Submitted URL: http://getyour-cs2invite.com/
Effective URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112...
Submission: On November 11 via api from US — Scanned from DE

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 30 HTTP transactions. The main IP is 104.21.59.147, located in and belongs to . The main domain is qwfuu.abyssalforge.top.
TLS certificate: Issued by E1 on October 11th 2023. Valid for: 3 months.
This is the only time qwfuu.abyssalforge.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 64.225.91.73 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 64.190.63.136 47846 (SEDO-AS)
1 205.234.175.175 30081 (CACHENETW...)
2 2 173.239.53.32 27257 (WEBAIR-IN...)
1 2 3.33.192.145 16509 (AMAZON-02)
1 1 2a03:b0c0:3:d... 14061 (DIGITALOC...)
1 1 172.67.142.37 13335 (CLOUDFLAR...)
21 104.21.59.147 ()
2 2a00:1450:400... ()
30 8
Apex Domain
Subdomains
Transfer
21 abyssalforge.top
qwfuu.abyssalforge.top
cdnstatic.abyssalforge.top
356 KB
5 getyour-cs2invite.com
getyour-cs2invite.com
ww2.getyour-cs2invite.com
4 KB
2 gstatic.com
www.gstatic.com
18 KB
2 martlochoco3.online
martlochoco3.online — Cisco Umbrella Rank: 184420
1 KB
1 altairaquilae.top
qwfuu.altairaquilae.top — Cisco Umbrella Rank: 451144
738 B
1 proffering.xyz
main.proffering.xyz — Cisco Umbrella Rank: 452095
958 B
1 minsonbar.online
xml-v4.minsonbar.online
293 B
1 sedodna.com
xml.sedodna.com — Cisco Umbrella Rank: 396778
211 B
1 sedoparking.com
img.sedoparking.com — Cisco Umbrella Rank: 70629
5 KB
1 domaincntrol.com
domaincntrol.com — Cisco Umbrella Rank: 228745
350 B
30 10
Domain Requested by
19 qwfuu.abyssalforge.top martlochoco3.online
qwfuu.abyssalforge.top
cdnstatic.abyssalforge.top
4 ww2.getyour-cs2invite.com 2 redirects getyour-cs2invite.com
ww2.getyour-cs2invite.com
2 www.gstatic.com cdnstatic.abyssalforge.top
2 cdnstatic.abyssalforge.top qwfuu.abyssalforge.top
cdnstatic.abyssalforge.top
2 martlochoco3.online 1 redirects ww2.getyour-cs2invite.com
1 qwfuu.altairaquilae.top 1 redirects
1 main.proffering.xyz 1 redirects
1 xml-v4.minsonbar.online 1 redirects
1 xml.sedodna.com 1 redirects
1 img.sedoparking.com ww2.getyour-cs2invite.com
1 domaincntrol.com getyour-cs2invite.com
1 getyour-cs2invite.com
30 12

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-01 -
2024-02-28
a year crt.sh
abyssalforge.top
E1
2023-10-11 -
2024-01-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh

This page contains 1 frames:

Frame: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Frame ID: BE26BD9CD229AED919B73A6108C00087
Requests: 38 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://getyour-cs2invite.com/ Page URL
  2. http://ww2.getyour-cs2invite.com/ Page URL
  3. http://ww2.getyour-cs2invite.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D-f50X6OMmb8... HTTP 302
    http://ww2.getyour-cs2invite.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D-f50X6OMmb8... HTTP 302
    http://xml.sedodna.com/click?i=-f50X6OMmb8_0 HTTP 302
    http://martlochoco3.online/api/v1/px?xmlid=wblS2kyBMIRDKZO9RoGNX3I0YuLfWzA9fLDoswah Page URL
  4. http://martlochoco3.online/api/v1/pxcheck?impId=wblS2kyBMIRDKZO9RoGNX3I0YuLfWzA9fLDoswah&minfo=eyJjb29r... HTTP 302
    http://xml-v4.minsonbar.online/click?seat=2669875&i=1ntGE3tIUEU_0 HTTP 302
    https://main.proffering.xyz/15GU5A?zoneid=c2a4542b04a00864878236fad&pubfeed=295724/295724.c2a4542b04a008... HTTP 302
    https://qwfuu.altairaquilae.top/?pl=W7-lkuObDEWXzHM4LgqUhA&sub_id=ar&click_id=29e4317eaaba6f5ebb81d55b23de2e... HTTP 302
    https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Page Statistics

