urlscan.io logo urlscan.io
SecurityTrails logo

www96.davisonbarker.pro Open in urlscan Pro
104.21.92.39  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www99.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=5667182&pci=7131667957&t=1677060773&dest=...
Effective URL: https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=...
Submission: On February 22 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 13 domains to perform 37 HTTP transactions. The main IP is 104.21.92.39, located in and belongs to CLOUDFLARENET, US. The main domain is www96.davisonbarker.pro.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.
This is the only time www96.davisonbarker.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 104.21.92.39 13335 (CLOUDFLAR...)
4 52.222.250.181 16509 (AMAZON-02)
4 172.64.198.35 13335 (CLOUDFLAR...)
6 13.32.110.53 16509 (AMAZON-02)
8 188.114.96.12 13335 (CLOUDFLAR...)
2 54.162.51.18 14618 (AMAZON-AES)
1 108.138.7.37 16509 (AMAZON-02)
2 192.243.59.20 39572 (ADVANCEDH...)
1 18.192.190.118 16509 (AMAZON-02)
1 192.243.59.12 39572 (ADVANCEDH...)
37 11
7    104.21.92.39 (None, )

ASN13335 (CLOUDFLARENET, US)
www99.davisonbarker.pro
www61.davisonbarker.pro
www96.davisonbarker.pro
4    52.222.250.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-181.fra60.r.cloudfront.net
dc5k8fg5ioc8s.cloudfront.net
4    172.64.198.35 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
6    13.32.110.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-53.vie50.r.cloudfront.net
delookiinasfier.cc
8    188.114.96.12 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
fghnergyflex.xyz
2    54.162.51.18 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-51-18.compute-1.amazonaws.com
ndandinter.hair
1    108.138.7.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-37.fra56.r.cloudfront.net
ablesasmetotr.monster
2    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
breedingdaringconcussion.com
banquetunarmedgrater.com
1    18.192.190.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-190-118.eu-central-1.compute.amazonaws.com
simplewebanalysis.com
1    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
reasonablelandmark.com
Domain Requested by
8 fghnergyflex.xyz www99.davisonbarker.pro
dc5k8fg5ioc8s.cloudfront.net
www96.davisonbarker.pro
6 delookiinasfier.cc dc5k8fg5ioc8s.cloudfront.net
4 pogothere.xyz dc5k8fg5ioc8s.cloudfront.net
4 dc5k8fg5ioc8s.cloudfront.net www99.davisonbarker.pro
delookiinasfier.cc
www96.davisonbarker.pro
4 www99.davisonbarker.pro 1 redirects www99.davisonbarker.pro
2 www96.davisonbarker.pro www96.davisonbarker.pro
2 ndandinter.hair www99.davisonbarker.pro
1 reasonablelandmark.com www96.davisonbarker.pro
1 banquetunarmedgrater.com www96.davisonbarker.pro
1 simplewebanalysis.com www96.davisonbarker.pro
1 breedingdaringconcussion.com www96.davisonbarker.pro
1 www61.davisonbarker.pro www99.davisonbarker.pro
1 ablesasmetotr.monster www99.davisonbarker.pro
0 dismantlepenantiterrorist.com Failed
0 addresseepaper.com Failed www96.davisonbarker.pro
37 15

This site contains links to these domains. Also see Links.

Domain
reasonablelandmark.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-26		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.pogothere.xyz
E1		 2022-12-31 -
2023-03-31		 3 months crt.sh
delookiinasfier.cc
Amazon RSA 2048 M02		 2023-02-18 -
2024-03-18		 a year crt.sh
ndandinter.hair
R3		 2023-02-02 -
2023-05-03		 3 months crt.sh
ablesasmetotr.monster
Amazon		 2022-08-03 -
2023-09-01		 a year crt.sh
breedingdaringconcussion.com
R3		 2023-01-01 -
2023-04-01		 3 months crt.sh
simplewebanalysis.com
Amazon RSA 2048 M01		 2023-02-13 -
2023-04-30		 3 months crt.sh
banquetunarmedgrater.com
R3		 2023-02-02 -
2023-05-03		 3 months crt.sh
reasonablelandmark.com
R3		 2023-02-03 -
2023-05-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Frame ID: 0E506C5D068864C8022F914F82D6EE21
Requests: 33 HTTP requests in this frame

Frame: https://delookiinasfier.cc/NGJjTXdVAAAgSFVfAWsCRg5eaEVyR1ELE1dXCHURU1cKIhQMEU0uG1sXBysFWwwXYxlRFkZ/MWQ1Nyk6YTcEeyB3K1ApDgUHKAoPQwMUA0NuDBdoRXI6N3VSBiApJBx/IxsHT1VRDDk/ZzQXCCNTEC8KJnwDCX0HelMhNRNNUlAbP3IFAScfYC4ONU9SUi51J10sCBwefVMvGU5RKwkcBFJSKjkVdzdRGSRhWykJEGcECylOUBUHPS4HChscNGFHUQs7cDgiHURmVAIbHAAGKz0HdgwbaEVyBys6MnAMMXsWYSMPHUQBFiYjT2AAND4/eiUHdRR2KEZ/NW0xCD0lTU8ifSdOGjUHDVNaBQwifzgrOQJzOlojFWMRKxczWwUvGxhTBisiFnEMViU9cCAABi9mVAIbNkQvCgBFfA8PJxJwEgUdHQAOMw89EVAhC0RYDSF/PVw4DjozUCUhIBZ1BlspP0QSMQ5HBykwORJVNS4CFXUwVCtEQBQmGRtHBzJrHUcNDT1KeyFXfzpVLg55
Frame ID: 4CD13A90E9DD3CCB2E0C273428FE9195
Requests: 2 HTTP requests in this frame

Frame: https://delookiinasfier.cc/d251SjAWDBYnDxZTF2xFBQJIbwIxS0cMVBRbHnJWEFscJVNPHVspXBgbESxCGAABZF4SGlB4dj40HyJ/IzoWDGYOLwcJcj08PiRxJzg0MgYSCScLZR1eHB1iLig9C1MxOx4lWTAJTTBoNFY6D2I9LT4kcT8/MxtGPl83KHgeHR8cdgQkFAlIIyw0HAYWXjgdZg44AhtXHw0+M0QSLTN6QRZePAJyJCMcHmFOOzwjRyQ4PX8HLhkRDnMZWxkbcU45PiN6NignewgROB4ZeC8WTAhcLjkTJ1cyJDd7CBE7NBpmGQZAD1whWBR5CD8mEn8GLSw/H3M0Q01zYgAeEQVjHzgxHHVBDzQfVzM2RHx3ITs6KwNPJiEmfRohIyV7PzYCBXUbPzwDWSUNNDIBTwgjC3QgFyAjeBwjPixZQggzDFMdJTcAZREATHJyRwk8E3gQKi0tXBAINC5nPzYNc2I2ChAGSk4LJD1fPgs0GGIxAER9dSUjMyxHUQQGJV4HUycAAkMcGR0IIgoUCQ
Frame ID: D918107CA1F8712EF2090388FC79A22E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AdFly - Click Allow to continue

Page URL History Show full URLs

  1. https://www99.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=5667182&pci=713166795... Page URL
  2. https://www61.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=713166795... Page URL
  3. https://www99.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=5667182&pci=713166795... HTTP 302
    https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=713166795... Page URL

