www78.davisonbarker.pro Open in urlscan Pro
172.67.186.48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fm...
Effective URL:
https://www78.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=23937649&pci=6613063615&t=1661702903&dest...
Submission: On August 28 via manual (August 28th 2022, 4:11:16 pm UTC) from TW — Scanned from DE

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 39 HTTP transactions. The main IP is 172.67.186.48, located in United States and belongs to CLOUDFLARENET, US. The main domain is www78.davisonbarker.pro.
TLS certificate: Issued by E1 on July 20th 2022. Valid for: 3 months.

This is the only time www78.davisonbarker.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 11	172.67.186.48 172.67.186.48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.222.250.181 52.222.250.181	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:303... 2606:4700:3030::6815:2dcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	18.66.139.67 18.66.139.67	16509 (AMAZON-02) (AMAZON-02)
8	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	107.22.28.167 107.22.28.167	14618 (AMAZON-AES) (AMAZON-AES)
2	99.86.4.42 99.86.4.42	16509 (AMAZON-02) (AMAZON-02)
39	8

11 172.67.186.48 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www13.davisonbarker.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www55.davisonbarker.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www11.davisonbarker.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www73.davisonbarker.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www78.davisonbarker.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.250.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-181.fra60.r.cloudfront.net

dc5k8fg5ioc8s.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::6815:2dcf (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.139.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-67.fra60.r.cloudfront.net

pectthatmye.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

atebilaterde.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.22.28.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-28-167.compute-1.amazonaws.com

ndandinter.hair	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-42.fra6.r.cloudfront.net

ablesasmetotr.monster	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	davisonbarker.pro 2 redirects www13.davisonbarker.pro www55.davisonbarker.pro www11.davisonbarker.pro www73.davisonbarker.pro www78.davisonbarker.pro	109 KB
8	atebilaterde.one atebilaterde.one	4 KB
6	pectthatmye.shop pectthatmye.shop	7 KB
4	ndandinter.hair ndandinter.hair — Cisco Umbrella Rank: 111078	73 B
4	freychang.fun freychang.fun — Cisco Umbrella Rank: 27142	202 KB
4	cloudfront.net dc5k8fg5ioc8s.cloudfront.net	99 KB
2	ablesasmetotr.monster ablesasmetotr.monster — Cisco Umbrella Rank: 220633	988 B
39	7

	Domain	Requested by
8	atebilaterde.one	www13.davisonbarker.pro dc5k8fg5ioc8s.cloudfront.net www11.davisonbarker.pro
6	pectthatmye.shop	dc5k8fg5ioc8s.cloudfront.net
4	www11.davisonbarker.pro	1 redirects www11.davisonbarker.pro
4	ndandinter.hair	www13.davisonbarker.pro www11.davisonbarker.pro
4	freychang.fun	dc5k8fg5ioc8s.cloudfront.net
4	dc5k8fg5ioc8s.cloudfront.net	www13.davisonbarker.pro pectthatmye.shop www11.davisonbarker.pro www78.davisonbarker.pro
4	www13.davisonbarker.pro	1 redirects www13.davisonbarker.pro
2	ablesasmetotr.monster	www13.davisonbarker.pro www11.davisonbarker.pro
1	www78.davisonbarker.pro	www78.davisonbarker.pro
1	www73.davisonbarker.pro	www11.davisonbarker.pro
1	www55.davisonbarker.pro	www13.davisonbarker.pro
39	11

This site contains no links.

Subject Issuer	Validity	Valid
*.davisonbarker.pro E1	`2022-07-20` - `2022-10-18`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-16` - `2022-10-15`	a year	crt.sh
pectthatmye.shop Amazon	`2022-08-21` - `2023-09-19`	a year	crt.sh
*.atebilaterde.one GTS CA 1P5	`2022-07-21` - `2022-10-19`	3 months	crt.sh
ndandinter.hair R3	`2022-07-21` - `2022-10-19`	3 months	crt.sh
ablesasmetotr.monster Amazon	`2022-08-03` - `2023-09-01`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www78.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg
Frame ID: 9186C7014ABA41DE100708C2078631A7
Requests: 35 HTTP requests in this frame

Frame: https://pectthatmye.shop/WHBEcWw5EiccUzlNJlcZKhx5VF4eVXY3CDtFL0kKP0UtHg9gA2oSADcFIBceNx4wXwI9BGFDKhEidTMjFR4VGjwhMhEiFhVFDxZVFRQTI1oaJSAZIzJBIDYGPAQFBi0VOSM8VQ4ICR08GUErMxsOHgAJPRkgECMWGRwNAyELMhIiOx1BDTcqEhQqKBoOGB5HNh8YAzMvP0cnQQ85OT4kAw8IKxgiHxgMNzQ3SQ0kCzw7PgYaHkAdMzYPMQckNA4XHho5PDsQIAQKISAYNTZFJzArEhkiFiIdERMzHhkkHhg1NkUCOT80HSEZCBAyHCdUGRc8CTYfXScpPjYTPCEHESkNGA8qJQZJGRI3NzAhNjouFD4gOCcpOmAxKAYfFzQ0FysfOi01Pjw3IAsbNicWNwUBHnEnKQshczg+LCIgJi0sJyMoAwgjNyk+PzYsFwsCESBCWW8xdCddPh58Mj4POi0XBx0mDSUpYCd1N10eHjczPWocLhQuCTIhHCl+GjceAihNCUMUPSM3FAs6HAcrHxpHBQ
Frame ID: F6C4B92B923F019D17A4E6C8876DB623
Requests: 2 HTTP requests in this frame

Frame: https://pectthatmye.shop/Nk5UZ1hXLDcKZ1dzNkEtRCJpQmpwa2YhPFV7P18+UXs9CDsOPXoENFk7MAEqWSAgSTZTOnFVHk4XASEgVxY7JBRedgQ1CmMhEjEKdRtnMR5uJTgvE0EHEyEacHYSJRViBy4MP2YNPyMSXnZgKjBaewIfaHcMDB8aYjYNJhROFAE/GWc4EQsKehwtJg51fjAxAkEbDiEJRnYWJjtTDBcEAXQ2bCECQR8dNS9BOxcQGWEKByUNYTQsMjoGCBk0HnA+FgAZYwwHUx9xIm0zO2R2MD9peDYFITRjGwM1G31/bTM7ZxcVIR5SfwIhNwIcHCkacxssMTlwYwYFC1EPLCYJYygSDgliDzwqDmwLGREMBwRmP2lGAwYvFnQfBiISeBwjIQAHAxcxHkIFEDQ/VwoSXgxVHA0qH2chITAdTgcBNBFsCSwyFXwIBgUIcAwsNQ1SBQBUCncZEQ8IVQsSPgAHACwmP1EtFSMVbxoRADZSCx4CDnAEZzEgTgYBJn5cPTsJKAsrLg4aTh8BNDpRIAUvIA4
Frame ID: A50C23DFA479CCC6B495CB965619D46E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&... Page URL
https://www55.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=66130636... Page URL
https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&... HTTP 302
https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=66130636... Page URL
https://www73.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=2&ppi=23937649&pci=66130636... Page URL
https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=66130636... HTTP 302
https://www78.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=23937649&pci=66130636... Page URL

Page Statistics

39
Requests

95 %
HTTPS

29 %
IPv6

7
Domains

11
Subdomains

8
IPs

1
Countries

421 kB
Transfer

774 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Page URL
https://www55.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Page URL
https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg HTTP 302
https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Page URL
https://www73.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=2&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Page URL
https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg HTTP 302
https://www78.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg HTTP 302
https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg

39 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response www13.davisonbarker.pro/pushredirect/	5 KB 3 KB	353ms 298ms	Document text/html	172.67.186.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.186.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash `8563c40f4ae4f8823355307b121ce20cb6694c7e0686bdabad529bc1416b8f81` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 cf-cache-status DYNAMIC cf-ray 741e5240c8837447-LHR content-encoding br content-type text/html; charset=UTF-8 date Sun, 28 Aug 2022 16:11:11 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dS8hnTL%2BSlTF0uzuE2r9chGbSTkjT0eKp55scItmYYbTGsWiT1XIad8k2er1tSASWK5iaQJ6lGyErKC8R32mt9d1NurN%2BTh2OLf%2Fvt%2FSRd7CsX0YzBJrcTY%2FLmUoWJ%2BZcZj%2BFHnLCJVq%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.3.27 x-turbo-charged-by LiteSpeed
GET H2	200	/ Show response dc5k8fg5ioc8s.cloudfront.net/	163 KB 49 KB	43ms 11ms	Script text/plain	52.222.250.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Requested by Host: www13.davisonbarker.pro URL: https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.250.181 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-250-181.fra60.r.cloudfront.net Software / Resource Hash `94b0651e01377495f69b34c3c4b5566de85ee29aaefabb23d07acf4ae2d00f5e` Request headers accept-language de-DE,de;q=0.9 Referer https://www13.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 16:10:24 GMT content-encoding gzip age 47 x-cache Hit from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform x-amz-cf-pop FRA60-P3 content-length 49647 via 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront) x-amz-cf-id 7-rVz2b7Qa7aaH3Ge81k4NAHFYM_9rINTeKrEUew_96RstQa9PqZig==
GET H2	200	logo.png www13.davisonbarker.pro/static/image/	10 KB 11 KB	28ms 27ms	Image image/png	172.67.186.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www13.davisonbarker.pro/static/image/logo.png Requested by Host: www13.davisonbarker.pro URL: https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.186.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a` Request headers accept-language de-DE,de;q=0.9 Referer https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:11 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 433 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10726 last-modified Tue, 10 Nov 2020 09:44:06 GMT server cloudflare etag "29e6-5faa60e6-f392dafc4c855335;;;" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dL0qG0UMfTMSzp4It4A%2B7DMclhJfzSb6Qo%2BsIq3xXBWoTQENIgyI8SHzXNHJ%2FdX7ZEwORQsx7dFB8Ef77lE2y3hpqE1y2wpEczz18na8%2BkG42tI0CK4YkuOgD6O4A6XxqYWEFlGdT7OPqQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 741e5242bbc97447-LHR expires Sun, 04 Sep 2022 16:03:58 GMT
GET H2	200	am-push-cps.js Show response www13.davisonbarker.pro/	101 KB 40 KB	204ms 203ms	Script application/x-javascript	172.67.186.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www13.davisonbarker.pro/am-push-cps.js?puid=23937649&clickid=23937649_219418&allb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg&ob=https%3A%2F%2Fwww55.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&clb=https%3A%2F%2Fwww55.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&asb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Requested by Host: www13.davisonbarker.pro URL: https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.186.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bc4720c44ed409f268f5c7791185c5464bd750e81a4e2deb2766b6d4270b4ca8` Request headers accept-language de-DE,de;q=0.9 Referer https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:11 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 08 Aug 2022 14:16:52 GMT server cloudflare etag W/"19284-62f11ad4-ba71540cd1782978;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yg50WKm5oAydVs%2F94qfDkC7zZCREjz6XEY02F3c4huGYUFY%2BN8pq9yrJsNmdxnXhuvP2AYeKd6sDpzdJs7NzzUT4%2Fd8dV8NT%2FsuZZeclotrpTo8a2RxSWHjpDhIVSaPRJyL3hgxLz6HCA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 741e5242cbf37447-LHR expires Sun, 04 Sep 2022 16:11:11 GMT
GET H2	200	asd100.bin Show response freychang.fun/	100 KB 101 KB	157ms 124ms	Fetch binary/octet-stream	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/asd100.bin Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16` Request headers accept-language de-DE,de;q=0.9 Referer https://www13.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:11 GMT access-control-allow-methods GET cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 28 Aug 2022 13:36:08 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LK%2Ba3ERFRiOip48xm9dyS059V4M5howySusFlWMijWFpXLrLpSY7WQ0uwzsyHxHg9A4GKtbUj7LN9iNp1oyojh%2B%2Bho8%2FJwYFnDIO76pPjU%2BiaiQJj%2Fa00%2FXcG2KVbBzNoYdLtzBoM8GxI8nR"}],"group":"cf-nel","max_age":604800} content-type binary/octet-stream access-control-allow-origin https://www13.davisonbarker.pro cache-control max-age=14400 access-control-allow-credentials true cf-ray 741e52433b2a9bb9-FRA access-control-allow-headers X-Requested-With, content-type
GET H2	200	/ Show response freychang.fun/	26 B 385 B	162ms 128ms	Fetch text/plain	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/ Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7e7ca6eea1995bd71ba813214c04965bd5ea259b038444ce9f01306cc665c535` Request headers accept-language de-DE,de;q=0.9 Referer https://www13.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:11 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://www13.davisonbarker.pro report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KF%2BnQj4%2BWK3FB9M%2BXBokOPjz94DxE2AcNfha8mWBGuBiK53UExF13sqxFWVbcLwBc%2BIzI%2Bhym6KfPUxjl9wQEmG2KYEwbFAlcaywwwOi6HmgOExY9S7UL1xz19MyNBJMwXy3cmClej8Fsa8L"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 741e52433b2c9bb9-FRA access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx Show response pectthatmye.shop/	0 496 B	173ms 147ms	XHR text/plain	18.66.139.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pectthatmye.shop/utx?cb=g4GQi2r66hRw&top=www13.davisonbarker.pro&tid=824473 Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-67.fra60.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www13.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 16:11:11 GMT via 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA60-P4 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www13.davisonbarker.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id ABNJjBvuTQ0UDWWsw1iIg3Qvk7RfE6G9T5cDdhw-Y06Uv0wYXdx19A==
GET H2	200	WHBEcWw5EiccUzlNJlcZKhx5VF4eVXY3CDtFL0kKP0UtHg9gA2oSADcFIBceNx4wXwI9BGFDKhEidTMjFR4VGjwhMhEiFhVFDxZVFRQTI1oaJSAZIzJBIDYGPAQFBi0VOSM8VQ4ICR08GUErMxsOHgAJPRkgECMWGRwNAyELMhIiOx1BDTcqEhQqKBoOGB5HNh8YA... Show response pectthatmye.shop/ Frame F6C4	3 KB 2 KB	112ms 100ms	Document text/html	18.66.139.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pectthatmye.shop/WHBEcWw5EiccUzlNJlcZKhx5VF4eVXY3CDtFL0kKP0UtHg9gA2oSADcFIBceNx4wXwI9BGFDKhEidTMjFR4VGjwhMhEiFhVFDxZVFRQTI1oaJSAZIzJBIDYGPAQFBi0VOSM8VQ4ICR08GUErMxsOHgAJPRkgECMWGRwNAyELMhIiOx1BDTcqEhQqKBoOGB5HNh8YAzMvP0cnQQ85OT4kAw8IKxgiHxgMNzQ3SQ0kCzw7PgYaHkAdMzYPMQckNA4XHho5PDsQIAQKISAYNTZFJzArEhkiFiIdERMzHhkkHhg1NkUCOT80HSEZCBAyHCdUGRc8CTYfXScpPjYTPCEHESkNGA8qJQZJGRI3NzAhNjouFD4gOCcpOmAxKAYfFzQ0FysfOi01Pjw3IAsbNicWNwUBHnEnKQshczg+LCIgJi0sJyMoAwgjNyk+PzYsFwsCESBCWW8xdCddPh58Mj4POi0XBx0mDSUpYCd1N10eHjczPWocLhQuCTIhHCl+GjceAihNCUMUPSM3FAs6HAcrHxpHBQ Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-67.fra60.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `3678ff43e58faabefe5338d6d8a5fa1ee256fbfb1b441beecf5719c4cd847ac3` Request headers Referer https://www13.davisonbarker.pro/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1241 content-type text/html date Sun, 28 Aug 2022 16:11:11 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront) x-amz-cf-id iR5ApbEZb2hSGGKSx7kPfM4xLecSzBQjbW57Ihy6xPUXNR1hd6sadg== x-amz-cf-pop FRA60-P4 x-cache Miss from cloudfront