30
Requests

80 %
HTTPS

30 %
IPv6

10
Domains

12
Subdomains

8
IPs

2
Countries

382 kB
Transfer

512 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://getyour-cs2invite.com/ Page URL
  2. http://ww2.getyour-cs2invite.com/ Page URL
  3. http://ww2.getyour-cs2invite.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D-f50X6OMmb8_0&v=ZDFmZDNlYzU4Y2UyNjEzMzk4NmNhNWZlODA3NzY1ZjQJMQl3dzIuZ2V0eW91ci1jczJpbnZpdGUuY29tNjU1MDBmZGVhOGU3MDguMjgwMDE4NTEJd3cyLmdldHlvdXItY3MyaW52aXRlLmNvbTY1NTAwZmRlYThlYzkyLjIwMTQ3NDAzCTE2OTk3NDU3NTkJYWRfNjNfMA==&l=OAljYWNjNzAwZWY4Nzc2M2Y0Y2ZlMzhkYmQ4MGQwNWJjOQkwCTQ4CTAJMmEyNjM1ZDU2NzNmN2Y1OGM0MWMzMGZkZTUwOWUzMjEJNTEzODYyNTE0CWdldHlvdXItY3MyaW52aXRlCTAJNjMJNwk1CTE2OTk3NDU3NTkJMC4wMDAxODkJTgkwCTEJMTgwNQkxMjA1CTUwMTcyMDE2NQkxOTMuMzIuMjQ4LjIwOAkw HTTP 302
    http://ww2.getyour-cs2invite.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D-f50X6OMmb8_0&v=ZDFmZDNlYzU4Y2UyNjEzMzk4NmNhNWZlODA3NzY1ZjQJMQl3dzIuZ2V0eW91ci1jczJpbnZpdGUuY29tNjU1MDBmZGVhOGU3MDguMjgwMDE4NTEJd3cyLmdldHlvdXItY3MyaW52aXRlLmNvbTY1NTAwZmRlYThlYzkyLjIwMTQ3NDAzCTE2OTk3NDU3NTkJYWRfNjNfMA==&l=OAljYWNjNzAwZWY4Nzc2M2Y0Y2ZlMzhkYmQ4MGQwNWJjOQkwCTQ4CTAJMmEyNjM1ZDU2NzNmN2Y1OGM0MWMzMGZkZTUwOWUzMjEJNTEzODYyNTE0CWdldHlvdXItY3MyaW52aXRlCTAJNjMJNwk1CTE2OTk3NDU3NTkJMC4wMDAxODkJTgkwCTEJMTgwNQkxMjA1CTUwMTcyMDE2NQkxOTMuMzIuMjQ4LjIwOAkw HTTP 302
    http://xml.sedodna.com/click?i=-f50X6OMmb8_0 HTTP 302
    http://martlochoco3.online/api/v1/px?xmlid=wblS2kyBMIRDKZO9RoGNX3I0YuLfWzA9fLDoswah Page URL
  4. http://martlochoco3.online/api/v1/pxcheck?impId=wblS2kyBMIRDKZO9RoGNX3I0YuLfWzA9fLDoswah&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExOS4wLjYwNDUuMTIzIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cDovL21hcnRsb2Nob2NvMy5vbmxpbmUvYXBpL3YxL3B4P3htbGlkPXdibFMya3lCTUlSREtaTzlSb0dOWDNJMFl1TGZXekE5ZkxEb3N3YWgiLCJkZXZpY2VTcmVlblNpemUiOiIxMjAweDE2MDAiLCJkZXZpY2VXaW5kb3dTaXplIjoiMTIwMHgxNjAwIiwid25kMnNyY1JhdGlvTHdyMDYiOmZhbHNlLCJlZmZlY3RpdmVUeXBlIjoiNGciLCJpc0JvdCI6Im9mZiJ9 HTTP 302
    http://xml-v4.minsonbar.online/click?seat=2669875&i=1ntGE3tIUEU_0 HTTP 302
    https://main.proffering.xyz/15GU5A?zoneid=c2a4542b04a00864878236fad&pubfeed=295724/295724.c2a4542b04a00864878236fad&campaign=1183974&cost=0.000421&external_id=295724 HTTP 302
    https://qwfuu.altairaquilae.top/?pl=W7-lkuObDEWXzHM4LgqUhA&sub_id=ar&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112 HTTP 302
    https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://ww2.getyour-cs2invite.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D-f50X6OMmb8_0&v=ZDFmZDNlYzU4Y2UyNjEzMzk4NmNhNWZlODA3NzY1ZjQJMQl3dzIuZ2V0eW91ci1jczJpbnZpdGUuY29tNjU1MDBmZGVhOGU3MDguMjgwMDE4NTEJd3cyLmdldHlvdXItY3MyaW52aXRlLmNvbTY1NTAwZmRlYThlYzkyLjIwMTQ3NDAzCTE2OTk3NDU3NTkJYWRfNjNfMA==&l=OAljYWNjNzAwZWY4Nzc2M2Y0Y2ZlMzhkYmQ4MGQwNWJjOQkwCTQ4CTAJMmEyNjM1ZDU2NzNmN2Y1OGM0MWMzMGZkZTUwOWUzMjEJNTEzODYyNTE0CWdldHlvdXItY3MyaW52aXRlCTAJNjMJNwk1CTE2OTk3NDU3NTkJMC4wMDAxODkJTgkwCTEJMTgwNQkxMjA1CTUwMTcyMDE2NQkxOTMuMzIuMjQ4LjIwOAkw HTTP 302
  • http://ww2.getyour-cs2invite.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D-f50X6OMmb8_0&v=ZDFmZDNlYzU4Y2UyNjEzMzk4NmNhNWZlODA3NzY1ZjQJMQl3dzIuZ2V0eW91ci1jczJpbnZpdGUuY29tNjU1MDBmZGVhOGU3MDguMjgwMDE4NTEJd3cyLmdldHlvdXItY3MyaW52aXRlLmNvbTY1NTAwZmRlYThlYzkyLjIwMTQ3NDAzCTE2OTk3NDU3NTkJYWRfNjNfMA==&l=OAljYWNjNzAwZWY4Nzc2M2Y0Y2ZlMzhkYmQ4MGQwNWJjOQkwCTQ4CTAJMmEyNjM1ZDU2NzNmN2Y1OGM0MWMzMGZkZTUwOWUzMjEJNTEzODYyNTE0CWdldHlvdXItY3MyaW52aXRlCTAJNjMJNwk1CTE2OTk3NDU3NTkJMC4wMDAxODkJTgkwCTEJMTgwNQkxMjA1CTUwMTcyMDE2NQkxOTMuMzIuMjQ4LjIwOAkw HTTP 302
  • http://xml.sedodna.com/click?i=-f50X6OMmb8_0 HTTP 302
  • http://martlochoco3.online/api/v1/px?xmlid=wblS2kyBMIRDKZO9RoGNX3I0YuLfWzA9fLDoswah

