factionhats.com Open in urlscan Pro
2606:4700:3033::ac43:c168 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://b2babbaj.s3.us-east-2.amazonaws.com/bilboi.html
Effective URL:
https://factionhats.com/?s1=350587&s2=895485923&s3=4555&s4=2267&s10=1782
Submission: On January 10 via manual (January 10th 2023, 6:02:30 pm UTC) from IN — Scanned from US

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3033::ac43:c168, located in United States and belongs to CLOUDFLARENET, US. The main domain is factionhats.com.
TLS certificate: Issued by GTS CA 1P5 on January 5th 2023. Valid for: 3 months.

This is the only time factionhats.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	52.219.107.10 52.219.107.10	16509 (AMAZON-02) (AMAZON-02)
1 1	190.92.179.156 190.92.179.156	55293 (A2HOSTING) (A2HOSTING)
1	155.254.194.46 155.254.194.46	398343 (BAXET-GROUP) (BAXET-GROUP)
28	2606:4700:303... 2606:4700:3033::ac43:c168	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3033::6815:283	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::178	() ()
39	7

1 52.219.107.10 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

b2babbaj.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.92.179.156 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: server.gearmate.one

arizonalottely.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 155.254.194.46 (Baku, Azerbaijan)

ASN398343 (BAXET-GROUP, US)

unleashspeeds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:3033::ac43:c168 (United States)

ASN13335 (CLOUDFLARENET, US)

factionhats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3033::6815:283 (United States)

ASN13335 (CLOUDFLARENET, US)

trk-epicurei.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.trk-epicurei.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::178 (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	factionhats.com factionhats.com	1 MB
5	trk-epicurei.com trk-epicurei.com — Cisco Umbrella Rank: 133310 event.trk-epicurei.com	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	119 KB
1	google-analytics.com www.google-analytics.com	346 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	1 KB
1	unleashspeeds.com unleashspeeds.com	431 B
1	arizonalottely.biz 1 redirects arizonalottely.biz	348 B
1	amazonaws.com b2babbaj.s3.us-east-2.amazonaws.com	1 KB
39	8

	Domain	Requested by
28	factionhats.com	unleashspeeds.com factionhats.com
4	event.trk-epicurei.com	trk-epicurei.com
2	www.googletagmanager.com	b2babbaj.s3.us-east-2.amazonaws.com www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	trk-epicurei.com	factionhats.com
1	fonts.googleapis.com	factionhats.com
1	unleashspeeds.com	b2babbaj.s3.us-east-2.amazonaws.com
1	arizonalottely.biz	1 redirects
1	b2babbaj.s3.us-east-2.amazonaws.com
39	9

This site contains no links.

Subject Issuer	Validity	Valid
*.s3.us-east-2.amazonaws.com Amazon	`2022-09-21` - `2023-08-31`	a year	crt.sh
unleashspeeds.com R3	`2022-12-12` - `2023-03-12`	3 months	crt.sh
*.factionhats.com GTS CA 1P5	`2023-01-05` - `2023-04-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.trk-epicurei.com E1	`2022-12-10` - `2023-03-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://factionhats.com/?s1=350587&s2=895485923&s3=4555&s4=2267&s10=1782
Frame ID: AED05089E60D1446BE7FB133057ECAFE
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

[1] Reward Pending - Mobile Survey - We Want Your Opinion!

Page URL History Show full URLs

https://b2babbaj.s3.us-east-2.amazonaws.com/bilboi.html Page URL
http://arizonalottely.biz/r.php?t=c&d=0&l=0&c=0&cr=6984 HTTP 302
https://unleashspeeds.com/0/0/0/e105d26f40d0c6335be47ffe568f81f2/0_0/0_0/ Page URL
https://factionhats.com/?s1=350587&s2=895485923&s3=4555&s4=2267&s10=1782 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

7
IPs

2
Countries

1212 kB
Transfer

1963 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://b2babbaj.s3.us-east-2.amazonaws.com/bilboi.html Page URL
http://arizonalottely.biz/r.php?t=c&d=0&l=0&c=0&cr=6984 HTTP 302
https://unleashspeeds.com/0/0/0/e105d26f40d0c6335be47ffe568f81f2/0_0/0_0/ Page URL
https://factionhats.com/?s1=350587&s2=895485923&s3=4555&s4=2267&s10=1782 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://arizonalottely.biz/r.php?t=c&d=0&l=0&c=0&cr=6984 HTTP 302
https://unleashspeeds.com/0/0/0/e105d26f40d0c6335be47ffe568f81f2/0_0/0_0/

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK bilboi.html
b2babbaj.s3.us-east-2.amazonaws.com/ 680 B
1 KB 419ms
51ms Document
text/html 52.219.107.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b2babbaj.s3.us-east-2.amazonaws.com/bilboi.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.107.10 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 680
Content-Type: text/html
Date: Tue, 10 Jan 2023 18:02:19 GMT
ETag: "3b3f7f3c2ff194e4dad4a30fbc51b195"
Last-Modified: Tue, 10 Jan 2023 14:00:25 GMT
Server: AmazonS3
x-amz-id-2: Hf6DYBxCrup7+AwX94YWA7SlARgFh2TKUJpDB5iy59gnQz1B9w4FWYVQQKRMmRToNyf+7L9+jsQ=
x-amz-request-id: VY93E02WXGNS88MJ
x-amz-server-side-encryption: AES256

