h%2FatbW6mJRWZrlCZwG%2FGMrCucOaZizVDWGeUhgVurWc0C%2BAXwbmRjzqmvI9kF%2BqMsq4HJzO3inT4UK%2BtSSzAmL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6996b1ac485cc26d-FRA
Content-Encoding: gzip

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/ 87 KB
32 KB 60ms
30ms Script
application/javascript 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
Requested by: Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 12:36:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24358
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 14 Apr 2021 06:26:22 GMT
server: cloudflare
etag: W/"60768b0e-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0nh9DrF8jVqN7upKXW5sgHaEX2xqD5l6PqDI7R%2F24OD2svPgDKZ156R32NSl5IK3EzdSPlYur%2B6rJdpRpC%2FSRZv1X2RmcTQq0FLp%2B0OwGcKqeXyZLuqGUklNZSUqL25kQj0sLOr594O%2FuD65gI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6996b1ad1ce05c98-FRA
expires: Tue, 05 Oct 2021 17:50:11 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/ 62 KB
16 KB 53ms
23ms Script
application/javascript 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
Requested by: Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4555d8dee9f8adc976e84a97dfe87e6bf5794b579f49bb56f133fed85f7d709

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 12:36:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24354
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 14 Apr 2021 02:49:20 GMT
server: cloudflare
etag: W/"60765830-f7f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sow0EwoODVKgWarOK8OW9FanCY%2BZAdFFf1yBtV4NpAiN28apIGr5A5lwVpDNfpHDlAS7pgfrKNeBvi0bQZdakdnKPLMckZXqYZ%2FmOJrInDp%2FO6JdGRweHjAW0F65w90PVXikFn1vPvcPrmDN%2FCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6996b1ad1ce25c98-FRA
expires: Tue, 05 Oct 2021 17:50:16 GMT

GET
H2 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/ 71 KB
20 KB 63ms
33ms Script
application/javascript 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
Requested by: Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b7274b0b5b7f411de46416a6c9941062f7a57aaf919fdeda367b5959f4ce8ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 12:36:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36894
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 14 Apr 2021 02:43:30 GMT
server: cloudflare
etag: W/"607656d2-11c3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRgzLQsZ%2BOUpq96rTzM59lrkhKsBNwvHoYQpBpKJ6fo1op9NOls6hJHUFbwb7AefWhy%2Fu3y%2F3FE2UGHHfpzFan1M37JG1%2FqaWBcpQfQGoZsSjC%2Bgfro69GT4UyLaPB0rk1%2BUMft04KQhZuI%2Frkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6996b1ad1ce35c98-FRA
expires: Tue, 05 Oct 2021 14:21:16 GMT

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/ 5 KB
3 KB 52ms
22ms Script
application/javascript 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
Requested by: Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b219e4cd8f8f9216f159285019be30d6bfe475d92ca30b3561551aaa2174751d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 12:36:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23566
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 27 Jul 2021 04:19:04 GMT
server: cloudflare
etag: W/"60ff8938-12be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dST%2Fa68ZJkk0iFy6JMSM0iMXdve6o8xqZXE7O2MDlwF5cXLGirG5DSoPNMZmtIBw16oB4YIRn7AtodOSm6LHpfI8z4slQbduz%2FUSQpycUv3Zu0wxNmLRYMyFuv1kiMG1yxHqE8jgYM4dqTcTo30%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6996b1ad1ce95c98-FRA
expires: Tue, 05 Oct 2021 18:03:24 GMT

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/ 21 KB
8 KB 59ms
29ms Script
application/javascript 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
Requested by: Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e290dc4993b9ae7d34440db26be412b4bc4547a48ff635750d400164665d7fa6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 12:36:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21066
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 16 Apr 2021 01:43:03 GMT
server: cloudflare
etag: W/"6078eba7-52f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKyJkrg%2Flfp%2B9ybqAvobrFO5vTh3fAWm%2B7BN%2FtSyl4VYJzxJRk9DYsdL4lof7kBhHmIdALDVFM8rJ2RnonVbXl8TG6qpglIUUsEkRLva9M4mxfso2V64xfQ%2FXdVKjLR3lV0ac6eCxx6Bck28cNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6996b1ad1ced5c98-FRA
expires: Tue, 05 Oct 2021 18:45:04 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/ 158 KB
25 KB 55ms
26ms Stylesheet
text/css 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
Requested by: Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d7a9043f4bed303fe2974ac4e3ba10d6b214e70f7ae549786ba2d347de05f81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 12:36:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36894
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 14 Apr 2021 02:50:45 GMT
server: cloudflare
etag: W/"60765885-27687"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5m3pVt5NJRbbqVvq9toyiFtUDu6tILW%2BItT0I%2FCNWARK2Uw2lYe%2FPa7OGyxiblCQ9cr6n9YTr5eSdYzyx80iKJYErwwVCGV67aDB6LBBQQ5HIl7Oe0%2F2J%2FL%2FNTB22Gaqqf62t7PwZYR5rMQEuUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 6996b1ad1cde5c98-FRA
expires: Tue, 05 Oct 2021 14:21:16 GMT