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
getyour-cs2invite.com/
593 B
582 B
Document
General
Full URL
http://getyour-cs2invite.com/
Protocol
HTTP/1.1
Server
64.225.91.73 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 11 Nov 2023 23:35:57 GMT
etag
W/"63f68860-251"
last-modified
Wed, 22 Feb 2023 21:25:52 GMT
server
nginx/1.18.0 (Ubuntu)
transfer-encoding
chunked
/
domaincntrol.com/
34 B
350 B
Fetch
General
Full URL
https://domaincntrol.com/?orighost=http://getyour-cs2invite.com/
Requested by
Host: getyour-cs2invite.com
URL: http://getyour-cs2invite.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://getyour-cs2invite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x_details
{"destination":"sedo","orighost":"getyour-cs2invite.com","type":"org","finalurl":"http://ww2.getyour-cs2invite.com","browser":"chrome","os":"windows","country":"DE","device":"desktop","isbot":false,"botscore":99}
date
Sat, 11 Nov 2023 23:35:58 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cf-ray
824a5ac849462681-TXL
content-length
34
/
ww2.getyour-cs2invite.com/
2 KB
2 KB
Document
General
Full URL
http://ww2.getyour-cs2invite.com/
Requested by
Host: getyour-cs2invite.com
URL: http://getyour-cs2invite.com/
Protocol
HTTP/1.1
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX / PHP/8.1.17
Resource Hash
7b793d59b151c537c941bf960f51c9c1f6148e219f60ab9bc8ba008c3d47eedc