GET
H/1.1

200
OK

/
unleashspeeds.com/0/0/0/e105d26f40d0c6335be47ffe568f81f2/0_0/0_0/
Redirect Chain

http://arizonalottely.biz/r.php?t=c&d=0&l=0&c=0&cr=6984
https://unleashspeeds.com/0/0/0/e105d26f40d0c6335be47ffe568f81f2/0_0/0_0/

135 B
431 B

786ms
389ms

Document
text/html

155.254.194.46
BAXET-GROUP

General

Check archive.org

Show headers Download Go to

Full URL: https://unleashspeeds.com/0/0/0/e105d26f40d0c6335be47ffe568f81f2/0_0/0_0/
Requested by: Host: b2babbaj.s3.us-east-2.amazonaws.com
URL: https://b2babbaj.s3.us-east-2.amazonaws.com/bilboi.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 155.254.194.46 Baku, Azerbaijan, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://b2babbaj.s3.us-east-2.amazonaws.com/bilboi.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 135
content-type: text/html; charset=UTF-8
date: Tue, 10 Jan 2023 18:02:19 GMT
server: Apache

Redirect headers

Connection: Keep-Alive
Content-Length: 25
Content-Type: text/html; charset=UTF-8
Date: Tue, 10 Jan 2023 18:02:18 GMT
Keep-Alive: timeout=5, max=100
Location: https://unleashspeeds.com/0/0/0/e105d26f40d0c6335be47ffe568f81f2/0_0/0_0/
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16

GET
H2 200 Primary Request / Show response
factionhats.com/ 2 KB
1 KB 377ms
222ms Document
text/html 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://factionhats.com/?s1=350587&s2=895485923&s3=4555&s4=2267&s10=1782

Requested by

Host: unleashspeeds.com
URL: https://unleashspeeds.com/0/0/0/e105d26f40d0c6335be47ffe568f81f2/0_0/0_0/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeffbeef6cba7245efb4c27af6df726873d5365e1a6e26a7e71a3c0e7d155493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://unleashspeeds.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 787752b4da37c340-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 10 Jan 2023 18:02:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hLIEyB1eBiaROlbosjhnQPnEn%2Bh1kI0nXl8uzofBz7Ikxoc6qpnFgsbsYmkYhGx2FZSuM%2B2nHETn2u%2FNX4HA3N96jEJ9KlvxcDb9oLaapHAf7xTM1nKylKKdnggliv%2FJUzU%2BdyWsMXZUR3B5VM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 d270c3612d1f6233aa4eabb6a61e72a1 Show response
factionhats.com/ 184 KB
28 KB 585ms
584ms XHR
text/html 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1?_ax=w

Requested by

Host: factionhats.com
URL: https://factionhats.com/?s1=350587&s2=895485923&s3=4555&s4=2267&s10=1782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca82b896de1fa7e2a46696ce90379c8bfa5411ed91352382cadd293e37bb6abf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IaJ4hfq%2Fo9EkzVRfhcs0H3oZyc1RiMJC%2FgAp%2B2Qag1aiJ7RKubrhLMyNfILkgY2ruqQ5OmdLBFmqI3bd0hkC%2FUsmJ29Y1kpKeLazJYB8D9JupuxBc7HmWRhy1DOOK6XAmwkaO45C11%2B04dkQPM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate
cf-ray: 787752b68d84c340-EWR
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 bootstrap.min.css
factionhats.com/assets/vendors/bootstrap-4.5.3/css/ 157 KB
25 KB 63ms
62ms Stylesheet
text/css 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://factionhats.com/assets/vendors/bootstrap-4.5.3/css/bootstrap.min.css

Requested by

Host: factionhats.com
URL: https://factionhats.com/?s1=350587&s2=895485923&s3=4555&s4=2267&s10=1782

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88939
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Aug 2021 13:04:53 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7EydmKo0j7wr2HUARLI6eUX2C3W%2FBe51dT8Hfj8hbI2SC4ADjr2n8KiK3p7OI%2BUMlDeEHH%2FqhTEjMdAxu3kYy8CxaJLBE%2F34sdePEjTTR9lnRA%2B1%2F9ExgEOnRvqdG6xcnMJPwrWnRR2RFv3f50%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 787752ba2d341770-EWR
expires: Mon, 16 Jan 2023 17:20:02 GMT

GET
H3 200 all.css
factionhats.com/assets/vendors/fontawesome/css/ 72 KB
13 KB 38ms
25ms Stylesheet
text/css 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://factionhats.com/assets/vendors/fontawesome/css/all.css

Requested by

Host: factionhats.com
URL: https://factionhats.com/?s1=350587&s2=895485923&s3=4555&s4=2267&s10=1782

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88939
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 19 Jul 2021 19:01:59 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmpgHLi8x74jeQnkxKznJa1YgPmolMgAFO5Ph%2FmlqGM%2BRCODQL14zn4c8YfKPD%2BN8Vdg6JCA2PdLMNeIMnKQ8bTa4fhLjX2QvVirOgnE133sz%2BgEHQWaI5RwB6d8IJtiAx5tbC1F9WrilpIBMNs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 787752ba4d6b1770-EWR
expires: Mon, 16 Jan 2023 17:20:02 GMT