GET H2	204	CHZDF2EWLUcId0QoG15sAX4KTSVcZUsPZwFvSgphB2lICWE atebilaterde.one/MFh6OVEfZxlKbGJpN0MLZhZLYzZECRsKH14ZPEE5Ux8JeAQCEVxNOFRlQgtlBG9JHyFZPEcKYxYrDlglRStHCHdZNhxWbBYuRwl/	0 259 B	151ms 114ms	Image text/plain	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://atebilaterde.one/MFh6OVEfZxlKbGJpN0MLZhZLYzZECRsKH14ZPEE5Ux8JeAQCEVxNOFRlQgtlBG9JHyFZPEcKYxYrDlglRStHCHdZNhxWbBYuRwl/CHZDF2EWLUcId0QoG15sAX4KTSVcZUsPZwFvSgphB2lICWE Requested by Host: www13.davisonbarker.pro URL: https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www13.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:11 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpE0LfvrDmFyNjpBhC8wVseP92JfTLZvTxHLULT8yBmU8NEVSuQCkTmiRmLBZxLq%2BKUCAALkf9CbonIwM5IrKIFi4EDdnVOMx91nW1q12jyi12fkUWQKGVbuHixb9t%2BU6BHtI0R7kOjnSpTu2K%2BA"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 741e52435dbc9076-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	M29GZHgcUCUXRVc5LjEcZyUOBi9LLgUPPkA1dhM5YgIECilEImAQEVdSflZMB1h1QghaC3tXShUcMgUMRhx7VkgDWGANFlUAe1ZeRVJ2SkAdVmhUXkZSd0IMQw4hWUkVHzIQFA5ecFJJBF91VE8CXXZV atebilaterde.one/	0 494 B	141ms 105ms	Image text/plain	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://atebilaterde.one/M29GZHgcUCUXRVc5LjEcZyUOBi9LLgUPPkA1dhM5YgIECilEImAQEVdSflZMB1h1QghaC3tXShUcMgUMRhx7VkgDWGANFlUAe1ZeRVJ2SkAdVmhUXkZSd0IMQw4hWUkVHzIQFA5ecFJJBF91VE8CXXZV Requested by Host: www13.davisonbarker.pro URL: https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www13.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:11 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLZqadY6EHeX2elWZlMjhmqFNR3NiXL1wsKxEQLIZBkly9XDJ4eYUYafz%2BtPKcJWbMXepElLLafNdbN0ZgovWocbEjPEcP%2BXkhZhJlV8C%2FIvZQeIR9hXgKabmOVHPJg7T2LYGUxscqx5nBN3UIQV"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 741e52435dbd9076-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	IR1BOMnQkPyBUSzM5Kg9MdWR6BUdhOj1dGjdtAwAMIgM9VxMlPA1oBwVnDxQAPTRzAlIrMSBVSWE1IFFJdnYvVhZ6ZGhGBCg7c0caIzUoWxoiNGhHFXo9IUgdKzwvF0YBZWACUXVgZkUdKTQhRQdiYn5cAGJifgNEaWBrATZiYn5FHSlmehdHBXV8AgxxZG-cXRnc... Show response dc5k8fg5ioc8s.cloudfront.net/ Frame F6C4	432 B 623 B	167ms 167ms	Script text/plain	52.222.250.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dc5k8fg5ioc8s.cloudfront.net/IR1BOMnQkPyBUSzM5Kg9MdWR6BUdhOj1dGjdtAwAMIgM9VxMlPA1oBwVnDxQAPTRzAlIrMSBVSWE1IFFJdnYvVhZ6ZGhGBCg7c0caIzUoWxoiNGhHFXo9IUgdKzwvF0YBZWACUXVgZkUdKTQhRQdiYn5cAGJifgNEaWBrATZiYn5FHSlmehdHBXV8AgxxZG-cXRncxPkIYIicrUB8uJGsAMnJjeRxHcXV8AlwsODpfGGJiDRdGdzwnWRFiYn5VESQ7IRtRdWAtWgYoPSsXRgFhfgZad357A0V1fn8CRWJifkEVITE8W1F1FnsBQ2ljeBQBemE Requested by Host: pectthatmye.shop URL: https://pectthatmye.shop/WHBEcWw5EiccUzlNJlcZKhx5VF4eVXY3CDtFL0kKP0UtHg9gA2oSADcFIBceNx4wXwI9BGFDKhEidTMjFR4VGjwhMhEiFhVFDxZVFRQTI1oaJSAZIzJBIDYGPAQFBi0VOSM8VQ4ICR08GUErMxsOHgAJPRkgECMWGRwNAyELMhIiOx1BDTcqEhQqKBoOGB5HNh8YAzMvP0cnQQ85OT4kAw8IKxgiHxgMNzQ3SQ0kCzw7PgYaHkAdMzYPMQckNA4XHho5PDsQIAQKISAYNTZFJzArEhkiFiIdERMzHhkkHhg1NkUCOT80HSEZCBAyHCdUGRc8CTYfXScpPjYTPCEHESkNGA8qJQZJGRI3NzAhNjouFD4gOCcpOmAxKAYfFzQ0FysfOi01Pjw3IAsbNicWNwUBHnEnKQshczg+LCIgJi0sJyMoAwgjNyk+PzYsFwsCESBCWW8xdCddPh58Mj4POi0XBx0mDSUpYCd1N10eHjczPWocLhQuCTIhHCl+GjceAihNCUMUPSM3FAs6HAcrHxpHBQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.250.181 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-250-181.fra60.r.cloudfront.net Software / Resource Hash `466b31ae7c0fc7a829429202e07a75530455eac40d84d464c20e165ae4481484` Request headers accept-language de-DE,de;q=0.9 Referer https://pectthatmye.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:11 GMT content-encoding gzip x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 346 via 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront) x-amz-cf-id 7-ZKLmqP_dWLLafm_PXqiqOTXk2LIoFJX19MevdKam5hjmmes0ZMLw==
GET H2	502	YkV6S1cZZwk8CBc3FmltQC0OPycRf1VkIBUyS3h5BiQMIiQNKxgqJQkgCGUnECpVKjpPNQ84P08mCjh5CDZFOyILIUd5ZFt2TX1jW2MZJz4BLhMvalB2Q3hgVHFDFGVTfE56b0QkFic1Xy0OPycRYEkKclADX3kRDyAdKnkMP195EQQqFi8yEGBIDQIgHxchAxIfX... ndandinter.hair/	0 0	316ms 101ms	Script text/plain	107.22.28.167 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ndandinter.hair/YkV6S1cZZwk8CBc3FmltQC0OPycRf1VkIBUyS3h5BiQMIiQNKxgqJQkgCGUnECpVKjpPNQ84P08mCjh5CDZFOyILIUd5ZFt2TX1jW2MZJz4BLhMvalB2Q3hgVHFDFGVTfE56b0QkFic1Xy0OPycRYEkKclADX3kRDyAdKnkMP195EQQqFi8yEGBIDQIgHxchAxIfX3lkDjw4Ii8SASgDG1M9Ch49NA8xES4xIlwkNV8tDj8nEWBJCnJQA195ERUyDX5iTCEbPT4RKhQpNhAuHzl5EjcVbmUkNQ84PxAgHiIlByYObmUkYEkNIw81X3gTU2BIfTkHMQ0kJQlgSQ9kR3dMIjgRYEkPZ0d3TDg%2BFiBfeBMDIRwnLkd3TChyUQFLbmVUNQoiclEBSHhuUXJMf25Hd0w7NAtgSQ9hVHRJe2FRc0t%2BclBzDm5kJnRMfWZVdUhyZ1FgSH0zBzYObmQmLQ4%2FJxFgSH5kI2BIfmUkYEh%2BZSQoHyw2TCsAbmVXdzwtOA4hHzlyUHBIDQIgHxchAxIfX3liUHYWMhULPQoPBSoJSzMnNy8sARw4PCkscQEpGHY%2FFjEKOHJRBF95EUd3PDwgFXBPZTMDMxM4OAwnGzk8BzdUOyUNYEgNJxc2EjkyBiwILjQWYEgNclEDDiYnR3Y%2BeXJQcxQuIxUqCCByUQFJbmVULBU4clEBSm5lVDYTPzJHdj4qMwQpA25lVCZfeBNTYEh9JxIsX3gTUHZDeGBUcUNuZVQ1GSJyUQFMfWZRdUx4YVNwX3lhFmBJD2ZUc0t8Z1B8SnhyUHMeLiQWYEkPPxYxCjhyUHBJCnJQcEgNclBwSA06ByIbZTkYYEh%2BZSQjFSczBzdfeWJQAy8JDQ8vLjsNR3dPeWQOPDgiLxIBKAMbUz0KHj00DzERLjEiXCokAHgSPyMSNl94Fkd3PG5lJCgfLDZMKwBuZSQjFSczBzdfeRE3ByAmPTY1IG5lUSkDCT4aNT4ZHy50AjsCCBMwAA0bFh1pe0A2Fy11WHRWaSQPM1hxdVZrSWl7QDEbLAgLIVhxdVp0QnlvVGdWaSQXJyUiM1NnQGllUXxJfGFWfFhndREwGBQ%2BBndYcXVQdkN4YFRxQxRlU3xOem9AaVgqOw4nWHF1CjEOOyRYalUmMgUkVCUtTSMVJzMHN1UeFTgoEB8nOGYWMhULPQoPBSoJSzMnNy8sARw4PCksdU5nFSl1WGcSPyMSNkBkeBUyDX5iTCEbPT4RKhQpNhAuHzl5EjcVZCcXNhI5MgYsCC40FmpFPzoSeEttOQcxDSQlCXhJbT4NNkd7cREsDi5qAyEcJy5EJkd6cRI1E3ZlUXxJfGFWfFw7NAt4TH1mUXVMeGFTcFw%2FalNzTHpgUndDe2REIR84I18tDj8nEWBJCnJQA195EQ8gHSp5DD9feREEKhYvMhBgSA0CIB8XIQMSH195ZA48OCIvEgEoAxtTPQoePTQPMREuMSJYZ3UBKRhpbUAtDj8nEX9VZCAVMk9%2BeQYkDCIkDSsYKiUJIAhlJxAqVTsiES0ILjMLNx8oI016DiYnX3dcJTIWMhU5PF92XCI4EXhKbSQLMR92NgYjFjJxAXhLbScSLEd5ZFt2TX1jW2MKKD5fc0x6ZFJzSX1mV2MOdmZUc0t8Z1B8SnhxBiAJP2oKMQ47JEd2O25lJGBIDToHIhtlORhgSA0xDSkeLiVHdzweFTgoEB8nOGBIeDsbBxMzJyYXMgdmGjUvIQEoDiAyBAVnVmk2ESdYcXUKMQ47JFhqVSYyBSRUJS1NIxUnMwc3VR4VOCgQHyc4ZhYyFQs9Cg8FKglLMyc3LywBHDg8KSx1Hw Requested by Host: www13.davisonbarker.pro URL: https://www13.davisonbarker.pro/am-push-cps.js?puid=23937649&clickid=23937649_219418&allb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg&ob=https%3A%2F%2Fwww55.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&clb=https%3A%2F%2Fwww55.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&asb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-22-28-167.compute-1.amazonaws.com Software / Express Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www13.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin * access-control-allow-headers X-Requested-With,content-type x-powered-by Express access-control-allow-methods GET, POST
