urlscan.io logo urlscan.io
SecurityTrails logo

1.cqyj3ii7r.com Open in urlscan Pro
45.133.44.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hwpnocpctu.com/afu.php?zoneid=1848612
Effective URL: https://1.cqyj3ii7r.com/
Submission: On April 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 36 HTTP transactions. The main IP is 45.133.44.21, located in Philadelphia, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is 1.cqyj3ii7r.com. The Cisco Umbrella rank of the primary domain is 175331.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on February 16th 2024. Valid for: 3 months.
This is the only time 1.cqyj3ii7r.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 212.117.190.201 7979 (SERVERS-COM)
13 45.133.44.21 39572 (ADVANCEDH...)
8 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 199.232.192.124 54113 (FASTLY)
1 2a04:4e42:4c:... 54113 (FASTLY)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 184.24.77.141 20940 (AKAMAI-ASN1)
1 151.101.66.217 54113 (FASTLY)
1 151.101.192.239 54113 (FASTLY)
36 10
4    212.117.190.201 (Luxembourg, Luxembourg)

ASN7979 (SERVERS-COM, US)
hwpnocpctu.com
13    45.133.44.21 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
1.cqyj3ii7r.com
8    2a02:26f0:480:a97::f33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ichef.bbci.co.uk
2    199.232.192.124 (United States)

ASN54113 (FASTLY, US)
cdn.vox-cdn.com
1    2a04:4e42:4c::666 (United States)

ASN54113 (FASTLY, US)
www.cnet.com
2    2606:4700:10::6816:15c1 (United States)

ASN13335 (CLOUDFLARENET, US)
readwrite.com
3    2a02:26f0:3100::210:6e51 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
media.npr.org
1    184.24.77.141 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-141.deploy.static.akamaitechnologies.com
a1.espncdn.com
1    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
i.insider.com
1    151.101.192.239 (United States)

ASN54113 (FASTLY, US)
media.wired.com
Apex Domain
Subdomains		 Transfer
13 cqyj3ii7r.com
1.cqyj3ii7r.com — Cisco Umbrella Rank: 175331
873 KB
8 bbci.co.uk
ichef.bbci.co.uk — Cisco Umbrella Rank: 10340
505 KB
4 hwpnocpctu.com
hwpnocpctu.com
26 KB
3 npr.org
media.npr.org — Cisco Umbrella Rank: 20722
2 MB
2 readwrite.com
readwrite.com — Cisco Umbrella Rank: 327329
2 MB
2 vox-cdn.com
cdn.vox-cdn.com — Cisco Umbrella Rank: 16067
67 KB
1 wired.com
media.wired.com — Cisco Umbrella Rank: 54607
169 KB
1 insider.com
i.insider.com — Cisco Umbrella Rank: 26708
52 KB
1 espncdn.com
a1.espncdn.com — Cisco Umbrella Rank: 8853
137 KB
1 cnet.com
www.cnet.com — Cisco Umbrella Rank: 30854
53 KB
36 10
Domain Requested by
13 1.cqyj3ii7r.com hwpnocpctu.com
1.cqyj3ii7r.com
8 ichef.bbci.co.uk 1.cqyj3ii7r.com
4 hwpnocpctu.com hwpnocpctu.com
3 media.npr.org 1.cqyj3ii7r.com
2 readwrite.com 1.cqyj3ii7r.com
2 cdn.vox-cdn.com 1.cqyj3ii7r.com
1 media.wired.com 1.cqyj3ii7r.com
1 i.insider.com 1.cqyj3ii7r.com
1 a1.espncdn.com 1.cqyj3ii7r.com
1 www.cnet.com 1.cqyj3ii7r.com
36 10

This site contains no links.

Subject Issuer Validity Valid

Buypass Class 2 CA 5		 2024-01-09 -
2024-07-06		 6 months crt.sh
*.cqyj3ii7r.com
ZeroSSL RSA Domain Secure Site CA		 2024-02-16 -
2024-05-16		 3 months crt.sh
www.bbc.co.uk
GlobalSign ECC OV SSL CA 2018		 2023-10-25 -
2024-11-25		 a year crt.sh
*.vox-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-10-19 -
2024-11-19		 a year crt.sh
*.cnet.com
R3		 2024-02-19 -
2024-05-19		 3 months crt.sh
readwrite.com
GTS CA 1P5		 2024-03-25 -
2024-06-23		 3 months crt.sh
www.npr.org
R3		 2024-03-21 -
2024-06-19		 3 months crt.sh
a.espncdn.com
Entrust Certification Authority - L1K		 2023-09-21 -
2024-09-30		 a year crt.sh
*.insider.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-04 -
2024-10-05		 a year crt.sh
condenast.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-13 -
2024-07-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://1.cqyj3ii7r.com/
Frame ID: 089C882606B755B4FADC6E7A1C38B0E7
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bigsport

Page URL History Show full URLs

  1. https://hwpnocpctu.com/afu.php?zoneid=1848612 Page URL
  2. https://hwpnocpctu.com/?r=dir&zoneid=1848612&pb=81d4c006d8aa401191f731e46b85fd671712274164&psp=cFkZ... Page URL
  3. https://1.cqyj3ii7r.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Basket
Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 10%
Detected patterns
  • basket.*\.js