GET
H3 200 common-hybrid.css
factionhats.com/assets/css/dublin/dist/ 32 KB
8 KB 70ms
67ms Stylesheet
text/css 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://factionhats.com/assets/css/dublin/dist/common-hybrid.css?v=47bf5b203a8584e2ecb0b6d02c61b63a

Requested by

Host: factionhats.com
URL: https://factionhats.com/?s1=350587&s2=895485923&s3=4555&s4=2267&s10=1782

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85dd983f9026213b637258b4879c665ea3a33873b46d382a987de72cc14a1a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Dec 2022 22:19:05 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6HvQqi8oO6LNYtGV30Czwrvht7%2BKxRw%2Fmizjn1oEU9pNqrj%2FO%2Fl21sADn3Ddyp2jzJwR2BSYFMCKG1dx4yyCRk2Vpp34hGp1XE9M7E7GYa9SAlRn0GV9kNJG2GE9QfU5SX2Tcy5n8sv3Uabkqw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 787752ba4d6f1770-EWR
expires: Tue, 17 Jan 2023 18:02:21 GMT

GET
H3 200 msg.js Show response
factionhats.com/inc/ 942 B
936 B 53ms
50ms Script
application/javascript 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://factionhats.com/inc/msg.js

Requested by

Host: factionhats.com
URL: https://factionhats.com/?s1=350587&s2=895485923&s3=4555&s4=2267&s10=1782

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88939
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Oct 2022 12:25:37 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJNfFGY%2BGopZoN6XaaS1BZnItixkxGPEnn0Oz2R%2FzyZ2AFl8LVF3Yh7FXzxMeBchNmzIu2I2V6oGFdMlFv7QC3i7puFl5GSJ6oMLPilP4rUI072Ax6jtIFHWdrKpKdqexRlMKvwNlKm98iqp5ZM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 787752ba4d701770-EWR
expires: Mon, 16 Jan 2023 17:20:02 GMT

GET
H3 200 jquery-3.4.1.min.js Show response
factionhats.com/assets/vendors/ 86 KB
31 KB 55ms
51ms Script
application/javascript 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://factionhats.com/assets/vendors/jquery-3.4.1.min.js

Requested by

Host: factionhats.com
URL: https://factionhats.com/?s1=350587&s2=895485923&s3=4555&s4=2267&s10=1782

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88939
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Aug 2021 13:04:53 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9WUChXRss2ngRCbEdcBW%2B34%2FspQvATJkGI81h4xI37P%2FoBt9LpvD09XgjRHiMxIK69SmRkej7PYcsVGsVeviFt7mQGrF%2BfEcNolR1knlDLGbFrpQuUN%2Fm2xIXYcj5FguRpAIpr2Om7QQdmequw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 787752ba4d721770-EWR
expires: Mon, 16 Jan 2023 17:20:02 GMT

GET
H3 200 bootstrap.min.js Show response
factionhats.com/assets/vendors/bootstrap-4.5.3/js/ 62 KB
16 KB 74ms
71ms Script
application/javascript 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://factionhats.com/assets/vendors/bootstrap-4.5.3/js/bootstrap.min.js

Requested by

Host: factionhats.com
URL: https://factionhats.com/?s1=350587&s2=895485923&s3=4555&s4=2267&s10=1782

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88939
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Aug 2021 13:04:53 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpHxWp5nYzbT6QEirekmYsOB787nFx%2FP%2Bh98ktj0wdXk0UhgH9BxuzWGyRIceds5h2FjRxUDS5%2BAapdv4MtK7mAjamusB4IBK4LjhGphCV%2F82tPaNuOjNjqAcnppVjVaqjglezWBl4KlTHZAjS0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 787752ba4d731770-EWR
expires: Mon, 16 Jan 2023 17:19:47 GMT

GET
H3 200 functions.js Show response
factionhats.com/assets/js/ 1 KB
1 KB 155ms
152ms Script
application/javascript 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://factionhats.com/assets/js/functions.js?v=47bf5b203a8584e2ecb0b6d02c61b63a

Requested by

Host: factionhats.com
URL: https://factionhats.com/?s1=350587&s2=895485923&s3=4555&s4=2267&s10=1782

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5de7a79e14562963ef11f0d95f7a098e3cc018347a95290e292bef9b7d4677b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 06 Sep 2022 14:55:28 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZJwEMru%2BTv5R9Fm1opyJh7EDdeOWBL0cQ39PElEX70lozU2vOfvvr3uK3OZCE0pnEKiKhpGPuNI36ZTUDpVjYRWDh8%2B2ttUgN%2B3qyU5t8uLOMdp28oO4rN7Q8OD19z77KW3CPXK%2F5fKWnmj%2Bhs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 787752ba4d741770-EWR
expires: Tue, 17 Jan 2023 18:02:21 GMT

GET
H3 200 intl_functions.js Show response
factionhats.com/assets/js/ 8 KB
3 KB 128ms
125ms Script
application/javascript 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://factionhats.com/assets/js/intl_functions.js?v=47bf5b203a8584e2ecb0b6d02c61b63a

Requested by

Host: factionhats.com
URL: https://factionhats.com/?s1=350587&s2=895485923&s3=4555&s4=2267&s10=1782

