vault.ts4rebels.cc Open in urlscan Pro
2606:4700:3036::ac43:9e50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Submission Tags: falconsandbox
Submission: On August 02 via api (August 2nd 2022, 9:32:44 am UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 16 domains to perform 48 HTTP transactions. The main IP is 2606:4700:3036::ac43:9e50, located in United States and belongs to CLOUDFLARENET, US. The main domain is vault.ts4rebels.cc.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 4th 2022. Valid for: a year.

This is the only time vault.ts4rebels.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3036::ac43:9e50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	2606:4700:21:... 2606:4700:21::681b:c358	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6815:310b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:225... 2600:9000:2251:cc00:1:e528:bdc0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3030::ac43:dadd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.66.139.68 18.66.139.68	16509 (AMAZON-02) (AMAZON-02)
3	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:831::200d	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	217.182.228.53 217.182.228.53	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::ac43:bcc3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
1	208.95.114.100 208.95.114.100	53334 (TUT-AS) (TUT-AS)
48	23

3 2606:4700:3036::ac43:9e50 (United States)

ASN13335 (CLOUDFLARENET, US)

vault.ts4rebels.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::681b:c358 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:310b (United States)

ASN13335 (CLOUDFLARENET, US)

code.iconify.design	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:cc00:1:e528:bdc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2vwl2vhlatm2f.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:dadd (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.139.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-68.fra60.r.cloudfront.net

owledconside.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

briolenproc.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

www.intelligenceadx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.228.53 (France)

ASN16276 (OVH, FR)
PTR: ip53.ip-217-182-228.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:bcc3 (United States)

ASN13335 (CLOUDFLARENET, US)

api.iconify.design	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

uekwmuinfekq.l4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

uekwmuinfekq.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Singapore, Singapore)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

uekwmuinfekq.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.95.114.100 (United States)

ASN53334 (TUT-AS, US)

intelligenceadx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	adsco.re c.adsco.re — Cisco Umbrella Rank: 12775 6.adsco.re — Cisco Umbrella Rank: 14094 4.adsco.re — Cisco Umbrella Rank: 15658 uekwmuinfekq.l4.adsco.re uekwmuinfekq.n4.adsco.re uekwmuinfekq.s4.adsco.re adsco.re — Cisco Umbrella Rank: 11040	49 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 497	187 KB
3	briolenproc.pics briolenproc.pics	1 KB
3	owledconside.xyz owledconside.xyz	4 KB
3	cloudfront.net d2vwl2vhlatm2f.cloudfront.net	69 KB
3	ts4rebels.cc vault.ts4rebels.cc	5 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	intelligenceadx.com www.intelligenceadx.com — Cisco Umbrella Rank: 115761 intelligenceadx.com — Cisco Umbrella Rank: 87621	10 KB
2	google.com accounts.google.com — Cisco Umbrella Rank: 114
2	freychang.fun freychang.fun — Cisco Umbrella Rank: 16921	101 KB
2	iconify.design code.iconify.design — Cisco Umbrella Rank: 49754 api.iconify.design — Cisco Umbrella Rank: 36327	12 KB
2	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 14668	67 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 12533	4 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 105
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	909 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1495	5 KB
48	16

	Domain	Requested by
6	cdn.jsdelivr.net	vault.ts4rebels.cc
3	4.adsco.re	vault.ts4rebels.cc c.adsco.re
3	c.adsco.re	www.intelligenceadx.com c.adsco.re
3	briolenproc.pics	vault.ts4rebels.cc
3	owledconside.xyz	d2vwl2vhlatm2f.cloudfront.net
3	d2vwl2vhlatm2f.cloudfront.net	vault.ts4rebels.cc owledconside.xyz
3	vault.ts4rebels.cc	cdn.jsdelivr.net static.cloudflareinsights.com
2	6.adsco.re	vault.ts4rebels.cc c.adsco.re
2	fonts.gstatic.com	fonts.googleapis.com
2	accounts.google.com	vault.ts4rebels.cc
2	freychang.fun	d2vwl2vhlatm2f.cloudfront.net
2	cdn.plyr.io	vault.ts4rebels.cc
1	intelligenceadx.com	www.intelligenceadx.com
1	adsco.re	c.adsco.re
1	uekwmuinfekq.s4.adsco.re	c.adsco.re
1	uekwmuinfekq.n4.adsco.re	c.adsco.re
1	uekwmuinfekq.l4.adsco.re	c.adsco.re
1	api.iconify.design	code.iconify.design
1	i.ibb.co	vault.ts4rebels.cc
1	www.intelligenceadx.com	vault.ts4rebels.cc
1	www.facebook.com	vault.ts4rebels.cc
1	fonts.googleapis.com	cdn.jsdelivr.net
1	static.cloudflareinsights.com	vault.ts4rebels.cc
1	code.iconify.design	vault.ts4rebels.cc
48	24

This site contains links to these domains. Also see Links.

Domain
adsco.re
ts4rebels.cc
www.npmjs.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-03`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
*.plyr.io GTS CA 1P5	`2022-07-05` - `2022-10-03`	3 months	crt.sh
iconify.design Cloudflare Inc ECC CA-3	`2022-06-17` - `2023-06-17`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
owledconside.xyz Amazon	`2022-07-27` - `2023-08-25`	a year	crt.sh
*.briolenproc.pics E1	`2022-07-18` - `2022-10-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-11` - `2022-08-09`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
1868349309.rsc.cdn77.org R3	`2022-05-29` - `2022-08-27`	3 months	crt.sh
ibb.co R3	`2022-06-07` - `2022-09-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2021-09-06` - `2022-09-28`	a year	crt.sh
*.l4.adsco.re R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.n4.adsco.re R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.s4.adsco.re R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
intelligenceadx.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-18` - `2023-08-18`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Frame ID: C5C21BCCF2BE58487D02E2E362422F7D
Requests: 39 HTTP requests in this frame