Page Statistics

37
Requests

95 %
HTTPS

0 %
IPv6

13
Domains

15
Subdomains

11
IPs

4
Countries

409 kB
Transfer

770 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www99.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4 Page URL
  2. https://www61.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4 Page URL
  3. https://www99.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4 HTTP 302
    https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www99.davisonbarker.pro/pushredirect/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www99.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
fbb715614452855e13c9eda0f0371929d85e156ff7d92ed7e82d7419cbaa055c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
79d6f67cef3fbb13-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 10:15:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FGuzjgSXL3qvzYR%2Ba8Zqg0Ry1k4w5gSCeZJgIfJ%2Fv29YA6VG31qJes9KOVF%2B%2BsMCIx2Sw5vOh%2FmEO2s8l0IirtoU70ALh7JaTrSILHLEAz1f9SkOQEegeNNImT5fUiJ%2FiHV3n7X%2BVIyfw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed
/
dc5k8fg5ioc8s.cloudfront.net/ 		180 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Requested by
Host: www99.davisonbarker.pro
URL: https://www99.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-181.fra60.r.cloudfront.net
Software
/
Resource Hash
dad514f7646598b9271a5295738e894251a106848304c1cd8c9eb7d20cee016f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www99.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 10:15:51 GMT
content-encoding
gzip
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
51549
x-amz-cf-id
fjp0qMj3E6Xn3T5bB7HdGr58ldkLQ-yw9_s_jXBLcHNYsBv7tDW19g==
logo.png
www99.davisonbarker.pro/static/image/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www99.davisonbarker.pro/static/image/logo.png
Requested by
Host: www99.davisonbarker.pro
URL: https://www99.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www99.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:15:50 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10726
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
server
cloudflare
etag
"29e6-5faa60e6-b4021a56880f53fc;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjRMw47rs0Fgl99UcOUEL8QvBTRv1zpyJwMVe455CSDq3yHkDVUPI45rjh2ro0Ya9b5hFCdTEybC6oUwBLj7L9uZplkuktegkgkRw0kSckOreMmN96VNd6F%2BUsJsT6JwVnZdfRrYBl84pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
79d6f67eba55bb13-MXP
expires
Wed, 01 Mar 2023 10:15:50 GMT
am-push-cps.js
www99.davisonbarker.pro/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www99.davisonbarker.pro/am-push-cps.js?puid=5667182&clickid=5667182_9661202&allb=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&ob=https%3A%2F%2Fwww61.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D5667182%26pci%3D7131667957%26t%3D1677060773%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffile%252FDhdjlBCY%2523tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&clb=https%3A%2F%2Fwww61.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D5667182%26pci%3D7131667957%26t%3D1677060773%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffile%252FDhdjlBCY%2523tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&asb=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Requested by
Host: www99.davisonbarker.pro
URL: https://www99.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4720c44ed409f268f5c7791185c5464bd750e81a4e2deb2766b6d4270b4ca8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www99.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:15:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 08 Aug 2022 14:16:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"19284-62f11ad4-ba71540cd1782978;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4robN3c8OzBPP%2BYZnwGIvm6it%2BagI8JmMlbFcXT5Vw%2BAo4tu%2BD3k0EIJxRyndHfON8PUJI%2B7tGtWF42ysWX21%2By0dKV%2FR1j14AY3YqlY5GgZ90alO1Lz9nA92yf32g937cdED%2BCsbriuIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
79d6f67f2b85bb2b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 01 Mar 2023 10:15:51 GMT
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.198.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www99.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:15:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7108
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 22 Feb 2023 08:17:23 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www99.davisonbarker.pro
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CSXC%2BO72ypCcXWOAmshed51%2Fgv4M7eL8m9THSgqWxqmNCqyP5lhJQyqKSaVYiG8pTupegV30nTdMmmSqQ8A0jDAzj2MeblqQRuUY8VLCwX7qVVv%2BtA5tCv9ay6eN04P"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
79d6f680dfe59010-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.198.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4475770f49d127421f374121b4468f2cfdf86d920d14313ce7b333b4c857a1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www99.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:15:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9%2BlBK%2FNdoldgXczonCAVYYUIAR4gOaZuhZW7st0ZJ3M91lObIE2HG%2BEr94CixkaK7S6mdz%2BxaqVWJ5FoGXGDgCIW3ldj%2FVAtRo23jTkMCMwpx2fL%2BAPvWyCekn%2FiXaR"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://www99.davisonbarker.pro
content-type
text/plain
access-control-allow-credentials
true
cf-ray
79d6f680efeb9010-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
delookiinasfier.cc/ 		0
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://delookiinasfier.cc/utx?cb=b7MbQhN5SqND&top=www99.davisonbarker.pro&tid=824473
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-53.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www99.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 10:15:51 GMT
via
1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www99.davisonbarker.pro
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
9-NLQBswPmpLOb3jPRvrKutb5foynXiFy6fgC6-aprEXisXU0lARAw==
PVw4DjozUCUhIBZ1BlspP0QSMQ5HBykwORJVNS4CFXUwVCtEQBQmGRtHBzJrHUcNDT1KeyFXfzpVLg55
delookiinasfier.cc/NGJjTXdVAAAgSFVfAWsCRg5eaEVyR1ELE1dXCHURU1cKIhQMEU0uG1sXBysFWwwXYxlRFkZ/MWQ1Nyk6YTcEeyB3K1ApDgUHKAoPQwMUA0NuDBdoRXI6N3VSBiApJBx/IxsHT1VRDDk/ZzQXCCNTEC8KJnwDCX0HelMhNRNNUlAbP3IFAS... Frame 4CD1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://delookiinasfier.cc/NGJjTXdVAAAgSFVfAWsCRg5eaEVyR1ELE1dXCHURU1cKIhQMEU0uG1sXBysFWwwXYxlRFkZ/MWQ1Nyk6YTcEeyB3K1ApDgUHKAoPQwMUA0NuDBdoRXI6N3VSBiApJBx/IxsHT1VRDDk/ZzQXCCNTEC8KJnwDCX0HelMhNRNNUlAbP3IFAScfYC4ONU9SUi51J10sCBwefVMvGU5RKwkcBFJSKjkVdzdRGSRhWykJEGcECylOUBUHPS4HChscNGFHUQs7cDgiHURmVAIbHAAGKz0HdgwbaEVyBys6MnAMMXsWYSMPHUQBFiYjT2AAND4/eiUHdRR2KEZ/NW0xCD0lTU8ifSdOGjUHDVNaBQwifzgrOQJzOlojFWMRKxczWwUvGxhTBisiFnEMViU9cCAABi9mVAIbNkQvCgBFfA8PJxJwEgUdHQAOMw89EVAhC0RYDSF/PVw4DjozUCUhIBZ1BlspP0QSMQ5HBykwORJVNS4CFXUwVCtEQBQmGRtHBzJrHUcNDT1KeyFXfzpVLg55
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-53.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
a9e61983a488328528c1d53b0c6f22c6149e02514ea1e093450e16368ab7f111

