hypeethiopia.com Open in urlscan Pro
167.71.136.128  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?nonrectified=wryrm1ph12uha6q7&livetrap=unsubpoenaed&electroacoustic=bushwhacking Page URL
2. https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	index.php Show response hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/	6 KB 2 KB	731ms 239ms	Document text/html	167.71.136.128 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?nonrectified=wryrm1ph12uha6q7&livetrap=unsubpoenaed&electroacoustic=bushwhacking Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.71.136.128 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS r104.lon1.mysecurecloudhost.com Software LiteSpeed / Resource Hash 35709f7c4cd5e247acb2801c4c94a8ea10f94cd70a75c14ff474e0dca93ab941 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-US,en;q=0.9 Response headers content-type text/html; charset=UTF-8 content-length 2270 content-encoding br vary Accept-Encoding,User-Agent date Fri, 04 Mar 2022 21:18:13 GMT server LiteSpeed alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
GET H2	200	Primary Request index.php Show response hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/	47 KB 9 KB	390ms 389ms	Document text/html	167.71.136.128 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?nonrectified=wryrm1ph12uha6q7&livetrap=unsubpoenaed&electroacoustic=bushwhacking Protocol H2 Security TLS 1.3, , AES_128_GCM Server 167.71.136.128 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS r104.lon1.mysecurecloudhost.com Software LiteSpeed / Resource Hash 28719f109cbd844591c6c1482e56c13c7be4a3492ca1b1cf5c3311c45e61b5e3 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-US,en;q=0.9 Referer https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?nonrectified=wryrm1ph12uha6q7&livetrap=unsubpoenaed&electroacoustic=bushwhacking Response headers content-type text/html; charset=UTF-8 content-encoding br vary Accept-Encoding,User-Agent date Fri, 04 Mar 2022 21:18:14 GMT server LiteSpeed
GET H2	404	css2@family=Open+Sans_3Awght_40400;700&display=swap fonts.googleapis.com/	0 0	35ms 20ms	Stylesheet text/html	2607:f8b0:4006:822::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2@family=Open+Sans_3Awght_40400;700&display=swap Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H2	200	style.css rootcdn.pro/html/en/img/6/	17 KB 4 KB	61ms 27ms	Stylesheet text/css	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rootcdn.pro/html/en/img/6/style.css Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2812f29f40ca6a01e74d21e5c19d006083dd32d60d3f0046a8076a63fbd6cd5c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11544 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:37 GMT server cloudflare etag W/"8d9ffa46c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2teuhsWYI7Lv2wIy7RFhFlhJe6XdQJdLazPpkwh8X2LXVc0rY0c6v6gJNTR%2F5HI9BcHaPuflfl3LKsKUYlpGzeSWSEi%2BvU260X4sF7gumBBxmiqRaODdlu%2FuB1YMz7xGFcWVenhFXSkZQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=86400 cf-ray 6e6da4afca561912-EWR expires Sat, 05 Mar 2022 18:05:51 GMT
GET H2	200	backDay.js Show response rootcdn.pro/html/en/img/6/	740 B 1023 B	55ms 22ms	Script application/javascript	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rootcdn.pro/html/en/img/6/backDay.js Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e52894ffc324a26463cc9317241b8c2fc54aee76bbeca1c3ab9a2a76b94188c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11711 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:37 GMT server cloudflare etag W/"d9b4ee46c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xg9p92HDmvaDX87fLNEpBxHPY1rj0X73UZ20LdGIg0CDg28wpUsplkDg7SJMX7fQMRibITP3YBLjUM8lRJyI5vF1K69ptbeAnU1%2FFtW0sh8yTlmD6u%2FO6pA1%2Bjyz%2BPy1hKgdMw%2FseQ0Tuw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 6e6da4afca581912-EWR expires Sat, 05 Mar 2022 18:03:04 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/	95 KB 30 KB	36ms 17ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2504246 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 30360 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-17b8b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvP%2B3dRivhLfbIrQL6x9dUjW6vv2gPliWiVzL7E0oriEOpx%2FMsmaGZOShXgNHuwd4n4YjV2Xa45P9Z5mWuzYKBVvGIr3cXq2F9xwW3HWkiEnhchzCSgKYAoTszIyz3%2FiawXzFlXb8ZCPGVZDS3roT9xo"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6e6da4afbf45f009-EWR expires Wed, 22 Feb 2023 21:18:14 GMT
