kj8fy8.i22by2y.xyz Open in urlscan Pro
172.67.144.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://credit-beri.ru/
Effective URL:
https://kj8fy8.i22by2y.xyz/
Submission: On April 14 via automatic, source certstream-suspicious (April 14th 2024, 5:32:44 pm UTC) — Scanned from NL

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 23 HTTP transactions. The main IP is 172.67.144.111, located in United States and belongs to CLOUDFLARENET, US. The main domain is kj8fy8.i22by2y.xyz.
TLS certificate: Issued by E1 on April 13th 2024. Valid for: 3 months.

This is the only time kj8fy8.i22by2y.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	37.252.15.57 37.252.15.57	58061 (SCALAXY-AS) (SCALAXY-AS)
1 1	2606:4700:303... 2606:4700:3032::6815:1e9c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	172.67.144.111 172.67.144.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
23	5

1 37.252.15.57 (Netherlands)

ASN58061 (SCALAXY-AS, LV)

credit-beri.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:1e9c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ajurebin.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.67.144.111 (United States)

ASN13335 (CLOUDFLARENET, US)

kj8fy8.i22by2y.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	i22by2y.xyz kj8fy8.i22by2y.xyz	2 MB
4	gstatic.com fonts.gstatic.com	98 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	4 KB
1	ajurebin.xyz 1 redirects ajurebin.xyz	676 B
1	credit-beri.ru credit-beri.ru	1 KB
23	5

	Domain	Requested by
16	kj8fy8.i22by2y.xyz	kj8fy8.i22by2y.xyz
4	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	kj8fy8.i22by2y.xyz
1	ajurebin.xyz	1 redirects
1	credit-beri.ru
23	5

This site contains no links.

Subject Issuer	Validity	Valid
credit-beri.ru R3	`2024-04-14` - `2024-07-13`	3 months	crt.sh
i22by2y.xyz E1	`2024-04-13` - `2024-07-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://kj8fy8.i22by2y.xyz/
Frame ID: 12B6B46A9FE5D8C35FDA1D72415B20E1
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page URL History Show full URLs

https://credit-beri.ru/ Page URL
https://ajurebin.xyz/?s=OO57UtlfXj HTTP 302
https://kj8fy8.i22by2y.xyz/ Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

23
Requests

96 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

2605 kB
Transfer

3598 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://credit-beri.ru/ Page URL
https://ajurebin.xyz/?s=OO57UtlfXj HTTP 302
https://kj8fy8.i22by2y.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
credit-beri.ru/ 1 KB
1 KB 707ms
512ms Document
text/html 37.252.15.57
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://credit-beri.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 37.252.15.57 , Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
Software: Caddy nginx /
Resource Hash: c6a38477a3ef7872ceb3720dbd434351ffd461ad899bec71273ad724dc6c8bbf

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 14 Apr 2024 17:32:39 GMT
server: Caddy nginx

GET
H3

200

Primary Request / Show response
kj8fy8.i22by2y.xyz/
Redirect Chain

https://ajurebin.xyz/?s=OO57UtlfXj
https://kj8fy8.i22by2y.xyz/

543 B
749 B

206ms
170ms

Document
text/html

172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kj8fy8.i22by2y.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: 87a89f2d1bfc670b14b65a14e1c5d226242008320abb878124f5679912282552

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://credit-beri.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87456fbecd801c77-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 14 Apr 2024 17:32:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=abSJAAKmmSjXW6Q1azKwUrkMxwNVeIk3KQJmtVRZ7pLEQWWK%2FcSN9o9hAvA1veujZhj%2BiEfXE9oLV5t3Bx1bxw30qny3oqa4vt9tB6DU65BYvEHamS3hJ9TY%2Feg5w0CNThyrlJQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.17

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87456fb93ee8a000-AMS
content-type: text/html; charset=UTF-8
date: Sun, 14 Apr 2024 17:32:40 GMT
location: https://kj8fy8.i22by2y.xyz
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SnT%2Fefo6dpYOKfeYwAMK8Tp6tR4hjBLAypGgJlATkXLkFr0c6%2B4hjDyNbWBoeL5bUwMIaj6LrlHKL1vLo2TZLKdu8R3CbXfMacoOj5lNRgf3FX8ogcHGlytFp8tA2FgREWAqCYxKtOarGls%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET favicon.ico
credit-beri.ru/ 0
0