Request headers

Referer
https://www99.davisonbarker.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1229
content-type
text/html
date
Wed, 22 Feb 2023 10:15:51 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-amz-cf-id
AdaF3Jjs_mzFrX3o8R5bCPYpKUcrx83-EDAxLj0YVM-T3veO73ikdA==
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
M3paY2ocRTkQV2ovNhAIdDAPBiwCLA81PBZIHDQGQy4NKyxqLTYATEcTPl5SAU5uVFkVCjMHVwBIfBAeUg4vEFcCXDMNDFxHfBVXA1RjTVsdTnwWVwJcLhMLVEdrRRpHDjZeWwVNbVNcA0NvUloKTQ
fghnergyflex.xyz/ 		0
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fghnergyflex.xyz/M3paY2ocRTkQV2ovNhAIdDAPBiwCLA81PBZIHDQGQy4NKyxqLTYATEcTPl5SAU5uVFkVCjMHVwBIfBAeUg4vEFcCXDMNDFxHfBVXA1RjTVsdTnwWVwJcLhMLVEdrRRpHDjZeWwVNbVNcA0NvUloKTQ
Requested by
Host: www99.davisonbarker.pro
URL: https://www99.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www99.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:15:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nBnTkzWiNRd0kOyv3nvXQxQWXvvMY%2Fn2Z1R7rEo06D6T4mpEPKvfvbBppUvTxE3VowVzrRUfmwRkkvWKyNJk36k94V5Otnd0K7nIriS2WclXy0DPqKdpnznZTQ1p8tlwlT%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
79d6f680cefe5a01-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
MFduY3gfaA0QRWMCVwIieDtWBRVEMz0NSQU1KCkxUx8KFi1bIEgXEVRqVlFMBGBdRQhZM1NQShYkGgIMRSRTUUgAYEgKFlY4U1FeRmpeTUEeZkBXXkVqX0UMQDYJXkkWJxoXFA1mWFRPAGFeWk0BZ1da
fghnergyflex.xyz/ 		0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fghnergyflex.xyz/MFduY3gfaA0QRWMCVwIieDtWBRVEMz0NSQU1KCkxUx8KFi1bIEgXEVRqVlFMBGBdRQhZM1NQShYkGgIMRSRTUUgAYEgKFlY4U1FeRmpeTUEeZkBXXkVqX0UMQDYJXkkWJxoXFA1mWFRPAGFeWk0BZ1da
Requested by
Host: www99.davisonbarker.pro
URL: https://www99.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www99.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:15:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIIuDSZE8Q1il3tSOWbalYcRgNaLuynISwxxPEvB3QQg2QxqI9G7%2B4m0uHXjnXA0FoN0cnOoeTTJpwh5WtF0545uwovPeGbCQurvh4zVU4RbxcX%2FuoWaAIN4vMFHpskV0fEN"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
79d6f680df005a01-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
U3hpdk8oWhoBECYKBVR1cRAdAj8gQkZZOCQPUE9hNxkfHzw8FgsXPTgdG1g%2FIRdGFyJ%2BCBwFJ34bGQVhOQtWBjo6HFRDeWVPWE59dRsFHyw4EQ1LemVOXkd3YSdQQHliSllEaTIUBRRyOwwdBjx2SyhTfRVdWzAiNh8IWCEpXVswKToUDFN9FTwBEiU%2FOio...
ndandinter.hair/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ndandinter.hair/U3hpdk8oWhoBECYKBVR1cRAdAj8gQkZZOCQPUE9hNxkfHzw8FgsXPTgdG1g%2FIRdGFyJ%2BCBwFJ34bGQVhOQtWBjo6HFRDeWVPWE59dRsFHyw4EQ1LemVOXkd3YSdQQHliSllEaTIUBRRyOwwdBjx2SyhTfRVdWzAiNh8IWCEpXVswKToUDFN9FTwBEiU%2FOiovamFLHR0jJU1ZJDhqFFhENTkXIzsqME8cRAgBOjYwPzUzGSMnN0wrMBkLFjg%2Be3UXC0snJwwZBWpgOUxECXZKLwE4JE5YWCsyDgAFID0aCAQkNgpHBj08XVswPyYLAQQqNxEbEywnXVswamA%2BHRs%2FdkstR2phTgcTOyQXGx1qYDxaU31lEQYFamA8WVN9ZQsAAip2Sy0XKzUUEFN9ZRtMRQtnXVtAPyMRTEULZk5fQX5rSkxEeSMbAFN8F09YRX5lTl5PemRdW0A7dkstR3lkT1lAf2RPWlN9ZRwMBTt2Sy0eOycIGlN9ZksoU31mSi9TfWZKLxsqNBlHGDV2SlxECTURBRNqYU1bMAs7HAMaDRAhTER6YUsdHSMlTVkkOGoUWEQ1ORcjOyowTxxECAE6NjA%2FNTMZIyc3TCswGQsWOD57dRsFFHI7DB0GPHZLKFN9FV1bMDgkD19HYTcZHx88PBYLFz04HRtYPyEXTEQJIw0aHj02HAAEKjAMTEQJdksvAiIjXVoyfXZKXxgqJw8GBCR2Sy1FamFOABk8dkstRmphThofOzZdWjIuNx4FD2phTgpTfBdMTER5IwgAU3wXTV9AeGJAW1N9ZQgKH2pgPF5HfGJOX0F2Zk9MRHknXVoyfmVPXkZ5Y09eRWphTg0TPCddWjInJwwZBWphTVo3amFNWzBqYU1bMCI2HwhYISldW0N9FR4AGip2SlxECRcQDRwjETswU31mSloCJD8OXEYdJEEFR30pEgY8AjYbXgN9FCorKQkjHiIGGjscXTQJBSAHJwdnXggFLW4QHQI%2FIF1aN2phPkxECT4dDhdhPQJMRAk1EQUTamE%2BLR4rORQrNRZ2SloCJD8OXEYdJEEFR30pEgY8AjYbXgN9FCorKQkjHiIGGjscXTQJBSAHJwdnWkVUPD4eS0x%2Bf1oaGzlxQktCYWBaRVQ7Mh82HytxQktOfmtKUUBtf1oaAy0MEQ1HbWlaXEB5ZElRRG1%2FWhoDLQwRDURtaVpcQHlkSVFEEGpOX0d9Y0pLWm0yFAUUbWlaAQI7IwtTWWA%2BHQ4XYT0CRhAmPx1GMic3EgU0DApbHR0jJU1ZJDhqFFhENTkXIzsqME8cRAgBOjYwPzUzGSMnN0wrMBkLFjg%2Be3FUSxktcUJLHjsnCBpMYHwPHgF5YlYNFzk6CwYYLTIKAhM9fQgbGWAjDRoePTYcAAQqMAxGSTs%2BCFRHaT0dHQEgIRNURWk6FxpLf3ULAAIqbhkNECMqXgpLe3UIGR9yZk5fQX5rSk8GLDpFXkd8Yk5fQXZmT08CcmJOXkF%2FZUheQXx1HAwFO24QHQI%2FIF1aN2phPkxECT4dDhdhPQJMRAk1EQUTamE%2BLR4rORQrNRZ2SloCJD8OXEYdJEEFR30pEgY8AjYbXgN9FCorKQkjHiIGGjscXTQJBSAHJwdnWkVULD8aS0xtOwwdBjxpV0YBOCROWFgrMg4ABSA9GggEJDYKRwY9PFcZAzw7CgwSJiEdCgJgbAwEBnJhXgcTOyQXGx1yYF4AGTxuSE8FJicdVBcrNRQQUCxuTE8GPzpFXEB5ZElRRGkjGwBLeGJLWEB5ZEFcQWknRVhAeGRIX0Z4ZEtPEiogDFQeOycIGlN8El1bMGphPgQTKDJWBwxqYT4PHyM2XVswCzscAxoNECFMRHwnEwUAemMqHk8jYkoTHCAZNQwVeCZKLiQNDD4ZEAQjLQESexE%2BPy4hAjBdVGNxGRoUbWlaAQI7IwtTWWA%2BHQ4XYT0CRhAmPx1GMic3EgU0DApbHR0jJU1ZJDhqFFhENTkXIzsqME8cRAgBOjYwPzUzGSMnN0wrMBkLFjg%2Be3EF
Requested by
Host: www99.davisonbarker.pro
URL: https://www99.davisonbarker.pro/am-push-cps.js?puid=5667182&clickid=5667182_9661202&allb=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&ob=https%3A%2F%2Fwww61.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D5667182%26pci%3D7131667957%26t%3D1677060773%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffile%252FDhdjlBCY%2523tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&clb=https%3A%2F%2Fwww61.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D5667182%26pci%3D7131667957%26t%3D1677060773%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffile%252FDhdjlBCY%2523tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&asb=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.162.51.18 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-51-18.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www99.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin
*
x-powered-by
Express
access-control-allow-headers
X-Requested-With,content-type
access-control-allow-methods
GET, POST
eHwEDnR6aUAlP35tEn8TbWsHNGd8cBJ+YSkpRy-A0PzxVJzg8fAUKZHtuGX9nbWsHZDogLVogdHoaEn5hJDBcKXR6aVApMiM2HmljeDpfPj4lPBJ+F3loB2JhZmwDdGBmaAd8dHppRC03KSteaWMObAR7f3tvETlseQ
dc5k8fg5ioc8s.cloudfront.net/PWTdMUUg6WCI3dy1eKGxwawN4Znt/XT8+JikKAxJ8a3otHSVtETgrLGQHaj0pN1Bxdy03VHFgbjhTLmx8f0M8PiNkQiI1LT9eIjQsf0ItbCU2TSU9JDgSfhd9dwdpY3hxQCU/LDZAP3R6aVk4dHppBnx/ Frame 4CD1 		433 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/PWTdMUUg6WCI3dy1eKGxwawN4Znt/XT8+JikKAxJ8a3otHSVtETgrLGQHaj0pN1Bxdy03VHFgbjhTLmx8f0M8PiNkQiI1LT9eIjQsf0ItbCU2TSU9JDgSfhd9dwdpY3hxQCU/LDZAP3R6aVk4dHppBnx/eHwEDnR6aUAlP35tEn8TbWsHNGd8cBJ+YSkpRy-A0PzxVJzg8fAUKZHtuGX9nbWsHZDogLVogdHoaEn5hJDBcKXR6aVApMiM2HmljeDpfPj4lPBJ+F3loB2JhZmwDdGBmaAd8dHppRC03KSteaWMObAR7f3tvETlseQ
Requested by
Host: delookiinasfier.cc
URL: https://delookiinasfier.cc/NGJjTXdVAAAgSFVfAWsCRg5eaEVyR1ELE1dXCHURU1cKIhQMEU0uG1sXBysFWwwXYxlRFkZ/MWQ1Nyk6YTcEeyB3K1ApDgUHKAoPQwMUA0NuDBdoRXI6N3VSBiApJBx/IxsHT1VRDDk/ZzQXCCNTEC8KJnwDCX0HelMhNRNNUlAbP3IFAScfYC4ONU9SUi51J10sCBwefVMvGU5RKwkcBFJSKjkVdzdRGSRhWykJEGcECylOUBUHPS4HChscNGFHUQs7cDgiHURmVAIbHAAGKz0HdgwbaEVyBys6MnAMMXsWYSMPHUQBFiYjT2AAND4/eiUHdRR2KEZ/NW0xCD0lTU8ifSdOGjUHDVNaBQwifzgrOQJzOlojFWMRKxczWwUvGxhTBisiFnEMViU9cCAABi9mVAIbNkQvCgBFfA8PJxJwEgUdHQAOMw89EVAhC0RYDSF/PVw4DjozUCUhIBZ1BlspP0QSMQ5HBykwORJVNS4CFXUwVCtEQBQmGRtHBzJrHUcNDT1KeyFXfzpVLg55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-181.fra60.r.cloudfront.net
Software
/
Resource Hash
5931bc64e9e122333cddc236a279cc0ed6daa5ab8eb942f0da5da46756237900