GET H2	200	fox-news-logo-border.svg rootcdn.pro/html/en/img/6/	3 KB 2 KB	14ms 12ms	Image image/svg+xml	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/fox-news-logo-border.svg Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2bc13823d33aff0dd5d186874e167573674afb0423064b4e49bed32bf7108dbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 363 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:37 GMT server cloudflare etag W/"f129e546c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCIh%2FHcq7320hBV9VAm4HoZ6%2B%2BAlFAv2XY1c68D2kXxohWwhCrKkthPRrWz7gCAW60XYDp%2BWtJc0pM5pZ%2FYv1%2BS9hLoZpXuWpdVAqaLDHK6BpPQI45%2Bcf6FHuxSfRgCpGH8xuc5VZmjx6w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 6e6da4b00ad71912-EWR
GET H2	200	find.png rootcdn.pro/html/en/img/6/	397 B 747 B	18ms 18ms	Image image/png	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/find.png Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd167efee57f561ba7f692dfd4d4453aa0a75ed98e49a85ff26de7999bec4c12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11627 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 397 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:37 GMT server cloudflare etag "263ef846c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1E%2BrkWVuGl0uDiNYW5GvKH%2FunX64iSv8DKvMKQp%2BOyUAdCgVpb6GyDcB0Z5tGdFdt2Z0EG%2BPe0AQHtyJbG94l81l1q3uH0csIeFiMU%2F36iRS8h0ADshF%2FdY2GUIhLtDlsX%2FbXmMzi0so7g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b00adb1912-EWR expires Sat, 05 Mar 2022 18:04:28 GMT
GET H2	200	1.jpg rootcdn.pro/html/en/img/6/	24 KB 24 KB	37ms 20ms	Image image/jpeg	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/1.jpg Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7bcba98e06beedef2273c00df7b1ccdaa7a53ea3aff3697e47ee1f6715a223b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11544 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 24377 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:37 GMT server cloudflare etag "66922947c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jMYaRARrROIozx18YgTfu4BjBcPwOPTBxlZRpzYeOtyw5LrNL9xU3ufk0rWb5uREQGg1oppT2qi0beauGi85XC5Fvl8yTbeliD7iwQJro3T%2FMpwKc6h4p8u32%2B3TSVU3wgN3tBvpMHjqw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03b621912-EWR expires Sat, 05 Mar 2022 18:05:51 GMT
GET H2	200	bottle.png rootcdn.pro/html/en/img/6/	90 KB 91 KB	41ms 23ms	Image image/png	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/bottle.png Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd73b68619f98b7334e36fdbb104aa4b6b7fe0cf0ce0fa4e214905870d60c708 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10071 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 92510 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:37 GMT server cloudflare etag "db2de46c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSXUvpK3%2FGtar7MHuG%2B1zFGBpRYHA%2BO0kvvPKeD%2BBSk%2FGKaG0G77eCOIS7Z4rciGP4NfT7TurX%2BE%2FwP%2Bc7ppv1DaFBJJCSauABZIzU8Ue1XoTWDhEKV06wQ8Lsfl2G4AyWcEY7zdOSI2Lg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03b641912-EWR expires Sat, 05 Mar 2022 18:30:24 GMT
GET H2	200	14.jpg rootcdn.pro/html/en/img/6/	20 KB 21 KB	42ms 25ms	Image image/jpeg	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/14.jpg Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1215047b0591fbab762e1df0d2c2e8e3bf67308e3dd6c4dfe453b151382059fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11711 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 20392 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:36 GMT server cloudflare etag "90caa446c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwLeJ3kIMUMLgbxsuLX%2BCTlqS6b%2B0C91SE2kSrvdq%2B5nSKkr8Dn%2Bq1jojQakU5WUc476E%2FK7qpDWkHWctMmUHbYK0j4iH0L0keNuj%2BoaEfECgV15yjYz%2FwMuT5OM3u%2Bs%2B0YakEXFuVaGiw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03b661912-EWR expires Sat, 05 Mar 2022 18:03:04 GMT