Frame: https://owledconside.xyz/bDhGN2cNWiVaWA0FJBESHlR7ElUqHXRxA15OMVtVGlAqVhMBCiAZBABXM1MBHlcoQ0kCXTISVSpqEGBSGlsDclUtaQNgAQV9DnRXXQwfcQM1aQ5fHS56MVErFW4SfSYtbQNQFC1+PmI2IEJ2cD0VfRN0V11AJUAuI3AvbQg/eSlSLgFQIGQ1KVQIBikObixiCy1pFHkoL30jczYDTxZPNiBwEVQAKAkPUysFAA52HxtfJXEQHGoRDgs/CXd2Bj9xDnY1PU0PX1YnaShyUCtTNnQEO2ojZjIuUxxeHydpKHIOLk8AcAM0eiJ7MTpCHGU9NmoBXxA0fmsPNSFrE3QkC1steRA5fwRwNQJzAEcjCFYyUzA6bjxtMjV9AXMyWHktRyQtVgRUPxRPKWcAGHMXWSIVezFABSBWPns/OXkvZzUbeQ5kNRtgBVslD28cdj9dDXZtMQReHlklAW8tRyQPax9nJD59PGciGFwIWTUBbxNxIwgLC1UyB31gXRQDVjYKLBxtAVIIC2wDdjUa
Frame ID: 24A86FE9EB1F7779F91404C9BFBD2E1C
Requests: 2 HTTP requests in this frame

Frame: https://owledconside.xyz/MThSa0pQWjEGdVAFME0/Q1RvTnh3HWAtLgNOJQd4R1A+Cj5cCjRFKV1XJw8sQ1c8H2RfXSZOeHdSAQYycm0/XzpwQSVbH2UMFCEnCGA0WhwAYWNeOXNSF1ILdUgAJzN4DTc6A1NiNT59dmwAWw1beRsNeHtxGAx6QnYEJTlyayUTHwJMGSIwaHU2WiJaciVSeXBrYgQISGETInlVWxYtJkJhOR9+aX89BwhIaRsnGWRcMFp/SGgQGzxpVhgBElxqMTF4dEswWn9IcgMIIWZWCFgSYFAYCA14bzQtIkNcYxN8dWwbAgtYADAhMHB+GxMiX2ERA28DfgpYZ2cACjMye1sVIQ14aQNZGkZyJDMtdwsKIyVwcygABlMJZxIEYEsiKTMADwFYIlJxBgQpe2kXBS4ATx8zEntQAyM6clxgIRNUUxgRE2dIJDMkeFAWEj1/dRYfBlR7IlgTZ1Q5M3ljCBVYLlUeOBglX0hvBjpmCzwyflpJJx0
Frame ID: C9981B35420B6955F8F8827C6DA4B95B
Requests: 2 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 39A8FF6807F7E5AAF847BF9E821A1AC0
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Vault - /SIXAM CC/

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Plyr (Video players) Expand

Overall confidence: 100%
Detected patterns

https://cdn\.plyr\.io/([0-9.]+)/.+\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Marked (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/marked(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

48
Requests

96 %
HTTPS

68 %
IPv6

16
Domains

24
Subdomains

23
IPs

5
Countries

561 kB
Transfer

1595 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://adsco.re/v

Search URL Search Domain Scan URL

URL: https://ts4rebels.cc/
Title: Back to TS4 Rebels

Search URL Search Domain Scan URL

URL: https://www.npmjs.com/package/@googledrive/index
Title: TheFirstSpeedster

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vault.ts4rebels.cc/0:/SIXAM%20CC/ 6 KB
4 KB 341ms
300ms Document
text/html 2606:4700:3036::ac43:9e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 838b4f00717c9771ff5822e4dc3079a95e303a8fcd901c01af675fb57be2d6c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 7345ceb679a7913c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 02 Aug 2022 09:32:39 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjvkq9hfpulBOIVKMJ2xFJaCiPUzMqgyC2MCzfNk5WYeSd80mKIPlxZNjDEpgsGNk3Ivf4DtosPTGHXy1xYBQG5gHN2VT4aexHIbe7xz3f0ZVo1f%2BRfk53TbORp7gvwzzOWtSW6Qx40Vx8G3Chr0ntA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.6.0/dist/ 87 KB
31 KB 49ms
9ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.6.0/dist/jquery.min.js

Requested by

Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 634752
x-jsd-version: 3.6.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30945
etag: W/"15d9d-uC0jjU4x/fYYuuisEabIEsA90NQ"
x-served-by: cache-fra19128-FRA
x-jsd-version-type: version
date: Tue, 02 Aug 2022 09:32:39 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 plyr.css
cdn.plyr.io/3.6.4/ 37 KB
7 KB 106ms
36ms Stylesheet
text/css 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.4/plyr.css
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8e7e4de1e9f1853967930e65e54635ba278937653525e048ec92f5639139f6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24171018
cf-polished: origSize=37857
x-cache: HIT, HIT
x-cache-hits: 1, 1
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZDMZTGP2XVPP40QX
x-amz-id-2: h070I3t+kHXIbRW5e/QH32v/kkh39hVPM1YaO2xZmj6hMUofWnsJhttriRwSiaazPoGh62P/5TM=
x-served-by: cache-dca12922-DCA, cache-lcy19249-LCY
last-modified: Fri, 29 Jan 2021 12:37:49 GMT
server: cloudflare
x-timer: S1635261741.137369,VS0,VE1
etag: W/"2b9e0ce172efe5fb04d6e8a2583bf663"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAQFB7zmqcKd5DHVVYRZn0RtniRzfdgCURRr34gKwOtx1GYPHNWfHDKibXAyM5J9QcY4zd1XZ8kNd965MleGV%2B4EqUVOBvqXLd0JP0ObtgqV%2B6PRkqneMa4H09QuDoDz8gFeylAkkgmp"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000, immutable
cf-ray: 7345ceb8db5088ad-LHR
cf-bgj: minify

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootswatch@5.0.0/dist/vapor/ 181 KB
25 KB 64ms
24ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootswatch@5.0.0/dist/vapor/bootstrap.min.css

Requested by

Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4b7a871198d9578bd21db29f031295f907a1107c59f07b68be80b9347f368e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vault.ts4rebels.cc/
Origin: https://vault.ts4rebels.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2443639
x-jsd-version: 5.0.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25460
etag: W/"2d48c-EcotyYxRJo4msYm/tnEuWJyuQsw"
x-served-by: cache-fra19175-FRA
x-jsd-version-type: version
date: Tue, 02 Aug 2022 09:32:39 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 app.obf.js Show response
cdn.jsdelivr.net/gh/79vi4cwc5/gdi@bc0d608a33b11bf4f7bfa9bcd1c6245d0535cf2b/js/ 134 KB
31 KB 67ms
28ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/79vi4cwc5/gdi@bc0d608a33b11bf4f7bfa9bcd1c6245d0535cf2b/js/app.obf.js