Request headers

Referer
http://getyour-cs2invite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 11 Nov 2023 23:35:59 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sat, 11 Nov 2023 23:35:58 GMT
pragma
no-cache
server
NginX
transfer-encoding
chunked
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_TfBvipuwMmvt+Y8swuBHx6F+Qkba8ILzVucCCWXMCT9q5fKyLLsdZgPlZFg+BLAGyItz3OcMwPEdRAWSFy6WNA==
x-cache-miss-from
parking-698fb476bf-cmbck
x-powered-by
PHP/8.1.17
js_preloader.gif
img.sedoparking.com/images/
4 KB
5 KB
Image
General
Full URL
http://img.sedoparking.com/images/js_preloader.gif
Requested by
Host: ww2.getyour-cs2invite.com
URL: http://ww2.getyour-cs2invite.com/
Protocol
HTTP/1.1
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww2.getyour-cs2invite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Sat, 11 Nov 2023 23:35:59 GMT
x-cf-tsc
1698785170
X-CF3
H
CF4ttl
31536000.000
X-CF1
11696:fL.fra2:cf:cacheN.fra2-01:H
X-CF-ReqID
c4a99406597e129f5cdf8c862c7e149a
Connection
keep-alive
Content-Length
4254
X-CF2
H
Last-Modified
Fri, 15 Mar 2019 12:24:07 GMT
Server
CFS 0215
X-CFF
B
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-CFHash
"90c93102a88c2ab94bff1575b7a6e86e"
Cache-Control
max-age=604800
CF4Age
0
Accept-Ranges
bytes
Expires
Sat, 18 Nov 2023 23:35:59 GMT
tsc.php
ww2.getyour-cs2invite.com/search/
0
201 B
XHR
General
Full URL
http://ww2.getyour-cs2invite.com/search/tsc.php?200=NTEzODYyNTE0&21=MTkzLjMyLjI0OC4yMDg=&681=MTY5OTc0NTc1OTAwOTRhZDU0ZTYzNDJmMmY3ZTc4NThjODdlYjk0NTQ3&crc=00aa8fba579556eddb65fc3ffb6bbd7a735af37f&cv=1
Requested by
Host: ww2.getyour-cs2invite.com
URL: http://ww2.getyour-cs2invite.com/
Protocol
HTTP/1.1
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX / PHP/8.1.17
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww2.getyour-cs2invite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:35:59 GMT
x-cache-miss-from
parking-698fb476bf-xftqn
server
NginX
x-powered-by
PHP/8.1.17
content-length
0
content-type
text/html; charset=UTF-8
px
martlochoco3.online/api/v1/
Redirect Chain
  • http://ww2.getyour-cs2invite.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D-f50X6OMmb8_0&v=ZDFmZDNlYzU4Y2UyNjEzMzk4NmNhNWZlODA3NzY1ZjQJMQl3dzIuZ2V0eW91ci1jczJpbnZpdGUuY29tNjU...
  • http://ww2.getyour-cs2invite.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D-f50X6OMmb8_0&v=ZDFmZDNlYzU4Y2UyNjEzMzk4NmNhNWZlODA3NzY1ZjQJMQl3dzIuZ2V0eW91ci1jczJpbnZpdGUuY29tNjU...
  • http://xml.sedodna.com/click?i=-f50X6OMmb8_0
  • http://martlochoco3.online/api/v1/px?xmlid=wblS2kyBMIRDKZO9RoGNX3I0YuLfWzA9fLDoswah
1 KB
890 B
Document
General
Full URL
http://martlochoco3.online/api/v1/px?xmlid=wblS2kyBMIRDKZO9RoGNX3I0YuLfWzA9fLDoswah
Requested by
Host: ww2.getyour-cs2invite.com
URL: http://ww2.getyour-cs2invite.com/
Protocol
HTTP/1.1
Server
3.33.192.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab226b763647f1870.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
http://ww2.getyour-cs2invite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 11 Nov 2023 23:35:59 GMT
ETag
W/"5e7-SfzlYP0ZPSMl3G+NZgixPhaFCBY"
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Age
0
Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Location
http://martlochoco3.online/api/v1/px?xmlid=wblS2kyBMIRDKZO9RoGNX3I0YuLfWzA9fLDoswah
Pragma
no-cache
Primary Request /
qwfuu.abyssalforge.top/ph-new/
Redirect Chain
  • http://martlochoco3.online/api/v1/pxcheck?impId=wblS2kyBMIRDKZO9RoGNX3I0YuLfWzA9fLDoswah&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbG...
  • http://xml-v4.minsonbar.online/click?seat=2669875&i=1ntGE3tIUEU_0
  • https://main.proffering.xyz/15GU5A?zoneid=c2a4542b04a00864878236fad&pubfeed=295724/295724.c2a4542b04a00864878236fad&campaign=1183974&cost=0.000421&external_id=295724
  • https://qwfuu.altairaquilae.top/?pl=W7-lkuObDEWXzHM4LgqUhA&sub_id=ar&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112
  • https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
61 KB
16 KB
Document
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Requested by
Host: martlochoco3.online
URL: http://martlochoco3.online/api/v1/px?xmlid=wblS2kyBMIRDKZO9RoGNX3I0YuLfWzA9fLDoswah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
994187d9dab0ae4d89c421520f4b146c088e6775617ba664c6f3ab803cde1e63