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7077430b976a181d99efafc06e7e29923636aa84041bdd06c78fce5d960bb074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Sep 2022 19:29:38 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1byIByv7lwWaw7sRPrz2%2B3DcCdzGBf%2F%2BMnQRoLa4Uo%2Ff3v60HaX32HYsuVQ%2BpRH3jzDmEB5hnjq1PbGP1VKULpp%2Fjd2jAub9PDZJq8x7l41qsmMqOrwKX6EdaM62ECktb8MRRvr%2Fa8zNdtkLEk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 787752ba4d761770-EWR
expires: Tue, 17 Jan 2023 18:02:14 GMT

GET
H3 200 common-hybrid.js Show response
factionhats.com/assets/js/dublin/dist/ 91 KB
20 KB 124ms
121ms Script
application/javascript 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://factionhats.com/assets/js/dublin/dist/common-hybrid.js?v=47bf5b203a8584e2ecb0b6d02c61b63a

Requested by

Host: factionhats.com
URL: https://factionhats.com/?s1=350587&s2=895485923&s3=4555&s4=2267&s10=1782

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb3acca3cfcc7b0b0e95e89e6b9bcbb35dcdd49e9f66f4277afad0da48584563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Dec 2022 15:35:20 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AcTnhFOUj%2BnPHLyqPqLdn53kwzOkZTJqahD2rzmGgoIcl%2FNNISA1kEcEUC9M4DJ7E5HGfmHhLs4kaUYrziLjbkwaLSXssmgJchLwY4MFaYp1XuvAUPDLZh0YSO2fXfKr%2F%2Bo67gwa69y7JoC1ss%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
cf-ray: 787752ba4d771770-EWR
expires: Tue, 17 Jan 2023 18:02:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 108 KB
42 KB 65ms
22ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874

Requested by

Host: b2babbaj.s3.us-east-2.amazonaws.com
URL: https://b2babbaj.s3.us-east-2.amazonaws.com/bilboi.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa389d05f77c8c35a2e36df6d3b48d42e00e739a5d080dc59c2e37b6fcb69045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 42998
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 10 Jan 2023 18:02:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 66ms
24ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap

Requested by

Host: factionhats.com
URL: https://factionhats.com/assets/css/dublin/dist/common-hybrid.css?v=47bf5b203a8584e2ecb0b6d02c61b63a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f2de36054525c7a25f6b4ca1447f762169a97d0f11593cf0f8f254880f4c2bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 10 Jan 2023 18:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 18:02:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Jan 2023 18:02:21 GMT

GET
H2 200 v9e118mez8 Show response
trk-epicurei.com/scripts/push/ 7 KB
3 KB 107ms
26ms Script
application/javascript 2606:4700:3033::6815:283
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-epicurei.com/scripts/push/v9e118mez8

Requested by

Host: factionhats.com
URL: https://factionhats.com/inc/msg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:283 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3109
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 10 Jan 2023 17:10:32 GMT
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5se2ikQLJl%2BNcEazn%2BANkkEeZ2BYI1kAMkShYc4WBAE3HfgdU73dHInZQMY0tOzwbK7l5KV%2BIVjoN7lNof5%2B%2FTJFELEaLXJmX1gVAgol05fcvlUkCI6ezNvDyhXhnibNKQE4u78k3xIVGuYCrJpK"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray: 787752bbcfed3314-EWR
expires: 0

GET
H3 200 0d844ffa433d7f3088f5d63ad516f8b8.png
factionhats.com/fim/1782-US/ 11 KB
12 KB 44ms
40ms Image
image/png 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/fim/1782-US/0d844ffa433d7f3088f5d63ad516f8b8.png

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bce6184a87b5c5c4de73455bae5ebaecd7abcff3abe6f7961196b5ae64c86e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5975
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11453
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 16:22:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZsMMyrqJX2CNa%2BnuGHjFcISScRDF2WD8FEY09%2FeS3iDbg4B3neniuOvFoblZkC9ec0FySsmi6RyU7H%2B8xT%2FCSsDyMPhLD1YtftJUAwLZwF8ufIuazHkOGN%2BwfHVZBqP%2ByXNaMGE3h35WwW5swc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752bdbd8d1770-EWR
expires: Tue, 17 Jan 2023 16:22:46 GMT

GET
H3 200 3bae29ed8b3141ead2de0f0f4eded26f.png
factionhats.com/fim/1782-US/ 18 KB
19 KB 117ms
75ms Image
image/png 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/fim/1782-US/3bae29ed8b3141ead2de0f0f4eded26f.png

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0109e9747e94335267d540104b0b256bc507882206be853bfbd6b13ddb1c277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5975
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18427
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 16:22:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnOPeGAWRhFw7QafpXbKD06l%2B%2F03ou%2BBTBYNwhokQ5Jz%2FikLq%2F7q5H6rPNwRHEYae7BfQ1YildjsZVvtNBhc98rM6wGLdkkFiFi0b29WRkOvhqoe1ipyybjlcBnt%2B7YW2WaIdhQraQY55yU6azg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752bdfe0b1770-EWR
expires: Tue, 17 Jan 2023 16:22:46 GMT

GET
H3 200 28e7dd90748eb4d72b5896e31e3c7fa2.png
factionhats.com/fim/1782-US/ 317 KB
317 KB 89ms
46ms Image
image/png 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/fim/1782-US/28e7dd90748eb4d72b5896e31e3c7fa2.png