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://delookiinasfier.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:15:51 GMT
content-encoding
gzip
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
340
x-amz-cf-id
JZBFMvZmdFKpM455mEVwUVtXVjGYkuWqbN2LKHOnWZi7m0fUJuoTLQ==
popunder.gif
fghnergyflex.xyz/ 		35 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fghnergyflex.xyz/popunder.gif
Requested by
Host: www99.davisonbarker.pro
URL: https://www99.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www99.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
public
date
Wed, 22 Feb 2023 10:15:51 GMT
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 09:37:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2331
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaXXsXltu2JxLoynKThQodC%2B0FUSUBjbiDJBBfJj3CLK57TVdE%2Bur4OQigsW3K8mqe6dxXJd0THqfuHYcCB5xBkLkNHQNfTzdh%2F%2FricpZeEwpotoufToTqUags3oybQml%2Bp1"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
79d6f682fa505a01-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
R3l0bk1oRhcdcBYuJlwXKTNEOBgjHyU2GxQoMiwJIj8MLRgCGlIaJCNETFx5c05HSD0uHUldf2EKAA85MgpJXH13TlIHIyEWSVxrMUREQHRpSFpaazJERlx9c0xEVnxwS0VaeXRPQEg5NxgTU3xhCQAaIXpIQll6d09EV3h2TEdc
fghnergyflex.xyz/ 		0
429 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fghnergyflex.xyz/R3l0bk1oRhcdcBYuJlwXKTNEOBgjHyU2GxQoMiwJIj8MLRgCGlIaJCNETFx5c05HSD0uHUldf2EKAA85MgpJXH13TlIHIyEWSVxrMUREQHRpSFpaazJERlx9c0xEVnxwS0VaeXRPQEg5NxgTU3xhCQAaIXpIQll6d09EV3h2TEdc
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www99.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:15:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5VIARjCufUf5%2B4Ru7J6fxsI%2FQGzn1ilhRDqDKad02jKt9nRmOvRY24bIB0QpVQvT3moClcugaG6t0OMcTJ4UlVwTTX%2BtFfWnd4fnRhNszYnRv4Y5OY3Yy7Xw8BwwDYr%2FIHW"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
79d6f6832ea5374a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
floater
delookiinasfier.cc/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://delookiinasfier.cc/floater?cs=elZXdGpPZ2ZNWU5gYUJbQ25jQl8&abt=0&red=1&sm=83&k=&v=0.9.1.4&sts=0&prn=0&emb=0&tid=824473&rxy=1600_1200&u=2204508172144364&agec=1677060951&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=666.6666666666667&ref=https%3A%2F%2Fwww99.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D3%26ppi%3D5667182%26pci%3D7131667957%26t%3D1677060773%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffile%252FDhdjlBCY%2523tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F110.0.5481.100%20safari%2F537.36&tzd=0&uloc=&if=0&aa=oi1_&_GOAc=1677060951533&crc=1
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-53.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
a6a85d330308edc60533c7eb53a5c4ba09b3d3aaa004eb035a71d508b5d396f3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www99.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 10:15:51 GMT
content-encoding
gzip
via
1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
content-type
text/plain
access-control-allow-origin
https://www99.davisonbarker.pro
p3p
CP="NID DSP ALL COR"
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-length
870
x-amz-cf-id
oGA8ldhBZjo4Whnu8D8-Ww0fUKZ46hlKsm0ccgJWJAv5NS7zIKVDbg==
utx
ablesasmetotr.monster/ 		0
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ablesasmetotr.monster/utx?tid=818286&top=www99.davisonbarker.pro&cb=krQOjw9Yf65u
Requested by
Host: www99.davisonbarker.pro
URL: https://www99.davisonbarker.pro/am-push-cps.js?puid=5667182&clickid=5667182_9661202&allb=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&ob=https%3A%2F%2Fwww61.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D5667182%26pci%3D7131667957%26t%3D1677060773%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffile%252FDhdjlBCY%2523tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&clb=https%3A%2F%2Fwww61.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D5667182%26pci%3D7131667957%26t%3D1677060773%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffile%252FDhdjlBCY%2523tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&asb=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-37.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www99.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 10:15:51 GMT
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www99.davisonbarker.pro
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
00oCNL0cfgKPYKiATgZkuuKqp7goORdZcDdsEACEDYD_fy2Q2ny4pg==
/
ndandinter.hair/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ndandinter.hair/
Requested by
Host: www99.davisonbarker.pro
URL: https://www99.davisonbarker.pro/am-push-cps.js?puid=5667182&clickid=5667182_9661202&allb=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&ob=https%3A%2F%2Fwww61.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D5667182%26pci%3D7131667957%26t%3D1677060773%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffile%252FDhdjlBCY%2523tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&clb=https%3A%2F%2Fwww61.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D5667182%26pci%3D7131667957%26t%3D1677060773%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffile%252FDhdjlBCY%2523tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&asb=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.162.51.18 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-51-18.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www99.davisonbarker.pro/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
content-length
0
/
www61.davisonbarker.pro/pushredirect/ 		118 B
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www61.davisonbarker.pro/pushredirect/?tmp=2&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Requested by
Host: www99.davisonbarker.pro
URL: https://www99.davisonbarker.pro/am-push-cps.js?puid=5667182&clickid=5667182_9661202&allb=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&ob=https%3A%2F%2Fwww61.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D5667182%26pci%3D7131667957%26t%3D1677060773%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffile%252FDhdjlBCY%2523tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&clb=https%3A%2F%2Fwww61.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D5667182%26pci%3D7131667957%26t%3D1677060773%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffile%252FDhdjlBCY%2523tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&asb=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash

Request headers

Referer
https://www99.davisonbarker.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79d6f688ae6abb13-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 10:15:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKhDh9ZWgdtzvtIzUOMRO%2F6%2Be1ZB2l18acv0fow1Yrfs%2BT2OyQvdjQDXNCcXRfZFU8T6Cpz5%2FjuGZ6P30oZmq0ZVcyX408SEV67tvUlX%2FNOa%2FKZWBOSojFMGr7d4QcMEEmkDpXq6dMfVAA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed
Primary Request /
www96.davisonbarker.pro/pushredirect/
Redirect Chain
  • https://www99.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=3&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_F...
  • https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_F...
73 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
22e35fab973e50f534ed9f13f1770e1a7953cc3ae09503fd682cb50becc66186

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
79d6f68b4c5ebb13-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 10:15:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2Bw9MvvPL7dwcZF5MtOl%2BXejBxZfCuwE%2B2wTk7PQhao4QLxsOGqxpCBYwhM8eU5rjVGF7JaZiCprUDpflJw7TaG6UR5c2MVPOeNV5LSz38ffGXWWhFbq3Z%2Fu135jZtoFw6gOEdZBzdBauA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
79d6f68a5b1cbb2b-MXP
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 10:15:52 GMT
location
https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIsUACFSJIx1DX2Ngu9LrddzAqELBxOCmADfUc6IQR5HHO%2BtGn2H785RDKuoIPCLJDefddghrUXY1P2HiTusV0kq79uqeqFI%2BkRsDRFjw3zwDlXegd7wZXzkcmuMa5rpjBBdvZmLKBqtUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.27
x-turbo-charged-by
LiteSpeed
aa240591af5d8573573bb87d25c7ab12.json
breedingdaringconcussion.com/aa/24/05/ 		0
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://breedingdaringconcussion.com/aa/24/05/aa240591af5d8573573bb87d25c7ab12.json
Requested by
Host: www96.davisonbarker.pro
URL: https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www96.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 10:15:54 GMT
Server
nginx/1.17.9
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
stats
simplewebanalysis.com/ 		40 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: www96.davisonbarker.pro
URL: https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.190.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-190-118.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
aa343113c4fef19fe90372bea5baf3879aa2666a0b0b5178d4ef766127e07c6b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www96.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin
https://www96.davisonbarker.pro
date
Wed, 22 Feb 2023 10:15:53 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
content-type
text/html; charset=UTF-8
/
dc5k8fg5ioc8s.cloudfront.net/ 		180 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Requested by
Host: www96.davisonbarker.pro
URL: https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-181.fra60.r.cloudfront.net
Software
/
Resource Hash
dad514f7646598b9271a5295738e894251a106848304c1cd8c9eb7d20cee016f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www96.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 10:15:53 GMT
content-encoding
gzip
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
51549
x-amz-cf-id
c_G542FjvybSZP4Tc6cXn8StFgkphpyWY5_08T3HG8p_TPtagpuQGg==
logo.png
www96.davisonbarker.pro/static/image/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www96.davisonbarker.pro/static/image/logo.png
Requested by
Host: www96.davisonbarker.pro
URL: https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.92.39 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:15:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
390
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10726
last-modified
Tue, 10 Nov 2020 09:44:06 GMT
server
cloudflare
etag
"29e6-5faa60e6-b4021a56880f53fc;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20P%2FVV6aJgZ4D1Y0Qoy9XPw3MQ9VNU1SEH4e0uOoQmyD3C3tdISowInixUx4UDP%2F0ju5Jd72uEcf6qYz14ezsmT%2BKY3z3LjV8MdYoSCqqV6Hf1xbPi37v4B00he%2B8%2BUoB61D8%2BIf3VDmGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
79d6f68daa00bb2b-MXP
expires
Wed, 01 Mar 2023 10:09:23 GMT
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.198.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www96.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:15:53 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 22 Feb 2023 06:44:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://www96.davisonbarker.pro
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKFW%2Fwj2hpYQhh4Sc3hcxsWPvKJ%2FehN0PIIML879Hs3mH2f4Sp1XMVR290Vxhts%2FVSFVffLwF7tegjfIWsIHFOqSXHzTAv7Np5wI%2FdjDNKYzohqQLJqFUOZ%2FZUew74HI"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
79d6f68eec879010-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
pogothere.xyz/ 		27 B
394 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.198.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4475770f49d127421f374121b4468f2cfdf86d920d14313ce7b333b4c857a1