GET H2	200	lift1.jpg rootcdn.pro/html/en/img/6/	31 KB 31 KB	46ms 29ms	Image image/jpeg	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/lift1.jpg Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81a0294dd7b2d3b31a843aa48c1aa61bacc2570fe8c3143b0bda5f4182d3fe78 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11817 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 31718 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:36 GMT server cloudflare etag "8b7fb546c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRM4R15r7d25KOGd4r4GCWlfX3MefoRT08usX1A9aS%2Bae2kMNgUgjMYU1dTaN%2BL6D5eDUhPhhLuikv11YkbQKuC7%2F48bjTcnsulkou7o%2BX%2FX1d%2BiVemKlJEQgs2HhVF3rPxbKP0fh2vhZg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03b681912-EWR expires Sat, 05 Mar 2022 18:01:18 GMT
GET H2	200	backpain.jpg rootcdn.pro/html/en/img/6/	28 KB 28 KB	45ms 28ms	Image image/jpeg	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/backpain.jpg Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7b9935e49a1fcdc289b6c80e4cace31c437862e382efffe94542e9f2d7a2984 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11711 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 28259 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:36 GMT server cloudflare etag "22f38c46c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PliiYU3sOZKJn%2FF2dWeKxCMLNnj02HvnjbkgBVHz%2FG48vV9t0LnB8E2xTU5JxwVb07acntsneUd8aR1iEGPAT7%2Bvo1ZtEMFM65PaDEN9tU67dJDHIe5Cs2tlPBNU5KIin5b1PYwJD8Bz2Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03b6a1912-EWR expires Sat, 05 Mar 2022 18:03:04 GMT
GET H2	200	graph-2.jpg rootcdn.pro/html/en/img/6/	32 KB 32 KB	46ms 30ms	Image image/jpeg	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/graph-2.jpg Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc406d35bc0c44a1c1b0c0ba7fda39a34077ae2b0d4bdeffea291c42f6796204 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11543 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 32560 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:36 GMT server cloudflare etag "1c419b46c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8nWi%2B59XLMS%2Ba%2FvEyhfx132gtHdvFLkR7hs5xcY0U1Uv%2BYlvZjoPkSXFIYLsSj%2FeKR6SqaHYlwtuA1PwxhUhRr0qE6pIyNOiYxIfmHnoZ8WrsL556b6NAfkM1hrFgrlBPniFrmSZYiZsA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03b6c1912-EWR expires Sat, 05 Mar 2022 18:05:52 GMT
GET H2	200	5stars.png rootcdn.pro/html/en/img/6/	503 B 837 B	32ms 19ms	Image image/png	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/5stars.png Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c95eacd1eb9c7e4fa7a870e49a5021027a6916bfff46befe7a41a9f5010245a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11626 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 503 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:36 GMT server cloudflare etag "deb4cf46c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BkUXwidxXkZ2VOsQreVccusVec40aTnASLyTZNAG7Upcs2TOfRGVZKU4zpV9M5luh1uovPR32eARAo3zN8ITmxwQ3YOh%2F8kKTAFEeJMkQwAJdePheo1rL%2F0Q6uaE9%2FJT84u3OVuN9JEqw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03b6e1912-EWR expires Sat, 05 Mar 2022 18:04:29 GMT
GET H2	200	button33-qual.png rootcdn.pro/html/en/img/6/	11 KB 11 KB	23ms 11ms	Image image/png	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/button33-qual.png Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3a501a93063416fadc729c9080fa350d67fe21b39182986e96dcfca49114985 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11818 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 11237 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:36 GMT server cloudflare etag "c5bd7246c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cl9cdAnjDQ6BrgQrbblbIB5ha7ow2E1wqGQiiGmCmQzrzolmYcWU5g6ys7MAKeT%2FqkbrqYc%2FElGTGbmECBFE1o39IUMQ2qfGsmPbYBz4aPb5rGtIiqgtbPf%2FO7lfAqb8wUyAqKHSiAGqeQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03b701912-EWR expires Sat, 05 Mar 2022 18:01:17 GMT