Page Statistics

36
Requests

100 %
HTTPS

40 %
IPv6

10
Domains

10
Subdomains

10
IPs

3
Countries

6559 kB
Transfer

6574 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hwpnocpctu.com/afu.php?zoneid=1848612 Page URL
  2. https://hwpnocpctu.com/?r=dir&zoneid=1848612&pb=81d4c006d8aa401191f731e46b85fd671712274164&psp=cFkZYTQhic0EmEyygGecAKTAlpY4xoMu_31_2gj6Rw7dCoysRUC8xffRzXB_ev_YvvBv7JVdeVly3aggNmPjHpi6zhfLZ89ScU8lPbPGdwvpfGRAl_rwDvJeuhkgFlJV8dutxOta2I_to4lF04fZuxHdXmUbim5X5ciAOPtztNeMGCcfI5r4_fmNsdNg6z5aeNyK-mVhG5X7JfPi4qw9BpJf2TPAS9SCymL6DhJSwYJycNE5ZTr_OP-OyIk=&fdl=1&nojs=0&abvar=0&febuild=1.0.218&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1113&md=0&afid=8556464429103104&eclog=0&im=1&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.105%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.105%22&chm=false&chmd=&chp=Win32&chv=10.0.0&pload=114&rlp=%5B0%2C0%2C26.799999237060547%2C14.200000762939453%2C2.4000015258789062%2C79.10000038146973%2C35%2C19.799999237060547%5D Page URL
  3. https://1.cqyj3ii7r.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
afu.php
hwpnocpctu.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hwpnocpctu.com/afu.php?zoneid=1848612
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
daf8c6d6aa884f4e3fad22570dccdf47bca6c213e32b1032d09160aa2235aab6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 04 Apr 2024 21:42:44 GMT
referrer-policy
no-referrer
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
check.sumbit.dl
submit.min.js
hwpnocpctu.com/ 		47 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hwpnocpctu.com/submit.min.js?abvar=
Requested by
Host: hwpnocpctu.com
URL: https://hwpnocpctu.com/afu.php?zoneid=1848612
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-viewport-height
1113
sec-ch-ua-arch
"x86"
sec-ch-device-memory
8
sec-ch-viewport-width
1600
sec-ch-ua-platform-version
"10.0.0"
sec-ch-prefers-reduced-transparency
no-preference
sec-ch-prefers-reduced-motion
no-preference
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-bitness
"64"
sec-ch-prefers-color-scheme
light
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-full-version
"123.0.6312.105"
Referer
sec-ch-dpr
1

Response headers

date
Thu, 04 Apr 2024 21:42:44 GMT
content-encoding
gzip
last-modified
Thu, 04 Apr 2024 13:04:04 GMT
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
x-js-ab
current
etag
W/"660ea544-bd12"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
hwpnocpctu.com/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hwpnocpctu.com/?r=dir&zoneid=1848612&pb=81d4c006d8aa401191f731e46b85fd671712274164&psp=cFkZYTQhic0EmEyygGecAKTAlpY4xoMu_31_2gj6Rw7dCoysRUC8xffRzXB_ev_YvvBv7JVdeVly3aggNmPjHpi6zhfLZ89ScU8lPbPGdwvpfGRAl_rwDvJeuhkgFlJV8dutxOta2I_to4lF04fZuxHdXmUbim5X5ciAOPtztNeMGCcfI5r4_fmNsdNg6z5aeNyK-mVhG5X7JfPi4qw9BpJf2TPAS9SCymL6DhJSwYJycNE5ZTr_OP-OyIk=&fdl=1&nojs=0&abvar=0&febuild=1.0.218&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1113&md=0&afid=8556464429103104&eclog=0&im=1&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.105%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.105%22&chm=false&chmd=&chp=Win32&chv=10.0.0&pload=114&rlp=%5B0%2C0%2C26.799999237060547%2C14.200000762939453%2C2.4000015258789062%2C79.10000038146973%2C35%2C19.799999237060547%5D
Requested by
Host: hwpnocpctu.com
URL: https://hwpnocpctu.com/submit.min.js?abvar=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-device-memory
8
sec-ch-dpr
1
sec-ch-prefers-color-scheme
light
sec-ch-prefers-reduced-motion
no-preference
sec-ch-prefers-reduced-transparency
no-preference
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-arch
"x86"
sec-ch-ua-bitness
"64"
sec-ch-ua-full-version
"123.0.6312.105"
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-mobile
?0
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"
sec-ch-ua-platform-version
"10.0.0"
sec-ch-ua-wow64
?0
sec-ch-viewport-height
1113
sec-ch-viewport-width
1600

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 04 Apr 2024 21:42:44 GMT
referrer-policy
no-referrer
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
redirect.dl
Primary Request /
1.cqyj3ii7r.com/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1.cqyj3ii7r.com/
Requested by
Host: hwpnocpctu.com
URL: https://hwpnocpctu.com/?r=dir&zoneid=1848612&pb=81d4c006d8aa401191f731e46b85fd671712274164&psp=cFkZYTQhic0EmEyygGecAKTAlpY4xoMu_31_2gj6Rw7dCoysRUC8xffRzXB_ev_YvvBv7JVdeVly3aggNmPjHpi6zhfLZ89ScU8lPbPGdwvpfGRAl_rwDvJeuhkgFlJV8dutxOta2I_to4lF04fZuxHdXmUbim5X5ciAOPtztNeMGCcfI5r4_fmNsdNg6z5aeNyK-mVhG5X7JfPi4qw9BpJf2TPAS9SCymL6DhJSwYJycNE5ZTr_OP-OyIk=&fdl=1&nojs=0&abvar=0&febuild=1.0.218&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1113&md=0&afid=8556464429103104&eclog=0&im=1&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.105%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.105%22&chm=false&chmd=&chp=Win32&chv=10.0.0&pload=114&rlp=%5B0%2C0%2C26.799999237060547%2C14.200000762939453%2C2.4000015258789062%2C79.10000038146973%2C35%2C19.799999237060547%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
30fde3e5e2b1968bf4c8c8f6fdaf19e4ae02f6eab1d77761e9e761d004bd1043