GET
H3 200 main.7034e3f2.js Show response
kj8fy8.i22by2y.xyz/static/js/ 1017 KB
213 KB 45ms
45ms Script
application/javascript 172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kj8fy8.i22by2y.xyz/static/js/main.7034e3f2.js?44343444321543545354546543465487343434344433234434345432343444343432=2432
Requested by: Host: kj8fy8.i22by2y.xyz
URL: https://kj8fy8.i22by2y.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61050a59a0080ed406204cf5f750667ca19417d13751d506cac7cd1b43787e76

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kj8fy8.i22by2y.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 17:32:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Mar 2024 19:32:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5637
etag: W/"660322d4-fe4a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D3q2GZ9UcLPzu5cZoI71VZ9VVzxE6iLMyUKkRAt0NbJqkfPFNgtvbhsnh1KbwYlyrPjYw4G2LNxIMHPCjcZSS6%2BWOC9NruIP1HICIAkvcnrwAoQKRO6NLmRTE1mAyNx7WqitAhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 87456fbfef341c77-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.9459521f.css
kj8fy8.i22by2y.xyz/static/css/ 48 KB
13 KB 29ms
29ms Stylesheet
text/css 172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kj8fy8.i22by2y.xyz/static/css/main.9459521f.css?43434444344323343334344433343322343=1333324433
Requested by: Host: kj8fy8.i22by2y.xyz
URL: https://kj8fy8.i22by2y.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4f1ca0fc22f5d33f5859f2d2012081577c9b16b32236250db9ce48a15b55a5a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kj8fy8.i22by2y.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 17:32:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2024 17:47:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5637
etag: W/"65f87e2a-c017"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7oHH52u3jwkBxnPUac9w1GcET7c%2By%2FB051TOY08Qny4yXcyITx7Nxi5iE%2FPe0IU3C%2F9fNUd8ISYSj2z1ziS%2Fmcgmt4BTIRYeK19obv%2B9u8t23FXbjFsdkjYsfmJ3HB%2F9Dbr3DpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 87456fbfef371c77-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 148 KB
4 KB 101ms
39ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Noto+Sans+Display:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: kj8fy8.i22by2y.xyz
URL: https://kj8fy8.i22by2y.xyz/static/css/main.9459521f.css?43434444344323343334344433343322343=1333324433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d86a0ae145ac8878dfcee5fff3488fea1f39b1ddc5100df590832de6788d09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kj8fy8.i22by2y.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 14 Apr 2024 17:32:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 14 Apr 2024 17:32:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Apr 2024 17:32:40 GMT

GET
H3 200 logo.cb629da1b2433fe1ce3c.png
kj8fy8.i22by2y.xyz/static/media/ 26 KB
26 KB 47ms
47ms Image
image/png 172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kj8fy8.i22by2y.xyz/static/media/logo.cb629da1b2433fe1ce3c.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 880060a9735b77f0fbda171fc1a573bd8bb8e3f123edcaae9cd19e7852207ff3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kj8fy8.i22by2y.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 17:32:40 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Feb 2024 16:54:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5612
etag: "65ccf04a-67e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KRUOsIbpUoK9A%2FKom651o5uRRL7q73taWSUKJI%2BcTVoB85C3fuTzJ%2Fq8r2oxhMJIlnQzXbsgfPN2meRp2JiidW3Pl5DJ3IYEOMg8x7KuizA5pBPTkID0Rur8yAk%2Fc4LSElDWMk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87456fc159d31c77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 26592

GET
H3 200 lady2.79f158d136350fc8b985.png
kj8fy8.i22by2y.xyz/static/media/ 572 KB
572 KB 28ms
28ms Image
image/png 172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kj8fy8.i22by2y.xyz/static/media/lady2.79f158d136350fc8b985.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3852bf203ddc2aa50997385185991d8c9195347555e07a87ad4e42a7ea7f019

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kj8fy8.i22by2y.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 17:32:40 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Mar 2024 06:19:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5612
etag: "65eff405-8efcc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QwJu%2Buy4f92QTG62zoItnIUv7GPdXQydiKj536mfSmyvk4hv%2BaPWj4g6WJ38MFrEbAZxdMQeh5Cw8OU6tz%2F%2BvAYG7qonNPkq1G18%2B4H0NoCq3zUOvqwQYkUrg89fcvITAfupvPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87456fc159d61c77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 585676

GET
DATA 200
OK truncated
/ 391 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 512755eb4f97ad98ad40b346d7ff7daec949bc0b9fb21738cd5ac7df79f96fad