GET H3	200	popunder.gif atebilaterde.one/	35 B 625 B	34ms 14ms	Image image/gif	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://atebilaterde.one/popunder.gif Requested by Host: www13.davisonbarker.pro URL: https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015` Request headers accept-language de-DE,de;q=0.9 Referer https://www13.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma public date Sun, 28 Aug 2022 16:11:11 GMT cf-cache-status HIT last-modified Fri, 26 Aug 2022 17:49:28 GMT server cloudflare age 166903 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deUC%2BtCi7tWmCLVGZXm1gG8fw5cX06NE8Aqoz8ZUh41bsfKFLHangjPPu0IWqCp%2BvhumcWVPeNXoxE%2FlXZpxciipCXbW8ym10ZQ3zsUXDAQcduec47Rmcb02DcFT4Qr4ehFqrbOALsIHTrzJktdX"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 741e5245aa6e901f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	204	aHVYRUFHSjs2fCYiCi8gP0UQEBccFg4UBzkgHgcnKRkgFBlZAn4xKAxIYHd1XEJrYzEBEWV2c04GLCQ1HQZld3FYQn4sLw4aZXdnHkhoa3lGTHZ1Zx1IbnR2WURgd3NdTGlwc11CfjExCRJldGcYASwpfFlDbnR2WEZocnBeQWg atebilaterde.one/	0 483 B	101ms 100ms	Ping text/plain	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://atebilaterde.one/aHVYRUFHSjs2fCYiCi8gP0UQEBccFg4UBzkgHgcnKRkgFBlZAn4xKAxIYHd1XEJrYzEBEWV2c04GLCQ1HQZld3FYQn4sLw4aZXdnHkhoa3lGTHZ1Zx1IbnR2WURgd3NdTGlwc11CfjExCRJldGcYASwpfFlDbnR2WEZocnBeQWg Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www13.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:11 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abON6OJXJ%2BGfc1e%2B%2BfNCZCbnhGISnEdZwLwimdAQEUdqvPmHSR%2B%2F%2FSyExengSMMeC3j94406r%2B0C1Box6mQdXYbc%2BSMl%2Fs9nG1NBwLkHoBkzNshSMlrvB1ScvPC3wYZA65LPlNTAHxFcjY%2BW2%2BJR"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 741e5245ca9c901f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	floater Show response pectthatmye.shop/	2 KB 2 KB	336ms 335ms	XHR text/plain	18.66.139.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pectthatmye.shop/floater?cs=WHg0YkxqTQxXdGxMB1t%2Bb0AHVH0&abt=0&red=1&sm=83&k=&v=0.8.9.0&sts=0&prn=0&emb=0&tid=824473&u=617118225915257&agec=1661703071&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=235.29411764705884&ref=https%3A%2F%2Fwww13.davisonbarker.pro%2Fpushredirect%2F%3Fnetwork%3D3%26site%3Dadfly%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F104.0.5112.101%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td1_oi1_&_zXyr=1661703071640&crc=1 Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-67.fra60.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `cd9328388e2cb19705b47a9b9e5a812194c36e312537042571cee990970218e9` Request headers accept-language de-DE,de;q=0.9 Referer https://www13.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 16:11:11 GMT content-encoding gzip server openresty/1.17.8.2 x-amz-cf-pop FRA60-P4 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www13.davisonbarker.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version content-type text/plain content-length 1103 via 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront) x-amz-cf-id Hx6YZewCe09J9qGZbbQrSmjSiBS4WVh3_Q-PudRQvNJfQbKK3wxrSQ==
GET H2	204	utx Show response ablesasmetotr.monster/	0 495 B	138ms 99ms	XHR text/plain	99.86.4.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ablesasmetotr.monster/utx?tid=818286&top=www13.davisonbarker.pro&cb=7H1cINYfMfcp Requested by Host: www13.davisonbarker.pro URL: https://www13.davisonbarker.pro/am-push-cps.js?puid=23937649&clickid=23937649_219418&allb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg&ob=https%3A%2F%2Fwww55.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&clb=https%3A%2F%2Fwww55.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&asb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-42.fra6.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www13.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 16:11:11 GMT via 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www13.davisonbarker.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id xoUUmj4wgtman0XRM1NYKway-mvAh00INanRCfADdv-QFMMnIiJTfQ==
POST H2	200	/ Show response ndandinter.hair/	0 37 B	306ms 105ms	XHR text/plain	107.22.28.167 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ndandinter.hair/ Requested by Host: www13.davisonbarker.pro URL: https://www13.davisonbarker.pro/am-push-cps.js?puid=23937649&clickid=23937649_219418&allb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg&ob=https%3A%2F%2Fwww55.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&clb=https%3A%2F%2Fwww55.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&asb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-22-28-167.compute-1.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www13.davisonbarker.pro/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * content-length 0
GET H2	200	/ www55.davisonbarker.pro/pushredirect/	119 B 387 B	246ms 232ms	Document text/html	172.67.186.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www55.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Requested by Host: www13.davisonbarker.pro URL: https://www13.davisonbarker.pro/am-push-cps.js?puid=23937649&clickid=23937649_219418&allb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg&ob=https%3A%2F%2Fwww55.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&clb=https%3A%2F%2Fwww55.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&asb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.186.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash Request headers Referer https://www13.davisonbarker.pro/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 741e524beb917447-LHR content-encoding br content-type text/html; charset=UTF-8 date Sun, 28 Aug 2022 16:11:12 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41J%2B8Ow4v3zCgAB%2BNC7JixKgVDEaTX5cLQ6EKtJECHeLTSsYnYGpXd9O1X8olVUlfaCLRRUYEqupdYAxzAvmnJ6eH0IloQdVJ9OkEI4zs8rRR%2F8iDKXMsZ37GEgcU4sndGCgjkKkZCkBMQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.3.27 x-turbo-charged-by LiteSpeed
GET H2	200	/ Show response www11.davisonbarker.pro/pushredirect/ Redirect Chain https://www13.davisonbarker.pro/pushredirect/?network=3&site=adfly&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg	5 KB 3 KB	232ms 216ms	Document text/html	172.67.186.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.186.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash `40f658b68388694aae91c042c94ecf35794a2b47efa15ab6215afbc7d2788fe6` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 cf-cache-status DYNAMIC cf-ray 741e5253987d7447-LHR content-encoding br content-type text/html; charset=UTF-8 date Sun, 28 Aug 2022 16:11:14 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SzJYt5Avi9dtJ8oCPvgF8lK1tbZW%2Fw1Vz7ujuWZZi69J09Ag9ixphtgY33wT75yyda%2FYR4O1Hn8Iy4bi%2BRb8QClaOou%2BRuhO6j9teblaNEus5cUokttNzl%2F%2FkY69v0bQQGUBILdmloh0A%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.3.27 x-turbo-charged-by LiteSpeed Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate, max-age=0 cf-cache-status DYNAMIC cf-ray 741e5252290376e3-LHR content-type text/html; charset=UTF-8 date Sun, 28 Aug 2022 16:11:13 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" location https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iU81KoOvErHQN16qmsBA2POYSfkB3ddX13IBf%2F%2FkomiKdzQCJ4k5e1LhTh95kxx0yZ2ZSjsHAzRa%2FqziYtO67LDEEJQd972KiIoDIBknaRC%2F1iMqE9ZvQwRXz2QwTS3dt7WH4xP9POrC%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.3.27 x-turbo-charged-by LiteSpeed