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
2546
content-type
text/html; charset=utf-8
date
Thu, 04 Apr 2024 21:42:44 GMT
etag
ef8ca8351615c443c889ee9cb97b176d
expires
Sat, 06 Apr 2024 21:42:44 GMT
last-modified
Wed, 03 Apr 2024 11:38:28 GMT
server
nginx/1.24.0
vary
Accept-Encoding
x-openstack-request-id
tx9fcff0fc324148f2883c4-00660d3ff0
x-proxy-cache
HIT
x-timestamp
1712144307.36556
x-trans-id
tx9fcff0fc324148f2883c4-00660d3ff0
dupa.gif
hwpnocpctu.com/ 		43 B
482 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://hwpnocpctu.com/dupa.gif?z=1848612&r=dir&zoneid=1848612&pb=81d4c006d8aa401191f731e46b85fd671712274164&psp=cFkZYTQhic0EmEyygGecAKTAlpY4xoMu_31_2gj6Rw7dCoysRUC8xffRzXB_ev_YvvBv7JVdeVly3aggNmPjHpi6zhfLZ89ScU8lPbPGdwvpfGRAl_rwDvJeuhkgFlJV8dutxOta2I_to4lF04fZuxHdXmUbim5X5ciAOPtztNeMGCcfI5r4_fmNsdNg6z5aeNyK-mVhG5X7JfPi4qw9BpJf2TPAS9SCymL6DhJSwYJycNE5ZTr_OP-OyIk=&fdl=1&nojs=0&abvar=0&febuild=1.0.218&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1113&md=0&afid=8556464429103104&eclog=0&im=1&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.105%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.105%22&chm=false&chmd=&chp=Win32&chv=10.0.0&pload=114&rlp=%5B0%2C0%2C26.799999237060547%2C14.200000762939453%2C2.4000015258789062%2C79.10000038146973%2C35%2C19.799999237060547%5D&pload=30&rlp=%5B0%2C0%2C0%2C0%2C-18.400001525878906%2C-1.8000011444091797%2C-2.6000003814697266%2C0%5D
Requested by
Host: hwpnocpctu.com
URL: https://hwpnocpctu.com/?r=dir&zoneid=1848612&pb=81d4c006d8aa401191f731e46b85fd671712274164&psp=cFkZYTQhic0EmEyygGecAKTAlpY4xoMu_31_2gj6Rw7dCoysRUC8xffRzXB_ev_YvvBv7JVdeVly3aggNmPjHpi6zhfLZ89ScU8lPbPGdwvpfGRAl_rwDvJeuhkgFlJV8dutxOta2I_to4lF04fZuxHdXmUbim5X5ciAOPtztNeMGCcfI5r4_fmNsdNg6z5aeNyK-mVhG5X7JfPi4qw9BpJf2TPAS9SCymL6DhJSwYJycNE5ZTr_OP-OyIk=&fdl=1&nojs=0&abvar=0&febuild=1.0.218&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1113&md=0&afid=8556464429103104&eclog=0&im=1&cha=x86&chb=64&chbr=%22Google%20Chrome%22;v=%22123%22,%20%22Not:A-Brand%22;v=%228%22,%20%22Chromium%22;v=%22123%22&chf=%22Google%20Chrome%22;v=%22123.0.6312.105%22,%20%22Not:A-Brand%22;v=%228.0.0.0%22,%20%22Chromium%22;v=%22123.0.6312.105%22&chm=false&chmd=&chp=Win32&chv=10.0.0&pload=114&rlp=%5B0%2C0%2C26.799999237060547%2C14.200000762939453%2C2.4000015258789062%2C79.10000038146973%2C35%2C19.799999237060547%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-viewport-height
1113
sec-ch-ua-arch
"x86"
sec-ch-device-memory
8
sec-ch-viewport-width
1600
sec-ch-ua-platform-version
"10.0.0"
sec-ch-prefers-reduced-transparency
no-preference
sec-ch-prefers-reduced-motion
no-preference
sec-ch-ua-full-version-list
"Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-bitness
"64"
sec-ch-prefers-color-scheme
light
sec-ch-ua-model
""
sec-ch-ua-wow64
?0
sec-ch-ua-platform
"Win32"
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-full-version
"123.0.6312.105"
Referer
sec-ch-dpr
1

Response headers

date
Thu, 04 Apr 2024 21:42:44 GMT
x-route-id
stats.redirect-pixel
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin
*
content-length
43
content-type
image/gif
runtime.ff2894bb4a0449e4.js
1.cqyj3ii7r.com/ 		904 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.cqyj3ii7r.com/runtime.ff2894bb4a0449e4.js
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
4f38d5b4f52e6a15805de197a22438dd2f0d1bd199879e1bb5f490a0681fbf83