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

034139c40fde25feee3a8ed0cbd658af6b70714e5e8f165eac5752b068ec943c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5975
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 324160
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 16:22:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8fr4oAEJClKEAjEeq8J3uSx2fMFxXrB9OGC7RBs%2BhY6AbhGhFIOEhJ5Z3As7hhE5WH9%2B0ZNoKm8THYvmISJYnCAQDD9mqbP4EjSbc2vnfZEkZTM5sr2b8ADf0Rs5QB58uElpEw0CJjxm5dBISs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752bdfe0e1770-EWR
expires: Tue, 17 Jan 2023 16:22:46 GMT

GET
H3 200 15b5abae6505d92f566771f0563da998.jpg
factionhats.com/fim/1782-US/ 2 KB
2 KB 237ms
194ms Image
image/jpeg 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/fim/1782-US/15b5abae6505d92f566771f0563da998.jpg

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64f06bc81a732e876ce54fdae5ea0eb85ef861329306962bd2dad24ff1cfbc3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5498
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1763
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 16:22:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRLS2I1haM6h%2Fk5DuhKkvbm89rkeYFP0eMkaVfMZmh9Kkv22vlYfGML7%2FxB0E4QYg8Ntkz%2BL35KWeRqGac6ZkpzOtGLWIfPkEFwaCJO1iWrYD3TW8CyVAPD2iUO05ngW9c3GaXU34jSloLYJIQ4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752bdfe131770-EWR
expires: Tue, 17 Jan 2023 16:30:43 GMT

GET
H3 200 b3d9cfa961b7a99801d7e282ca920faf.jpg
factionhats.com/fim/1782-US/ 2 KB
3 KB 265ms
223ms Image
image/jpeg 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/fim/1782-US/b3d9cfa961b7a99801d7e282ca920faf.jpg

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5933
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2061
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 16:22:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u92xxR7KdewJDp5M%2BIXGtwDWiId9Y3O2i1Hb%2BPiaCTpr0XcQrfkGY5aSPQiDj6Gj3HTEe817Rf%2FDBFAtDHlSyx9T8JZ34huPdtVanrxIHqHkdbt6VvTr9HyJUB%2Ffg20WgrT%2FxOe3EfJ%2Fbee9wpg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752bdfe151770-EWR
expires: Tue, 17 Jan 2023 16:23:28 GMT

GET
H3 200 1929c82a4d1bedb973b0898e1dcce9d1.jpg
factionhats.com/fim/1782-US/ 2 KB
3 KB 279ms
237ms Image
image/jpeg 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/fim/1782-US/1929c82a4d1bedb973b0898e1dcce9d1.jpg

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5665269840fa23faac662dba33673aab6d0f06fcf1edca2fea09f669ce6baaad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5930
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2066
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 16:22:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vqjsxdl%2BfD%2B5NOrdXD3kxwuTxO5c%2FcL1kiUvrv%2BH4I%2Fc%2F4PUBOowGCJriIX0k49MQ%2FX6RHRfSq2ea7r2BPuLyz2ok12CCH1yozqbYGoWtD8b5toiv59etaf6oX780FhqoStctb%2FRnw%2FytI6GPb4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752bdfe171770-EWR
expires: Tue, 17 Jan 2023 16:23:30 GMT

GET
H3 200 69576eb24e988d3dd3295975e2c2ed61.jpg
factionhats.com/fim/1782-US/ 2 KB
3 KB 280ms
197ms Image
image/jpeg 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/fim/1782-US/69576eb24e988d3dd3295975e2c2ed61.jpg

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5deddf7c5858ea17a9c6113f84b6624e75e00efaba9a11da2c7aae49ce0d8861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5519
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2081
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 16:22:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yHAX7bn5LpSozfZGHKjenIQlsAWdmOusXMJpn7zURzb7ZVeft%2F%2FqThUWV%2FMsPmqOajge7E0GviZVGfdlk9ik5kTrKX8inDgC2yc1WFq3y1lNfVYfNAOHcCBi8mvwV5fYR2vV6RaLknipoAHl%2Bo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752be4eb61770-EWR
expires: Tue, 17 Jan 2023 16:30:21 GMT

GET
H3 200 348749d55240da5332803babde8c3adb.jpg
factionhats.com/fim/1782-US/ 29 KB
30 KB 281ms
198ms Image
image/jpeg 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/fim/1782-US/348749d55240da5332803babde8c3adb.jpg

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d26172bf3280af34647fc0589a05b8ac3ff73f8b808949e11f130a46707a96df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5975
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29844
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 16:22:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRNM%2FgnKwl4mcPBYOY5MvDEValGtFs1QqJ%2FEcwcslBnfd3NupmLnvXsRbIiBVKRCG8jq5cic0jtmVgYTKrAyFMkgja9i0qa%2Bf13FlF0FXW8dDG%2Fw0KIYOoT37bsB5v1WRoeHZtHGNQIkfqFdhU4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752be4eb81770-EWR
expires: Tue, 17 Jan 2023 16:22:46 GMT

GET
H3 200 e5df322e257df7eb19d3d4e83df97356.jpg
factionhats.com/fim/1782-US/ 2 KB
3 KB 287ms
204ms Image
image/jpeg 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/fim/1782-US/e5df322e257df7eb19d3d4e83df97356.jpg