GET
H/1.1 200
OK sur.css
uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/static/ 14 KB
4 KB 49ms
49ms Stylesheet
text/css 2606:4700:3037::ac43:94c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/static/sur.css
Requested by: Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:94c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17c692cd404ceaf6a7481223ba03c8724c5873dc8de72212523ffc3f9a83c240

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uctvxyyhzan8epd.bar
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 12:36:10 GMT
content-encoding: gzip
CF-Cache-Status: MISS
last-modified: Sun, 03 Oct 2021 09:11:32 GMT
Server: cloudflare
etag: W/"615973c4-3985"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBfpRj8wc%2FnfNwWPoTQAWW1qoGwWUCjtgQkQzYJp5WFurxMedQeuZEH4wdIX92BO94lrZ7nABYkJGubmLIi25o6aHaUEzuwnz8go2Y9mz%2BHW4QpjnA9wvbdTIOZGzbwiGSXhZQ9%2FXxKUjV0m50NyP4JE"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
cache-control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6996b1ace94ac26d-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Wed, 06 Oct 2021 00:36:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 161 KB
60 KB 50ms
26ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S601SGFJW8

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e948617effd12fee3c86ee175575cd896d9072d32e1cd65bb4e96e81071ae986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 12:36:10 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61007
x-xss-protection: 0
expires: Tue, 05 Oct 2021 12:36:10 GMT

GET
H2 200 heada.jpg
1.bp.blogspot.com/-scdR4Ohx-kQ/YVlw7LazWLI/AAAAAAAAHeI/1MTK1Xfinh0B8jl0Rv0dO2hyhkp-A-5cQCLcBGAsYHQ/s16000/ 7 KB
8 KB 35ms
8ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-scdR4Ohx-kQ/YVlw7LazWLI/AAAAAAAAHeI/1MTK1Xfinh0B8jl0Rv0dO2hyhkp-A-5cQCLcBGAsYHQ/s16000/heada.jpg

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

54b05d89154d8b99ea0d701da0e94ff8a2c39901e0bb8ef11b6ea348c92d5848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 10:52:31 GMT
x-content-type-options: nosniff
age: 6219
content-disposition: inline;filename="heada.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7374
x-xss-protection: 0
server: fife
etag: "v1de7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 04 Oct 2021 13:29:57 GMT

GET
H2 200 headc.jpg
1.bp.blogspot.com/-wl4pBbioPNg/YVlw7H8QmCI/AAAAAAAAHeM/XUxDSmUl0eMSIKq6COFTcalNZTzxxv2fACLcBGAsYHQ/s16000/ 3 KB
3 KB 36ms
9ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-wl4pBbioPNg/YVlw7H8QmCI/AAAAAAAAHeM/XUxDSmUl0eMSIKq6COFTcalNZTzxxv2fACLcBGAsYHQ/s16000/headc.jpg

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d477026493ddcc650ba4396e8870a2ed1a99f0576b5c760d6ab63ed499fcb8db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 10:52:31 GMT
x-content-type-options: nosniff
age: 6219
content-disposition: inline;filename="headc.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3174
x-xss-protection: 0
server: fife
etag: "v1de8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 04 Oct 2021 13:29:57 GMT

GET
H2 200 Germany_outbox.png
1.bp.blogspot.com/-mhFwYo28B2Q/YKppmIsu7ZI/AAAAAAAABgQ/c7DWa0Yxwm49LJDcNEkzDr503wyn4hLtACLcBGAsYHQ/s16000/ 44 KB
44 KB 36ms
10ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-mhFwYo28B2Q/YKppmIsu7ZI/AAAAAAAABgQ/c7DWa0Yxwm49LJDcNEkzDr503wyn4hLtACLcBGAsYHQ/s16000/Germany_outbox.png

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b7f1ddc36af29778df73a309d2861822456de3eb416e6921a5c44e68435a42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 10:57:11 GMT
x-content-type-options: nosniff
age: 5939
content-disposition: inline;filename="Germany_outbox.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44729
x-xss-protection: 0
server: fife
etag: "v605"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 28 Sep 2021 18:44:07 GMT

GET
H2 200 box1.png
1.bp.blogspot.com/-pKcRUiggM8s/YVHYR1C6HNI/AAAAAAAAGwU/Gmem66_hUi8f_mds3RIr0XJklPHkxeYlQCLcBGAsYHQ/s16000/ 24 KB
24 KB 41ms
15ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-pKcRUiggM8s/YVHYR1C6HNI/AAAAAAAAGwU/Gmem66_hUi8f_mds3RIr0XJklPHkxeYlQCLcBGAsYHQ/s16000/box1.png

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9e7f5ad606cc04a7af4423f895ef1730b7e3a9ed30ff23fbee05864757dbed63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 09:17:11 GMT
x-content-type-options: nosniff
age: 11939
content-disposition: inline;filename="box1.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24453
x-xss-protection: 0
server: fife
etag: "v1b0d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 28 Sep 2021 15:28:31 GMT