GET H2	200	/ Show response dc5k8fg5ioc8s.cloudfront.net/	163 KB 49 KB	160ms 159ms	Script text/plain	52.222.250.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Requested by Host: www11.davisonbarker.pro URL: https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.250.181 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-250-181.fra60.r.cloudfront.net Software / Resource Hash `94b0651e01377495f69b34c3c4b5566de85ee29aaefabb23d07acf4ae2d00f5e` Request headers accept-language de-DE,de;q=0.9 Referer https://www11.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 16:11:14 GMT content-encoding gzip x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 49647 via 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront) x-amz-cf-id ZVu8YemAbxmGvMet4igtBNeBm7zYHQDCPLpffsPtCqEexMrAgvzZ3A==
GET H3	200	logo.png www11.davisonbarker.pro/static/image/	10 KB 11 KB	51ms 51ms	Image image/png	172.67.186.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www11.davisonbarker.pro/static/image/logo.png Requested by Host: www11.davisonbarker.pro URL: https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.186.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a` Request headers accept-language de-DE,de;q=0.9 Referer https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:14 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 207 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10726 last-modified Tue, 10 Nov 2020 09:44:06 GMT server cloudflare etag "29e6-5faa60e6-f392dafc4c855335;;;" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36j%2Fx8rcfYONZXAwKv5i2hd%2Bq5bCrPGqLTUr6lqK7GZO1RG%2FLHlzZ25HhP%2BSxSgfhAlk2jiNDmvN56ahOuX%2B%2BnOAqBlL9z%2FTqLH0nAPZ5TSNeQJnp3TkoEJ9Gu7sar4pOcisDqluuzgmVA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 741e52550e1a76e3-LHR expires Sun, 04 Sep 2022 16:07:30 GMT
GET H3	200	am-push-cps.js Show response www11.davisonbarker.pro/	101 KB 40 KB	218ms 218ms	Script application/x-javascript	172.67.186.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www11.davisonbarker.pro/am-push-cps.js?puid=23937649&clickid=23937649_545375&allb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg&ob=https%3A%2F%2Fwww73.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&clb=https%3A%2F%2Fwww73.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&asb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Requested by Host: www11.davisonbarker.pro URL: https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.186.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bc4720c44ed409f268f5c7791185c5464bd750e81a4e2deb2766b6d4270b4ca8` Request headers accept-language de-DE,de;q=0.9 Referer https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:14 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 08 Aug 2022 14:16:52 GMT server cloudflare etag W/"19284-62f11ad4-ba71540cd1782978;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Hifg%2BufFLdEDe5e24T5U4EGYjqszCqgTFy6xIbnv8RmwXRAlTeVMC8oQuQewDaOPA6nAbNSiaLCbJvK4XQRi64jNqLk8jwKbGs0q%2BBym%2B%2Bs%2Fl59N5efldp30uGSWw6LH609wqaYWXZTsw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 741e52550e2576e3-LHR expires Sun, 04 Sep 2022 16:10:47 GMT
GET H3	200	asd100.bin Show response freychang.fun/	100 KB 101 KB	27ms 14ms	Fetch binary/octet-stream	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/asd100.bin Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16` Request headers accept-language de-DE,de;q=0.9 Referer https://www11.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:14 GMT access-control-allow-methods GET cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5078 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 28 Aug 2022 14:46:36 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3FaT8PQKmX4z4E7yMB6EhJPCjAcLNaxIqlXsmyMTdFcYgVuyPwvSSx2IYC6UOUoPOL3JDQsHnYlJmRZVlJ3i2ESjX%2BGW2Jkqf6cXnBh%2BeN2tpWbguR9r%2FlnDGZu3ZwKBg7v7WULbOJndaTo"}],"group":"cf-nel","max_age":604800} content-type binary/octet-stream access-control-allow-origin https://www11.davisonbarker.pro cache-control max-age=14400 access-control-allow-credentials true cf-ray 741e52561b6a9122-FRA access-control-allow-headers X-Requested-With, content-type
GET H3	200	/ Show response freychang.fun/	26 B 617 B	111ms 99ms	Fetch text/plain	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/ Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7e7ca6eea1995bd71ba813214c04965bd5ea259b038444ce9f01306cc665c535` Request headers accept-language de-DE,de;q=0.9 Referer https://www11.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:14 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://www11.davisonbarker.pro report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9o8xdWMTvOeWQ4nDCMSDVdB4MXHKzWDEoMmaoNuvaa22uFDq0gK4x2de1krOfZEIxdNkKGCrFvM19Nv7yTh3aD%2FQBM73vwib5DsQnRziyeRiz41eIQgn5qNxlz6dMijcolY69nz6oRY2PjgW"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 741e52561b6b9122-FRA access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	utx Show response pectthatmye.shop/	0 497 B	103ms 101ms	XHR text/plain	18.66.139.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pectthatmye.shop/utx?cb=FQZV2IjBYHfW&top=www11.davisonbarker.pro&tid=824473 Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-67.fra60.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www11.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 16:11:14 GMT via 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA60-P4 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www11.davisonbarker.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id QjlLSAL_XEwLfZ8f3vRXURJCmRga82Ggdmmc9W9wXTDQ0oS4XrzbRw==
GET H2	200	VwoSXgxVHA0qH2chITAdTgcBNBFsCSwyFXwIBgUIcAwsNQ1SBQBUCncZEQ8IVQsSPgAHACwmP1EtFSMVbxoRADZSCx4CDnAEZzEgTgYBJn5cPTsJKAsrLg4aTh8BNDpRIAUvIA4 Show response pectthatmye.shop/Nk5UZ1hXLDcKZ1dzNkEtRCJpQmpwa2YhPFV7P18+UXs9CDsOPXoENFk7MAEqWSAgSTZTOnFVHk4XASEgVxY7JBRedgQ1CmMhEjEKdRtnMR5uJTgvE0EHEyEacHYSJRViBy4MP2YNPyMSXnZgKjBaewIfaHcMDB8aYjYNJhROFAE/GWc4EQsK... Frame A50C	3 KB 2 KB	101ms 101ms	Document text/html	18.66.139.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pectthatmye.shop/Nk5UZ1hXLDcKZ1dzNkEtRCJpQmpwa2YhPFV7P18+UXs9CDsOPXoENFk7MAEqWSAgSTZTOnFVHk4XASEgVxY7JBRedgQ1CmMhEjEKdRtnMR5uJTgvE0EHEyEacHYSJRViBy4MP2YNPyMSXnZgKjBaewIfaHcMDB8aYjYNJhROFAE/GWc4EQsKehwtJg51fjAxAkEbDiEJRnYWJjtTDBcEAXQ2bCECQR8dNS9BOxcQGWEKByUNYTQsMjoGCBk0HnA+FgAZYwwHUx9xIm0zO2R2MD9peDYFITRjGwM1G31/bTM7ZxcVIR5SfwIhNwIcHCkacxssMTlwYwYFC1EPLCYJYygSDgliDzwqDmwLGREMBwRmP2lGAwYvFnQfBiISeBwjIQAHAxcxHkIFEDQ/VwoSXgxVHA0qH2chITAdTgcBNBFsCSwyFXwIBgUIcAwsNQ1SBQBUCncZEQ8IVQsSPgAHACwmP1EtFSMVbxoRADZSCx4CDnAEZzEgTgYBJn5cPTsJKAsrLg4aTh8BNDpRIAUvIA4 Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-67.fra60.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `6b20a83ff16decb143db6bd71c0130e86a5290c2a11c6974d9068272cbf37f2a` Request headers Referer https://www11.davisonbarker.pro/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1240 content-type text/html date Sun, 28 Aug 2022 16:11:14 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront) x-amz-cf-id z79q1wqxGbfU9np6-uyTUki2WDSC5n9nMrFuw9LvhDLnJb8lHDKKWQ== x-amz-cf-pop FRA60-P4 x-cache Miss from cloudfront