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 relaoad.2d028a9564048741880f.gif
kj8fy8.i22by2y.xyz/static/media/ 63 KB
63 KB 69ms
68ms Image
image/gif 172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kj8fy8.i22by2y.xyz/static/media/relaoad.2d028a9564048741880f.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 549ef60a9d8c7529a810d1ee4cdc3acfee86a8abde1842f9e17807ef5eac7e30

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kj8fy8.i22by2y.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 17:32:40 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Feb 2024 16:54:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5612
etag: "65ccf04a-fa03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=he8WvYEynCmwNHVpq3WetrDLtwt2aetQINJKTMBZKHZyodzv94dKJv%2ByQgKjBeSkNgXX%2F8BUbaM4yl0MDrtY94HRlrdXeGz8qmDX3yliIpvrKj9dBJjqLiUwhQFhCaECaRGMFjs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87456fc159d91c77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 64003

GET
DATA 200
OK truncated
/ 370 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba87936f8521a0f8b4087b66b0f56ffb4d274831bbffbf446f17164b345ad25

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cat2.689acb75328e3a367318.gif
kj8fy8.i22by2y.xyz/static/media/ 1 MB
1 MB 70ms
70ms Image
image/gif 172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kj8fy8.i22by2y.xyz/static/media/cat2.689acb75328e3a367318.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f768ffd9420117cdc6610a815de6f3839761515eb652921f20acf9a27fb738cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kj8fy8.i22by2y.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 17:32:40 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Feb 2024 16:54:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5612
etag: "65ccf04a-1411c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3IPq3jua8rpuDHY%2FaAcZAe0WcElQOw7p5qGGwq%2FkDZcG8KKa9eNOoRLYP%2Fy%2BQ17GllgNDGqkSpAYPBgsTkThx3ggdrBNbNwgir4HPIm2WLs0YUtUtgBUslUx46S%2FV42OiwJZi7s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87456fc159da1c77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1315271

GET
H3 200 22.d552bbdc0829c82af6b5.gif
kj8fy8.i22by2y.xyz/static/media/ 13 KB
14 KB 106ms
106ms Image
image/gif 172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kj8fy8.i22by2y.xyz/static/media/22.d552bbdc0829c82af6b5.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 642469226edf7d572ea60bb5368e4b97e9d271090bb1c8fb36bd8194ea70e63c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kj8fy8.i22by2y.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 17:32:40 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Feb 2024 16:54:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5612
etag: "65ccf04a-349f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CUobI5d8s0KWknv%2BF6m2omF2VROGTU1a0asSakoNkK4ROcCNL5c1n67WP8eZ0IzQ1c2PAaGO6%2BxGIvM3pdn6EMuX275Di5GlrRlCKbJaL3uMdIfVdHgz9knxNaCrJebFIoCex8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87456fc159dd1c77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13471

GET
H3 200 win.9e5419c0c69798b9483f.png
kj8fy8.i22by2y.xyz/static/media/ 16 KB
17 KB 108ms
107ms Image
image/png 172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kj8fy8.i22by2y.xyz/static/media/win.9e5419c0c69798b9483f.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1a416592d704ef067c1b427b05d9ccefc8e3cd57862bc2f758ba58b1b9f713f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kj8fy8.i22by2y.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 17:32:40 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Feb 2024 16:54:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5612
etag: "65ccf04a-41c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZ5VvftGF0YpRy7JJue0Sjo25l7TY%2FHyajlZoacEsVsjr8DJDmJigIlXM1DRulLsWLez8yz60UEVsT1ak7O73t3ur%2FCo%2FEFZrhvnBpt2qAqysszfLycIgwI8lr5GGTtUI7q5gas%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87456fc159de1c77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16833

GET
DATA 200
OK truncated
/ 636 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 522351b537c2b98ab27c030be965a75c97650f589a4f70d40d4b52cc058ed990

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 608488f4592a3ea494964e8fd428c47986679a94935823b0ffc835ce7d49dd27

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11d7a6fc6110af53914c734efe171692836766cd7a2dd5a3a3e9d924e000fc43

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2c7a261cefc6a521d8df9fa8ba6475a2a9f0cf2621ffc97ece3cca8aa520ecc

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reload.760d59a744727ae3371631d4715e03b0.svg
kj8fy8.i22by2y.xyz/static/media/ 467 B
781 B 108ms
107ms Image
image/svg+xml 172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kj8fy8.i22by2y.xyz/static/media/reload.760d59a744727ae3371631d4715e03b0.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b882eea529684957045c67cb38aeebff40b65470afb6679683f684b2af0ea3db