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

249fd954ee073b4596065bcf075f3f469029f16cdbf37b60d611407e8e4469ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5519
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2029
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 16:22:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZx2PntM5zwsXdrfJlocTOw7kIikmnMxYR5AHrSJ3rTXbfibuob1cb29p%2BoNe5FpjzGDgy5%2FauhNwHrzL%2BnBZXBwIoq%2BK95yXCig5L%2FEXw1b7en2fK6t9OfSQ2tPdkmsoIpdahsGCJPAU9A781g%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752be4eb91770-EWR
expires: Tue, 17 Jan 2023 16:30:22 GMT

GET
H3 200 72a8b4eb2ffe53ecf03dbe6852f5f380.jpg
factionhats.com/fim/1782-US/ 10 KB
10 KB 298ms
215ms Image
image/jpeg 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/fim/1782-US/72a8b4eb2ffe53ecf03dbe6852f5f380.jpg

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dccfa212199b9e9e721bba85b0bc2162d6c7dceedc854da5e6afaa995929ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5975
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9896
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 16:22:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNzBYMtxnXb3MBsbXXhUpVWYtIUETXf3NrtQuR9dplD9rln5KsaFr%2BJQAWqw1d4wt5guePg3gyTiyP6r7xtioqv%2BC0aTlooDDCqo7vNzTVrVkI0iTvMm%2B%2FmUS8vsAj5HhCCSgze3Qflmk%2F%2BjX3Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752be4ebb1770-EWR
expires: Tue, 17 Jan 2023 16:22:46 GMT

GET
H3 200 2dba67cbc29d669aa40ccd9e26e1d184.jpg
factionhats.com/fim/1782-US/ 2 KB
3 KB 318ms
235ms Image
image/jpeg 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/fim/1782-US/2dba67cbc29d669aa40ccd9e26e1d184.jpg

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

681eb16255d904bdded2d70bce55d940f2c445fae65ef94c81f50e68c283a878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5907
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2028
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 16:22:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y02leyQzhDvahNzCzNwjg3W93ZGHdadLPJ8nWa7PEz%2FRgAqvx8LxWQ3rjo4bRmjNMRmwWYB8t3so8lE9FRi4O%2F6FbUcTnXg8q86%2F3aSzV6DomEJZCO%2FZHWHKagnyFdSHMdcEGDjaoNsO4Z7vg44%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752be4ebc1770-EWR
expires: Tue, 17 Jan 2023 16:23:54 GMT

GET
H3 200 3f1ecc7dec701bd3a00cf108dc851e55.jpg
factionhats.com/fim/1782-US/ 2 KB
2 KB 365ms
282ms Image
image/jpeg 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/fim/1782-US/3f1ecc7dec701bd3a00cf108dc851e55.jpg

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f2dcc8d291e930f294c0b96fda36589f0b412848578c396b981e62ac9d4aca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5932
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1985
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 16:22:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZHlvlg9mfrKal9hCG%2BXNITAWcdOmjpMSpwRTdgbAwLoc8KuNj1X6Naw7VWrg2d%2B8y4lQP75Lb2tKVBRKkxuS%2BDl8Yni98Ur8IG9OSfJdc4s2fP0NrwGUMHrnXlOL3ESWAhwA1BwhZo9lVnJS1c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752be4ebe1770-EWR
expires: Tue, 17 Jan 2023 16:23:28 GMT

GET
H3 200 4720396dad49284000cf88366c49438a.png
factionhats.com/fim/1782-US/ 445 KB
445 KB 366ms
283ms Image
image/png 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/fim/1782-US/4720396dad49284000cf88366c49438a.png

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca43ef72198a2f78d390ba9be4d65fde9ecb80f1a970a443c559ba853a099806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5975
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 455537
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 16:22:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrHBh%2FiUmxJlmWod8LKWMZJt4pD%2BLxbxkqwcEb8bQEoKyDSmr%2FSfxMn02lsHiBEgEtDmf9zfqq9iR6DFavIrUEkk%2BAL%2B1CzuQwkIn0V%2B9p21QKrum4RvioZmKpy7oGwiA16o0UYZ0OehajT8F2Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752be4ec11770-EWR
expires: Tue, 17 Jan 2023 16:22:46 GMT

GET
H3 200 d80d5f3f4c1fa10196300a0432c63af1.jpg
factionhats.com/fim/1782-US/ 2 KB
2 KB 406ms
323ms Image
image/jpeg 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/fim/1782-US/d80d5f3f4c1fa10196300a0432c63af1.jpg

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5157378a4441bc07c005f21b99d77d0c6406d86a2a55eeca84304941f8645182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5841
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2003
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 16:22:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smZOBtIBMBe6W3utOk1O2P9%2F%2F8BkXh1D%2FQD9DJZUCTgNwU5UGjRzvmkhdlVXkmApOtnbytOYqIgsLexYVfvWoVhElnm5h3nWkBa8MiKdEUJHlUSCcS7ZaPdc1rj71HIQoBCiQe3fxqXdgCWfceo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752be4ec41770-EWR
expires: Tue, 17 Jan 2023 16:25:00 GMT

GET
H3 200 e73588660e4078c2cdf85752229e2739.png
factionhats.com/fim/1782-US/ 5 KB
6 KB 411ms
328ms Image
image/png 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/fim/1782-US/e73588660e4078c2cdf85752229e2739.png