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www96.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:15:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbes1jskM8IhxQVa%2BbBTDAMm82%2FLOvUaLvTCHQ1ON4b0XxI9WJOXat9ukAatzYEU1syJ4aSz538OnaunHohTS4qbyQV6jBzDMevgLwvwqxWeFTSRM5crgPf8nZl2ijPO"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://www96.davisonbarker.pro
content-type
text/plain
access-control-allow-credentials
true
cf-ray
79d6f68eec899010-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
delookiinasfier.cc/ 		0
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://delookiinasfier.cc/utx?cb=uClpLvLrc9Pd&top=www96.davisonbarker.pro&tid=824473
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-53.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www96.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 10:15:53 GMT
via
1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://www96.davisonbarker.pro
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
r5TH2DePz10iJgRayTWZmMVfeVetyGgLaZAcRkJNy9kbqR_IEqxwAg==
H3M0Q01zYgAeEQVjHzgxHHVBDzQfVzM2RHx3ITs6KwNPJiEmfRohIyV7PzYCBXUbPzwDWSUNNDIBTwgjC3QgFyAjeBwjPixZQggzDFMdJTcAZREATHJyRwk8E3gQKi0tXBAINC5nPzYNc2I2ChAGSk4LJD1fPgs0GGIxAER9dSUjMyxHUQQGJV4HUycAAkMcGR0II...
delookiinasfier.cc/d251SjAWDBYnDxZTF2xFBQJIbwIxS0cMVBRbHnJWEFscJVNPHVspXBgbESxCGAABZF4SGlB4dj40HyJ/IzoWDGYOLwcJcj08PiRxJzg0MgYSCScLZR1eHB1iLig9C1MxOx4lWTAJTTBoNFY6D2I9LT4kcT8/MxtGPl83KHgeHR8cdgQkFA... Frame D918 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://delookiinasfier.cc/d251SjAWDBYnDxZTF2xFBQJIbwIxS0cMVBRbHnJWEFscJVNPHVspXBgbESxCGAABZF4SGlB4dj40HyJ/IzoWDGYOLwcJcj08PiRxJzg0MgYSCScLZR1eHB1iLig9C1MxOx4lWTAJTTBoNFY6D2I9LT4kcT8/MxtGPl83KHgeHR8cdgQkFAlIIyw0HAYWXjgdZg44AhtXHw0+M0QSLTN6QRZePAJyJCMcHmFOOzwjRyQ4PX8HLhkRDnMZWxkbcU45PiN6NignewgROB4ZeC8WTAhcLjkTJ1cyJDd7CBE7NBpmGQZAD1whWBR5CD8mEn8GLSw/H3M0Q01zYgAeEQVjHzgxHHVBDzQfVzM2RHx3ITs6KwNPJiEmfRohIyV7PzYCBXUbPzwDWSUNNDIBTwgjC3QgFyAjeBwjPixZQggzDFMdJTcAZREATHJyRwk8E3gQKi0tXBAINC5nPzYNc2I2ChAGSk4LJD1fPgs0GGIxAER9dSUjMyxHUQQGJV4HUycAAkMcGR0IIgoUCQ
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-53.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
11b088b3d6521a12c8a741ea041908bd1b2dea578ef0a0d3be8fc68453a26bc0

Request headers

Referer
https://www96.davisonbarker.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1230
content-type
text/html
date
Wed, 22 Feb 2023 10:15:53 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-amz-cf-id
z7__OcATcLN0tsUlt2Wmo8yMrAx0NhD4eNlK2iTjdwMX1o97JWi38g==
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
BwFpQnkJA2pAeQY
fghnergyflex.xyz/Nll0STAZZhc6DWEPBHl9XD0HEFt3GDB7BUINJRhzVx5NDXFRGFI9WVJkTHsEAm5Hb0BfPUl6AhAqAChEQypJeBZfNxImDRAvSXkeD3dFZwQQLEl4FkIpFS4NB38EPURaZEV/ 		0
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fghnergyflex.xyz/Nll0STAZZhc6DWEPBHl9XD0HEFt3GDB7BUINJRhzVx5NDXFRGFI9WVJkTHsEAm5Hb0BfPUl6AhAqAChEQypJeBZfNxImDRAvSXkeD3dFZwQQLEl4FkIpFS4NB38EPURaZEV/BwFpQnkJA2pAeQY
Requested by
Host: www96.davisonbarker.pro
URL: https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www96.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:15:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5eeTZ4ahY3XL4KsnjZC95v%2FWZro0x5xXJSByzcFH86JBlA5Ub0Fl89nn96C6bUBIvveEgFomy2h%2F%2FVDXnrga6BjKVswd%2FepENJaBH9DOcuMnKf2hudmdHEWGdqt6v4vxiOf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
79d6f68ed98c374a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
SWFoTXFmXgs+TB0bLhcieCteDiZ4VAkjFg44IHwfLwY6OBR7NE45GC1cUH9FfVZbawEgBVV+Q28SHCwFPBJVf0F5Vk4kHy8OVX9XP1xYY0hnUEZ5VzxcWWsFOQAPcEBvERw5HXRQXnpGeVdYdER6VVh6
fghnergyflex.xyz/ 		0
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fghnergyflex.xyz/SWFoTXFmXgs+TB0bLhcieCteDiZ4VAkjFg44IHwfLwY6OBR7NE45GC1cUH9FfVZbawEgBVV+Q28SHCwFPBJVf0F5Vk4kHy8OVX9XP1xYY0hnUEZ5VzxcWWsFOQAPcEBvERw5HXRQXnpGeVdYdER6VVh6
Requested by
Host: www96.davisonbarker.pro
URL: https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www96.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:15:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJSxR%2FT%2FpMMOC10772znCg8u6ebheL%2FY7DNL8w4qHFrTQ2AJd1UInji9mBQlPZgwIyU4WTE5PvBFV8eG5ml5X4ujDhrvVu59adqTda9CjNa8%2FrxamQawq7MjuAn6zjsYE6TY"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
79d6f68ed98f374a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
IZjhOTTcFVyArCBJRKnAPVAx6egRAUj0iWRYFHAcFUkoiGg8zXC8OERJCKnAHQFQvI1BbHisjVFsJaCxTBAV6a0MWVyVwQghcKyteCF0qa0IHBSMiTQ9UIiwSVH57YwdDCn5lQA9WKiJAFR18fVkSHXx9BlYWfmgEJB18fUAPVnh5ElV6a38HHg56ZBJUCC-89Rwp...
dc5k8fg5ioc8s.cloudfront.net/ Frame D918 		436 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/IZjhOTTcFVyArCBJRKnAPVAx6egRAUj0iWRYFHAcFUkoiGg8zXC8OERJCKnAHQFQvI1BbHisjVFsJaCxTBAV6a0MWVyVwQghcKyteCF0qa0IHBSMiTQ9UIiwSVH57YwdDCn5lQA9WKiJAFR18fVkSHXx9BlYWfmgEJB18fUAPVnh5ElV6a38HHg56ZBJUCC-89RwpdOShVDVE6aAUgDX16GVUOa38HTlMmOVoKHXwOElQIIiRcAx18fVADWyUiHkMKfi5fFFcjKBJUfn98B0gIYHgDXglgfAdWHXx9RAdeLz9eQwoIeARRFn17ERMFfw
Requested by
Host: delookiinasfier.cc
URL: https://delookiinasfier.cc/d251SjAWDBYnDxZTF2xFBQJIbwIxS0cMVBRbHnJWEFscJVNPHVspXBgbESxCGAABZF4SGlB4dj40HyJ/IzoWDGYOLwcJcj08PiRxJzg0MgYSCScLZR1eHB1iLig9C1MxOx4lWTAJTTBoNFY6D2I9LT4kcT8/MxtGPl83KHgeHR8cdgQkFAlIIyw0HAYWXjgdZg44AhtXHw0+M0QSLTN6QRZePAJyJCMcHmFOOzwjRyQ4PX8HLhkRDnMZWxkbcU45PiN6NignewgROB4ZeC8WTAhcLjkTJ1cyJDd7CBE7NBpmGQZAD1whWBR5CD8mEn8GLSw/H3M0Q01zYgAeEQVjHzgxHHVBDzQfVzM2RHx3ITs6KwNPJiEmfRohIyV7PzYCBXUbPzwDWSUNNDIBTwgjC3QgFyAjeBwjPixZQggzDFMdJTcAZREATHJyRwk8E3gQKi0tXBAINC5nPzYNc2I2ChAGSk4LJD1fPgs0GGIxAER9dSUjMyxHUQQGJV4HUycAAkMcGR0IIgoUCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-181.fra60.r.cloudfront.net
Software
/
Resource Hash
a65091b758cfc04a940f4c8e5e2cc6932592f4a69ffe90989977671700356303