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kj8fy8.i22by2y.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 17:32:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Feb 2024 16:54:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5612
etag: W/"65ccf04a-1d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1FpSUJPizw6BrYUXtaPX40A7bm0L5lZvYUau%2BmM%2B3c0lj2ZVxv75wD%2BpjIPjj6FgXvezGb%2FLo00%2BuxcTRYK9Spdkp%2F4giAv7VguVI8M7clsW7NUhG%2F4pVXm8l%2FlY4Chy5rLOJU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 87456fc159e01c77-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 boc.cc2c993feeca3dd084f2.png
kj8fy8.i22by2y.xyz/static/media/ 191 KB
191 KB 108ms
108ms Image
image/png 172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kj8fy8.i22by2y.xyz/static/media/boc.cc2c993feeca3dd084f2.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52ee3b7aa3be587e21d530a2d039d686384a64f2b9b84e22f86015c435a5fdae

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kj8fy8.i22by2y.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 17:32:40 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Feb 2024 16:54:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5612
etag: "65ccf04a-2fb7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDgAcr0tpRAUMLWke72Inppkzkd8fRCgYE%2BhRGwn6meEBudkJvxUU3OWwAlXQsZWYWDufOAXTNmc5jiOKnS3YugfJJWCFv4zeuVEgceTHqEd9alcQqdLfLSf6FAAl3gJFtJdXz4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87456fc159e11c77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 195455

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 515f690dd21d65cee0e3ccd511d87e05a62e14df5c5d6f8fe8b5172cea5b8664

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 send.fd3b7a9df8a7871da910.png
kj8fy8.i22by2y.xyz/static/media/ 16 KB
16 KB 128ms
128ms Image
image/png 172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kj8fy8.i22by2y.xyz/static/media/send.fd3b7a9df8a7871da910.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24d6bbcd1b9377b8dd47e486aed7e9430c5057d0aa5cda90e4f327f71e004e92

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kj8fy8.i22by2y.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 17:32:40 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Feb 2024 16:54:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5607
etag: "65ccf04a-3e81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SgbNZK55JUFfN9pSdnwR8dyFTFnL3YLQdxfLdU8297U%2B3wN4iZfSebISCkIHOR77N5JQiSpyyAnyG3adKLQ%2FMqio48MVMVKR1ox7rIubw9MzAuj0i8ei%2BK5yUzGtt6yKa%2FDhQx4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87456fc159e21c77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16001

GET
H3 200 w1.jpg
kj8fy8.i22by2y.xyz/img/people/ 14 KB
15 KB 129ms
128ms Image
image/jpeg 172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kj8fy8.i22by2y.xyz/img/people/w1.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53a5d05b9d0fda1128549e4282ae0810f03fe6dfb99d7f0e57ba9700fa19c76e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kj8fy8.i22by2y.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 17:32:40 GMT
cf-cache-status: HIT
last-modified: Tue, 26 Mar 2024 19:00:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5612
etag: "66031b34-394e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2BM%2FKfB%2FdDETd%2BflY1%2BbJ55xAzoNuvG2JJqwjw3bu%2BzZ%2BJryMPqXMjPoQ1CZ5Gdy%2Bd%2FNFD8HNTer0W7%2B16Bq9P7wafd7MqidXbYdVSA2gJndMmVre6S63lbRYXRkDAF4vkesYeU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 87456fc159e31c77-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14670

GET
H3 206 win.mp3
kj8fy8.i22by2y.xyz/ 51 KB
51 KB 126ms
126ms Media
audio/mpeg 172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kj8fy8.i22by2y.xyz/win.mp3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7447421e7ed505a703d8151e6620d53ae4d86448e2b4542e54a98c76d8e5d10e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://kj8fy8.i22by2y.xyz/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 17:32:40 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 15:47:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5607
etag: "65cb8f12-cb70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Sa9RD9u3lPNpgn57ScDJyxz1UA7jX2lLyuLRqlBQQamlo2eXW67L%2ByXBLdHnjllLsszbUeQ%2BZ8vIozctX2JfBGC6tI06fdjBTE%2B53K%2BQTgwcofiSmeJpSS7lT%2BNYBW29mwCGjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-52079/52080
cache-control: max-age=14400
cf-ray: 87456fc159e41c77-AMS
alt-svc: h3=":443"; ma=86400
Content-Length: 52080