GET H3	204	bFhxQmhDZxIxVToAPxY9XTwZEz8iMisVKicBJiYGNmgjJTI7HVc2AQhlSXBcWG9CZBgFPExxWkorBSMcGStMc04FNhctVUouTHJGVHZIbFhKLUxzThgoECVVXX4BNhwAZUB0Xl1vQXFYW2xDdlo atebilaterde.one/	0 474 B	109ms 108ms	Image text/plain	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://atebilaterde.one/bFhxQmhDZxIxVToAPxY9XTwZEz8iMisVKicBJiYGNmgjJTI7HVc2AQhlSXBcWG9CZBgFPExxWkorBSMcGStMc04FNhctVUouTHJGVHZIbFhKLUxzThgoECVVXX4BNhwAZUB0Xl1vQXFYW2xDdlo Requested by Host: www11.davisonbarker.pro URL: https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www11.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:14 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxNGP%2FAKMPUIP0JDI2gclY0zNLnJyWcH9T3Npk45%2BBMZ77eMaIzDrFXWIBoukFCcyK8yl7DeEU%2FrJoXzwkhuKIqJvi%2BFqrZlT3skTsuSLJ6MhQQjAy8xIxiEzMJx240We6gDJ08XWoXrJDC78P1E"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 741e52561adf901f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	204	MktaWDMddDkrDmR6Mg5+ZTswOV5nCQ0feVoRLQ5SaBxjNXEDPHwsWlZ2YmoHBnxpfkNbL2drARQ4LjlHRzhnagMCfHwxXVQkZ2oVRHZqdgsccnRoFUd2a35HQio9ZQIUOy4sXw96bG4CBXtpaAQGeW5s atebilaterde.one/	0 472 B	124ms 124ms	Image text/plain	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://atebilaterde.one/MktaWDMddDkrDmR6Mg5+ZTswOV5nCQ0feVoRLQ5SaBxjNXEDPHwsWlZ2YmoHBnxpfkNbL2drARQ4LjlHRzhnagMCfHwxXVQkZ2oVRHZqdgsccnRoFUd2a35HQio9ZQIUOy4sXw96bG4CBXtpaAQGeW5s Requested by Host: www11.davisonbarker.pro URL: https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www11.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:14 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1I3nb7nwKNcyrWRviDOeHjbMiwwErk%2BB78L7thUWz%2FPR4nqsdL9c6RGc3YICaoiVmtvBWqz%2BdqUgtDrHcgaNFcATlBhiFMRk5oDGQLjp5SBs2Q0DCxAUIODEEadKx1Ln%2Fc6Tm0yGMnC6ENtYBDK"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 741e52561ae2901f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	xYUFxaXoCLh8PRRUoFVRCU3VFXklHKwIGFBF8FBMTIzkgPCkDJh84Mhl5Vx0ABXxBTxYALxZUXAQvElRLRyAVC0dVZwUZFQp8BAceBCcYBx8FZwQIRwwuCwAWDSBUWzxUb0FMSFFpBgAUBS4GGl9TcR8dX1NxQFlUUWRCK19TcQYAFFd1VFo4RHNBEUxVaF-RbSgA... Show response dc5k8fg5ioc8s.cloudfront.net/ Frame A50C	431 B 623 B	153ms 152ms	Script text/plain	52.222.250.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dc5k8fg5ioc8s.cloudfront.net/xYUFxaXoCLh8PRRUoFVRCU3VFXklHKwIGFBF8FBMTIzkgPCkDJh84Mhl5Vx0ABXxBTxYALxZUXAQvElRLRyAVC0dVZwUZFQp8BAceBCcYBx8FZwQIRwwuCwAWDSBUWzxUb0FMSFFpBgAUBS4GGl9TcR8dX1NxQFlUUWRCK19TcQYAFFd1VFo4RHNBEUxVaF-RbSgAxAQUfFiQTAhMVZEMvT1J2X1pMRHNBQREJNRwFX1MCVFtKDSgaDF9TcRYMGQouWExIUSIZGxUMJFRbPFBxRUdKT3RAWEhPcEFYX1NxAggcADMYTEgndEJeVFJ3VxxHUA Requested by Host: pectthatmye.shop URL: https://pectthatmye.shop/Nk5UZ1hXLDcKZ1dzNkEtRCJpQmpwa2YhPFV7P18+UXs9CDsOPXoENFk7MAEqWSAgSTZTOnFVHk4XASEgVxY7JBRedgQ1CmMhEjEKdRtnMR5uJTgvE0EHEyEacHYSJRViBy4MP2YNPyMSXnZgKjBaewIfaHcMDB8aYjYNJhROFAE/GWc4EQsKehwtJg51fjAxAkEbDiEJRnYWJjtTDBcEAXQ2bCECQR8dNS9BOxcQGWEKByUNYTQsMjoGCBk0HnA+FgAZYwwHUx9xIm0zO2R2MD9peDYFITRjGwM1G31/bTM7ZxcVIR5SfwIhNwIcHCkacxssMTlwYwYFC1EPLCYJYygSDgliDzwqDmwLGREMBwRmP2lGAwYvFnQfBiISeBwjIQAHAxcxHkIFEDQ/VwoSXgxVHA0qH2chITAdTgcBNBFsCSwyFXwIBgUIcAwsNQ1SBQBUCncZEQ8IVQsSPgAHACwmP1EtFSMVbxoRADZSCx4CDnAEZzEgTgYBJn5cPTsJKAsrLg4aTh8BNDpRIAUvIA4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.250.181 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-250-181.fra60.r.cloudfront.net Software / Resource Hash `2a97f848f5619b462f2f6c4b18498159796519251991c4ecdcce1d5dfca98d07` Request headers accept-language de-DE,de;q=0.9 Referer https://pectthatmye.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:14 GMT content-encoding gzip x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 345 via 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront) x-amz-cf-id 1UH3IPVVlt6ORA-DGjGOyd2qdmac7N-8MJIy4BVAayQmJYJXVoJjpg==
GET H2	502	MWRWTEhKRiU7F0QWOm5yEwwiODhCXnljP0YTZ31mVQUgJTteCjQtOloBJGI4Qwt5LSUcFCM%2FIBwHJj9mWxdpPD1YAGt%2BewhXYXp8CEI1ICFSDz8odQNXb39%2FB1BvE30FUWV7fRcFOiAqDAwiODhCQWUNbQMic34OXAExLWZfHnN%2BDlcLOigtQ0FkCh1zP... ndandinter.hair/	0 0	102ms 101ms	Script text/plain	107.22.28.167 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ndandinter.hair/MWRWTEhKRiU7F0QWOm5yEwwiODhCXnljP0YTZ31mVQUgJTteCjQtOloBJGI4Qwt5LSUcFCM%2FIBwHJj9mWxdpPD1YAGt%2BewhXYXp8CEI1ICFSDz8odQNXb39%2FB1BvE30FUWV7fRcFOiAqDAwiODhCQWUNbQMic34OXAExLWZfHnN%2BDlcLOigtQ0FkCh1zPjsmHEE%2Bc357XR0UJTBBIAQEBAAcJhkiZy4dFjFiA3AjKgwMIjg4QkFlDW0DInN%2BDkYTIXt7HwA3OiFCCzguKUMPMz5mQRY5aXp3FCM%2FIEMBMiU6VAciaXp3QWUKPFwUc38MAEFkeiZUECEjOlpBZQh7FFZgJSdCQWUIeBRWYD8hRQFzfwxQADAgMRRWYC9tAiBkaXoHFCYlbQIgZH9xAlNgeHEUVmA8K1hBZQh%2BB1VlfH4CUmd5bQNSIml7dVVgenkGVGR1eAJBZHosVBciaXt1DCI4OEJBZHl7cEFkeXp3QWR5encJMyspHwosaXoEVhAqJ10AMz5tA1FkCh1zPjsmHEE%2Bc359A1c6NQpYHCYIGnkoZzQ4ZA4ABgNrHQUrblIINHEgRRAmP20CJXN%2BDhRWEDs%2FRlNlYixQEj8%2FJ18GNz4jVBZ4PDpeQWQKOEQXPj4tVQ0kKStFQWQKbQIiIiE4FFcSfm0DUjgpPEYLJCdtAiBlaXoHDTk%2FbQIgZml6Bxc%2FOC0UVxItLFcIL2l6BwdzfwwDQWR6OEENc38MA1dvf38HUG9pegcUNSVtAiBgenkCVGB%2FfgBRc35%2BRUFlCHkHUmd7eANdZn9tA1IyKTtFQWUIIEUQJj9tA1FlDW0DUWQKbQNRZAolVAM3YiZLQWR5encCOSAsVBZzfn0DIgMOElwOAjwSFFZjfntdHRQlMEEgBAQEABwmGSJnLh0WMWIDcC07U1k%2BODxBF3N%2FCRRWEGl6dwkzKykfCixpencCOSAsVBZzfg5kJgwhImUUDGl6AggvDiFJFBIeAH1VLjwdWzIcBxJINzFuZBMXOypqC1V6bjtcEnR2agVKZW5kExA3KxdYAHR2aglVbn5wB0Z6bjtEBgklLABGbG56Al1le34FXXRgakIRNBMhVVZ0dmoDV29%2FfwdQbxN9BVFle30TSHQtJF0GdHZqWRAiPDsLS3khLVYFeCIyHgI5ICxUFnkZCmsJPBg4a0c6NQpYHCYIGnkoZzQ4ZA4ABgNrHQUrah1GOS5qC0Y%2BODxBF2xjZ0YTIXt7HwA3OiFCCzguKUMPMz5mQRY5YzhEFz4%2BLVUNJCkrRUtpOCVBWWdqJlQQISM6WlllaiFeF2t8bkINIil1UAAwIDEXB2t%2BbkEUP3F6Al1le34FXXA8K1hZYHp5AlRgf34AUXA4dQBSYH1%2FAVZvfHsXADM%2FPAwMIjg4QkFlDW0DInN%2BDlwBMS1mXx5zfg5XCzooLUNBZAodcz47JhxBPnN%2Be10dFCUwQSAEBAQAHCYZImcuHRYxYgN0YGpSCDRuchMMIjg4Ql55Yz9GE2F%2FZlUFICU7Xgo0LTpaASRiOEMLeTw9QgwkKSxYFjMvPB5bIiE4DFZwIi1FEzk%2BIwxXcCUnQllmajtYEDNxKVUCOjVuUllkajhBDWt%2BewhXYXp8CEImLyEMUmB9ewFSZXp5BEIicXkHUmd7eANdZn9uVQElOHVZECI8OxRXF2l6d0FkCiVUAzdiJktBZAouXggyKToUVhAZCmsJPBg4a0FkfyRIJj80OHU2HgB5SRQDJh57Lww1G1ZGem4pQgZ0dmpZECI8OwtLeSEtVgV4IjIeAjkgLFQWeRkKawk8GDhrRzo1ClgcJggaeShnNDhkDgAGA2sdBStqTA Requested by Host: www11.davisonbarker.pro URL: https://www11.davisonbarker.pro/am-push-cps.js?puid=23937649&clickid=23937649_545375&allb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg&ob=https%3A%2F%2Fwww73.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&clb=https%3A%2F%2Fwww73.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&asb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-22-28-167.compute-1.amazonaws.com Software / Express Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www11.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin * access-control-allow-headers X-Requested-With,content-type x-powered-by Express access-control-allow-methods GET, POST