Requested by

Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

08fbb073cca7d0cdc1c769a8ab5948a3d02cd57c157546a60368a7a234b81817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 596200
x-jsd-version: bc0d608a33b11bf4f7bfa9bcd1c6245d0535cf2b
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31469
etag: W/"218ff-JBEdVOgnFSIrZYSenTY6o4y4K7s"
x-served-by: cache-fra19128-FRA
x-jsd-version-type: commit
date: Tue, 02 Aug 2022 09:32:39 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 pdf.min.js Show response
cdn.jsdelivr.net/npm/pdfjs-dist@2.12.313/build/ 233 KB
63 KB 50ms
11ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/pdfjs-dist@2.12.313/build/pdf.min.js

Requested by

Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

72f361167c63be1ba6c513c58bbdb7cf44e9bbaca04102d14f3f5dcc6648ffba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 555210
x-jsd-version: 2.12.313
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 64062
etag: W/"3a259-fiTAnwlcTq+MghguUfIS7BsRiuQ"
x-served-by: cache-fra19128-FRA
x-jsd-version-type: version
date: Tue, 02 Aug 2022 09:32:39 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 marked.min.js Show response
cdn.jsdelivr.net/npm/marked@4.0.0/ 46 KB
16 KB 68ms
29ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/marked@4.0.0/marked.min.js

Requested by

Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ab35215692aa8aa6154484264d6572bc360df68af7bfb9d69b19ec984ad20910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2448101
x-jsd-version: 4.0.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15966
etag: W/"b7b6-R54gBfnnnboTTnS2uYRyfHpgZg8"
x-served-by: cache-fra19128-FRA
x-jsd-version-type: version
date: Tue, 02 Aug 2022 09:32:39 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 iconify.min.js Show response
code.iconify.design/2/2.2.1/ 28 KB
11 KB 51ms
18ms Script
text/javascript 2606:4700:3037::6815:310b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.iconify.design/2/2.2.1/iconify.min.js
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:310b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3bdb8c77e05fc0fe1c4921f7756422d44660c75995e2eae57672e72a8cbabaea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4159088
x-powered-by: PleskLin
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 31 Mar 2022 13:39:44 GMT
server: cloudflare
etag: W/"140009-6eed-5db83cb7be58d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1c2WXdvmnCLHqAq89AxJ3nLkuk9Wu3i3xIM31GWJvgmj3KpuNezkJKzLzjwVN4yKAdH0fDBd5%2BEM0xpise5Ji8G5KBHpeUP%2B%2BfwKXW6r0lCwtEJGc%2FdgmXdYTPE99VbtRc%2BwgzKOn8NnqYP2m6SYQN5O"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7345ceb89ab59025-FRA
expires: Thu, 15 Jun 2023 06:11:32 GMT

GET
H2 200 / Show response
d2vwl2vhlatm2f.cloudfront.net/ 203 KB
67 KB 226ms
157ms Script
text/plain 2600:9000:2251:cc00:1:e528:bdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2vwl2vhlatm2f.cloudfront.net/?vlwvd=959709
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:cc00:1:e528:bdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 278580319a32d0c5d59d2f8cd28c2a0a2d1b26e6306937fd62b438eba912bf86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 09:32:39 GMT
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 68625
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
x-amz-cf-id: BUE31-6E1NqGhi4D2GQ2wsuZDWrr8lJ3BJNTjgFRlJb0h883ssdWBg==

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 61ms
39ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://vault.ts4rebels.cc/
Origin: https://vault.ts4rebels.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7345ceb96f7590d6-FRA

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.0/dist/js/ 78 KB
22 KB 61ms
23ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

325d19f9a1f62ad82f9f382a877f42bf447c8cbb293dd7cd2c03cf3bcf2f146a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vault.ts4rebels.cc/
Origin: https://vault.ts4rebels.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2437224
x-jsd-version: 5.0.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22435
etag: W/"13731-2JYXAt9UqpcPHzAIfI0LH2lnx4Q"
x-served-by: cache-fra19175-FRA
x-jsd-version-type: version
date: Tue, 02 Aug 2022 09:32:39 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 plyr.polyfilled.js Show response
cdn.plyr.io/3.6.4/ 187 KB
60 KB 113ms
44ms Script
application/javascript 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.4/plyr.polyfilled.js
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7907f9569c7929765031a8c8bd04a3ff86f3fc43ffcdcdfbbbcf3b1d65eb2857

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24171001
cf-polished: origSize=191594
x-cache: HIT, HIT
x-cache-hits: 1, 1
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: D5KW46WEKQ51Z9N0
x-amz-id-2: jBOQxc801x7prSusF6SAes53XWIkeFo9Ooiqqz+pbjh+uGYBeGD0lAvptx5wty3lTp1ZeVjMWe0=
x-served-by: cache-dca17748-DCA, cache-lcy19272-LCY
last-modified: Fri, 29 Jan 2021 12:37:21 GMT
server: cloudflare
x-timer: S1635261759.757337,VS0,VE2
etag: W/"2c3b7079abdec425907808aaff9a7a4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1YeTv7zVbTRhmd%2BWABg7C26irbiR5ne7Civ4EmLZz7QYLOZhkLJAJHIwgGnf7ITya2DECpFEM8XW1IhJMTwOG%2FZl7UoqyKLf8uVSs%2B9DvlGe0zjS5t10zGL1eFi%2FTyofFmD%2Bi0BBLL2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control: max-age=31536000, immutable
cf-ray: 7345ceb8db5488ad-LHR
cf-bgj: minify

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
909 B 44ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootswatch@5.0.0/dist/vapor/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aee1e4e4dfaa2c0f96dcaf744f7f30e2cacd831eed9aae5266189216fa13a06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.jsdelivr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Aug 2022 07:45:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 02 Aug 2022 09:32:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Aug 2022 09:32:39 GMT