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5975
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5389
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jan 2023 16:22:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0iCnRiu3DV%2FxqATfEIfQ7qnuNKftJC1N7zntDKE33NBgnHnjd3lQ3RRQUzT45x5%2BdG5rsTgtNUoyUn5Q6%2F3AXe6akitb9C2REip36lx8l3JDEM2x7vtgQBJ9EPQJC7reik61Egt4K70aaWtBPc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752be4ec51770-EWR
expires: Tue, 17 Jan 2023 16:22:46 GMT

GET
H3 200 d270c3612d1f6233aa4eabb6a61e72a1
factionhats.com/ 2 KB
2 KB 257ms
198ms Image
text/html 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Requested by

Host: factionhats.com
URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Accept-Encoding,User-Agent,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVpFhx0QrdmdkYlTDRtevzJZfj2WElENat7vnObaIGnzStViacUocOSb3ZSj4AWv0jYUj5IPmm2H5Nk0lUGftSBMSVb0OAy3td3U%2BZzpu72rMeo5Y%2FWDp1LFalX6v%2BMyX94TUyzN%2FNbMYqhJnrE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate
cf-ray: 787752bfa9911770-EWR
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 fa-solid-900.woff2
factionhats.com/assets/vendors/fontawesome/webfonts/ 78 KB
79 KB 156ms
101ms Font
font/woff2 2606:4700:3033::ac43:c168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://factionhats.com/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2

Requested by

Host: factionhats.com
URL: https://factionhats.com/assets/vendors/fontawesome/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://factionhats.com/assets/vendors/fontawesome/css/all.css
Origin: https://factionhats.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88938
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80252
x-xss-protection: 1; mode=block
last-modified: Mon, 19 Jul 2021 19:01:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent,User-Agent, Accept-Encoding
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAzsrtM9mcH7NfZkFKgehxlKwEFdTCqNGNEqTtDtVKFol2ZJzC4VgTvcBDLcHrtV80nB8aFZA3ZsFBOJe57%2BdYAXQ%2BJ%2FE4mpevV4bOlWJRJEhrs%2Buuv5JSQfxI0XSaJ2zsLefjxkxADdH1%2B%2Bubc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 787752bfa9941770-EWR
expires: Mon, 16 Jan 2023 17:20:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 41ms
23ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NK3N874

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26d7b4343442a11e3871a6d1958059d3329308eab832f0d0282007a6744f6dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 18:02:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78119
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 10 Jan 2023 18:02:22 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
346 B 84ms
24ms Ping
text/plain 2001:4860:4802:32::178

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JMJ044GLKX&gtm=2oe190&_p=571124712&cid=995501978.1673373744&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673373743&sct=1&seg=0&dl=https%3A%2F%2Ffactionhats.com%2Fd270c3612d1f6233aa4eabb6a61e72a1&dr=https%3A%2F%2Funleashspeeds.com%2F&dt=%5B1%5D%20Reward%20Pending%20-%20Mobile%20Survey%20-%20We%20Want%20Your%20Opinion!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JMJ044GLKX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::178 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://factionhats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 18:02:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://factionhats.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 v9e118mez8
event.trk-epicurei.com/register/event_log/ 0
0 91ms
54ms Fetch 2606:4700:3033::6815:283
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-epicurei.com/register/event_log/v9e118mez8

Requested by

Host: trk-epicurei.com
URL: https://trk-epicurei.com/scripts/push/v9e118mez8

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:283 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://factionhats.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Tue, 10 Jan 2023 18:02:24 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqLWf%2FgayEbZK7cpmsreaSQbKtii67EWKLFPdruYh7pI%2FkeLYAjgF0HIWmMrYCVcupOfbgOFDENyLmH534Qk%2FGB6o6RmTZJFtym8oV5Y%2BEqp%2BxEv1uZ4iaP3JubjgnHFDRKIg0fHiES%2FQq7RS6rdGCmTg4pq"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://factionhats.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray: 787752cebd14e6f8-EWR
x-pushplatformapp-params

OPTIONS
H2 200 v9e118mez8
event.trk-epicurei.com/register/event_log/ 0
0 126ms
45ms Preflight 2606:4700:3033::6815:283
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-epicurei.com/register/event_log/v9e118mez8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:283 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://factionhats.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://factionhats.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 787752ce3839c352-EWR
content-length: 0
date: Tue, 10 Jan 2023 18:02:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XKmWevtCSappVfur75ie5BTqGg49VtD4ldENE%2BBziAjgPgqB65PlFTKAlNGe%2FjdDDzGV609KmeBhSZjKX8b8NR4njgLJ7SOa44iY11eXGheni3mdCfJhrXofoU2iOpkaG0w93FPvFP21QnZnVnsBFkQVcg0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H3 200 v9e118mez8
event.trk-epicurei.com/register/event_log/ 0
0 103ms
69ms Fetch 2606:4700:3033::6815:283
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-epicurei.com/register/event_log/v9e118mez8

Requested by

Host: trk-epicurei.com
URL: https://trk-epicurei.com/scripts/push/v9e118mez8

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:283 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://factionhats.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Tue, 10 Jan 2023 18:02:24 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmwPDd7mpWWlnkStMHSJramPqMw%2B4wWbu73w0etMkarguiRVo6C%2Bpl28cLYQZRasGtUCHUNSraY4s9VUAUTihw7zG3VCb2C7uhgpmgCPq%2BAnZ9phdtmAlyqXkyIkrEgGvib8ZrTrPAJx8Y8jTOQqDSkCHru3"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://factionhats.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-ray: 787752cebd16e6f8-EWR
x-pushplatformapp-params