GET H2	204	utx Show response ablesasmetotr.monster/	0 493 B	108ms 107ms	XHR text/plain	99.86.4.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ablesasmetotr.monster/utx?tid=818286&top=www11.davisonbarker.pro&cb=NL2QBsNa2ePV Requested by Host: www11.davisonbarker.pro URL: https://www11.davisonbarker.pro/am-push-cps.js?puid=23937649&clickid=23937649_545375&allb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg&ob=https%3A%2F%2Fwww73.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&clb=https%3A%2F%2Fwww73.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&asb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-42.fra6.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www11.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 16:11:14 GMT via 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www11.davisonbarker.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id 3yraocTioOiV9klaTpudEscqSNLhhbbh0ylwRgJ0v6o3Wtcli93G-w==
POST H2	200	/ Show response ndandinter.hair/	0 36 B	126ms 125ms	XHR text/plain	107.22.28.167 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ndandinter.hair/ Requested by Host: www11.davisonbarker.pro URL: https://www11.davisonbarker.pro/am-push-cps.js?puid=23937649&clickid=23937649_545375&allb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg&ob=https%3A%2F%2Fwww73.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&clb=https%3A%2F%2Fwww73.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&asb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-22-28-167.compute-1.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www11.davisonbarker.pro/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * content-length 0
GET H3	200	popunder.gif atebilaterde.one/	35 B 592 B	13ms 13ms	Image image/gif	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://atebilaterde.one/popunder.gif Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015` Request headers accept-language de-DE,de;q=0.9 Referer https://www11.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma public date Sun, 28 Aug 2022 16:11:14 GMT cf-cache-status HIT last-modified Fri, 26 Aug 2022 17:49:28 GMT server cloudflare age 166906 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItHgoL9F5RvW%2BCgMH0YP%2B4SMTfgFck3sC18DuRenX6Jz%2BmVAjc%2BQLaOWB9Z%2FeN13ogY5Ezaa59QTewCOPD8JqkVfOREceLPNOPepcWgAQe4ujke6I4eI4GaBXzGcSvI69lpeFWQm2gtweuRr4s9D"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 741e52588ecf901f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	204	QSkwTT8IenQIexMhKl4jCHpiTnEFZnwWdRt4Yk1xA3lzCX0NenYNdQR9dg17Ezw0WSsIeWJIOEEkeQl6A3lzCH8Ff3AOegc atebilaterde.one/OEw1SEQXc1Y7eW0mbzoVVSRYCgJMNWIlJ2gbbRIdYQ1zESB+eBM8LVxxDXpwDHsGbjRRKAh7dh4/	0 476 B	103ms 103ms	Ping text/plain	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://atebilaterde.one/OEw1SEQXc1Y7eW0mbzoVVSRYCgJMNWIlJ2gbbRIdYQ1zESB+eBM8LVxxDXpwDHsGbjRRKAh7dh4/QSkwTT8IenQIexMhKl4jCHpiTnEFZnwWdRt4Yk1xA3lzCX0NenYNdQR9dg17Ezw0WSsIeWJIOEEkeQl6A3lzCH8Ff3AOegc Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www11.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 16:11:14 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjbfTL93WWu9FEfEDz11dGfLMLEQB%2F%2Ft5St89%2B1OJMSMj7Quea3O3AdWUFwZVTwRkRgRFVtZQ6JBvZ8CS6zjA69sQzXOFAWYl5fC%2Bn5lPVzIxCxP6uofrOVtKv%2BnqNVIMxArDmxPvaG7jen7ezOQ"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 741e5258aef4901f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	floater pectthatmye.shop/	1 KB 1 KB	540ms 540ms	XHR text/plain	18.66.139.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pectthatmye.shop/floater?cs=S2tZOGN%2FWWkIUX5SawxTeVxqDlU&abt=0&red=1&sm=83&k=&v=0.8.9.0&sts=0&prn=0&emb=0&tid=824473&u=617118225915257&agec=1661703071&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=2000&ref=https%3A%2F%2Fwww11.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F104.0.5112.101%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td1_oi1_&_IPdG=1661703074662&crc=1 Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-67.fra60.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www11.davisonbarker.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Sun, 28 Aug 2022 16:11:15 GMT content-encoding gzip server openresty/1.17.8.2 x-amz-cf-pop FRA60-P4 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www11.davisonbarker.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version content-type text/plain content-length 848 via 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront) x-amz-cf-id QS1Vrq-ueSjjcOTg_yiuSenPJeS7z2SYRpOrEfaF1hiIQXmztKJMRQ==
GET H2	200	/ www73.davisonbarker.pro/pushredirect/	119 B 385 B	215ms 204ms	Document text/html	172.67.186.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www73.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=2&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Requested by Host: www11.davisonbarker.pro URL: https://www11.davisonbarker.pro/am-push-cps.js?puid=23937649&clickid=23937649_545375&allb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg&ob=https%3A%2F%2Fwww73.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&clb=https%3A%2F%2Fwww73.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D23937649%26pci%3D6613063615%26t%3D1661702903%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffolder%252FUBZmjTpZ%2523lyBixpDRHL1xpUjVJKZySg&asb=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.186.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash Request headers Referer https://www11.davisonbarker.pro/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 741e525bff6b7447-LHR content-encoding br content-type text/html; charset=UTF-8 date Sun, 28 Aug 2022 16:11:15 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOi2hmqrcEZQihkfdmV3iMQqPg9Jp69olPWCeaqDzqzMwG43%2FIyoB2xrHo7bT2j9nwDZkNyc7Bhu1qmuTZ30meiPdt7I%2BnwebR22fyK121LiAfAlVS%2Bdi8%2BQSYe3TpQFdtHH5w0UyLS3SQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.3.27 x-turbo-charged-by LiteSpeed
GET H2	200	Primary Request / www78.davisonbarker.pro/pushredirect/ Redirect Chain https://www11.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=1&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg https://www78.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg	5 KB 0	335ms 224ms	Document text/html	172.67.186.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www78.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.186.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 cf-cache-status DYNAMIC cf-ray 741e525f6db37447-LHR content-encoding br content-type text/html; charset=UTF-8 date Sun, 28 Aug 2022 16:11:15 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxbFrBdLNcCdspDr2YeNSb82WljSBiu8ckyHjqvn4VGQAF5xyfwSYIWRiziadfbjEftvrjsg4%2ByfV0rnPFnrZylpZafwf8Qbj7cG7UAFmjns7rgFNsejb6WBTu0D4renmbyDieDPJMXLlQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.3.27 x-turbo-charged-by LiteSpeed Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate, max-age=0 cf-cache-status DYNAMIC cf-ray 741e525d4e3c76e3-LHR content-type text/html; charset=UTF-8 date Sun, 28 Aug 2022 16:11:15 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" location https://www78.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=2&ppi=23937649&pci=6613063615&t=1661702903&dest=https%3A%2F%2Fmega.nz%2Ffolder%2FUBZmjTpZ%23lyBixpDRHL1xpUjVJKZySg nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1Mk5CADDTZHLys8TrITUPS1x1l37yDasMUNuZJRE6v%2F62RknBgsMuXlWdM9NkEK2vZLfndJ0MaJAM366b7zGljJChqCLFXwFJzapDrF9t%2B1jBvmASk98Dgl7dI9ROTpSQ7lGcDVmkdaVA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.3.27 x-turbo-charged-by LiteSpeed
GET		/ dc5k8fg5ioc8s.cloudfront.net/	0 0