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 232ms
185ms Fetch
binary/octet-stream 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d2vwl2vhlatm2f.cloudfront.net
URL: https://d2vwl2vhlatm2f.cloudfront.net/?vlwvd=959709
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
access-control-allow-methods: GET
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Aug 2022 07:05:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnXQ9L9W1RjBrkWPWPCj6%2F2QaNE11Be42uq1whc6Nni9jvnYTJsgV%2F9vmKBXBvdrsIk%2FABaBP0XWLq7y4GJcC1qp5r4z3BhIlyISQDfKMeK9GWNXn%2F6DFsj7P7TsDTQ6eVqhvuK%2FoF1qwQbH"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://vault.ts4rebels.cc
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7345ceba4f239253-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
721 B 159ms
113ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d2vwl2vhlatm2f.cloudfront.net
URL: https://d2vwl2vhlatm2f.cloudfront.net/?vlwvd=959709
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71b1a9613a2ef27424e80bb9e612008169038afdf79fc94393a13d361c297ed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://vault.ts4rebels.cc
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=916Xg1OuSf6fV3KEwlPZmf8g7uLz%2BcvvyFR80hZTOaLCXDKv5FSLYDhK1uZKlPazo3rz0ETXR68usiOcbd%2F9MmtySak0R27TLurxQyJJI8R3axivgtZq2HUbK7HD0awczWmbuurNzD75xLKp"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7345ceba4f249253-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
owledconside.xyz/ 0
492 B 145ms
99ms XHR
text/plain 18.66.139.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://owledconside.xyz/utx?cb=MPUoX5tvX6kE&top=vault.ts4rebels.cc&tid=959709
Requested by: Host: d2vwl2vhlatm2f.cloudfront.net
URL: https://d2vwl2vhlatm2f.cloudfront.net/?vlwvd=959709
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-68.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Aug 2022 09:32:39 GMT
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://vault.ts4rebels.cc
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: 9PmOatLw-vFdR2zv7zT02yIevJFQdgJpjAmIjGIyWlYfcNtHhXWK3A==

GET
H2 204 Zk1RQ3dJcjIwSjQhBwclPgsrGUQkfgAbJQwpYjs2BQoDchEjDHc3HgJwaHZOUX1oZQcPKWxyURU5MDcCFXBgZR4IKz5+URBwYG1EUmNje1lWayR+RkA5ISIQW3x3MwMSIWxyQVN0ZXBFUXhocEJS
briolenproc.pics/ 0
259 B 179ms
115ms Image
text/plain 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://briolenproc.pics/Zk1RQ3dJcjIwSjQhBwclPgsrGUQkfgAbJQwpYjs2BQoDchEjDHc3HgJwaHZOUX1oZQcPKWxyURU5MDcCFXBgZR4IKz5+URBwYG1EUmNje1lWayR+RkA5ISIQW3x3MwMSIWxyQVN0ZXBFUXhocEJS
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOnBAZHfUJ4hO%2BN30hIqXUBsmlprOUzw0uL9DKLo2dHjnmHOdvss7HcfHhZeMmP5YHuQNvtcRONbcXpJBGkFopvzl1%2Bqs8JhBbL3nRcxND6Vo8DgJKRR4hYqV%2BqW7jzvmzKyyQB8uYtYXVMy2Ltt"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7345ceba7fb89b76-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 147ms
118ms Image
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 106ms
53ms Image
text/html 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 151ms
98ms Image
text/html 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 popunder.gif
briolenproc.pics/ 35 B
634 B 70ms
17ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://briolenproc.pics/popunder.gif
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Tue, 02 Aug 2022 09:32:39 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Aug 2022 11:42:25 GMT
server: cloudflare
age: 78614
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwIa5tdg1rCBDAjHKdeuNCrnrnFqNyYfPOClW7uXK7LC6USZGEoMEJnkyQl9dzjoF6Pe%2BWUsr4YT45OxXjZru6xn4xLv6WRGrMswv5WZFqzDLWDcukIIo%2FJWgzBV3vcyl4BlasIpzQ55872rW%2Fq0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7345ceba7fbc9b76-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 Axw9MDYGPAYTAFsnFCwANx4fNg5fH3cgMwpNaGFjWUFhcioHFGxlYkgDJTUuGwNsZXwHHjc7Z0gGbGV0Xl5gemhIBWxlfBoAMDNnX1YhIC4CTWBib1dEYmZtW0liYmk
briolenproc.pics/bnBRVFpBTzInZztAFyU/ 0
265 B 166ms
113ms Image
text/plain 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://briolenproc.pics/bnBRVFpBTzInZztAFyU/Axw9MDYGPAYTAFsnFCwANx4fNg5fH3cgMwpNaGFjWUFhcioHFGxlYkgDJTUuGwNsZXwHHjc7Z0gGbGV0Xl5gemhIBWxlfBoAMDNnX1YhIC4CTWBib1dEYmZtW0liYmk
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81U3LsdOCvR0UFvLwDbVaYU0qotJmyqoACoGiyRgj8kiXkImSciS%2Bkig4zXHfKCuR%2FR8AzHpzYUjFQr97lSPATIk3Q1w9%2Fx0aHYAey4znzcD3GcnQb0iYZ2NoGmxD8kct9aYF41TGP4KxbmnieKM"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7345ceba7fbd9b76-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 index.min.js Show response
www.intelligenceadx.com/ 30 KB
9 KB 180ms
10ms Script
application/x-javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intelligenceadx.com/index.min.js
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 15bfa4e9132ef7e314f9b50dff17ea5d37e21cf153ee48e1febbbe14edd37bf0

Request headers

Referer: https://vault.ts4rebels.cc/
Origin: https://vault.ts4rebels.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 02 Aug 2022 09:32:39 GMT
content-encoding: br
x-77-cache: HIT
x-cache: HIT
x-age: 128935
alt-svc: quic="156.146.33.25:443"; ma=2592000; v="44,43,39"
x-77-nzt: AZySIRkwn4j/p/cBAA
x-accel-expires: @1659908624
server: CDN77-Turbo
x-77-nzt-ray: jT4LW6L/iuo
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
link: <https://intelligenceadx.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires: Sun, 07 Aug 2022 21:43:44 GMT

POST
H2 200 / Show response
vault.ts4rebels.cc/0:/SIXAM%20CC/ 2 KB
1 KB 760ms
759ms XHR
text/plain 2606:4700:3036::ac43:9e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9e50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 923f95158fe36ad20973b2fa270a7d3c1dd2953e224960e91fd9c377495d8100