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
Origin
https://1.cqyj3ii7r.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Apr 2024 21:42:44 GMT
date
Thu, 04 Apr 2024 21:42:44 GMT
x-openstack-request-id
tx4cc18719ea7f4b56b8f18-00660d3ff1
content-length
904
x-trans-id
tx4cc18719ea7f4b56b8f18-00660d3ff1
last-modified
Wed, 03 Apr 2024 11:38:30 GMT
server
nginx/1.24.0
etag
ae8b59d89ce8195f1faafa4cdff7b89f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-timestamp
1712144309.79736
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
polyfills.feafc1b7e962c9c0.js
1.cqyj3ii7r.com/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.cqyj3ii7r.com/polyfills.feafc1b7e962c9c0.js
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
ba22b300d0ae17e1343d8e030ef3f075fc86f6da26c50dad69872fcc680ea3c5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
Origin
https://1.cqyj3ii7r.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Apr 2024 21:42:44 GMT
date
Thu, 04 Apr 2024 21:42:44 GMT
x-openstack-request-id
txea9467e6bb324b13a8695-00660d3ff1
content-length
34179
x-trans-id
txea9467e6bb324b13a8695-00660d3ff1
last-modified
Wed, 03 Apr 2024 11:38:29 GMT
server
nginx/1.24.0
etag
4f3944b4fe157e4336e0943bf8bf5b90
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-timestamp
1712144308.97575
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
main.7d562a6104a5e25d.js
1.cqyj3ii7r.com/ 		314 KB
315 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.cqyj3ii7r.com/main.7d562a6104a5e25d.js
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
dfdb18d7baa902b1e836efb9f744a523742d1d805884ad6f901480dc1bca589d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
Origin
https://1.cqyj3ii7r.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Apr 2024 21:42:44 GMT
date
Thu, 04 Apr 2024 21:42:44 GMT
x-openstack-request-id
tx6e33e6e95b114117a37ca-00660d3ff1
content-length
321255
x-trans-id
tx6e33e6e95b114117a37ca-00660d3ff1
last-modified
Wed, 03 Apr 2024 11:38:29 GMT
server
nginx/1.24.0
etag
ce4976e5a38ca5c8fb4d4304014107a6
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-timestamp
1712144308.52347
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
styles.426471d40952984c.css
1.cqyj3ii7r.com/ 		16 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1.cqyj3ii7r.com/styles.426471d40952984c.css
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
7147b54824b11e5252f95b4f859846fad45078fdbcf416e185c705e4f7a8aee9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Apr 2024 21:42:44 GMT
date
Thu, 04 Apr 2024 21:42:44 GMT
x-openstack-request-id
tx9d0cd42c08ea47bba5abd-00660d3ff1
content-length
16787
x-trans-id
tx9d0cd42c08ea47bba5abd-00660d3ff1
last-modified
Wed, 03 Apr 2024 11:38:31 GMT
server
nginx/1.24.0
etag
a837f74fce9d2574395f90daadc7b0ba
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
x-timestamp
1712144310.00051
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
football.json
1.cqyj3ii7r.com/assets/data/ 		78 KB
79 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://1.cqyj3ii7r.com/assets/data/football.json?pageSize=8
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/polyfills.feafc1b7e962c9c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
80bf90295b1f5d5311479f308bc86c06e131c43c691d8db3d765c24d09d4fd82

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Apr 2024 21:42:45 GMT
date
Thu, 04 Apr 2024 21:42:45 GMT
x-openstack-request-id
tx2b23ed56594b4d09a3503-00660d3ff1
content-length
80274
x-trans-id
tx2b23ed56594b4d09a3503-00660d3ff1
last-modified
Wed, 03 Apr 2024 11:38:35 GMT
server
nginx/1.24.0
etag
2d0289f434cce68dce99e92476c0af9e
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-timestamp
1712144314.84624
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
basketball.json
1.cqyj3ii7r.com/assets/data/ 		81 KB
81 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://1.cqyj3ii7r.com/assets/data/basketball.json?pageSize=8
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/polyfills.feafc1b7e962c9c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
83308b53c5b25a225e1c0a2cfb245e83fb2687c317585749588748d7414b86a0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Apr 2024 21:42:45 GMT
date
Thu, 04 Apr 2024 21:42:45 GMT
x-openstack-request-id
tx32f7369c9bf346f299093-00660d3ff1
content-length
82628
x-trans-id
tx32f7369c9bf346f299093-00660d3ff1
last-modified
Wed, 03 Apr 2024 11:38:38 GMT
server
nginx/1.24.0
etag
095966c00e2367364b774573e738fefb
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-timestamp
1712144317.72017
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
hockey.json
1.cqyj3ii7r.com/assets/data/ 		80 KB
81 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://1.cqyj3ii7r.com/assets/data/hockey.json?pageSize=8
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/polyfills.feafc1b7e962c9c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
e6e112d80ddb01816aa71dd20c99c2cda488ecf0c3615c4006b548f7294539dc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Apr 2024 21:42:45 GMT
date
Thu, 04 Apr 2024 21:42:45 GMT
x-openstack-request-id
txd5d23e5c6c66420fa0143-00660d3ff1
content-length
82418
x-trans-id
txd5d23e5c6c66420fa0143-00660d3ff1
last-modified
Wed, 03 Apr 2024 11:38:37 GMT
server
nginx/1.24.0
etag
2b9cfa2f736e1e8cafece575bb58d838
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-timestamp
1712144316.09128
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
tennis.json
1.cqyj3ii7r.com/assets/data/ 		83 KB
84 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://1.cqyj3ii7r.com/assets/data/tennis.json?pageSize=8
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/polyfills.feafc1b7e962c9c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
c7a6efd664e2a15a6820f73764f624083416d77c1efec5ba02eec490e0504ed4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Apr 2024 21:42:45 GMT
date
Thu, 04 Apr 2024 21:42:45 GMT
x-openstack-request-id
tx2d8980635c0242ddaeed6-00660d3ff1
content-length
84957
x-trans-id
tx2d8980635c0242ddaeed6-00660d3ff1
last-modified
Wed, 03 Apr 2024 11:38:37 GMT
server
nginx/1.24.0
etag
74ec593f26675d2d9f8044e598883073
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-timestamp
1712144316.91852
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
NFL.json
1.cqyj3ii7r.com/assets/data/ 		79 KB
80 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://1.cqyj3ii7r.com/assets/data/NFL.json?pageSize=8
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/polyfills.feafc1b7e962c9c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
06c5b41fc3849f1c1e888edd42ffa634bd5ef685a2a2427b57cedbac33a1b58a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Apr 2024 21:42:45 GMT
date
Thu, 04 Apr 2024 21:42:45 GMT
x-openstack-request-id
tx62b2b14e892042fa9ad0e-00660d3ff1
content-length
81347
x-trans-id
tx62b2b14e892042fa9ad0e-00660d3ff1
last-modified
Wed, 03 Apr 2024 11:38:36 GMT
server
nginx/1.24.0
etag
4ac47263b4715918fc2c6ebace9816b7
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-timestamp
1712144315.23807
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
baseball.json
1.cqyj3ii7r.com/assets/data/ 		81 KB
82 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://1.cqyj3ii7r.com/assets/data/baseball.json?pageSize=8
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/polyfills.feafc1b7e962c9c0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
85a6441951bdb1f71a79cc8ca1530b295b066ce3244448852811834513776d75