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://delookiinasfier.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:15:53 GMT
content-encoding
gzip
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
342
x-amz-cf-id
7F-rlFZoyLj5_chbf30X9LbrEauJUepOA-ai92ONlWthliLvK-hTPw==
advertisers.js
banquetunarmedgrater.com/ 		0
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banquetunarmedgrater.com/advertisers.js
Requested by
Host: www96.davisonbarker.pro
URL: https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www96.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 10:15:53 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.17.9
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
05396de55776a6cbcae80ae26a492061
Expires
Thu, 01 Jan 1970 00:00:01 GMT
popunder.gif
fghnergyflex.xyz/ 		35 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fghnergyflex.xyz/popunder.gif
Requested by
Host: www96.davisonbarker.pro
URL: https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www96.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
public
date
Wed, 22 Feb 2023 10:15:53 GMT
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 09:37:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2333
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1otInn54ru3UrdSVED2PxUHrwi71P2C%2BZltKTbNtnGta6G6DqNMF7DZsVUCRI14dkWI8nUQkQhzd4%2FZ9ScDddSSAByHJA%2BcW27x4kLaHM%2F1ujWjBwiQbOfpwbf04wba2XA6%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
79d6f6916dd5374a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
TUx1Q3RicxYwSRcaIwogGw4kISw1aUcFFQsGHCAsOSAjBDZofjMlIy5qASoQcHRHd0B6f1MzHSlxRnFSPjgUNwE+cUdzRHpqHC0SInFHZQJwfFt6WnxiQWUBcH5Hc0B4fE1yQ399QXdHe3hTNwQsK0hyUj04AS9JfHpCdER7fEx2R3V5Rw
fghnergyflex.xyz/ 		0
395 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fghnergyflex.xyz/TUx1Q3RicxYwSRcaIwogGw4kISw1aUcFFQsGHCAsOSAjBDZofjMlIy5qASoQcHRHd0B6f1MzHSlxRnFSPjgUNwE+cUdzRHpqHC0SInFHZQJwfFt6WnxiQWUBcH5Hc0B4fE1yQ399QXdHe3hTNwQsK0hyUj04AS9JfHpCdER7fEx2R3V5Rw
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.12 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www96.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:15:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3cAusdKvrvyLX%2FdRfFAU50o9xbdRCdw4%2FSk8%2BfMvQxk3qUco2aZUOW49bGYR%2FyNNSe806WqdBgRWzHGgH3cJqm%2FcUNTT9gcT0h1vB4zljK3ycdnJ7ICAsV0iVbXXEW2uP5v"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
79d6f691ae4e374a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
floater
delookiinasfier.cc/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://delookiinasfier.cc/floater?cs=ZWNpYnhQW11QQFJUUFRNVFZeUk8&abt=0&red=1&sm=83&k=&v=0.9.1.4&sts=0&prn=0&emb=0&tid=824473&rxy=1600_1200&u=2204508172144364&agec=1677060951&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&mbkb=248.75621890547262&ref=https%3A%2F%2Fwww96.davisonbarker.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D3%26ios%3D0%26site%3Dadfly%26c%3D4%26ppi%3D5667182%26pci%3D7131667957%26t%3D1677060773%26dest%3Dhttps%253A%252F%252Fmega.nz%252Ffile%252FDhdjlBCY%2523tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F110.0.5481.100%20safari%2F537.36&tzd=0&uloc=&if=0&aa=oi1_&_3bol=1677060953854&crc=1
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-53.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
81e1f1d1ae3c71eac119425a02020d7bf21066361964a7c72d8fceca8f26f587

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www96.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 10:15:54 GMT
content-encoding
gzip
via
1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
content-type
text/plain
access-control-allow-origin
https://www96.davisonbarker.pro
p3p
CP="NID DSP ALL COR"
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-length
1194
x-amz-cf-id
A5zTpyPYWyqGG7DT7aaiuWMABv6IkTxMEhiA7Htm0xsDQ6t5IbO4Cw==
sfp.js
addresseepaper.com/ 		0
0
bff29f0d3318d4c4b9a844119e218228.js
reasonablelandmark.com/bf/f2/9f/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://reasonablelandmark.com/bf/f2/9f/bff29f0d3318d4c4b9a844119e218228.js
Requested by
Host: www96.davisonbarker.pro
URL: https://www96.davisonbarker.pro/pushredirect/?tmp=1&network=3&ios=0&site=adfly&c=4&ppi=5667182&pci=7131667957&t=1677060773&dest=https%3A%2F%2Fmega.nz%2Ffile%2FDhdjlBCY%23tklv50Rw9l12zjoJMec7u2GRB_FpfKpUhd4BFVXnQH4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www96.davisonbarker.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 10:15:55 GMT
Server
nginx/1.17.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
pxf.gif
dismantlepenantiterrorist.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
addresseepaper.com
URL
https://addresseepaper.com/sfp.js
Domain
dismantlepenantiterrorist.com
URL
https://dismantlepenantiterrorist.com/pxf.gif?uuid=a4290e90-7bcc-43ea-9460-0128a3bdf4e2&eb=20b9018170b67fd7e03877942e000dea&te=511d4323ef95b4e03594666bdefe3ec0&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.100%20Safari%2F537.36&dev=r&res=13.31&b_frame=0&pk=aa240591af5d8573573bb87d25c7ab12&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=10

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| k11 function| h7 function| F7 object| mm object| LieDetector object| AaDetector function| replaceAll number| rnd string| source function| noDisplayTimer number| LAST_CORRECT_EVENT_TIME string| lklefsvsdg number| _2256987490 string| a number| refS

5 Cookies

Domain/Path Name / Value
www96.davisonbarker.pro/pushredirect Name: lastUrlPushTmp
Value: www96.davisonbarker.pro
simplewebanalysis.com/ Name: uid_id2
Value: a4290e90-7bcc-43ea-9460-0128a3bdf4e2:2:1
www96.davisonbarker.pro/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: a4290e90-7bcc-43ea-9460-0128a3bdf4e2%3A2%3A1
pogothere.xyz/ Name: csu
Value: 2204508172144364@2@1677060951
www96.davisonbarker.pro/ Name: ppu_main_aa240591af5d8573573bb87d25c7ab12
Value: 1