Request headers

Accept: */*
Referer: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 02 Aug 2022 09:32:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7kSZuWGLSx%2F17l2xqUi9yaCuDNd557gVym0YmElTrTDoziCp5DO88kf%2FLizljq0NpZJuC3J429j%2BR0DlkMRnT9M9Y1IhoVCI78AvAWmZp9qRXML0I6oXM25h0hxztNvn%2Fd%2BPdNG9wRK17XIsW%2F0m4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 7345ceba5f82913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 40.png
i.ibb.co/WVgNxBD/ 4 KB
4 KB 111ms
19ms Image
image/png 217.182.228.53
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/WVgNxBD/40.png
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 217.182.228.53 , France, ASN16276 (OVH, FR),
Reverse DNS: ip53.ip-217-182-228.eu
Software: nginx /
Resource Hash: e63d94d7a5bf16489f5945b73d88b75e67f3d018ceb5256f53c74a947ff28195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
last-modified: Sat, 28 May 2022 17:52:07 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3755
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 OXkvZzUbeQ5kNRtgBVslD28cdj9dDXZtMQReHlklAW8tRyQPax9nJD59PGciGFwIWTUBbxNxIwgLC1UyB31gXRQDVjYKLBxtAVIIC2wDdjUa Show response
owledconside.xyz/bDhGN2cNWiVaWA0FJBESHlR7ElUqHXRxA15OMVtVGlAqVhMBCiAZBABXM1MBHlcoQ0kCXTISVSpqEGBSGlsDclUtaQNgAQV9DnRXXQwfcQM1aQ5fHS56MVErFW4SfSYtbQNQFC1+PmI2IEJ2cD0VfRN0V11AJUAuI3AvbQg/eSlSLgFQIGQ1... Frame 24A8 3 KB
2 KB 115ms
107ms Document
text/html 18.66.139.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://owledconside.xyz/bDhGN2cNWiVaWA0FJBESHlR7ElUqHXRxA15OMVtVGlAqVhMBCiAZBABXM1MBHlcoQ0kCXTISVSpqEGBSGlsDclUtaQNgAQV9DnRXXQwfcQM1aQ5fHS56MVErFW4SfSYtbQNQFC1+PmI2IEJ2cD0VfRN0V11AJUAuI3AvbQg/eSlSLgFQIGQ1KVQIBikObixiCy1pFHkoL30jczYDTxZPNiBwEVQAKAkPUysFAA52HxtfJXEQHGoRDgs/CXd2Bj9xDnY1PU0PX1YnaShyUCtTNnQEO2ojZjIuUxxeHydpKHIOLk8AcAM0eiJ7MTpCHGU9NmoBXxA0fmsPNSFrE3QkC1steRA5fwRwNQJzAEcjCFYyUzA6bjxtMjV9AXMyWHktRyQtVgRUPxRPKWcAGHMXWSIVezFABSBWPns/OXkvZzUbeQ5kNRtgBVslD28cdj9dDXZtMQReHlklAW8tRyQPax9nJD59PGciGFwIWTUBbxNxIwgLC1UyB31gXRQDVjYKLBxtAVIIC2wDdjUa
Requested by: Host: d2vwl2vhlatm2f.cloudfront.net
URL: https://d2vwl2vhlatm2f.cloudfront.net/?vlwvd=959709
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-68.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 4a6bece1e0c1bb1126c14cfa7076c649c02bd5d75ab3ffe30c0d3e98ae8554c2

Request headers

Referer: https://vault.ts4rebels.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1234
content-type: text/html
date: Tue, 02 Aug 2022 09:32:39 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-id: AbdFyuuj6JO3abG6-sjxTIp3dRlw5cmTLzVFwbMzDGOGV0tbDVPLzg==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront

GET
H2 200 dRYfBlR7IlgTZ1Q5M3ljCBVYLlUeOBglX0hvBjpmCzwyflpJJx0 Show response
owledconside.xyz/MThSa0pQWjEGdVAFME0/Q1RvTnh3HWAtLgNOJQd4R1A+Cj5cCjRFKV1XJw8sQ1c8H2RfXSZOeHdSAQYycm0/XzpwQSVbH2UMFCEnCGA0WhwAYWNeOXNSF1ILdUgAJzN4DTc6A1NiNT59dmwAWw1beRsNeHtxGAx6QnYEJTlyayUTHwJMGSIw... Frame C998 3 KB
2 KB 108ms
106ms Document
text/html 18.66.139.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://owledconside.xyz/MThSa0pQWjEGdVAFME0/Q1RvTnh3HWAtLgNOJQd4R1A+Cj5cCjRFKV1XJw8sQ1c8H2RfXSZOeHdSAQYycm0/XzpwQSVbH2UMFCEnCGA0WhwAYWNeOXNSF1ILdUgAJzN4DTc6A1NiNT59dmwAWw1beRsNeHtxGAx6QnYEJTlyayUTHwJMGSIwaHU2WiJaciVSeXBrYgQISGETInlVWxYtJkJhOR9+aX89BwhIaRsnGWRcMFp/SGgQGzxpVhgBElxqMTF4dEswWn9IcgMIIWZWCFgSYFAYCA14bzQtIkNcYxN8dWwbAgtYADAhMHB+GxMiX2ERA28DfgpYZ2cACjMye1sVIQ14aQNZGkZyJDMtdwsKIyVwcygABlMJZxIEYEsiKTMADwFYIlJxBgQpe2kXBS4ATx8zEntQAyM6clxgIRNUUxgRE2dIJDMkeFAWEj1/dRYfBlR7IlgTZ1Q5M3ljCBVYLlUeOBglX0hvBjpmCzwyflpJJx0
Requested by: Host: d2vwl2vhlatm2f.cloudfront.net
URL: https://d2vwl2vhlatm2f.cloudfront.net/?vlwvd=959709
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-68.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: b017ce8e69f2bee9ad0bf7c3c9a9ae89b2c1d3ca42489600404ff7ec728ead0b

Request headers

Referer: https://vault.ts4rebels.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1216
content-type: text/html
date: Tue, 02 Aug 2022 09:32:39 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-id: 9nmlNay1i_P6xTz3h4tNb0hcZFZUCeZQXDycEeX4y5yNGa4g-FGCNg==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 60ms
19ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vault.ts4rebels.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 577525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 17:07:14 GMT