Request headers

Referer
http://martlochoco3.online/api/v1/px?xmlid=wblS2kyBMIRDKZO9RoGNX3I0YuLfWzA9fLDoswah
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
824a5ae03a23668c-AMS
content-encoding
br
content-type
text/html
date
Sat, 11 Nov 2023 23:36:01 GMT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyMk7oT5wjAr5KGFCIKBWnHPJ%2BBw93uKKWIi%2FSAe3oTyhddpPYgBEKSlfkFIn%2BK5ImWtMXg6%2FCDdqFsPz1nAp%2FEj52P2nSUa%2BaEGeDOa7SBhgfneoJrYdcUF2isMhq88ZIySudbHoswC"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
824a5addbaa79bc4-FRA
content-length
0
date
Sat, 11 Nov 2023 23:36:00 GMT
location
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYfmMZ%2FE8Bb9oZ1PTl2lrv438EICOymv4Y2rXpD275mwcUGn%2FvHqOhBt27fF3MCtmhZDzG%2BxMIH7ESJac59pNF6PXjQPOWZiyofZrmqz%2BXVfbtPPqRbdR7zpHzcnZaszqD88fSpN12qWbg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
trls.js
qwfuu.abyssalforge.top/ph-new/assets/
8 KB
3 KB
Script
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/trls.js
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
19b0897b045b6f67abdae0b9f6ca5987202456aa0d7bfc3b17128e94d2cf761d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1544
etag
W/"654ca8f2-1e3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQ3a9iuqL5zgbbViuASlTWoa3AOYnUrfl8yUu0TKr2n3CJkL8BtgzeolDhhZFtbp12Cqi%2Fkbc6ehGxCRodJzmqoKaR%2BbxxPIYLSZF9EW9jL4pJAMD706wRNuTjbm7lLMfTSM10o%2BFuh9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824a5ae0aa61668c-AMS
alt-svc
h3=":443"; ma=86400
style.css
qwfuu.abyssalforge.top/ph-new/assets/
24 KB
4 KB
Stylesheet
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/style.css
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7524af6d5f36df3e5d5c8148bc63e3956de050fa262fc0589e2a58dc606977bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1544
etag
W/"654ca8f2-5f33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jmop0FkTP1oKvUX%2Fre7i5%2FTMYCAxYIqgrVHFeGdIzOpS8k3jFmAt%2Fil8n86OqX1iYr7qEaf1j4WJMA9cuO27XBSGZLF1ga5k%2FMMkzhDGUCaQWDPGAlSaH2eWGZlKRgCZHS7mxZ0PzRAM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
824a5ae09a60668c-AMS
alt-svc
h3=":443"; ma=86400
thumb-big.jpg
qwfuu.abyssalforge.top/ph-new/assets/
81 KB
81 KB
Image
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/thumb-big.jpg
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:01 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1544
etag
"654ca8f2-142bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EG36B5FMLPQwRipw7WcSVy0FAQ9suJSBGhzP2Wm0PQr51BwwpPFAFQCxEqu5dLcP2ngjo%2FKmtUsvu4H9EoRzsOoda6BGKgfUS%2BMhNbEgco7in6%2BDkdQGdFqblRyCdsVrLG9PxqZDwuRM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824a5ae0aa62668c-AMS
alt-svc
h3=":443"; ma=86400
content-length
82623
static-pl.js
qwfuu.abyssalforge.top/shared-js/assets/
3 KB
1 KB
Script
General
Full URL
https://qwfuu.abyssalforge.top/shared-js/assets/static-pl.js
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
93972bbc62d530dd23e06c5174b3e9ed4fb5719279ecef774d0a7eacf1040a18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1550
etag
W/"654ca8f2-bf3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Yz3sdzIlxOp3ajvuNNM4blsfQCx2eUVk3hu8NiAgXS7b8rK5B%2BLBflhUP9P60CtnwLg4G6Q1ACLqWodasQNELAs5Xep2Uzwqqen%2B13gQ%2B4NOpuwyXbh4c4%2FzGL%2FISDM9CtDedloBSV9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
824a5ae0aa6a668c-AMS
alt-svc
h3=":443"; ma=86400
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7547c638fcf80efaf78ad599a3c81598071b8bab934f288d8792968f39f7838

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
246 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b43ef171c22c73c4c2644ee0b8094997496c3b7e7886deb93380ac5fa975a8fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
237 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fe7a1ca687ce722902004dae991d26544e415043eac429d4cc153611712df16

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
370 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bfa510c4b10dcd3c82b78bebe5a955e3b9a04565a46a3d5df27024af2e547668