GET
H2 200 box2.png
1.bp.blogspot.com/-2X87HwGbjlY/YVHYR79jdMI/AAAAAAAAGwM/vh5cXrLFxbciUFz5oCWE4GCJ2siXq_iFgCLcBGAsYHQ/s16000/ 7 KB
7 KB 46ms
20ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-2X87HwGbjlY/YVHYR79jdMI/AAAAAAAAGwM/vh5cXrLFxbciUFz5oCWE4GCJ2siXq_iFgCLcBGAsYHQ/s16000/box2.png

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e9bde28dafe3b54cb3a018f567496dede8ad27a63330ce205ec67f2ad821f9de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 09:17:11 GMT
x-content-type-options: nosniff
age: 11939
content-disposition: inline;filename="box2.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6781
x-xss-protection: 0
server: fife
etag: "v1b0c"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 28 Sep 2021 15:28:31 GMT

GET
H2 200 Germany_inbox.png
1.bp.blogspot.com/-rJwuzcnw3VI/YKppmA0KHEI/AAAAAAAABgM/g534cHj8oxsuYau_w-e69RyO0APgsmLlwCLcBGAsYHQ/s16000/ 14 KB
14 KB 45ms
19ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-rJwuzcnw3VI/YKppmA0KHEI/AAAAAAAABgM/g534cHj8oxsuYau_w-e69RyO0APgsmLlwCLcBGAsYHQ/s16000/Germany_inbox.png

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

32bc695a4583118b2adca0fe87d1f4844905692f48f5f2a0eece23f205536e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 09:11:08 GMT
x-content-type-options: nosniff
age: 12302
content-disposition: inline;filename="Germany_inbox.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14208
x-xss-protection: 0
server: fife
etag: "v605"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 03 Oct 2021 09:00:07 GMT

GET
H2 200 box3.png
1.bp.blogspot.com/-i5E2F8UZusY/YVHYS7CtPXI/AAAAAAAAGwY/Nhkv6B-UIHwjbaTnryjEmXOGuvl50j5twCLcBGAsYHQ/s16000/ 27 KB
27 KB 17ms
15ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-i5E2F8UZusY/YVHYS7CtPXI/AAAAAAAAGwY/Nhkv6B-UIHwjbaTnryjEmXOGuvl50j5twCLcBGAsYHQ/s16000/box3.png

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1c0618fe0f6ff0e247f5b2b51e4fdf732ff6ac668acbd055385b38e34ba9c582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 10:41:18 GMT
x-content-type-options: nosniff
age: 6892
content-disposition: inline;filename="box3.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27784
x-xss-protection: 0
server: fife
etag: "v1b0e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 29 Sep 2021 16:20:52 GMT

GET
H/1.1 200
OK responsive.js Show response
benfly.net/js/ 3 KB
3 KB 97ms
71ms Script
application/javascript 185.66.201.59
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://benfly.net/js/responsive.js
Requested by: Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
Protocol: HTTP/1.1
Server: 185.66.201.59 Komárno, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.59.skhosting.eu
Software: nginx /
Resource Hash: 33c4330fe9075c0ad2a22971e7a9059642ef1e84b6e3fda9833fb7d0a6ef2cb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 12:36:10 GMT
Last-Modified: Mon, 02 Sep 2019 11:31:44 GMT
Server: nginx
ETag: "5d6cfda0-a8f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2703

GET
H2 200 bnr.php Show response
uprimp.com/ 372 B
626 B 136ms
46ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
Requested by: Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Komárno, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 567d48027fe3eb83a0a26c5828f5865a4c1f1539a19c97564dc7f71471591346

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 12:36:10 GMT
last-modified: Tue, 05 Oct 2021 12:36:10 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Tue, 05 Oct 2021 12:36:10 GMT

GET
H2 200 144025101_240422051059131_6933435057865504424_n.jpg
1.bp.blogspot.com/-st_6mu4Bv6w/YU5QJgY2ZVI/AAAAAAAAGTg/tnTNtDUi7fUo6bSPmFujPJraLiJB5rCzQCLcBGAsYHQ/s16000/ 52 KB
52 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-st_6mu4Bv6w/YU5QJgY2ZVI/AAAAAAAAGTg/tnTNtDUi7fUo6bSPmFujPJraLiJB5rCzQCLcBGAsYHQ/s16000/144025101_240422051059131_6933435057865504424_n.jpg

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ead0412e88880594a3f439a782dcc92deea789229bc48439ae0d60d2942e69ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 11:13:53 GMT
x-content-type-options: nosniff
age: 4937
content-disposition: inline;filename="144025101_240422051059131_6933435057865504424_n.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53510
x-xss-protection: 0
server: fife
etag: "v193a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 03 Oct 2021 11:05:45 GMT

GET
H2 200 %25E6%259C%25AA%25E6%25A0%2587%25E9%25A2%2598-54.jpg
1.bp.blogspot.com/-EtHcsDrTP7c/YU5QJmnqrNI/AAAAAAAAGTk/p8tVSfVBtK4Bvf1-SkFvQLB2fMuYb3VMQCLcBGAsYHQ/s16000/ 13 KB
13 KB 21ms
19ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-EtHcsDrTP7c/YU5QJmnqrNI/AAAAAAAAGTk/p8tVSfVBtK4Bvf1-SkFvQLB2fMuYb3VMQCLcBGAsYHQ/s16000/%25E6%259C%25AA%25E6%25A0%2587%25E9%25A2%2598-54.jpg