GET
H3 206 lose.mp3
kj8fy8.i22by2y.xyz/ 22 KB
23 KB 109ms
109ms Media
audio/mpeg 172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kj8fy8.i22by2y.xyz/lose.mp3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3821e2f3f5ddd3032c48ad97a60cdb856a81955b9acf6b4431efb5bcf6404155

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://kj8fy8.i22by2y.xyz/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 17:32:40 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 15:46:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5607
etag: "65cb8eda-5990"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4MIBlyfQSJDXjbmfeQHGb36AML6ZWheZPLYPVYMfAq11mZHb393CfbUo9ATKVruABV2qly5ODEcjv40S2%2B74Orw4t1yBaL5GCF2OcASVw7irTyC2ynyZwLUhZBtUzyXKaoVLDms%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-22927/22928
cache-control: max-age=14400
cf-ray: 87456fc159e61c77-AMS
alt-svc: h3=":443"; ma=86400
Content-Length: 22928

GET
H3 200 favicon.ico
kj8fy8.i22by2y.xyz/ 554 B
773 B 108ms
108ms Other
text/html 172.67.144.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kj8fy8.i22by2y.xyz/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.144.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: 180e69055c260f75bdac60084ef8e6483183f8fa4087783db49dbe3aef76c225

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://kj8fy8.i22by2y.xyz/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 17:32:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Apr 2024 16:01:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5500
x-powered-by: PHP/8.2.17
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2IdcFCnR3aN1tEOZfpS%2FjAPJ7IQoXChq3Gc6ELRok2MVuC%2F%2Bhy1wAgANQiNObTOiBUP9hl5u%2Bamxisklu87%2Bm0PKxmO40%2F9gzxOZquLqCse1MHNepywQf%2BF1EYMVvYqM5SQH%2BCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 87456fc159e71c77-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 226ms
29ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Noto+Sans+Display:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Rubik:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://kj8fy8.i22by2y.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 15:53:06 GMT
x-content-type-options: nosniff
age: 92374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 15:53:06 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvk4jLeTY.woff2
fonts.gstatic.com/s/firasans/v17/ 11 KB
11 KB 219ms
25ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvk4jLeTY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be5cf1e8ed609c752deeec348b79d89a0950ef5e0455518755ba0506507fb4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://kj8fy8.i22by2y.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 22:11:03 GMT
x-content-type-options: nosniff
age: 501697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10768
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Apr 2025 22:11:03 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 17 KB
17 KB 263ms
70ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eba9487840439a0fa53c9be0541c524bb84b590a7af8c86573ceb1fe19c4bda9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://kj8fy8.i22by2y.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 21:56:48 GMT
x-content-type-options: nosniff
age: 156952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17600
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:48:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Apr 2025 21:56:48 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
23 KB 251ms
57ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://kj8fy8.i22by2y.xyz
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 09:10:45 GMT
x-content-type-options: nosniff
age: 116515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23880
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 09:10:45 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: credit-beri.ru
URL: https://credit-beri.ru/favicon.ico

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| __reactRouterVersion

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
credit-beri.ru/	1970-01-20 19:52:03	Name: XSRF-TOKEN Value: eyJpdiI6Ilp3K3NTSkwxcEJuYTA3eFhZRzNtVnc9PSIsInZhbHVlIjoiK2xpVkRmN3BvZjZSTndmRVZsbUVuTXU3c0VlVW9Ub0U4REhIQlBUa3J2MG5VeDBvNnk5c3JBQWZyeWhZSk1DSzZzUHJGV0VacGs1QjIwZEdmai84dGdvWVNpMmpmU00rNGhDME14d2VycXJrSmEvVDVvOWZHeDBQbHJBaWxxc2IiLCJtYWMiOiIyZmUwN2ZhNmJjYzc5ZGNmZDcxMDBmYjUwYjExZmRjMTg1NmMwYjI2NjcyYjg5YTliZGFmZTEyOTczOTFmYmRlIiwidGFnIjoiIn0%3D
credit-beri.ru/	1970-01-20 19:52:03	Name: laravel_session Value: eyJpdiI6ImhsR1dRUWFENEtxWFpISUJwSGZZcUE9PSIsInZhbHVlIjoiRWtwNXFGRy91Mit2VGYzOUhOYmZwc1lFT1FCVXg1Lzk3WjkxSmk2Z1RFVXo2aDB4eGloQVhvbk1tWHlrWWxZamlGWkJMKzdxdGY1ajR5UE9WRzdML2piYjlvWXR4dEo2MkNPVEhDK2ZLNmlzeXNWeTlsNG9jL1lod0I3cC8rVy8iLCJtYWMiOiJmOGJjYzQ2ODc4NDM3NWIyMDM2YmM4YjFiOTY0ODgzYTg0YmY2ZWE4MWUwNzZmODcxNDY3ZGY4MWUxNmEwMDYzIiwidGFnIjoiIn0%3D
ajurebin.xyz/	1970-01-21 05:27:55	Name: hash Value: 0445a29785b027545da23ebcc05bb32f
ajurebin.xyz/	1970-01-21 05:27:55	Name: stream Value: OO57UtlfXj
ajurebin.xyz/	1970-01-21 05:27:55	Name: com Value: 5
ajurebin.xyz/	1970-01-21 05:27:55	Name: user Value: 5860085409