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d4408762f9d1774f06dabc68534482080329ec4d0b9a6c342a4435a7930dcd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
/
qwfuu.abyssalforge.top/ph-new/
61 KB
61 KB
Image
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xJF7mWzEIkDQrXwRs6t4s%2Br0SVxeMDtMrVATxVURHhEi3jCxDFHhaMQ6yswVC1HnzskZ7J%2FzvXC6OqfUnwdDtJ0nmODgsCWAeEbBI%2BPgYrRfzRyvayU7dDZivXVe%2BlPJlFEjQQSwMPn"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
824a5ae0faa9668c-AMS
alt-svc
h3=":443"; ma=86400
truncated
/
241 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
350f1f402cbef880c0609948ef9c67d90bf7ec4a9ad1e48cbbd81b43becdfafd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
608 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49ed9b1e7e3fe88fb51a8a4c1adc5d3c24cb11f7363bd02e294fb732758edb21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7482cf4d44518772564144cead954c6bce6aeb83c6339205100bc718145228c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
ps.js
cdnstatic.abyssalforge.top/ps/
24 KB
9 KB
Script
General
Full URL
https://cdnstatic.abyssalforge.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&appspot=&d=https%3A%2F%2Fcdnstatic.abyssalforge.top
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/shared-js/assets/static-pl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
723466144314b53ad01ac8bdf459551f2855a93574f9cc240e76836a13842ab2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:01 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSRCz9Sz%2FFg555qWWRSOhTuH4VssWMExRMF2pWnTMN6xeISi9bMYCbnoE0xvb6RGAs6jrC%2Bm%2Byu25aqoTGhLZiubE%2B%2Ba%2B8luv0qqHq4hkM4DcTYAXKolp9u%2BumPG0MpmkP6wusu7LScn9Maiew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
824a5ae17af9668c-AMS
alt-svc
h3=":443"; ma=86400
config.js
cdnstatic.abyssalforge.top/ps/
366 B
516 B
Script
General
Full URL
https://cdnstatic.abyssalforge.top/ps/config.js?id=W7-lkuObDEWXzHM4LgqUhA
Requested by
Host: cdnstatic.abyssalforge.top
URL: https://cdnstatic.abyssalforge.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&appspot=&d=https%3A%2F%2Fcdnstatic.abyssalforge.top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
28191615ad584e701c9eea9dd088d8812f9750ada00eb4e770aa75932a75cbe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:01 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8kItkiHjmTuB8QgYd9UrKySZSaBiW%2BE3GBOpVV%2B7FcBn2L%2Fk3EeXPVJet6QLfrtxuqvdbOGql9Rm7p99JpZoP8LWGoJEZg0iFG%2BYjj3Xgr4zmXbDgs9oa0z9Dp7Fsu%2Fg5tWquprUUMKkDB2Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
824a5ae1fb51668c-AMS
alt-svc
h3=":443"; ma=86400
firebase-app.js
www.gstatic.com/firebasejs/8.4.1/
21 KB
7 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/8.4.1/firebase-app.js
Requested by
Host: cdnstatic.abyssalforge.top
URL: https://cdnstatic.abyssalforge.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&appspot=&d=https%3A%2F%2Fcdnstatic.abyssalforge.top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 12:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126375
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6763
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 06:56:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 12:29:47 GMT
rec-1.jpg
qwfuu.abyssalforge.top/ph-new/assets/
14 KB
15 KB
Image
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/rec-1.jpg
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:02 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460
etag
"654ca8f2-3844"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BQgGME9JCkNtEkd3pD%2F%2BX%2BMVcavFmi1E3kv%2FlSzmLZepRENLCAwPefVn3MU3cD1k0Ad1qvPRY1n%2FVUE4eJWIvdgA%2FgHL9qbFGnK4vQesvxFZw3OBfwk%2BG7MXCKIJUB2iqqWz8QTOiJR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824a5ae4eb363dbc-SIN
alt-svc
h3=":443"; ma=86400
content-length
14404
rec-2.jpg
qwfuu.abyssalforge.top/ph-new/assets/
11 KB
11 KB
Image
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/rec-2.jpg
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b0fe8ace388ec8556bcdd46cd30a03ddaadcf80d124e9052f2a19a27061829f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:02 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1298
etag
"654ca8f2-2a8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opI9OUIIs4dS7khHtUGWXnZFfStmC18htxuJgpU2SKKTLI4X6B8gDdIx3tWl9SV9ewgeKrHK9dmPzh1FXpo8RDyaPYhfYjw9WO7oWwl0C2g7t6%2BcbnM3YC3IUWCUDcp9GPiDMddZUT1E"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824a5ae4eb383dbc-SIN
alt-svc
h3=":443"; ma=86400
content-length
10890
rec-3.jpg
qwfuu.abyssalforge.top/ph-new/assets/
15 KB
15 KB
Image
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/rec-3.jpg
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee7f1aecdeb64f4ce54c5d0b7ea3d92b2e9d06a7f9cb7b793e39262cda05996