GET H2	200	img1.png rootcdn.pro/html/en/img/6/	13 KB 14 KB	26ms 14ms	Image image/png	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/img1.png Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99696d65cbc00bc4e0ecb0f22ce0bddeaf8ee833bf407cf5398a7698416a0ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11735 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 13454 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:37 GMT server cloudflare etag "e5771247c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvLc7DNZhVsfW%2F9hrT3AZ3zZp2Q8NfS8t%2BWw3kdUGGJ9NAdkT8B8%2FyRmIAJvejRJujGwTHkg9vlsy4hB2cxDIJ4eo3c%2F3Nu6XRn%2BdVosx4j4xCb2uiczWjbFUik8U4OyjyFFufgNwUqCcQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03b721912-EWR expires Sat, 05 Mar 2022 18:02:40 GMT
GET H2	200	oil-rev2.png rootcdn.pro/html/en/img/6/	70 KB 71 KB	26ms 15ms	Image image/png	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/oil-rev2.png Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1cbe7d1d4a5020200067cc8c31561053b4c26e34e2a942dda07df3ef30bd2d7f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11543 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 71875 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:37 GMT server cloudflare etag "65b2d47c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoDZghyl%2FMMCuNOnKVvZIQwqVlKdcyCidfY9DH0AcYAfzYxBNdAMARW5r5cb2uWTfuXCWbD4WYTdraFnQsu16R2wD27kBwqJ2%2FrjuLzjVnO87%2Brskpb9vkeACulanAej2yqvbvl4Gq3o1w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03b751912-EWR expires Sat, 05 Mar 2022 18:05:52 GMT
GET H2	200	3stars.png rootcdn.pro/html/en/img/6/	833 B 1 KB	24ms 13ms	Image image/png	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/3stars.png Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3af1e8e5b2c90b9e64f6b992e1ee15aa32813901eb21bfa0a0abf29483bc3372 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11543 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 833 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:36 GMT server cloudflare etag "f8de9846c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMGMVXaNYS8xdm%2BnRJXyAZyzO7%2F%2FrEaizHpYcgUlE5i3m06AW2VcqvikGaTpsob0BkNm0%2BPseVJ0zyCGujI1Ya8a9wzmkHu4HixpxOubmaBz8Vk0VAtl9Q%2BMz%2F6O2wixscgqcrdsMXDA0A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03b771912-EWR expires Sat, 05 Mar 2022 18:05:52 GMT
GET H2	200	checkmark.png rootcdn.pro/html/en/img/6/	328 B 642 B	33ms 23ms	Image image/png	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/checkmark.png Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d9c4e90e235a10e1ac82d94e900c6d02529dd3837cf698a84215d604c719f9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11543 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 328 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:37 GMT server cloudflare etag "c6c7e246c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8MokidEEogpDkcpm49koKopyymZuGBwPhwINbO4jKlCttcOWvuLDV27kIZwWTIM%2Fb1bRHSu6iKY5p3HVoh%2FyclfBwjub%2FAs7MeMTU77gHX8QSvoItAlheXDsuYwnVWOquZixwyyzi1Dmw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03b791912-EWR expires Sat, 05 Mar 2022 18:05:52 GMT
GET H2	200	prof1.jpg rootcdn.pro/html/en/img/6/	2 KB 2 KB	42ms 32ms	Image image/jpeg	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/prof1.jpg Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96d8addc621c177dd63b666d0272958c5e703d3ad73f546d3a38eb83075dcbca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11709 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1944 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:36 GMT server cloudflare etag "a91d7546c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjG5XVIsTs0xr5v7%2FhcEPq76EzUwpDMVh%2Bfhz9YmN%2FnZJVgwi4KAMBBvrjteIpOwDR5EgjAodq%2Fy8p8Dhc1n4F1piNOekJlwKbdutLImuRXn8L1%2FvmVnJEEAEQgkSxjHVyI2bOD0YWS7pQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03b7a1912-EWR expires Sat, 05 Mar 2022 18:03:06 GMT