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Apr 2024 21:42:45 GMT
date
Thu, 04 Apr 2024 21:42:45 GMT
x-openstack-request-id
txd70d772666d44a76bc195-00660d3ff1
content-length
83401
x-trans-id
txd70d772666d44a76bc195-00660d3ff1
last-modified
Wed, 03 Apr 2024 11:38:35 GMT
server
nginx/1.24.0
etag
2faf0c4e1ea448873cef1d764158c94c
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-timestamp
1712144314.25067
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
_121787705_gettyimages-1313513292.jpg
ichef.bbci.co.uk/live-experience/cps/624/cpsprodpb/C65A/production/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichef.bbci.co.uk/live-experience/cps/624/cpsprodpb/C65A/production/_121787705_gettyimages-1313513292.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:a97::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83ff29776b2020f46f4f724c4990c057810b7cfe92a9203b667e6a886efc4b7d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:42:45 GMT
last-modified
Wed, 24 Nov 2021 22:00:50 GMT
server
AmazonS3
etag
"c80d15b81d0a3c1baa1d18508e43ffdc"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=60
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
content-length
27890
expires
Tue, 15 Aug 2023 20:29:59 GMT
p0cb6b8k.jpg
ichef.bbci.co.uk/images/ic/1200x675/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichef.bbci.co.uk/images/ic/1200x675/p0cb6b8k.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:a97::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cbc070cd0ba0b647a1b80e74ec090493e593126f3e23ad5db0dfdb12e90f2b1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:42:45 GMT
last-modified
Tue, 31 May 2022 11:01:14 GMT
server
AmazonS3
etag
"fd5a894c4f392d1aafda4293c2b40301"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
content-length
127505
expires
Tue, 02 Apr 2024 06:05:02 GMT
_133040880_dd7c156db593794fcc08f88a0d05ac285b9f34430_75_2830_15921000x563.jpg
ichef.bbci.co.uk/news/1024/branded_news/2264/production/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichef.bbci.co.uk/news/1024/branded_news/2264/production/_133040880_dd7c156db593794fcc08f88a0d05ac285b9f34430_75_2830_15921000x563.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:a97::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf3b2ec89f6d069c124b5479d85be525a7fd1e34ab319ff49740b694af7e087d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:42:45 GMT
x-amz-server-side-encryption
AES256
content-length
63984
last-modified
Thu, 28 Mar 2024 17:10:13 GMT
server
AmazonS3
etag
"dd091795d0bbd9594c2b113bab8c30c6"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
expires
Fri, 28 Mar 2025 17:10:34 GMT
STK055_HBOMAX__C.jpg
cdn.vox-cdn.com/thumbor/2adjPyEUtM6KPLLatthsWXkwLWA=/0x0:2040x1360/1200x628/filters:focal(1020x680:1021x681)/cdn.vox-cdn.com/uploads/chorus_asset/file/25319872/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/2adjPyEUtM6KPLLatthsWXkwLWA=/0x0:2040x1360/1200x628/filters:focal(1020x680:1021x681)/cdn.vox-cdn.com/uploads/chorus_asset/file/25319872/STK055_HBOMAX__C.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
c3f4d681c6fa78546e4234a8f457ffcc40ea0b7c7cfc055f7d221e6c636fc779
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
1270
date
Thu, 04 Apr 2024 21:42:45 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
age
641516
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
29443
x-served-by
cache-fra-eddf8230059-FRA
server
Thumbor/6.7.0
x-timer
S1712266965.097957,VS0,VE0
etag
"bc5488ad1e08498ab9c22a79ad4e32c47f871e30"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Wed, 15 Mar 2034 09:00:17 GMT
_132927660_p0hjq0kj.jpg
ichef.bbci.co.uk/news/1024/branded_news/1A10/production/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichef.bbci.co.uk/news/1024/branded_news/1A10/production/_132927660_p0hjq0kj.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:a97::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
345c02cce41ebaed98d3f820bd117c29db9e1c2cc4a2260c7f4ff16f0267df4d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:42:45 GMT
x-amz-server-side-encryption
AES256
content-length
72268
last-modified
Thu, 14 Mar 2024 17:25:11 GMT
server
AmazonS3
etag
"bf6a5a03ebc9cd2a53315f97d45086b6"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
expires
Fri, 14 Mar 2025 17:29:35 GMT
gettyimages-1947759782.jpg
www.cnet.com/a/img/resize/6b17b128f5929371cff384280584acd8a012f97c/hub/2024/03/07/4bc5ea36-95f9-47a8-9d9a-d9457998483f/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cnet.com/a/img/resize/6b17b128f5929371cff384280584acd8a012f97c/hub/2024/03/07/4bc5ea36-95f9-47a8-9d9a-d9457998483f/gettyimages-1947759782.jpg?auto=webp&fit=crop&height=675&width=1200
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4c::666 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
950a2a389787695be3f8fb2512e8831aed78c80d89bbc2642d244f934f13492d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:42:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
fastly-io-served-by
img01-us-east4
etag
"SGP/6uYEOVGAdrvDqY6z+xZmNeGDrz/nsOV+1dkKYvs"
vary
Accept-Encoding, Accept
content-type
image/webp
fastly-io-info
ifsz=109483 idim=1024x683 ifmt=jpeg ofsz=54386 odim=1200x675 ofmt=webp
cache-control
max-age=31536000, public
fastly-stats
io=1
accept-ranges
bytes
content-length
54386
expires
Fri, 29 Mar 2024 05:56:46 GMT
otkmynBSUeFOG0N8eMM0w.png
readwrite.com/wp-content/uploads/2024/03/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://readwrite.com/wp-content/uploads/2024/03/otkmynBSUeFOG0N8eMM0w.png
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2eff52ecca5aefe95b57f1a72d0c939b36e57dc8b2b46c2a3950681a6d851d8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:42:45 GMT
referrer-policy
unsafe-url
cf-cache-status
HIT
last-modified
Wed, 13 Mar 2024 10:58:46 GMT
server
cloudflare
age
652
etag
"65f186e6-19da92"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
86f47853bc401947-FRA
content-length
1694354
expires
Thu, 31 Dec 2037 23:55:55 GMT
solareclipseeducation_30_wide-80e3766f4fe8d25b069281655e064228d3d48c05-s1400-c100.jpg
media.npr.org/assets/img/2024/03/21/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/assets/img/2024/03/21/solareclipseeducation_30_wide-80e3766f4fe8d25b069281655e064228d3d48c05-s1400-c100.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::210:6e51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
dce8b39732ee862e8221a7b0f4cc2f19ede29f35776a73b25b6ff354ade8b5fb
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
prod-web-51
strict-transport-security
max-age=604800; includeSubDomains
date
Thu, 04 Apr 2024 21:42:45 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/7.4.14
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=15552000
akamai-mon-iucid-del
28919
timing-allow-origin
*
content-length
1077339
x-xss-protection
1; mode=block
expires
Tue, 01 Oct 2024 21:42:45 GMT
i
a1.espncdn.com/combiner/ 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.espncdn.com/combiner/i?img=%2Fphoto%2F2024%2F0324%2Fr1309484_1296x729_16%2D9.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.141 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a8d7ed6a9d51ddefdc70517d3d4691ee257cb26519c12f024fbf5998bb4d0cd9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:42:45 GMT
last-modified
Sun, 24 Mar 2024 20:59:26 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=41548
accept-ranges
bytes
content-length
140135
expires
Fri, 05 Apr 2024 09:15:13 GMT
_132991863_gettyimages-1429595170.jpg
ichef.bbci.co.uk/news/1024/branded_news/8FD3/production/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichef.bbci.co.uk/news/1024/branded_news/8FD3/production/_132991863_gettyimages-1429595170.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:a97::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a368287dde836ea11fcafe889c2a8a5ab05d859443f98bdc6a1db3060720a8f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:42:45 GMT
x-amz-server-side-encryption
AES256
content-length
74131
last-modified
Wed, 27 Mar 2024 01:30:58 GMT
server
AmazonS3
etag
"173ae1518087694f6af15d0337453514"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
expires
Thu, 27 Mar 2025 01:35:56 GMT
_124395517_bbcbreakingnewsgraphic.jpg
ichef.bbci.co.uk/news/1024/branded_sport/11787/production/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichef.bbci.co.uk/news/1024/branded_sport/11787/production/_124395517_bbcbreakingnewsgraphic.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:a97::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12347a828a6739459e063344d073dd37b54236f1613a118b951933179b34854f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:42:45 GMT
last-modified
Tue, 03 May 2022 20:00:19 GMT
server
AmazonS3
etag
"d80920e0014b5c54de8c2cad3858f11b"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
content-length
26842
expires
Thu, 14 Nov 2024 15:46:49 GMT
topspin2k25.jpg
readwrite.com/wp-content/uploads/2024/03/ 		493 KB
494 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://readwrite.com/wp-content/uploads/2024/03/topspin2k25.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:15c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f1395dfe3ebbce1a122d6540c578f2076de7d56be7b2b506c7e366e845e8b1e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:42:45 GMT
referrer-policy
unsafe-url
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 13 Mar 2024 12:36:54 GMT
server
cloudflare
age
652
etag
"65f19de6-7b3ff"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
86f47853bc431947-FRA
content-length
504831
expires
Thu, 31 Dec 2037 23:55:55 GMT
_133041510_cdf_141023_cf_wales_v_argentina_069.jpg
ichef.bbci.co.uk/news/1024/branded_sport/05EA/production/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichef.bbci.co.uk/news/1024/branded_sport/05EA/production/_133041510_cdf_141023_cf_wales_v_argentina_069.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:a97::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d53aa11f089dae9fab9587763f562c6534824a556ccee08b1702c5a806572a8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:42:45 GMT
x-amz-server-side-encryption
AES256
content-length
72652
last-modified
Fri, 29 Mar 2024 17:50:52 GMT
server
AmazonS3
etag
"f4ee3aadec664f36092c287cf78e3436"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
expires
Sat, 29 Mar 2025 17:56:04 GMT
65fb01eb2417f97b87cdad94
i.insider.com/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.insider.com/65fb01eb2417f97b87cdad94?width=1200&format=jpeg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
899c725f93c10d6640e4092a849650a5f873ba49098a4ffbd645399eb9a6f529