4 Console Messages

Source Level URL
Text
network error URL: https://ndandinter.hair/U3hpdk8oWhoBECYKBVR1cRAdAj8gQkZZOCQPUE9hNxkfHzw8FgsXPTgdG1g%2FIRdGFyJ%2BCBwFJ34bGQVhOQtWBjo6HFRDeWVPWE59dRsFHyw4EQ1LemVOXkd3YSdQQHliSllEaTIUBRRyOwwdBjx2SyhTfRVdWzAiNh8IWCEpXVswKToUDFN9FTwBEiU%2FOiovamFLHR0jJU1ZJDhqFFhENTkXIzsqME8cRAgBOjYwPzUzGSMnN0wrMBkLFjg%2Be3UXC0snJwwZBWpgOUxECXZKLwE4JE5YWCsyDgAFID0aCAQkNgpHBj08XVswPyYLAQQqNxEbEywnXVswamA%2BHRs%2FdkstR2phTgcTOyQXGx1qYDxaU31lEQYFamA8WVN9ZQsAAip2Sy0XKzUUEFN9ZRtMRQtnXVtAPyMRTEULZk5fQX5rSkxEeSMbAFN8F09YRX5lTl5PemRdW0A7dkstR3lkT1lAf2RPWlN9ZRwMBTt2Sy0eOycIGlN9ZksoU31mSi9TfWZKLxsqNBlHGDV2SlxECTURBRNqYU1bMAs7HAMaDRAhTER6YUsdHSMlTVkkOGoUWEQ1ORcjOyowTxxECAE6NjA%2FNTMZIyc3TCswGQsWOD57dRsFFHI7DB0GPHZLKFN9FV1bMDgkD19HYTcZHx88PBYLFz04HRtYPyEXTEQJIw0aHj02HAAEKjAMTEQJdksvAiIjXVoyfXZKXxgqJw8GBCR2Sy1FamFOABk8dkstRmphThofOzZdWjIuNx4FD2phTgpTfBdMTER5IwgAU3wXTV9AeGJAW1N9ZQgKH2pgPF5HfGJOX0F2Zk9MRHknXVoyfmVPXkZ5Y09eRWphTg0TPCddWjInJwwZBWphTVo3amFNWzBqYU1bMCI2HwhYISldW0N9FR4AGip2SlxECRcQDRwjETswU31mSloCJD8OXEYdJEEFR30pEgY8AjYbXgN9FCorKQkjHiIGGjscXTQJBSAHJwdnXggFLW4QHQI%2FIF1aN2phPkxECT4dDhdhPQJMRAk1EQUTamE%2BLR4rORQrNRZ2SloCJD8OXEYdJEEFR30pEgY8AjYbXgN9FCorKQkjHiIGGjscXTQJBSAHJwdnWkVUPD4eS0x%2Bf1oaGzlxQktCYWBaRVQ7Mh82HytxQktOfmtKUUBtf1oaAy0MEQ1HbWlaXEB5ZElRRG1%2FWhoDLQwRDURtaVpcQHlkSVFEEGpOX0d9Y0pLWm0yFAUUbWlaAQI7IwtTWWA%2BHQ4XYT0CRhAmPx1GMic3EgU0DApbHR0jJU1ZJDhqFFhENTkXIzsqME8cRAgBOjYwPzUzGSMnN0wrMBkLFjg%2Be3FUSxktcUJLHjsnCBpMYHwPHgF5YlYNFzk6CwYYLTIKAhM9fQgbGWAjDRoePTYcAAQqMAxGSTs%2BCFRHaT0dHQEgIRNURWk6FxpLf3ULAAIqbhkNECMqXgpLe3UIGR9yZk5fQX5rSk8GLDpFXkd8Yk5fQXZmT08CcmJOXkF%2FZUheQXx1HAwFO24QHQI%2FIF1aN2phPkxECT4dDhdhPQJMRAk1EQUTamE%2BLR4rORQrNRZ2SloCJD8OXEYdJEEFR30pEgY8AjYbXgN9FCorKQkjHiIGGjscXTQJBSAHJwdnWkVULD8aS0xtOwwdBjxpV0YBOCROWFgrMg4ABSA9GggEJDYKRwY9PFcZAzw7CgwSJiEdCgJgbAwEBnJhXgcTOyQXGx1yYF4AGTxuSE8FJicdVBcrNRQQUCxuTE8GPzpFXEB5ZElRRGkjGwBLeGJLWEB5ZEFcQWknRVhAeGRIX0Z4ZEtPEiogDFQeOycIGlN8El1bMGphPgQTKDJWBwxqYT4PHyM2XVswCzscAxoNECFMRHwnEwUAemMqHk8jYkoTHCAZNQwVeCZKLiQNDD4ZEAQjLQESexE%2BPy4hAjBdVGNxGRoUbWlaAQI7IwtTWWA%2BHQ4XYT0CRhAmPx1GMic3EgU0DApbHR0jJU1ZJDhqFFhENTkXIzsqME8cRAgBOjYwPzUzGSMnN0wrMBkLFjg%2Be3EF
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://breedingdaringconcussion.com/aa/24/05/aa240591af5d8573573bb87d25c7ab12.json
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://dismantlepenantiterrorist.com/pxf.gif?uuid=a4290e90-7bcc-43ea-9460-0128a3bdf4e2&eb=20b9018170b67fd7e03877942e000dea&te=511d4323ef95b4e03594666bdefe3ec0&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.100%20Safari%2F537.36&dev=r&res=13.31&b_frame=0&pk=aa240591af5d8573573bb87d25c7ab12&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=10
Message:
Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR
network error URL: https://reasonablelandmark.com/bf/f2/9f/bff29f0d3318d4c4b9a844119e218228.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ablesasmetotr.monster
addresseepaper.com
banquetunarmedgrater.com
breedingdaringconcussion.com
dc5k8fg5ioc8s.cloudfront.net
delookiinasfier.cc
dismantlepenantiterrorist.com
fghnergyflex.xyz
ndandinter.hair
pogothere.xyz
reasonablelandmark.com
simplewebanalysis.com
www61.davisonbarker.pro
www96.davisonbarker.pro
www99.davisonbarker.pro
addresseepaper.com
dismantlepenantiterrorist.com
104.21.92.39
108.138.7.37
13.32.110.53
172.64.198.35
18.192.190.118
188.114.96.12
192.243.59.12
192.243.59.20
52.222.250.181
54.162.51.18
11b088b3d6521a12c8a741ea041908bd1b2dea578ef0a0d3be8fc68453a26bc0
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a
22e35fab973e50f534ed9f13f1770e1a7953cc3ae09503fd682cb50becc66186
5931bc64e9e122333cddc236a279cc0ed6daa5ab8eb942f0da5da46756237900
81e1f1d1ae3c71eac119425a02020d7bf21066361964a7c72d8fceca8f26f587
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9e4475770f49d127421f374121b4468f2cfdf86d920d14313ce7b333b4c857a1
a65091b758cfc04a940f4c8e5e2cc6932592f4a69ffe90989977671700356303
a6a85d330308edc60533c7eb53a5c4ba09b3d3aaa004eb035a71d508b5d396f3
a9e61983a488328528c1d53b0c6f22c6149e02514ea1e093450e16368ab7f111
aa343113c4fef19fe90372bea5baf3879aa2666a0b0b5178d4ef766127e07c6b
bc4720c44ed409f268f5c7791185c5464bd750e81a4e2deb2766b6d4270b4ca8
dad514f7646598b9271a5295738e894251a106848304c1cd8c9eb7d20cee016f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fbb715614452855e13c9eda0f0371929d85e156ff7d92ed7e82d7419cbaa055c