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1e35ba2879c851c474abba458e8c85f5df3fcc8ba4f22edf3c3f7e8175713b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 11:13:54 GMT
x-content-type-options: nosniff
age: 4936
content-disposition: inline;filename="___-54.jpg";filename*=UTF-8''%E6%9C%AA%E6%A0%87%E9%A2%98-54.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12806
x-xss-protection: 0
server: fife
etag: "v193b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 03 Oct 2021 11:05:45 GMT

GET
H2 200 157925570_133306992030166_7501703254048777350_n.jpg
1.bp.blogspot.com/-pv4tuM7MnBY/YSCKWJ--ufI/AAAAAAAADTo/Ru4bUnid5KEZ3KdQNOW8wsbqrRO6SdWPgCLcBGAsYHQ/s16000/ 95 KB
95 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-pv4tuM7MnBY/YSCKWJ--ufI/AAAAAAAADTo/Ru4bUnid5KEZ3KdQNOW8wsbqrRO6SdWPgCLcBGAsYHQ/s16000/157925570_133306992030166_7501703254048777350_n.jpg

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ee8b5d151c98794ae76566762fc4e1bdc54b4fc22579dcdad9d6ffe301c5fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 10:41:42 GMT
x-content-type-options: nosniff
age: 6868
content-disposition: inline;filename="157925570_133306992030166_7501703254048777350_n.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96909
x-xss-protection: 0
server: fife
etag: "vd41"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 04 Oct 2021 10:38:31 GMT

GET
H2 200 %25E6%259C%25AA%25E6%25A0%2587%25E9%25A2%2598-21.jpg
1.bp.blogspot.com/-uYGMA4lSNQQ/YS-uP91DdBI/AAAAAAAAEUA/7MtEVPR8pnsHcaikfpq3JMfqDFa_G-ysACLcBGAsYHQ/s16000/ 13 KB
13 KB 29ms
28ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-uYGMA4lSNQQ/YS-uP91DdBI/AAAAAAAAEUA/7MtEVPR8pnsHcaikfpq3JMfqDFa_G-ysACLcBGAsYHQ/s16000/%25E6%259C%25AA%25E6%25A0%2587%25E9%25A2%2598-21.jpg

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

22bbb123e33577510c89f8fd3eedc60b849e94d27f866735515031384bb03fce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:43:10 GMT
x-content-type-options: nosniff
age: 13980
content-disposition: inline;filename="___-21.jpg";filename*=UTF-8''%E6%9C%AA%E6%A0%87%E9%A2%98-21.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13360
x-xss-protection: 0
server: fife
etag: "v1141"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 03 Sep 2021 04:50:21 GMT

GET
H2 200 %25E6%259C%25AA%25E6%25A0%2587%25E9%25A2%2598-6.jpg
1.bp.blogspot.com/-py8ukXSFhkQ/YS-uyyKX_vI/AAAAAAAAEUM/ZNEsiqPQLcEz1Mn8YbZLOJMCiBmc90rjACLcBGAsYHQ/s16000/ 12 KB
12 KB 32ms
30ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-py8ukXSFhkQ/YS-uyyKX_vI/AAAAAAAAEUM/ZNEsiqPQLcEz1Mn8YbZLOJMCiBmc90rjACLcBGAsYHQ/s16000/%25E6%259C%25AA%25E6%25A0%2587%25E9%25A2%2598-6.jpg

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a43c142a8742dc4e53a686c1d119b2fd15d1a4a7c3479a2c24549b57f5e82923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 10:35:37 GMT
x-content-type-options: nosniff
age: 7233
content-disposition: inline;filename="___-6.jpg";filename*=UTF-8''%E6%9C%AA%E6%A0%87%E9%A2%98-6.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12500
x-xss-protection: 0
server: fife
etag: "v1145"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 03 Sep 2021 04:50:21 GMT

GET
H2 200 %25E6%259C%25AA%25E6%25A0%2587%25E9%25A2%2598-35.jpg
1.bp.blogspot.com/-3GW7OoND79k/YS_R07VmieI/AAAAAAAAEV4/L9sZqO2vPm4xlW0ds1OwiVjy82Su-nTuACLcBGAsYHQ/s16000/ 13 KB
13 KB 31ms
29ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-3GW7OoND79k/YS_R07VmieI/AAAAAAAAEV4/L9sZqO2vPm4xlW0ds1OwiVjy82Su-nTuACLcBGAsYHQ/s16000/%25E6%259C%25AA%25E6%25A0%2587%25E9%25A2%2598-35.jpg

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

757c8f69b01b0f11e34537958416f365546307820afc6f07cd54e320f8371d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 10:35:37 GMT
x-content-type-options: nosniff
age: 7233
content-disposition: inline;filename="___-35.jpg";filename*=UTF-8''%E6%9C%AA%E6%A0%87%E9%A2%98-35.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
server: fife
etag: "v1160"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 06:58:18 GMT