OPTIONS
H2 200 v9e118mez8
event.trk-epicurei.com/register/event_log/ 0
0 112ms
48ms Preflight 2606:4700:3033::6815:283
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-epicurei.com/register/event_log/v9e118mez8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:283 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://factionhats.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://factionhats.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 787752ce383cc352-EWR
content-length: 0
date: Tue, 10 Jan 2023 18:02:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvGXS%2F7a%2FewTQDz%2ByFqSMWnZQfFoqedxgb3zBVkXK5P0du4yIy0kBKyWKKRw1tK162KSNS3T%2Fz%2BgjTM7%2FHgl0Xz9gQNfFMsTortn9ZtI5dA6nRlMW8YsnP5Z4e3v1s%2BbbEiZxMIMrWd4DiuqrXLLDmnHukik"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
unleashspeeds.com/	1970-01-20 09:32:45	Name: uid4555 Value: 895485923-20230110130219-51cd74691425c8c2de45052cead6d772-2267
factionhats.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: dfc5339fa3a27c550f707eac06d6c4b0
.factionhats.com/	1970-01-20 18:25:33	Name: _ga_JMJ044GLKX Value: GS1.1.1673373743.1.0.1673373743.0.0.0
.factionhats.com/	1970-01-20 18:25:33	Name: _ga Value: GA1.1.995501978.1673373744

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://factionhats.com/d270c3612d1f6233aa4eabb6a61e72a1 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arizonalottely.biz
b2babbaj.s3.us-east-2.amazonaws.com
event.trk-epicurei.com
factionhats.com
fonts.googleapis.com
trk-epicurei.com
unleashspeeds.com
www.google-analytics.com
www.googletagmanager.com
155.254.194.46
190.92.179.156
2001:4860:4802:32::178
2606:4700:3033::6815:283
2606:4700:3033::ac43:c168
2607:f8b0:4006:81d::2008
2607:f8b0:4006:821::200a
52.219.107.10
034139c40fde25feee3a8ed0cbd658af6b70714e5e8f165eac5752b068ec943c
06c3f3452108be85c9304eb8e6fc6dc831534e12362cfd03afd47f4320f894a3
249fd954ee073b4596065bcf075f3f469029f16cdbf37b60d611407e8e4469ea
26d7b4343442a11e3871a6d1958059d3329308eab832f0d0282007a6744f6dae
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
5157378a4441bc07c005f21b99d77d0c6406d86a2a55eeca84304941f8645182
5665269840fa23faac662dba33673aab6d0f06fcf1edca2fea09f669ce6baaad
5dccfa212199b9e9e721bba85b0bc2162d6c7dceedc854da5e6afaa995929ba4
5de7a79e14562963ef11f0d95f7a098e3cc018347a95290e292bef9b7d4677b5
5deddf7c5858ea17a9c6113f84b6624e75e00efaba9a11da2c7aae49ce0d8861
64f06bc81a732e876ce54fdae5ea0eb85ef861329306962bd2dad24ff1cfbc3b
681eb16255d904bdded2d70bce55d940f2c445fae65ef94c81f50e68c283a878
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6f2de36054525c7a25f6b4ca1447f762169a97d0f11593cf0f8f254880f4c2bc
7077430b976a181d99efafc06e7e29923636aa84041bdd06c78fce5d960bb074
85dd983f9026213b637258b4879c665ea3a33873b46d382a987de72cc14a1a1b
98471adcccb3e03718fba0789fd2ccfcc8c8aff1c1467aed50d21d5534526e90
9f2dcc8d291e930f294c0b96fda36589f0b412848578c396b981e62ac9d4aca9
aa389d05f77c8c35a2e36df6d3b48d42e00e739a5d080dc59c2e37b6fcb69045
aeffbeef6cba7245efb4c27af6df726873d5365e1a6e26a7e71a3c0e7d155493
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
bce6184a87b5c5c4de73455bae5ebaecd7abcff3abe6f7961196b5ae64c86e3b
c0109e9747e94335267d540104b0b256bc507882206be853bfbd6b13ddb1c277
ca43ef72198a2f78d390ba9be4d65fde9ecb80f1a970a443c559ba853a099806
ca82b896de1fa7e2a46696ce90379c8bfa5411ed91352382cadd293e37bb6abf
d26172bf3280af34647fc0589a05b8ac3ff73f8b808949e11f130a46707a96df
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
e1d0e1ecf55bd3fed22fec6e1c49b61dee714d548dd31b42d6b693596f3bdf75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3acca3cfcc7b0b0e95e89e6b9bcbb35dcdd49e9f66f4277afad0da48584563
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

factionhats.com Open in urlscan Pro 2606:4700:3033::ac43:c168 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

63 %IPv6

8 Domains

9 Subdomains

7 IPs

2 Countries

1212 kBTransfer

1963 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

factionhats.com Open in urlscan Pro
2606:4700:3033::ac43:c168 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

7
IPs

2
Countries

1212 kB
Transfer

1963 kB
Size

4
Cookies

39 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!