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:42:45 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
vpop-kiad7010215
x-amz-request-id
C5B0SJXHRBWG0B7F
x-amz-server-side-encryption
AES256
age
1318120
x-cache
HIT, HIT
fastly-io-info
ifsz=574411 idim=3534x1767 ifmt=jpeg ofsz=52974 odim=1200x600 ofmt=webp
fastly-stats
io=1
content-length
52974
x-amz-id-2
+9TodioRUoF1vxRjjNCF+L0b8Wx3hRxyy0DQw+dLbZXv859TajHMXP2OSQEdIFCmPJ0iR0MFvB0=
x-served-by
cache-iad-kiad7000081-IAD, cache-fra-etou8220138-FRA
server
AmazonS3
x-timer
S1712266965.093192,VS0,VE0
etag
"DP+tdJO4q8OnlHT1pTeWzFlO3YRM7nWV+uAyQXw+1SI"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
x-cache-hits
14, 3
politics_rfk-jr-masculine-online-votes.jpg
media.wired.com/photos/65f2ff1a9f86ee0288b77cdf/191:100/w_1280,c_limit/ 		168 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/65f2ff1a9f86ee0288b77cdf/191:100/w_1280,c_limit/politics_rfk-jr-masculine-online-votes.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f34dae3a9cf94df20440c6bca1e5c4a7021c021721568434955f3d76d5fd80e6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Apr 2024 21:42:45 GMT
Fastly-Io-Served-By
vpop-kiad7010251
Age
697272
X-Amz-Server-Side-Encryption
AES256
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=4303233 idim=2400x1350 ifmt=jpeg ofsz=172126 odim=1280x670 ofmt=webp
Connection
keep-alive
Fastly-Stats
io=1
server-timing
geo;desc="continent=EU;country=DE;pop=FRA"
Content-Length
172126
Fastly-Restarts
1
X-Served-By
cache-iad-kiad7000064-IAD, cache-fra-etou8220112-FRA
experience
katra
X-Timer
S1712266965.095245,VS0,VE2
Etag
"NEOg8S+tjaOPDVdf6mGFRyaBW4HTguucuZdEyL1ZoR8"
vary
accept
Content-Type
image/webp
cache-control
max-age=3600, must-revalidate, public
Accept-Ranges
bytes
timing-allow-origin
*
X-Cache-Hits
43, 1
ap24074110185301_wide-74239674728eae5c09cd3af3fface0a1b4d49093-s1400-c100.jpg
media.npr.org/assets/img/2024/03/14/ 		400 KB
401 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/assets/img/2024/03/14/ap24074110185301_wide-74239674728eae5c09cd3af3fface0a1b4d49093-s1400-c100.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::210:6e51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
90ac9f09365885c71b05cf1d4a086dad87daeea07b5bdb577a468ba55ade03f5
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
prod-web-3
strict-transport-security
max-age=604800; includeSubDomains
date
Thu, 04 Apr 2024 21:42:45 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/7.4.14
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=15552000
akamai-mon-iucid-del
28919
timing-allow-origin
*
content-length
410036
x-xss-protection
1; mode=block
expires
Tue, 01 Oct 2024 21:42:45 GMT
_132883264_e2d288eaa65503387ed7743afdaeb328ad9b092c.jpg
ichef.bbci.co.uk/news/1024/branded_news/B49E/production/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichef.bbci.co.uk/news/1024/branded_news/B49E/production/_132883264_e2d288eaa65503387ed7743afdaeb328ad9b092c.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:a97::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1dd2e6ab9e451f98a097118b7a4a39057d961d30a0dd1601ac1f220f14cde858