GET
H2 200 line-md.json Show response
api.iconify.design/ 683 B
1 KB 85ms
23ms Fetch
application/json 2606:4700:3034::ac43:bcc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iconify.design/line-md.json?icons=close-circle
Requested by: Host: code.iconify.design
URL: https://code.iconify.design/2/2.2.1/iconify.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bcc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2472b35ee7067e6184d5f8e2a80befdc7a1e13cab7c806f7294d344791358695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"2ab-MwfqbGk25/pdhcKsMwSaAkg1CW0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzphgC0q7plQP1m%2B97Bmvyk2J2lP3uS9XOAF56WklIsGAm2O9LcIAV%2BVVmJD4XbtrkwkFWPyYuR2aicVwobNhTFsQI6XOfOwDOTHjiWa1VN5Ppo6861JsIBgW4j9CXJuprUBk8jsWL%2FJSmSVXVCut9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7345cebb2b7992c9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding

GET
H2 200 X3-V8XXxJcGJGIQQ2PwJvXgF3XHoAKzkLb15yNQspBy17S3hcITocJQEnd1wMXXJhQHpCd2JYekJzYVpvXnIhDywNMDtLeCp3YVlkX3R0G3dd Show response
d2vwl2vhlatm2f.cloudfront.net/jSmxCUm4pAyw0UT4FJm9Xf1V1Y15sBjE9ADpRLyI5eQIbZgU7GTR0GjAIf2JIJg0sNVNsCSwxU3tKIzYMd1hkJw93AS0oByYAI3dcDFlsYkt4XGolByQILSUdb15yPBpvXnJjXmRcZ2Esb15yJQckWnZ3XQhJcGIWfFhrd1... Frame C998 291 B
537 B 151ms
150ms Script
text/plain 2600:9000:2251:cc00:1:e528:bdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2vwl2vhlatm2f.cloudfront.net/jSmxCUm4pAyw0UT4FJm9Xf1V1Y15sBjE9ADpRLyI5eQIbZgU7GTR0GjAIf2JIJg0sNVNsCSwxU3tKIzYMd1hkJw93AS0oByYAI3dcDFlsYkt4XGolByQILSUdb15yPBpvXnJjXmRcZ2Esb15yJQckWnZ3XQhJcGIWfFhrd1x6DTIiAi8bJzAFIxhnYCh/X3-V8XXxJcGJGIQQ2PwJvXgF3XHoAKzkLb15yNQspBy17S3hcITocJQEnd1wMXXJhQHpCd2JYekJzYVpvXnIhDywNMDtLeCp3YVlkX3R0G3dd
Requested by: Host: owledconside.xyz
URL: https://owledconside.xyz/MThSa0pQWjEGdVAFME0/Q1RvTnh3HWAtLgNOJQd4R1A+Cj5cCjRFKV1XJw8sQ1c8H2RfXSZOeHdSAQYycm0/XzpwQSVbH2UMFCEnCGA0WhwAYWNeOXNSF1ILdUgAJzN4DTc6A1NiNT59dmwAWw1beRsNeHtxGAx6QnYEJTlyayUTHwJMGSIwaHU2WiJaciVSeXBrYgQISGETInlVWxYtJkJhOR9+aX89BwhIaRsnGWRcMFp/SGgQGzxpVhgBElxqMTF4dEswWn9IcgMIIWZWCFgSYFAYCA14bzQtIkNcYxN8dWwbAgtYADAhMHB+GxMiX2ERA28DfgpYZ2cACjMye1sVIQ14aQNZGkZyJDMtdwsKIyVwcygABlMJZxIEYEsiKTMADwFYIlJxBgQpe2kXBS4ATx8zEntQAyM6clxgIRNUUxgRE2dIJDMkeFAWEj1/dRYfBlR7IlgTZ1Q5M3ljCBVYLlUeOBglX0hvBjpmCzwyflpJJx0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:cc00:1:e528:bdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d811e7efa13d36b48b5c1f852ed80bbfa92c3b53412ab6c62e2b3412b564624a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://owledconside.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 259
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
x-amz-cf-id: C9oi0Lo9hFvUZH6aW0CMEFS6HWXV9JCyB-QpS_Xz3GxeWMZ70Z-h_A==

GET
H2 200 RVW5vcEE2AQEWfiEHC014YFdYQHhzBBwfLyVTJAAUEgsAFxUQLz0GZyEUC01xcwIOHiZoSAoeImhfSRElN1NbVjUlAQRNOCEeDQowPxQLHWcgD1IdLi8HAxwgcFwpRW9lS11AaSIHARQuIh1KQnE7GkpCcWReQUBkZixKQnEiBwFGdXBdLVVzZRZZRGhwXF-8RMSU... Show response
d2vwl2vhlatm2f.cloudfront.net/ Frame 24A8 920 B
891 B 164ms
164ms Script
text/plain 2600:9000:2251:cc00:1:e528:bdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2vwl2vhlatm2f.cloudfront.net/RVW5vcEE2AQEWfiEHC014YFdYQHhzBBwfLyVTJAAUEgsAFxUQLz0GZyEUC01xcwIOHiZoSAoeImhfSRElN1NbVjUlAQRNOCEeDQowPxQLHWcgD1IdLi8HAxwgcFwpRW9lS11AaSIHARQuIh1KQnE7GkpCcWReQUBkZixKQnEiBwFGdXBdLVVzZRZZRGhwXF-8RMSUCCgckNwUGBGRnKFpDdntdWVVzZUYEGDU4AkpCAnBcXxwoPgtKQnEyCwwbLnxLXUAiPRwAHSRwXClBcWZAX150ZVhfXnBmWkpCcSYPCREzPEtdNnRmWUFDd3MbUkE
Requested by: Host: owledconside.xyz
URL: https://owledconside.xyz/bDhGN2cNWiVaWA0FJBESHlR7ElUqHXRxA15OMVtVGlAqVhMBCiAZBABXM1MBHlcoQ0kCXTISVSpqEGBSGlsDclUtaQNgAQV9DnRXXQwfcQM1aQ5fHS56MVErFW4SfSYtbQNQFC1+PmI2IEJ2cD0VfRN0V11AJUAuI3AvbQg/eSlSLgFQIGQ1KVQIBikObixiCy1pFHkoL30jczYDTxZPNiBwEVQAKAkPUysFAA52HxtfJXEQHGoRDgs/CXd2Bj9xDnY1PU0PX1YnaShyUCtTNnQEO2ojZjIuUxxeHydpKHIOLk8AcAM0eiJ7MTpCHGU9NmoBXxA0fmsPNSFrE3QkC1steRA5fwRwNQJzAEcjCFYyUzA6bjxtMjV9AXMyWHktRyQtVgRUPxRPKWcAGHMXWSIVezFABSBWPns/OXkvZzUbeQ5kNRtgBVslD28cdj9dDXZtMQReHlklAW8tRyQPax9nJD59PGciGFwIWTUBbxNxIwgLC1UyB31gXRQDVjYKLBxtAVIIC2wDdjUa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:cc00:1:e528:bdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6ebd2ea72f3afd5f953f812a9350d95242ea1a321f3203f2ac3a6b2b0f963b84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://owledconside.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
content-encoding: gzip
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 615
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
x-amz-cf-id: oe041bOGJdlPHFlTme6vG6VfNoxAadF84H4W45r8VvNKR3DrPdK2ug==