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:02 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1298
etag
"654ca8f2-3b71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5hKBNh3qVVXg3dIJ1u8iWAOrc%2BBmqtQuv4907nDEw6wGNXBJWrLyMhsukbdrIJORbaGsZBUtStMhQ3XZ3BDjYqhfOc%2BK15XozlzIs0J0I0VlAFbi2Wbfo4cMwet2dQ0EYRElIZ5wcK6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824a5ae4eb3a3dbc-SIN
alt-svc
h3=":443"; ma=86400
content-length
15217
rec-4.jpg
qwfuu.abyssalforge.top/ph-new/assets/
9 KB
9 KB
Image
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/rec-4.jpg
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:02 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1298
etag
"654ca8f2-22c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7muUuGtKvOz%2FAwwyqSI1oGoiVQiLs7OXOcziTUaCmoV%2BBMIrbANclPtyps8M3wgp4YpXnU3LpDRRC400kdTpKbDqwrgwANy5pYgb04QVC7Hy3LyPioV344cFXm18R713lamA1h55xq0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824a5ae4eb3b3dbc-SIN
alt-svc
h3=":443"; ma=86400
content-length
8900
rec-5.jpg
qwfuu.abyssalforge.top/ph-new/assets/
13 KB
13 KB
Image
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/rec-5.jpg
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:02 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460
etag
"654ca8f2-335d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fufeak1Itim1PcVTi%2F4sXBeOagCnSmlPhr5glrvel18cIPzjgI51ofOZB%2FBFQGZcRYtZIQcbKx5oyXjtrd%2F4QSeClKDAFeQ8VBcnCucEN7shFtAmRCJTBTnkEt83K6j4stQ5xLrB7q6V"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824a5ae4eb3c3dbc-SIN
alt-svc
h3=":443"; ma=86400
content-length
13149
rec-6.jpg
qwfuu.abyssalforge.top/ph-new/assets/
16 KB
16 KB
Image
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/rec-6.jpg
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:02 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460
etag
"654ca8f2-3e74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FzYHD6%2BuMN7dmdWXOXWNJbYNKRQiDVh%2FBBzGgbYifzpsfHdKOwNGDviEMglAa8AUwQl58uvlmt%2B82%2BzWH9NKlc%2BS5aUHw2HQ3f8rLmVkaIXbJb%2BiM05QXjFsLG188MGuAPC1S7rsQdu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824a5ae4eb3d3dbc-SIN
alt-svc
h3=":443"; ma=86400
content-length
15988
rec-7.jpg
qwfuu.abyssalforge.top/ph-new/assets/
14 KB
14 KB
Image
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/rec-7.jpg
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:02 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460
etag
"654ca8f2-368b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ymcj6fZooJVZiREsdMxyUBTQrRZsZK4SjY40kaLxwB%2FwZcDKS7X9NoH3C1bc9puz5eQ%2FpewkYmwhKEApN0%2B%2B6frtItCt01Tm21xHXD1l%2FuYHR4QVKRpz1Fv%2FbJOI%2BcogMnz3bHBHqvx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824a5ae4eb413dbc-SIN
alt-svc
h3=":443"; ma=86400
content-length
13963
rec-8.jpg
qwfuu.abyssalforge.top/ph-new/assets/
13 KB
13 KB
Image
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/rec-8.jpg
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:02 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2702
etag
"654ca8f2-32c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJueaTQYRlEP8uu0cfIEKX3BNk4QOGOey52U%2BzwlyTne64ioVgb%2FxITu7Rnk%2FTipMD2nz%2BEEuwzV%2FY4%2B12Ppo8c7Sk4slcAcBxw8g2ueH%2BN9%2Bp3Ui74cRyDjE6WRtpJ75VRz2%2BOqfYOm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824a5ae4eb423dbc-SIN
alt-svc
h3=":443"; ma=86400
content-length
12992
1.jpg
qwfuu.abyssalforge.top/ph-new/assets/
14 KB
15 KB
Image
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/1.jpg
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:02 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1298
etag
"654ca8f2-3844"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAA%2F160C52KgoqTW04LGW4JE5e6%2FG4mdVkC50j%2BftPWLzEN3OQ4FjyhL2ZD8h214orDVrz8q%2BPye0fB6ERuDfxW7NCbgc7adi8zHwOZ17fA18C6VVkXSqIAXEg3pE1AtdRtsWp3%2FXPgZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824a5ae4eb433dbc-SIN
alt-svc
h3=":443"; ma=86400
content-length
14404
2.jpg
qwfuu.abyssalforge.top/ph-new/assets/
21 KB
21 KB
Image
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/2.jpg
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
626b570f2ffdf83add77f51246ccb195fec4c15e4289173b8183cd47e7cfd763

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:02 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460
etag
"654ca8f2-5305"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJyOf0HYQdNnwI7iJADBQkAS8g5YbZokkKTeZ0uKNZNgOxsAAuWtUVN5bRr70xZybWg%2FxCAWFJlThEABEnHyLrG6%2BBvETFsqnUdLKVH0%2BkpLPDvGkSZtzJfTtGytBsurO7DDntj5sFkd"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824a5ae4eb443dbc-SIN
alt-svc
h3=":443"; ma=86400
content-length
21253
3.jpg
qwfuu.abyssalforge.top/ph-new/assets/
11 KB
11 KB
Image
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/3.jpg
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:02 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460
etag
"654ca8f2-2b56"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFjjB7fN83NRLPJE2R5EiVXVMJXPJKdQPvD8YqzFrWSNBN3jsZSv4VN3Hba%2BSdwN7OIxH5iEUrXm6Sufsd%2BxyEAsBKVwR7%2FKESGQB3YBvY71yS4KEEmmzvQKxC%2FuOUqybdTtmXbiZ9Dd"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824a5ae4eb453dbc-SIN
alt-svc
h3=":443"; ma=86400
content-length
11094
4.jpg
qwfuu.abyssalforge.top/ph-new/assets/
13 KB
14 KB
Image
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/4.jpg
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:02 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460
etag
"654ca8f2-352b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7F%2B7qdHsyBTgexY9PFit6bRRWJ6MCTQC7vX8cHnT%2BAJVpiJBxEb9ikqGRqZzfutzggtNRv25SElguu%2FaPo2WgBrv6Zg9tPnYnRklz7X5Sm5XBi3ImLUqml9L5yabaRti4nk%2BeA6xApaG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824a5ae4eb473dbc-SIN
alt-svc
h3=":443"; ma=86400
content-length
13611
5.jpg
qwfuu.abyssalforge.top/ph-new/assets/
11 KB
12 KB
Image
General
Full URL
https://qwfuu.abyssalforge.top/ph-new/assets/5.jpg
Requested by
Host: qwfuu.abyssalforge.top
URL: https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.59.147 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 23:36:02 GMT
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:40:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1460
etag
"654ca8f2-2dc1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvCaoJy5YZj6vhBSSawX%2F7TdhNFq718zRHcKTN8q82uKMq%2FmBdniaJgytCGXFC641DI9CdCtkRLrlXzUEcBp2HUUod3iBLE1wijirf3czv2N9Ft8vmwMkfQiNN9rNWWxFoNqMpD4suUQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
824a5ae4eb483dbc-SIN
alt-svc
h3=":443"; ma=86400
content-length
11713
firebase-messaging.js
www.gstatic.com/firebasejs/8.4.1/
40 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
Requested by
Host: cdnstatic.abyssalforge.top
URL: https://cdnstatic.abyssalforge.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&appspot=&d=https%3A%2F%2Fcdnstatic.abyssalforge.top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qwfuu.abyssalforge.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 22:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
347846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10908
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 06:56:17 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Nov 2024 22:58:36 GMT
/
qwfuu.abyssalforge.top/ph-new/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
qwfuu.abyssalforge.top
URL
https://qwfuu.abyssalforge.top/ph-new/?pl=W7-lkuObDEWXzHM4LgqUhA&sm=ph-new&click_id=29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112&sub_id=ar&hash=WifvLr5Wt8iTzH6mlFG8WA&exp=1699746060