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:42:45 GMT
x-amz-server-side-encryption
AES256
content-length
49184
last-modified
Sun, 10 Mar 2024 20:39:33 GMT
server
AmazonS3
etag
"09b54434f31c374b044b0f85c7ce07ff"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
expires
Mon, 10 Mar 2025 20:41:36 GMT
gettyimages-2062554430_wide-d3d8b448b404026621e2573c22b7ff2c5eb2cae2-s1400-c100.jpg
media.npr.org/assets/img/2024/03/13/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.npr.org/assets/img/2024/03/13/gettyimages-2062554430_wide-d3d8b448b404026621e2573c22b7ff2c5eb2cae2-s1400-c100.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::210:6e51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.4.14
Resource Hash
ac4359812a9bc8cac7c05fc756c00e7de09f9ca5be5f9370bcc245cf1c6f7b10
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
prod-web-17
strict-transport-security
max-age=604800; includeSubDomains
date
Thu, 04 Apr 2024 21:42:45 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
Apache/2.4.25 (Debian)
x-powered-by
PHP/7.4.14
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=15552000
akamai-mon-iucid-del
28919
timing-allow-origin
*
content-length
1095639
x-xss-protection
1; mode=block
expires
Tue, 01 Oct 2024 21:42:45 GMT
moto_g_power_5G_2024_PDP.jpg
cdn.vox-cdn.com/thumbor/jMTK4F3ecT1etm7Y2u4sEMLOFe0=/0x0:2000x1500/1200x628/filters:focal(1000x750:1001x751)/cdn.vox-cdn.com/uploads/chorus_asset/file/25330753/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/jMTK4F3ecT1etm7Y2u4sEMLOFe0=/0x0:2000x1500/1200x628/filters:focal(1000x750:1001x751)/cdn.vox-cdn.com/uploads/chorus_asset/file/25330753/moto_g_power_5G_2024_PDP.jpg
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Thumbor/6.7.0 /
Resource Hash
44d7078287342d8ed7517f4b8b8103963bcc59825952c269b749e354ccba68aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
1221
date
Thu, 04 Apr 2024 21:42:45 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
age
1255087
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
38730
x-served-by
cache-fra-eddf8230059-FRA
server
Thumbor/6.7.0
x-timer
S1712266965.097778,VS0,VE0
etag
"4c6df362c20632070ffef260ef5a728f8cb354ac"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000,public
accept-ranges
bytes
expires
Mon, 13 Mar 2034 01:00:10 GMT
default.png
1.cqyj3ii7r.com/assets/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.cqyj3ii7r.com/assets/default.png
Requested by
Host: 1.cqyj3ii7r.com
URL: https://1.cqyj3ii7r.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
41ba4647f301e79bfcee861f55b0097272a6f3f59811445100d9ea89b574789f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Apr 2024 21:42:45 GMT
date
Thu, 04 Apr 2024 21:42:45 GMT
x-openstack-request-id
tx01834b8fcc0f4666b9773-00660d3ff2
content-length
9698
x-trans-id
tx01834b8fcc0f4666b9773-00660d3ff2
last-modified
Wed, 03 Apr 2024 11:38:34 GMT
server
nginx/1.24.0
etag
3d9ef4d50d3c25aaa0008deeb98e1dc4
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
x-timestamp
1712144313.32809
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
favicon.ico
1.cqyj3ii7r.com/assets/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://1.cqyj3ii7r.com/assets/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.21 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
425e9f6d1a818e6fd3fc804570a610d05e266048a1a24a1abcdcac52cc0bf99d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://1.cqyj3ii7r.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 06 Apr 2024 21:42:45 GMT
date
Thu, 04 Apr 2024 21:42:45 GMT
x-openstack-request-id
txa10c7f2700764f2987fa7-00660d3ff2
content-length
4286
x-trans-id
txa10c7f2700764f2987fa7-00660d3ff2
last-modified
Wed, 03 Apr 2024 11:38:33 GMT
server
nginx/1.24.0
etag
f5dd18c555dd3ed365f0ce85fb338f9d
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
x-timestamp
1712144312.33844
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
accept-ranges
bytes
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkclickadu_news function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched function| __zone_symbol__queueMicrotask object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