GET
H2 200 / Show response
c.adsco.re/ 61 KB
22 KB 59ms
16ms Script
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: www.intelligenceadx.com
URL: https://www.intelligenceadx.com/index.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 3180312
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
cache-control: public, max-age=2678400
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray: 7345cebc5fb19174-FRA
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Fri, 02 Sep 2022 09:32:39 GMT

GET
H2 200 /
6.adsco.re/ 0
105 B 72ms
27ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vault.ts4rebels.cc/
Origin: https://vault.ts4rebels.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://vault.ts4rebels.cc
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 7345cebcbc2e926e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47

GET
H/1.1 200
OK /
4.adsco.re/ 0
465 B 101ms
24ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://vault.ts4rebels.cc/
Origin: https://vault.ts4rebels.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 02 Aug 2022 09:32:39 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://vault.ts4rebels.cc
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK / Show response
4.adsco.re/ 46 B
465 B 81ms
24ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 1e5436eb2321a859273ff07b34df06e4666be753ac7af078137bfd9349d28816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 02 Aug 2022 09:32:39 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://vault.ts4rebels.cc
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 / Show response
6.adsco.re/ 47 B
418 B 51ms
27ms XHR
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df0dcfb3d9745856b5187af9861170b019e9b3f70ed6db6c9f79f7442ee56a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://vault.ts4rebels.cc
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 7345cebcbc2d926e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47

POST
H/1.1 200
OK /
uekwmuinfekq.l4.adsco.re/ 0
464 B 119ms
27ms Ping
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://uekwmuinfekq.l4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vault.ts4rebels.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 02 Aug 2022 09:32:39 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
uekwmuinfekq.n4.adsco.re/ 0
464 B 456ms
88ms Ping
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://uekwmuinfekq.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vault.ts4rebels.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 02 Aug 2022 09:32:40 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
uekwmuinfekq.s4.adsco.re/ 0
464 B 1436ms
249ms Ping
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://uekwmuinfekq.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vault.ts4rebels.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 02 Aug 2022 09:32:41 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H3 200 / Show response
c.adsco.re/ Frame 39A8 61 KB
22 KB 40ms
15ms Document
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

Referer: https://vault.ts4rebels.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
age: 3180313
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 7345cebcdaf65b92-FRA
content-encoding: br
content-type: text/html
date: Tue, 02 Aug 2022 09:32:39 GMT
etag: W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 02 Sep 2022 09:32:39 GMT
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
server: cloudflare
vary: Accept-Encoding

GET /
6.adsco.re/ Frame 39A8 0
0

GET
H/1.1 200
OK /
4.adsco.re/ Frame 39A8 0
457 B 24ms
24ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: vault.ts4rebels.cc
URL: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.adsco.re/
Origin: https://c.adsco.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 02 Aug 2022 09:32:39 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://c.adsco.re
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H3 200 /
c.adsco.re/ Frame 39A8 48 KB
0 16ms
16ms XHR
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 09:32:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 3180313
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
cache-control: public, max-age=2678400
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray: 7345cebdfbd75b92-FRA
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Fri, 02 Sep 2022 09:32:39 GMT

POST
H3 200 rum Show response
vault.ts4rebels.cc/cdn-cgi/ 0
204 B 20ms
19ms XHR
text/plain 2606:4700:3036::ac43:9e50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vault.ts4rebels.cc/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9e50 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vault.ts4rebels.cc/0:/SIXAM%20CC/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type: application/json

Response headers

date: Tue, 02 Aug 2022 09:32:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://vault.ts4rebels.cc
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 7345cebdfb2091d2-FRA
vary: Origin

GET /
4.adsco.re/ Frame 39A8 0
0

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 33ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vault.ts4rebels.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 577526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 17:07:14 GMT

POST
H/1.1 200
OK p Show response
adsco.re/ 363 B
864 B 137ms
77ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 0939fda13778d02e1f55a11aa987b1b2508c855f7062c282181d92534d0d038e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

AS-P-G: OK
Date: Tue, 02 Aug 2022 09:32:40 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK lon123
Access-Control-Allow-Origin: https://vault.ts4rebels.cc
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H2 200 Ri.html Show response
intelligenceadx.com/ 44 B
140 B 206ms
118ms Script
text/javascript 208.95.114.100
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligenceadx.com/Ri.html?_=BAoAYujvOAFi6O84gAGBAsAAIDwe5IWilWsBlBnw_1apwGvZYO33zkQI3EQlPbBN3r12wQBHMEUCIQDC1eNBGC5j-f8Ij1dtfA29GDDvy0eGuR3E8kVIuhn7GAIgaEZp-scwpm_wm4cl_dalWbBhYdjWBXbMi8tZEFj1Z3jCACCal9sTV6X5KkEvPJ6d6dr7EtwZNEb2iJnYl7N8ZP6J-sQAECoBBKAAWgAAAAAAAAAAAAPFABAx4vAxhrUAz1rzZZo0QZ-awwBHMEUCIQD7ixSk_IEvC7rl51_tqseb-a6a5anIalKceJM3FIxH4QIgYJpmvO28z5x_2BXcH8vjwHtmXv8-BEqLoD2pXvCsVyw&v=4&nNxRbiaW=4789833&minBid=0.0013&mtvUzMis=1:12,1:12,0&iDBuQHEy=&LmucMVZn=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.intelligenceadx.com
URL: https://www.intelligenceadx.com/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.95.114.100 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vault.ts4rebels.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Aug 2022 09:32:40 GMT
popads-ec: ASB
asf: 9
content-length: 44
content-type: text/javascript;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 6.adsco.re
URL: https://6.adsco.re/