GET H3	200	prof2.jpg rootcdn.pro/html/en/img/6/	2 KB 3 KB	49ms 41ms	Image image/jpeg	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/prof2.jpg Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1cb5d9ce505a301b6312b9e73e8f4562f6f11f9f309f3258007ae8007abcd4ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11305 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2443 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:36 GMT server cloudflare etag "5acd6646c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FCNv%2BbG0PalHDPReFKCN0iVHBj1MDTNd%2BGvwdwjdtO1M6eBhENPtPol1cbqpCIyQoISx750PNprLOch1KBWvNWZn6Viak5Lj%2FpQmI0E1y4kDoXF7L6GrwIas2Eydl3ZGfDliYdlSYDscg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03e3a1982-EWR expires Sat, 05 Mar 2022 18:09:50 GMT
GET H3	200	prof3.jpg rootcdn.pro/html/en/img/6/	4 KB 4 KB	48ms 40ms	Image image/jpeg	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/prof3.jpg Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97ad15ea81028e58b3271f16d5f48daed7af31d3612f2846af3e89ac11176ee2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10405 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3835 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:36 GMT server cloudflare etag "e1a8146c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oq0Qt5NMYGVCjULuUm6e2pcFsxqu1TiE0pCKijP2xhxnI8JfTckcVCxqeWhMlJO995BG%2FXSWkTxdS497YIyQg7odRECA2C3nyXOrdUSjKK0%2FtBLCvZWM2XF4dIk4gVcGnvBu91FCIrg29A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03e3d1982-EWR expires Sat, 05 Mar 2022 18:24:50 GMT
GET H3	200	prof5.jpg rootcdn.pro/html/en/img/6/	2 KB 3 KB	36ms 28ms	Image image/jpeg	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/prof5.jpg Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0b4e806d14a848b60771ce921ae209b40037f6f003fd7533c122aaa4d4d7fa2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11327 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2232 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:36 GMT server cloudflare etag "e1a8146c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKlEaUk%2BNK%2B%2FEIX3uYZhVrNX8n5mWJSZkJnKKuMH3OrClgXKVMknLPU4f7zxk9UMWf8wDSXUWbMcogtNuB%2BHwbzyHfP%2Bi8Wylxxa%2Fskhb6Mk2Om4LCqvPAmAA4PiZUna35rkkMPHC2ZIAw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03e3e1982-EWR expires Sat, 05 Mar 2022 18:09:28 GMT
GET H3	200	prof6.jpg rootcdn.pro/html/en/img/6/	2 KB 2 KB	37ms 28ms	Image image/jpeg	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/prof6.jpg Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ebf0402ee62bae00a6ded482e97c47ed1cf74b9fa6a602fd4d57b376ddd539a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11129 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1814 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:36 GMT server cloudflare etag "377a046c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icpowpcoTLth7qgVEET%2FaBOoR7HjLQZLOoWY0uNdcchp4IyreldJo3xSe%2B9%2B1UOVMBlkH7ife3q5XKVNEChfFiO%2Bj%2F%2BrZjd99z166nl3tTPQz6QBtzvN4Ui0NWbKeC4YfgpvVYMlKjbX8g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03e3f1982-EWR expires Sat, 05 Mar 2022 18:12:46 GMT
GET H3	200	prof7.jpg rootcdn.pro/html/en/img/6/	2 KB 3 KB	37ms 29ms	Image image/jpeg	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/prof7.jpg Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ed2d5dcd5cb6f1803c65c39d11a26b96f0774e8a55cb688c9b3bbbcad89cce1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11594 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2192 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:36 GMT server cloudflare etag "fdcb8546c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GV6kwT4vib8HrCAgLxcL8t7i5K36za3BRB3EG2oJIPEgQTsDuGHaQowdm0yaziZPHKzbZHwBr4NNbLuptvx2Y3LJjY4s3LgYNqM%2F2hXmUlEkmm6UwBTRVvNKb%2FFlEZz78mIjAnQr2E2PwA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03e401982-EWR expires Sat, 05 Mar 2022 18:05:01 GMT