5 Cookies

Domain/Path Name / Value
hwpnocpctu.com/ Name: CHCK
Value: 1
hwpnocpctu.com/ Name: UID
Value: 2404041642fe275be4a6e24d9689659b47d4
hwpnocpctu.com/ Name: OXCCLK
Value: ACj70wAAAAAAAAAB
hwpnocpctu.com/ Name: OXPCLK
Value: AAJl9AAAAAAAAAAB
hwpnocpctu.com/ Name: ppucnt
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.cqyj3ii7r.com
a1.espncdn.com
cdn.vox-cdn.com
hwpnocpctu.com
i.insider.com
ichef.bbci.co.uk
media.npr.org
media.wired.com
readwrite.com
www.cnet.com
151.101.192.239
151.101.66.217
184.24.77.141
199.232.192.124
212.117.190.201
2606:4700:10::6816:15c1
2a02:26f0:3100::210:6e51
2a02:26f0:480:a97::f33
2a04:4e42:4c::666
45.133.44.21
06c5b41fc3849f1c1e888edd42ffa634bd5ef685a2a2427b57cedbac33a1b58a
12347a828a6739459e063344d073dd37b54236f1613a118b951933179b34854f
1d53aa11f089dae9fab9587763f562c6534824a556ccee08b1702c5a806572a8
1dd2e6ab9e451f98a097118b7a4a39057d961d30a0dd1601ac1f220f14cde858
2a368287dde836ea11fcafe889c2a8a5ab05d859443f98bdc6a1db3060720a8f
30fde3e5e2b1968bf4c8c8f6fdaf19e4ae02f6eab1d77761e9e761d004bd1043
345c02cce41ebaed98d3f820bd117c29db9e1c2cc4a2260c7f4ff16f0267df4d
41ba4647f301e79bfcee861f55b0097272a6f3f59811445100d9ea89b574789f
425e9f6d1a818e6fd3fc804570a610d05e266048a1a24a1abcdcac52cc0bf99d
44d7078287342d8ed7517f4b8b8103963bcc59825952c269b749e354ccba68aa
4f38d5b4f52e6a15805de197a22438dd2f0d1bd199879e1bb5f490a0681fbf83
5f1395dfe3ebbce1a122d6540c578f2076de7d56be7b2b506c7e366e845e8b1e
7147b54824b11e5252f95b4f859846fad45078fdbcf416e185c705e4f7a8aee9
80bf90295b1f5d5311479f308bc86c06e131c43c691d8db3d765c24d09d4fd82
83308b53c5b25a225e1c0a2cfb245e83fb2687c317585749588748d7414b86a0
83ff29776b2020f46f4f724c4990c057810b7cfe92a9203b667e6a886efc4b7d
85a6441951bdb1f71a79cc8ca1530b295b066ce3244448852811834513776d75
899c725f93c10d6640e4092a849650a5f873ba49098a4ffbd645399eb9a6f529
8cbc070cd0ba0b647a1b80e74ec090493e593126f3e23ad5db0dfdb12e90f2b1
90ac9f09365885c71b05cf1d4a086dad87daeea07b5bdb577a468ba55ade03f5
950a2a389787695be3f8fb2512e8831aed78c80d89bbc2642d244f934f13492d
a2eff52ecca5aefe95b57f1a72d0c939b36e57dc8b2b46c2a3950681a6d851d8
a8d7ed6a9d51ddefdc70517d3d4691ee257cb26519c12f024fbf5998bb4d0cd9
ac4359812a9bc8cac7c05fc756c00e7de09f9ca5be5f9370bcc245cf1c6f7b10
ba22b300d0ae17e1343d8e030ef3f075fc86f6da26c50dad69872fcc680ea3c5
c3f4d681c6fa78546e4234a8f457ffcc40ea0b7c7cfc055f7d221e6c636fc779
c7a6efd664e2a15a6820f73764f624083416d77c1efec5ba02eec490e0504ed4
cf3b2ec89f6d069c124b5479d85be525a7fd1e34ab319ff49740b694af7e087d
daf8c6d6aa884f4e3fad22570dccdf47bca6c213e32b1032d09160aa2235aab6
dce8b39732ee862e8221a7b0f4cc2f19ede29f35776a73b25b6ff354ade8b5fb
dfdb18d7baa902b1e836efb9f744a523742d1d805884ad6f901480dc1bca589d
e6e112d80ddb01816aa71dd20c99c2cda488ecf0c3615c4006b548f7294539dc
f34dae3a9cf94df20440c6bca1e5c4a7021c021721568434955f3d76d5fd80e6