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://credit-beri.ru/favicon.ico Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajurebin.xyz
credit-beri.ru
fonts.googleapis.com
fonts.gstatic.com
kj8fy8.i22by2y.xyz
credit-beri.ru
172.67.144.111
2606:4700:3032::6815:1e9c
2a00:1450:4001:800::2003
2a00:1450:4001:80e::200a
37.252.15.57
11d7a6fc6110af53914c734efe171692836766cd7a2dd5a3a3e9d924e000fc43
180e69055c260f75bdac60084ef8e6483183f8fa4087783db49dbe3aef76c225
24d6bbcd1b9377b8dd47e486aed7e9430c5057d0aa5cda90e4f327f71e004e92
3821e2f3f5ddd3032c48ad97a60cdb856a81955b9acf6b4431efb5bcf6404155
3ba87936f8521a0f8b4087b66b0f56ffb4d274831bbffbf446f17164b345ad25
3d86a0ae145ac8878dfcee5fff3488fea1f39b1ddc5100df590832de6788d09b
512755eb4f97ad98ad40b346d7ff7daec949bc0b9fb21738cd5ac7df79f96fad
515f690dd21d65cee0e3ccd511d87e05a62e14df5c5d6f8fe8b5172cea5b8664
522351b537c2b98ab27c030be965a75c97650f589a4f70d40d4b52cc058ed990
52ee3b7aa3be587e21d530a2d039d686384a64f2b9b84e22f86015c435a5fdae
53a5d05b9d0fda1128549e4282ae0810f03fe6dfb99d7f0e57ba9700fa19c76e
549ef60a9d8c7529a810d1ee4cdc3acfee86a8abde1842f9e17807ef5eac7e30
608488f4592a3ea494964e8fd428c47986679a94935823b0ffc835ce7d49dd27
61050a59a0080ed406204cf5f750667ca19417d13751d506cac7cd1b43787e76
642469226edf7d572ea60bb5368e4b97e9d271090bb1c8fb36bd8194ea70e63c
6be5cf1e8ed609c752deeec348b79d89a0950ef5e0455518755ba0506507fb4e
7447421e7ed505a703d8151e6620d53ae4d86448e2b4542e54a98c76d8e5d10e
87a89f2d1bfc670b14b65a14e1c5d226242008320abb878124f5679912282552
880060a9735b77f0fbda171fc1a573bd8bb8e3f123edcaae9cd19e7852207ff3
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
b882eea529684957045c67cb38aeebff40b65470afb6679683f684b2af0ea3db
c2c7a261cefc6a521d8df9fa8ba6475a2a9f0cf2621ffc97ece3cca8aa520ecc
c6a38477a3ef7872ceb3720dbd434351ffd461ad899bec71273ad724dc6c8bbf
d1a416592d704ef067c1b427b05d9ccefc8e3cd57862bc2f758ba58b1b9f713f
eba9487840439a0fa53c9be0541c524bb84b590a7af8c86573ceb1fe19c4bda9
f3852bf203ddc2aa50997385185991d8c9195347555e07a87ad4e42a7ea7f019
f4f1ca0fc22f5d33f5859f2d2012081577c9b16b32236250db9ce48a15b55a5a
f768ffd9420117cdc6610a815de6f3839761515eb652921f20acf9a27fb738cf

kj8fy8.i22by2y.xyz Open in urlscan Pro 172.67.144.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

2605 kBTransfer

3598 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kj8fy8.i22by2y.xyz Open in urlscan Pro
172.67.144.111 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

2605 kB
Transfer

3598 kB
Size

6
Cookies

23 HTTP transactions
7 data transactions