GET
H2 200 73145902_2471275462968172_8186584815844196352_n.jpg
1.bp.blogspot.com/-YZg5N4z01FI/YS_R9ZeLYyI/AAAAAAAAEV8/LIV5h9lkrLwKTQ2abiBr1XxMNjxGybzPwCLcBGAsYHQ/s16000/ 283 KB
284 KB 37ms
36ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-YZg5N4z01FI/YS_R9ZeLYyI/AAAAAAAAEV8/LIV5h9lkrLwKTQ2abiBr1XxMNjxGybzPwCLcBGAsYHQ/s16000/73145902_2471275462968172_8186584815844196352_n.jpg

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3246b908724cc3d632f26006e22842dab596bdaeb5b2e43b9fd684ed028d79df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 10:35:37 GMT
x-content-type-options: nosniff
age: 7233
content-disposition: inline;filename="73145902_2471275462968172_8186584815844196352_n.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290194
x-xss-protection: 0
server: fife
etag: "v1161"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Sep 2021 04:36:08 GMT

GET
H2 200 %25E6%259C%25AA%25E6%25A0%2587%25E9%25A2%2598-37.jpg
1.bp.blogspot.com/-L-WTWcevHOo/YS-vEiue0UI/AAAAAAAAEUY/OnO1ZGd1cT0Z3JwAP4drXSdVpKBIkWhJgCLcBGAsYHQ/s16000/ 15 KB
15 KB 28ms
26ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-L-WTWcevHOo/YS-vEiue0UI/AAAAAAAAEUY/OnO1ZGd1cT0Z3JwAP4drXSdVpKBIkWhJgCLcBGAsYHQ/s16000/%25E6%259C%25AA%25E6%25A0%2587%25E9%25A2%2598-37.jpg

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

56cb4d8b5c4235fc82e55fb81a36f2ff43994d671182c507443dfa762862aee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 10:35:37 GMT
x-content-type-options: nosniff
age: 7233
content-disposition: inline;filename="___-37.jpg";filename*=UTF-8''%E6%9C%AA%E6%A0%87%E9%A2%98-37.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14877
x-xss-protection: 0
server: fife
etag: "v1147"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Sep 2021 04:36:08 GMT

GET
H2 200 1.jpg
1.bp.blogspot.com/-A9gGeBaBT1k/YFmmMrDxvOI/AAAAAAAAAO0/ZcHE42CBSowoemyMNsFglLyGhZIu6k9VQCLcBGAsYHQ/s0/ 3 KB
3 KB 33ms
31ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-A9gGeBaBT1k/YFmmMrDxvOI/AAAAAAAAAO0/ZcHE42CBSowoemyMNsFglLyGhZIu6k9VQCLcBGAsYHQ/s0/1.jpg

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

73be4e3bf11051d3a78c0e5cadaa1736e64f3432a471665c8d05cf2b7fdbc4e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 09:47:32 GMT
x-content-type-options: nosniff
age: 10118
content-disposition: inline;filename="1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3123
x-xss-protection: 0
server: fife
etag: "vf4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 17:33:01 GMT

GET
H2 200 95780600_10219162238700613_1893331732808073216_n.jpg
1.bp.blogspot.com/-fkTPTdm8jCg/YS_SQHRP5OI/AAAAAAAAEWI/kj3WQn3xHFcpNRvNI-DzBxJyChsiaB-GQCLcBGAsYHQ/s16000/ 102 KB
102 KB 24ms
22ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-fkTPTdm8jCg/YS_SQHRP5OI/AAAAAAAAEWI/kj3WQn3xHFcpNRvNI-DzBxJyChsiaB-GQCLcBGAsYHQ/s16000/95780600_10219162238700613_1893331732808073216_n.jpg

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

edbc9620cec592b5cc3cbedfcd476592d3f21e90756ffdf972e3ce5a3c867f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 10:35:37 GMT
x-content-type-options: nosniff
age: 7233
content-disposition: inline;filename="95780600_10219162238700613_1893331732808073216_n.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104483
x-xss-protection: 0
server: fife
etag: "v1163"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 17 Sep 2021 11:26:36 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
371 B 54ms
15ms Ping
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S601SGFJW8&gtm=2oe9r0&_p=1818685820&sr=1600x1200&ul=en-us&cid=472270463.1633437371&_s=1&dl=http%3A%2F%2Fuctvxyyhzan8epd.bar%2FKxAorHWi%2FKhartoum-wa%2F%3F_t%3D1633437370gil&dr=http%3A%2F%2Fcupboardseed.top%2F&dt=%F0%9F%8E%89110-j%C3%A4hriges%20Jubil%C3%A4um%20der%20Bank%20of%20Khartoum!%F0%9F%8E%8A&sid=1633437370&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S601SGFJW8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://uctvxyyhzan8epd.bar/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 12:36:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://uctvxyyhzan8epd.bar
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 a
www.googletagmanager.com/ 0
128 B 32ms
30ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-S601SGFJW8&cv=1&v=3&t=t&pid=1843392360&rv=9r0&es=1&e=gtm.init_consent&eid=1&ut=C&tc=16&z=0