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

7 Cookies

Domain/Path Name / Value
.main.proffering.xyz/ Name: 15GU5Ao
Value: 20231112021699746350197
.main.proffering.xyz/ Name: _pc_lc_id
Value: 15GU5A
.main.proffering.xyz/ Name: peerclickcid
Value: 29e4317eaaba6f5ebb81d55b23de2eb6-11246-1112
.main.proffering.xyz/ Name: _norg
Value: 1
qwfuu.altairaquilae.top/ Name: W7-lkuObDEWXzHM4LgqUhA
Value: 19
qwfuu.altairaquilae.top/ Name: __pl
Value: 382cdb0a-4e41-4884-b716-33d556904d14
qwfuu.altairaquilae.top/ Name: __cap
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnstatic.abyssalforge.top
domaincntrol.com
getyour-cs2invite.com
img.sedoparking.com
main.proffering.xyz
martlochoco3.online
qwfuu.abyssalforge.top
qwfuu.altairaquilae.top
ww2.getyour-cs2invite.com
www.gstatic.com
xml-v4.minsonbar.online
xml.sedodna.com
qwfuu.abyssalforge.top
104.21.59.147
172.67.142.37
173.239.53.32
205.234.175.175
2606:4700::6812:1a2d
2a00:1450:4001:80f::2003
2a03:b0c0:3:d0::51:6001
3.33.192.145
64.190.63.136
64.225.91.73
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47
19b0897b045b6f67abdae0b9f6ca5987202456aa0d7bfc3b17128e94d2cf761d
28191615ad584e701c9eea9dd088d8812f9750ada00eb4e770aa75932a75cbe1
350f1f402cbef880c0609948ef9c67d90bf7ec4a9ad1e48cbbd81b43becdfafd
49ed9b1e7e3fe88fb51a8a4c1adc5d3c24cb11f7363bd02e294fb732758edb21
4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940
5d4408762f9d1774f06dabc68534482080329ec4d0b9a6c342a4435a7930dcd7
626b570f2ffdf83add77f51246ccb195fec4c15e4289173b8183cd47e7cfd763
6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773
723466144314b53ad01ac8bdf459551f2855a93574f9cc240e76836a13842ab2
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30
7482cf4d44518772564144cead954c6bce6aeb83c6339205100bc718145228c6
7524af6d5f36df3e5d5c8148bc63e3956de050fa262fc0589e2a58dc606977bc
7b793d59b151c537c941bf960f51c9c1f6148e219f60ab9bc8ba008c3d47eedc
8fe7a1ca687ce722902004dae991d26544e415043eac429d4cc153611712df16
93972bbc62d530dd23e06c5174b3e9ed4fb5719279ecef774d0a7eacf1040a18
994187d9dab0ae4d89c421520f4b146c088e6775617ba664c6f3ab803cde1e63
9ee7f1aecdeb64f4ce54c5d0b7ea3d92b2e9d06a7f9cb7b793e39262cda05996
a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
b0fe8ace388ec8556bcdd46cd30a03ddaadcf80d124e9052f2a19a27061829f7
b43ef171c22c73c4c2644ee0b8094997496c3b7e7886deb93380ac5fa975a8fd
bfa510c4b10dcd3c82b78bebe5a955e3b9a04565a46a3d5df27024af2e547668
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7547c638fcf80efaf78ad599a3c81598071b8bab934f288d8792968f39f7838
edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc
f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483