GET		logo.png www78.davisonbarker.pro/static/image/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473

Domain: www78.davisonbarker.pro
URL: https://www78.davisonbarker.pro/static/image/logo.png

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www11.davisonbarker.pro/pushredirect	1969-12-31 23:59:59	Name: lastUrlPushTmp Value: www11.davisonbarker.pro
			freychang.fun/	1970-01-20 14:13:27	Name: csu Value: 617118225915257@2@1661703071

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ndandinter.hair/YkV6S1cZZwk8CBc3FmltQC0OPycRf1VkIBUyS3h5BiQMIiQNKxgqJQkgCGUnECpVKjpPNQ84P08mCjh5CDZFOyILIUd5ZFt2TX1jW2MZJz4BLhMvalB2Q3hgVHFDFGVTfE56b0QkFic1Xy0OPycRYEkKclADX3kRDyAdKnkMP195EQQqFi8yEGBIDQIgHxchAxIfX3lkDjw4Ii8SASgDG1M9Ch49NA8xES4xIlwkNV8tDj8nEWBJCnJQA195ERUyDX5iTCEbPT4RKhQpNhAuHzl5EjcVbmUkNQ84PxAgHiIlByYObmUkYEkNIw81X3gTU2BIfTkHMQ0kJQlgSQ9kR3dMIjgRYEkPZ0d3TDg%2BFiBfeBMDIRwnLkd3TChyUQFLbmVUNQoiclEBSHhuUXJMf25Hd0w7NAtgSQ9hVHRJe2FRc0t%2BclBzDm5kJnRMfWZVdUhyZ1FgSH0zBzYObmQmLQ4%2FJxFgSH5kI2BIfmUkYEh%2BZSQoHyw2TCsAbmVXdzwtOA4hHzlyUHBIDQIgHxchAxIfX3liUHYWMhULPQoPBSoJSzMnNy8sARw4PCkscQEpGHY%2FFjEKOHJRBF95EUd3PDwgFXBPZTMDMxM4OAwnGzk8BzdUOyUNYEgNJxc2EjkyBiwILjQWYEgNclEDDiYnR3Y%2BeXJQcxQuIxUqCCByUQFJbmVULBU4clEBSm5lVDYTPzJHdj4qMwQpA25lVCZfeBNTYEh9JxIsX3gTUHZDeGBUcUNuZVQ1GSJyUQFMfWZRdUx4YVNwX3lhFmBJD2ZUc0t8Z1B8SnhyUHMeLiQWYEkPPxYxCjhyUHBJCnJQcEgNclBwSA06ByIbZTkYYEh%2BZSQjFSczBzdfeWJQAy8JDQ8vLjsNR3dPeWQOPDgiLxIBKAMbUz0KHj00DzERLjEiXCokAHgSPyMSNl94Fkd3PG5lJCgfLDZMKwBuZSQjFSczBzdfeRE3ByAmPTY1IG5lUSkDCT4aNT4ZHy50AjsCCBMwAA0bFh1pe0A2Fy11WHRWaSQPM1hxdVZrSWl7QDEbLAgLIVhxdVp0QnlvVGdWaSQXJyUiM1NnQGllUXxJfGFWfFhndREwGBQ%2BBndYcXVQdkN4YFRxQxRlU3xOem9AaVgqOw4nWHF1CjEOOyRYalUmMgUkVCUtTSMVJzMHN1UeFTgoEB8nOGYWMhULPQoPBSoJSzMnNy8sARw4PCksdU5nFSl1WGcSPyMSNkBkeBUyDX5iTCEbPT4RKhQpNhAuHzl5EjcVZCcXNhI5MgYsCC40FmpFPzoSeEttOQcxDSQlCXhJbT4NNkd7cREsDi5qAyEcJy5EJkd6cRI1E3ZlUXxJfGFWfFw7NAt4TH1mUXVMeGFTcFw%2FalNzTHpgUndDe2REIR84I18tDj8nEWBJCnJQA195EQ8gHSp5DD9feREEKhYvMhBgSA0CIB8XIQMSH195ZA48OCIvEgEoAxtTPQoePTQPMREuMSJYZ3UBKRhpbUAtDj8nEX9VZCAVMk9%2BeQYkDCIkDSsYKiUJIAhlJxAqVTsiES0ILjMLNx8oI016DiYnX3dcJTIWMhU5PF92XCI4EXhKbSQLMR92NgYjFjJxAXhLbScSLEd5ZFt2TX1jW2MKKD5fc0x6ZFJzSX1mV2MOdmZUc0t8Z1B8SnhxBiAJP2oKMQ47JEd2O25lJGBIDToHIhtlORhgSA0xDSkeLiVHdzweFTgoEB8nOGBIeDsbBxMzJyYXMgdmGjUvIQEoDiAyBAVnVmk2ESdYcXUKMQ47JFhqVSYyBSRUJS1NIxUnMwc3VR4VOCgQHyc4ZhYyFQs9Cg8FKglLMyc3LywBHDg8KSx1Hw Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://ndandinter.hair/MWRWTEhKRiU7F0QWOm5yEwwiODhCXnljP0YTZ31mVQUgJTteCjQtOloBJGI4Qwt5LSUcFCM%2FIBwHJj9mWxdpPD1YAGt%2BewhXYXp8CEI1ICFSDz8odQNXb39%2FB1BvE30FUWV7fRcFOiAqDAwiODhCQWUNbQMic34OXAExLWZfHnN%2BDlcLOigtQ0FkCh1zPjsmHEE%2Bc357XR0UJTBBIAQEBAAcJhkiZy4dFjFiA3AjKgwMIjg4QkFlDW0DInN%2BDkYTIXt7HwA3OiFCCzguKUMPMz5mQRY5aXp3FCM%2FIEMBMiU6VAciaXp3QWUKPFwUc38MAEFkeiZUECEjOlpBZQh7FFZgJSdCQWUIeBRWYD8hRQFzfwxQADAgMRRWYC9tAiBkaXoHFCYlbQIgZH9xAlNgeHEUVmA8K1hBZQh%2BB1VlfH4CUmd5bQNSIml7dVVgenkGVGR1eAJBZHosVBciaXt1DCI4OEJBZHl7cEFkeXp3QWR5encJMyspHwosaXoEVhAqJ10AMz5tA1FkCh1zPjsmHEE%2Bc359A1c6NQpYHCYIGnkoZzQ4ZA4ABgNrHQUrblIINHEgRRAmP20CJXN%2BDhRWEDs%2FRlNlYixQEj8%2FJ18GNz4jVBZ4PDpeQWQKOEQXPj4tVQ0kKStFQWQKbQIiIiE4FFcSfm0DUjgpPEYLJCdtAiBlaXoHDTk%2FbQIgZml6Bxc%2FOC0UVxItLFcIL2l6BwdzfwwDQWR6OEENc38MA1dvf38HUG9pegcUNSVtAiBgenkCVGB%2FfgBRc35%2BRUFlCHkHUmd7eANdZn9tA1IyKTtFQWUIIEUQJj9tA1FlDW0DUWQKbQNRZAolVAM3YiZLQWR5encCOSAsVBZzfn0DIgMOElwOAjwSFFZjfntdHRQlMEEgBAQEABwmGSJnLh0WMWIDcC07U1k%2BODxBF3N%2FCRRWEGl6dwkzKykfCixpencCOSAsVBZzfg5kJgwhImUUDGl6AggvDiFJFBIeAH1VLjwdWzIcBxJINzFuZBMXOypqC1V6bjtcEnR2agVKZW5kExA3KxdYAHR2aglVbn5wB0Z6bjtEBgklLABGbG56Al1le34FXXRgakIRNBMhVVZ0dmoDV29%2FfwdQbxN9BVFle30TSHQtJF0GdHZqWRAiPDsLS3khLVYFeCIyHgI5ICxUFnkZCmsJPBg4a0c6NQpYHCYIGnkoZzQ4ZA4ABgNrHQUrah1GOS5qC0Y%2BODxBF2xjZ0YTIXt7HwA3OiFCCzguKUMPMz5mQRY5YzhEFz4%2BLVUNJCkrRUtpOCVBWWdqJlQQISM6WlllaiFeF2t8bkINIil1UAAwIDEXB2t%2BbkEUP3F6Al1le34FXXA8K1hZYHp5AlRgf34AUXA4dQBSYH1%2FAVZvfHsXADM%2FPAwMIjg4QkFlDW0DInN%2BDlwBMS1mXx5zfg5XCzooLUNBZAodcz47JhxBPnN%2Be10dFCUwQSAEBAQAHCYZImcuHRYxYgN0YGpSCDRuchMMIjg4Ql55Yz9GE2F%2FZlUFICU7Xgo0LTpaASRiOEMLeTw9QgwkKSxYFjMvPB5bIiE4DFZwIi1FEzk%2BIwxXcCUnQllmajtYEDNxKVUCOjVuUllkajhBDWt%2BewhXYXp8CEImLyEMUmB9ewFSZXp5BEIicXkHUmd7eANdZn9uVQElOHVZECI8OxRXF2l6d0FkCiVUAzdiJktBZAouXggyKToUVhAZCmsJPBg4a0FkfyRIJj80OHU2HgB5SRQDJh57Lww1G1ZGem4pQgZ0dmpZECI8OwtLeSEtVgV4IjIeAjkgLFQWeRkKawk8GDhrRzo1ClgcJggaeShnNDhkDgAGA2sdBStqTA Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ablesasmetotr.monster
atebilaterde.one
dc5k8fg5ioc8s.cloudfront.net
freychang.fun
ndandinter.hair
pectthatmye.shop
www11.davisonbarker.pro
www13.davisonbarker.pro
www55.davisonbarker.pro
www73.davisonbarker.pro
www78.davisonbarker.pro
dc5k8fg5ioc8s.cloudfront.net
www78.davisonbarker.pro
107.22.28.167
172.67.186.48
18.66.139.67
2606:4700:3030::6815:2dcf
2a06:98c1:3120::c
52.222.250.181
99.86.4.42
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a
2a97f848f5619b462f2f6c4b18498159796519251991c4ecdcce1d5dfca98d07
3678ff43e58faabefe5338d6d8a5fa1ee256fbfb1b441beecf5719c4cd847ac3
40f658b68388694aae91c042c94ecf35794a2b47efa15ab6215afbc7d2788fe6
466b31ae7c0fc7a829429202e07a75530455eac40d84d464c20e165ae4481484
6b20a83ff16decb143db6bd71c0130e86a5290c2a11c6974d9068272cbf37f2a
7e7ca6eea1995bd71ba813214c04965bd5ea259b038444ce9f01306cc665c535
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8563c40f4ae4f8823355307b121ce20cb6694c7e0686bdabad529bc1416b8f81
94b0651e01377495f69b34c3c4b5566de85ee29aaefabb23d07acf4ae2d00f5e
bc4720c44ed409f268f5c7791185c5464bd750e81a4e2deb2766b6d4270b4ca8
cd9328388e2cb19705b47a9b9e5a812194c36e312537042571cee990970218e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

www78.davisonbarker.pro Open in urlscan Pro 172.67.186.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

39 Requests

95 %HTTPS

29 %IPv6

7 Domains

11 Subdomains

8 IPs

1 Countries

421 kBTransfer

774 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www78.davisonbarker.pro Open in urlscan Pro
172.67.186.48 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

95 %
HTTPS

29 %
IPv6

7
Domains

11
Subdomains

8
IPs

1
Countries

421 kB
Transfer

774 kB
Size

2
Cookies

39 HTTP transactions
0 data transactions