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 12:36:10 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 a
www.googletagmanager.com/ 0
54 B 32ms
31ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-S601SGFJW8&cv=1&v=3&t=t&pid=1843392360&rv=9r0&es=1&e=gtm.init&eid=2&ut=C&tc=16&tr=1setproductsettings.1ogteventsettings.1ogtgooglesignals&ti=2setproductsettings.2ogteventsettings.2ogtgooglesignals&z=0

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 12:36:10 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 a
www.googletagmanager.com/ 0
45 B 33ms
32ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-S601SGFJW8&cv=1&v=3&t=t&pid=1843392360&rv=9r0&es=1&e=gtm.js&eid=3&ut=C&tc=16&tr=1gct.1lcl.1lcl.1ehl&epr=1G.2G&ti=1gct.1lcl.1lcl.1ehl&z=0

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 12:36:10 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 a
www.googletagmanager.com/ 0
54 B 33ms
32ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-S601SGFJW8&cv=1&v=3&t=t&pid=1843392360&rv=9r0&e=gtm.init&eid=2&ut=C&tc=16&tr=5setproductsettings.5ogteventsettings.5ogtgooglesignals&ti=2setproductsettings.2ogteventsettings.2ogtgooglesignals&z=0

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 12:36:10 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bnr_xload.php Show response
uprimp.com/ Frame 1B02 0
255 B 41ms
39ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=163343737097135&xtt=33448
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Komárno, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: uprimp.com
:scheme: https
:path: /bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=163343737097135&xtt=33448
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://uctvxyyhzan8epd.bar/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/

Response headers

server: nginx
date: Tue, 05 Oct 2021 12:36:10 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 05 Oct 2021 12:36:10 GMT
last-modified: Tue, 05 Oct 2021 12:36:10 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H/1.1 200
OK yuming.js Show response
uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/ 279 B
964 B 49ms
48ms XHR
application/javascript 2606:4700:3037::ac43:94c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/yuming.js?1633437370599&_=1633437370453
Requested by: Host: cdn.jsdelivr.cc
URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:94c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9be19f597ff7fae6f2d86fc23f6c0381ad08c6c11169a57a4ceb958af04124bb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uctvxyyhzan8epd.bar
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Cookie: _ga_S601SGFJW8=GS1.1.1633437370.1.0.1633437370.0; _ga=GA1.1.472270463.1633437371
Connection: keep-alive
Referer: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 12:36:10 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Sun, 03 Oct 2021 09:11:32 GMT
Server: cloudflare
etag: W/"615973c4-117"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18EQvskgDzSVfv1ghSNYAnuwGE%2BdNqZSOigSaZoptX2RpnMmv64kTegF8J41V0X0YtceLkuTiyZtrx5%2B%2F6c4EO2kgo2Wy7e%2FYXlgIRMWRleZU18LF5FwvDjXJBqBssc2NQle6aITy%2BNMpgbDcLeRxMOS"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6996b1ae4af1c26d-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Wed, 06 Oct 2021 00:36:10 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 42 KB
15 KB 1428ms
328ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?bbb5031b3fc978f413afd121951840e6

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

8edba5fb2cd40c9f16f9eb31a3711d05408e83d2e690abe2a950d3645bb1cc85

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 12:36:11 GMT
Content-Encoding: gzip
Server: apache
Etag: f333df63b9f97c10ac09ac22e8521937
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 15043

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 42 KB
15 KB 1582ms
482ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?362571d334dfe4bbda42380c64db58ac

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

72955bf61f0362b5125cd7ba4497708c8dddf00587dd71336ce9081f67247e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 12:36:11 GMT
Content-Encoding: gzip
Server: apache
Etag: 1af62c0804fdfdf3482747145651e8c7
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 15032

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 42 KB
15 KB 1595ms
496ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?bbb3e86814c9ceef66d180a6c15fa17d

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

7d0668c9f064b1df0272ef97e7b0408308db1e919eca9803e6045064b1276fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 12:36:11 GMT
Content-Encoding: gzip
Server: apache
Etag: 3ae656ad26e132141c3479df54dd8411
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 15040

GET
H2 204 a
www.googletagmanager.com/ 0
54 B 22ms
22ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-S601SGFJW8&cv=1&v=3&t=t&pid=1843392360&rv=9r0&e=gtm.js&eid=3&ut=C&tc=16&tr=5gct.5lcl.5lcl.5ehl&ti=1gct.1lcl.1lcl.1ehl&z=0