GET H3	200	prof8.jpg rootcdn.pro/html/en/img/6/	3 KB 3 KB	49ms 41ms	Image image/jpeg	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/prof8.jpg Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 888dccfa93119ce00f9cc4764d37af91a95a3e55fbe1a4da510d4bcc579ddaba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 11129 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2717 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:37 GMT server cloudflare etag "97551c47c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jg0OiLyqYZpZwRGXB1B%2F7WVeLWm9dGkDImkItwlj5ieOf9xHft72ILVTwfXp6UMHV5F1VWa%2BBS8ZO5Gfd2YiJ322lFuOMYizRcD8Vx%2BoqtW%2BzqtLMM%2BgqRzn3TxzFsRYfC3U1qXDxsU28A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03e431982-EWR expires Sat, 05 Mar 2022 18:12:46 GMT
GET H3	200	prof9.jpg rootcdn.pro/html/en/img/6/	2 KB 2 KB	50ms 42ms	Image image/jpeg	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/prof9.jpg Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ebefc57b6c85e09c1470ba9e0b3043215c29a2f5c1fe6e43fbd08e43b3e3b60a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 9743 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1692 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:37 GMT server cloudflare etag "6c9f1947c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PEcmzFuYMrUYtKeWv8IOCWXgXjXsQD%2Fx5OSqVaswDnKklEceMe7KQp2pUTgRERavhmNQjhArW%2B1oxIftxWgkNL1lGchWdCLlbanDd65rczDKgiH6Phf4lluwjw4Rg0WJsseGzwM0bBFVQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03e451982-EWR expires Sat, 05 Mar 2022 18:35:52 GMT
GET H3	200	prof10.jpg rootcdn.pro/html/en/img/6/	2 KB 3 KB	50ms 42ms	Image image/jpeg	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rootcdn.pro/html/en/img/6/prof10.jpg Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab0d6ca856c3af2377dc800b8e4866d86749ce277a87073df6c49eb1d02be767 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 9740 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2472 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:37 GMT server cloudflare etag "698de746c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vx51weOYYDC3NN9wkh0on1QPHfCxykge9UVdkX1gf9NbhCFPCqdYmSDygjIPG5chAtbmn06i3qofXms4oPXG5IL8ZLnTErUJGCTiKcqmwpgO5v7nFMUFgGBwMbK3W1MznZs%2Bej087GUKA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 6e6da4b03e461982-EWR expires Sat, 05 Mar 2022 18:35:55 GMT
GET H/1.1	200 OK	/ Show response pro.ip-api.com/json/	76 B 231 B	31ms 5ms	XHR application/json	38.91.101.241 AS-GLOBALTELEHOST
General Check archive.org Show headers Download Go to Full URL https://pro.ip-api.com/json/?fields=8388657&key=hEpYxLQ2EecE1sz Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 38.91.101.241 New York, United States, ASN63023 (AS-GLOBALTELEHOST, US), Reverse DNS us-ny-1.pro.ip-api.com Software / Resource Hash 6923f3c5d95f2c033cb03705064e4d9dc0bae9ad16906ae5dea731b6f7d692da Request headers Accept */* Referer Accept-Language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 04 Mar 2022 21:18:15 GMT Content-Length 76 Content-Type application/json; charset=utf-8
GET H3	206	cbdgummies.mp4 rootcdn.pro/html/en/img/6/	1 MB 1 MB	16ms 16ms	Media video/mp4	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rootcdn.pro/html/en/img/6/cbdgummies.mp4 Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0054ffc0949e80457be4aeb5365ea8e1a6a0844e8fb3da673eee1adad912f781 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer Accept-Encoding identity;q=1, *;q=0 Accept-Language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Range bytes=0- Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5969 Content-Range bytes 0-1285152/1285153 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 1285153 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:38 GMT server cloudflare etag "d8d97547c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJZsE3g3Ye6DwW41HUTAWdr2Mf1gQt7LwSh5xDDZv0ZSzWZml1kegNgujk%2FAytoWWMe%2BTy6PCy4AyvltUupywBjPev1r7%2BlWHDL2WppbqYFvHWHBubYQoFwoYVdRlrMkv%2B5B8kPsBfzGAg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 cache-control max-age=14400 cf-ray 6e6da4b0fff11982-EWR