Domain: 4.adsco.re
URL: https://4.adsco.re/

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
freychang.fun/	1970-01-20 13:35:36	Name: csu Value: 1880933283401285@1@1659432759
vault.ts4rebels.cc/	1970-01-20 04:57:37	Name: a Value: hzl8z9y8T6STNmeqamD8csEfMokV7oyh
vault.ts4rebels.cc/	1970-01-20 04:57:34	Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c Value: BAoAYujvOAFi6O84gAGBAsAAIDwe5IWilWsBlBnw_1apwGvZYO33zkQI3EQlPbBN3r12wQBHMEUCIQDC1eNBGC5j-f8Ij1dtfA29GDDvy0eGuR3E8kVIuhn7GAIgaEZp-scwpm_wm4cl_dalWbBhYdjWBXbMi8tZEFj1Z3jCACCal9sTV6X5KkEvPJ6d6dr7EtwZNEb2iJnYl7N8ZP6J-sQAECoBBKAAWgAAAAAAAAAAAAPFABAx4vAxhrUAz1rzZZo0QZ-awwBHMEUCIQD7ixSk_IEvC7rl51_tqseb-a6a5anIalKceJM3FIxH4QIgYJpmvO28z5x_2BXcH8vjwHtmXv8-BEqLoD2pXvCsVyw
vault.ts4rebels.cc/	1970-01-20 04:57:34	Name: _popprepop Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
accounts.google.com
adsco.re
api.iconify.design
briolenproc.pics
c.adsco.re
cdn.jsdelivr.net
cdn.plyr.io
code.iconify.design
d2vwl2vhlatm2f.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
i.ibb.co
intelligenceadx.com
owledconside.xyz
static.cloudflareinsights.com
uekwmuinfekq.l4.adsco.re
uekwmuinfekq.n4.adsco.re
uekwmuinfekq.s4.adsco.re
vault.ts4rebels.cc
www.facebook.com
www.intelligenceadx.com
4.adsco.re
6.adsco.re
162.252.214.5
18.66.139.68
185.200.116.90
185.200.118.90
208.95.114.100
217.182.228.53
2600:9000:2251:cc00:1:e528:bdc0:21
2606:4700:21::681b:c358
2606:4700:3030::ac43:dadd
2606:4700:3034::ac43:bcc3
2606:4700:3036::ac43:9e50
2606:4700:3037::6815:310b
2606:4700:440e::ac40:9c1a
2606:4700::6811:a6ba
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:831::200d
2a02:6ea0:c700::18
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::485
2a06:98c1:3120::c
38.132.109.186
08fbb073cca7d0cdc1c769a8ab5948a3d02cd57c157546a60368a7a234b81817
0939fda13778d02e1f55a11aa987b1b2508c855f7062c282181d92534d0d038e
15bfa4e9132ef7e314f9b50dff17ea5d37e21cf153ee48e1febbbe14edd37bf0
1e5436eb2321a859273ff07b34df06e4666be753ac7af078137bfd9349d28816
2472b35ee7067e6184d5f8e2a80befdc7a1e13cab7c806f7294d344791358695
278580319a32d0c5d59d2f8cd28c2a0a2d1b26e6306937fd62b438eba912bf86
325d19f9a1f62ad82f9f382a877f42bf447c8cbb293dd7cd2c03cf3bcf2f146a
3bdb8c77e05fc0fe1c4921f7756422d44660c75995e2eae57672e72a8cbabaea
4a6bece1e0c1bb1126c14cfa7076c649c02bd5d75ab3ffe30c0d3e98ae8554c2
4b7a871198d9578bd21db29f031295f907a1107c59f07b68be80b9347f368e15
6ebd2ea72f3afd5f953f812a9350d95242ea1a321f3203f2ac3a6b2b0f963b84
71b1a9613a2ef27424e80bb9e612008169038afdf79fc94393a13d361c297ed3
72f361167c63be1ba6c513c58bbdb7cf44e9bbaca04102d14f3f5dcc6648ffba
7907f9569c7929765031a8c8bd04a3ff86f3fc43ffcdcdfbbbcf3b1d65eb2857
7df0dcfb3d9745856b5187af9861170b019e9b3f70ed6db6c9f79f7442ee56a0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838b4f00717c9771ff5822e4dc3079a95e303a8fcd901c01af675fb57be2d6c1
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
923f95158fe36ad20973b2fa270a7d3c1dd2953e224960e91fd9c377495d8100
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
ab35215692aa8aa6154484264d6572bc360df68af7bfb9d69b19ec984ad20910
aee1e4e4dfaa2c0f96dcaf744f7f30e2cacd831eed9aae5266189216fa13a06a
b017ce8e69f2bee9ad0bf7c3c9a9ae89b2c1d3ca42489600404ff7ec728ead0b
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d811e7efa13d36b48b5c1f852ed80bbfa92c3b53412ab6c62e2b3412b564624a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63d94d7a5bf16489f5945b73d88b75e67f3d018ceb5256f53c74a947ff28195
f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f8e7e4de1e9f1853967930e65e54635ba278937653525e048ec92f5639139f6d
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

vault.ts4rebels.cc Open in urlscan Pro 2606:4700:3036::ac43:9e50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

96 %HTTPS

68 %IPv6

16 Domains

24 Subdomains

23 IPs

5 Countries

561 kBTransfer

1595 kBSize

4 Cookies

3 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vault.ts4rebels.cc Open in urlscan Pro
2606:4700:3036::ac43:9e50 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

96 %
HTTPS

68 %
IPv6

16
Domains

24
Subdomains

23
IPs

5
Countries

561 kB
Transfer

1595 kB
Size

4
Cookies

48 HTTP transactions
0 data transactions