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 12:36:10 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tb55.php Show response
uctvxyyhzan8epd.bar/KxAorHWi/j/ 210 B
824 B 30ms
30ms XHR
text/html 2606:4700:3037::ac43:94c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://uctvxyyhzan8epd.bar/KxAorHWi/j/tb55.php?c=Khartoum-wa&np=Advertisement&_=1633437370454
Requested by: Host: cdn.jsdelivr.cc
URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:94c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91fc494492942a2fa132ebea192a6688241facafc4f130049aed4a7c22d0ac9e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uctvxyyhzan8epd.bar
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Cookie: _ga_S601SGFJW8=GS1.1.1633437370.1.0.1633437370.0; _ga=GA1.1.472270463.1633437371
Connection: keep-alive
Referer: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 12:36:10 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20QjnGVOkfQ6toK3y11qSAmepd5yYO0QLTdFxv809bOL43GF2pILiY%2BGb6E9UvcJrfWG1nk4dR9NHmdwFmVI%2FKATKPILYvo09P5NfIKwhWdQLs4Oou1JoG2BLmHYE2kmSnkwZ%2FVnGKXDz0GxBmqgaukc"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6996b1ae9b64c26d-FRA

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 329ms
329ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1464266358&si=bbb5031b3fc978f413afd121951840e6&su=http%3A%2F%2Fcupboardseed.top%2F&v=1.2.85&lv=1&sn=43032&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fuctvxyyhzan8epd.bar%2FKxAorHWi%2FKhartoum-wa%2F%3F_t%3D1633437370gil%231633437371107&tt=%F0%9F%8E%89110-j%C3%A4hriges%20Jubil%C3%A4um%20der%20Bank%20of%20Khartoum!%F0%9F%8E%8A

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 12:36:12 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 204 a
www.googletagmanager.com/ 0
54 B 16ms
15ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-S601SGFJW8&cv=1&v=3&t=t&pid=1843392360&rv=9r0&es=1&e=gtm.historyChange-v2&eid=6&u=C&ut=C&tc=16&z=0

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 12:36:12 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 327ms
327ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1825571225&si=362571d334dfe4bbda42380c64db58ac&su=http%3A%2F%2Fcupboardseed.top%2F&v=1.2.85&lv=1&sn=43033&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fuctvxyyhzan8epd.bar%2FKxAorHWi%2FKhartoum-wa%2F%3F_t%3D1633437370gil%231633437371107&tt=%F0%9F%8E%89110-j%C3%A4hriges%20Jubil%C3%A4um%20der%20Bank%20of%20Khartoum!%F0%9F%8E%8A

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 12:36:12 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 334ms
334ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=684153483&si=bbb3e86814c9ceef66d180a6c15fa17d&su=http%3A%2F%2Fcupboardseed.top%2F&v=1.2.85&lv=1&sn=43033&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fuctvxyyhzan8epd.bar%2FKxAorHWi%2FKhartoum-wa%2F%3F_t%3D1633437370gil%231633437371107&tt=%F0%9F%8E%89110-j%C3%A4hriges%20Jubil%C3%A4um%20der%20Bank%20of%20Khartoum!%F0%9F%8E%8A

Requested by

Host: uctvxyyhzan8epd.bar
URL: http://uctvxyyhzan8epd.bar/KxAorHWi/Khartoum-wa/?_t=1633437370gil

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Oct 2021 12:36:12 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK Cookie set / Show response
benfly.net//4fe48aebd6/4f59451604/ Frame 8069 25 KB
5 KB 69ms
69ms Document
text/html 185.66.201.59
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://benfly.net//4fe48aebd6/4f59451604/?placementName=default&randomA=0_7506&maxw=0
Requested by: Host: benfly.net
URL: http://benfly.net/js/responsive.js
Protocol: HTTP/1.1
Server: 185.66.201.59 Komárno, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.59.skhosting.eu
Software: nginx /
Resource Hash: d4587e3a24c739e3e9d415363d979f45e4e8efdd6ad5ee22ab74adef9637302d

Request headers

Host: benfly.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/

Response headers

Server: nginx
Date: Tue, 05 Oct 2021 12:36:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: shown1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None used_ad2548304=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None total_impressions=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; secure; SameSite=None
Expires: Sun, 01 Jan 2014 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
X-Robots-Tag: noindex,nofollow
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H2 204 a
www.googletagmanager.com/ 0
54 B 15ms
15ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-S601SGFJW8&cv=1&v=3&t=t&pid=1843392360&rv=9r0&es=1&e=gtm.load&eid=7&u=C&ut=C&tc=16&tr=1sdl.5sdl&ti=1sdl.1sdl&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://uctvxyyhzan8epd.bar/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 12:36:13 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uctvxyyhzan8epd.bar/	1970-01-20 15:15:09	Name: _ga_S601SGFJW8 Value: GS1.1.1633437370.1.0.1633437370.0
.uctvxyyhzan8epd.bar/	1970-01-20 15:15:09	Name: _ga Value: GA1.1.472270463.1633437371
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 5B3F1D96FA3D4B09
.uctvxyyhzan8epd.bar/	1970-01-20 06:29:33	Name: Hm_lvt_bbb5031b3fc978f413afd121951840e6 Value: 1633437372
.uctvxyyhzan8epd.bar/	1969-12-31 23:59:59	Name: Hm_lpvt_bbb5031b3fc978f413afd121951840e6 Value: 1633437372
.uctvxyyhzan8epd.bar/	1970-01-20 06:29:33	Name: Hm_lvt_362571d334dfe4bbda42380c64db58ac Value: 1633437373
.uctvxyyhzan8epd.bar/	1969-12-31 23:59:59	Name: Hm_lpvt_362571d334dfe4bbda42380c64db58ac Value: 1633437373
.uctvxyyhzan8epd.bar/	1970-01-20 06:29:33	Name: Hm_lvt_bbb3e86814c9ceef66d180a6c15fa17d Value: 1633437373
.uctvxyyhzan8epd.bar/	1969-12-31 23:59:59	Name: Hm_lpvt_bbb3e86814c9ceef66d180a6c15fa17d Value: 1633437373