GET H3	206	tenor.mp4 rootcdn.pro/html/en/img/6/	58 KB 58 KB	85ms 84ms	Media video/mp4	2606:4700:3031::ac43:a820 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rootcdn.pro/html/en/img/6/tenor.mp4 Requested by Host: hypeethiopia.com URL: https://hypeethiopia.com/.well-known/pki-validation/index10/antibot_image/examples/index.php?greatest=888d8aqhmxuqrax8&bear=wave&remember=add&himself=washington Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:a820 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e382f4d32cb0c56f2e4a7e6932e92e3bb86b2de60ed1488ba4890595e8f2f052 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer Accept-Encoding identity;q=1, *;q=0 Accept-Language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Range bytes=0- Response headers date Fri, 04 Mar 2022 21:18:15 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5881 Content-Range bytes 0-58919/58920 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 58920 x-xss-protection 1; mode=block last-modified Wed, 23 Feb 2022 14:54:36 GMT server cloudflare etag "945bf46c528d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjwQ97SolYz%2BXqnJqGb9MD6lFInM4qQVGfbOaW58BL6qnmYO688GkJ%2FLlKuHBYWi%2FydITo7uj8NbxEAT7GCgiKZnUc%2BF1rTqSnX4LThO4aaEFU6oMjEPsPRHE6rszddZLK4Qzj8TMixqKA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 cache-control max-age=14400 cf-ray 6e6da4b0f8121982-EWR

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Weightloss Scam (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| backDay function| $ function| jQuery function| replaceValueWithSymbol function| ipLookUp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.googleapis.com/css2@family=Open+Sans_3Awght_40400;700&display=swap Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
hypeethiopia.com
pro.ip-api.com
rootcdn.pro
167.71.136.128
2606:4700:3031::ac43:a820
2606:4700::6810:125e
2607:f8b0:4006:822::200a
38.91.101.241
0054ffc0949e80457be4aeb5365ea8e1a6a0844e8fb3da673eee1adad912f781
1215047b0591fbab762e1df0d2c2e8e3bf67308e3dd6c4dfe453b151382059fd
1cb5d9ce505a301b6312b9e73e8f4562f6f11f9f309f3258007ae8007abcd4ad
1cbe7d1d4a5020200067cc8c31561053b4c26e34e2a942dda07df3ef30bd2d7f
2812f29f40ca6a01e74d21e5c19d006083dd32d60d3f0046a8076a63fbd6cd5c
28719f109cbd844591c6c1482e56c13c7be4a3492ca1b1cf5c3311c45e61b5e3
2bc13823d33aff0dd5d186874e167573674afb0423064b4e49bed32bf7108dbf
35709f7c4cd5e247acb2801c4c94a8ea10f94cd70a75c14ff474e0dca93ab941
3af1e8e5b2c90b9e64f6b992e1ee15aa32813901eb21bfa0a0abf29483bc3372
4ed2d5dcd5cb6f1803c65c39d11a26b96f0774e8a55cb688c9b3bbbcad89cce1
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6923f3c5d95f2c033cb03705064e4d9dc0bae9ad16906ae5dea731b6f7d692da
7bcba98e06beedef2273c00df7b1ccdaa7a53ea3aff3697e47ee1f6715a223b8
7ebf0402ee62bae00a6ded482e97c47ed1cf74b9fa6a602fd4d57b376ddd539a
81a0294dd7b2d3b31a843aa48c1aa61bacc2570fe8c3143b0bda5f4182d3fe78
888dccfa93119ce00f9cc4764d37af91a95a3e55fbe1a4da510d4bcc579ddaba
96d8addc621c177dd63b666d0272958c5e703d3ad73f546d3a38eb83075dcbca
97ad15ea81028e58b3271f16d5f48daed7af31d3612f2846af3e89ac11176ee2
99696d65cbc00bc4e0ecb0f22ce0bddeaf8ee833bf407cf5398a7698416a0ef8
9c95eacd1eb9c7e4fa7a870e49a5021027a6916bfff46befe7a41a9f5010245a
9d9c4e90e235a10e1ac82d94e900c6d02529dd3837cf698a84215d604c719f9a
9e52894ffc324a26463cc9317241b8c2fc54aee76bbeca1c3ab9a2a76b94188c
ab0d6ca856c3af2377dc800b8e4866d86749ce277a87073df6c49eb1d02be767
bc406d35bc0c44a1c1b0c0ba7fda39a34077ae2b0d4bdeffea291c42f6796204
d3a501a93063416fadc729c9080fa350d67fe21b39182986e96dcfca49114985
d7b9935e49a1fcdc289b6c80e4cace31c437862e382efffe94542e9f2d7a2984
dd73b68619f98b7334e36fdbb104aa4b6b7fe0cf0ce0fa4e214905870d60c708
e0b4e806d14a848b60771ce921ae209b40037f6f003fd7533c122aaa4d4d7fa2
e382f4d32cb0c56f2e4a7e6932e92e3bb86b2de60ed1488ba4890595e8f2f052
ebefc57b6c85e09c1470ba9e0b3043215c29a2f5c1fe6e43fbd08e43b3e3b60a
fd167efee57f561ba7f692dfd4d4453aa0a75ed98e49a85ff26de7999bec4c12