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
benfly.net
cdn.jsdelivr.cc
cupboardseed.top
hm.baidu.com
uctvxyyhzan8epd.bar
uprimp.com
www.google-analytics.com
www.googletagmanager.com
103.235.46.191
185.66.200.220
185.66.201.59
2606:4700:3030::6815:d63
2606:4700:3037::ac43:9161
2606:4700:3037::ac43:94c6
2a00:1450:4001:803::200e
2a00:1450:4001:812::2008
2a00:1450:4001:82f::2001
0b7274b0b5b7f411de46416a6c9941062f7a57aaf919fdeda367b5959f4ce8ef
17c692cd404ceaf6a7481223ba03c8724c5873dc8de72212523ffc3f9a83c240
1c0618fe0f6ff0e247f5b2b51e4fdf732ff6ac668acbd055385b38e34ba9c582
1e35ba2879c851c474abba458e8c85f5df3fcc8ba4f22edf3c3f7e8175713b03
22bbb123e33577510c89f8fd3eedc60b849e94d27f866735515031384bb03fce
3246b908724cc3d632f26006e22842dab596bdaeb5b2e43b9fd684ed028d79df
32bc695a4583118b2adca0fe87d1f4844905692f48f5f2a0eece23f205536e60
33c4330fe9075c0ad2a22971e7a9059642ef1e84b6e3fda9833fb7d0a6ef2cb8
43de71aaacabf6d792e522d1afd8026b5d98edf07f2406d4ca84363f524930ae
54b05d89154d8b99ea0d701da0e94ff8a2c39901e0bb8ef11b6ea348c92d5848
567d48027fe3eb83a0a26c5828f5865a4c1f1539a19c97564dc7f71471591346
56cb4d8b5c4235fc82e55fb81a36f2ff43994d671182c507443dfa762862aee3
72955bf61f0362b5125cd7ba4497708c8dddf00587dd71336ce9081f67247e7d
73be4e3bf11051d3a78c0e5cadaa1736e64f3432a471665c8d05cf2b7fdbc4e4
757c8f69b01b0f11e34537958416f365546307820afc6f07cd54e320f8371d13
7d0668c9f064b1df0272ef97e7b0408308db1e919eca9803e6045064b1276fba
7d7a9043f4bed303fe2974ac4e3ba10d6b214e70f7ae549786ba2d347de05f81
8edba5fb2cd40c9f16f9eb31a3711d05408e83d2e690abe2a950d3645bb1cc85
8ee8b5d151c98794ae76566762fc4e1bdc54b4fc22579dcdad9d6ffe301c5fb9
91fc494492942a2fa132ebea192a6688241facafc4f130049aed4a7c22d0ac9e
9b7f1ddc36af29778df73a309d2861822456de3eb416e6921a5c44e68435a42f
9be19f597ff7fae6f2d86fc23f6c0381ad08c6c11169a57a4ceb958af04124bb
9e7f5ad606cc04a7af4423f895ef1730b7e3a9ed30ff23fbee05864757dbed63
a43c142a8742dc4e53a686c1d119b2fd15d1a4a7c3479a2c24549b57f5e82923
a4555d8dee9f8adc976e84a97dfe87e6bf5794b579f49bb56f133fed85f7d709
b219e4cd8f8f9216f159285019be30d6bfe475d92ca30b3561551aaa2174751d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4587e3a24c739e3e9d415363d979f45e4e8efdd6ad5ee22ab74adef9637302d
d477026493ddcc650ba4396e8870a2ed1a99f0576b5c760d6ab63ed499fcb8db
e290dc4993b9ae7d34440db26be412b4bc4547a48ff635750d400164665d7fa6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e948617effd12fee3c86ee175575cd896d9072d32e1cd65bb4e96e81071ae986
e9bde28dafe3b54cb3a018f567496dede8ad27a63330ce205ec67f2ad821f9de
ead0412e88880594a3f439a782dcc92deea789229bc48439ae0d60d2942e69ed
edbc9620cec592b5cc3cbedfcd476592d3f21e90756ffdf972e3ce5a3c867f01
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

uctvxyyhzan8epd.bar Open in urlscan Pro 2606:4700:3037::ac43:94c6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

85 %HTTPS

67 %IPv6

9 Domains

9 Subdomains

9 IPs

4 Countries

971 kBTransfer

1546 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

uctvxyyhzan8epd.bar Open in urlscan Pro
2606:4700:3037::ac43:94c6 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

85 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

971 kB
Transfer

1546 kB
Size

9
Cookies

47 HTTP transactions
0 data transactions