| thumbs.dreamstime.com/b/cross-button-icon-cancel-close-page-web-mobile-ui-design-223103198.jpg |  151.101.193.91 | 200 OK | 8.0 kB |
URL GET HTTP/2thumbs.dreamstime.com/b/cross-button-icon-cancel-close-page-web-mobile-ui-design-223103198.jpg IP151.101.193.91:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerLet's Encrypt Subjectthumbs.dreamstime.com Fingerprint28:24:34:94:25:BF:14:25:34:90:09:1D:F5:60:88:F9:61:25:24:E0 ValiditySun, 10 Mar 2024 03:27:56 GMT - Sat, 08 Jun 2024 03:27:55 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp Hashacd5cc5f27eab418ecbd08b5d1836a05 768950d5b5876714d6ae25eb34c0b8bf9dc91f43 c6eea46812a8b384be4bec0f056cf5fa3676949082bc84426aad7dd9702b1e3f
GET /b/cross-button-icon-cancel-close-page-web-mobile-ui-design-223103198.jpg HTTP/1.1
Host: thumbs.dreamstime.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/webp
etag: "3moiwrIwtUGA4Ow6qw8Vr4gMunqOHix5cxAt/AIwCd0"
fastly-io-served-by: vpop-kiad7010212
fastly-stats: io=1
server: nginx
strict-transport-security: max-age=63072000
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000, public
vcl-version: 30
access-control-allow-origin: *
accept-ranges: bytes
date: Thu, 18 Apr 2024 07:28:56 GMT
age: 1046702
x-served-by: cache-iad-kcgs7200121-IAD, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 9, 234
x-timer: S1713425336.412715,VS0,VE0
vary: Accept
content-length: 7958
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js | 151.101.129.229 | 200 OK | 3.2 kB |
URL GET HTTP/2cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js IP151.101.129.229:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (6153) Hash166bbe11bb8dd332f6fbcf8fe9ec30cf f42c73e6e89201ccf5ad513915bb4182ec3a410c 23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
GET /clappr.level-selector/latest/level-selector.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
content-encoding: br
accept-ranges: bytes
date: Thu, 18 Apr 2024 07:28:56 GMT
age: 3050478
x-served-by: cache-fra-eddf8230115-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3219
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js | 151.101.129.229 | 200 OK | 169 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js IP151.101.129.229:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size169 kB (169275 bytes) Hash3dbf1ad3535560c4e487d88012784f29 6fd8110083e0c387d8fb49a4d6a5264b28c755f8 0445a4b98a570af2253cd291c241a2e716e4105ffeec79628e058a8fe77aaedd
GET /npm/@clappr/player@latest/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.5.0
x-jsd-version-type: version
etag: W/"9749e-b9gRAIPgw4fY+0mk1qUmSyjHVfg"
content-encoding: br
accept-ranges: bytes
age: 8965
date: Thu, 18 Apr 2024 07:28:56 GMT
x-served-by: cache-fra-eddf8230062-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 169275
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/clappr/latest/clappr.min.js | 151.101.129.229 | 200 OK | 132 kB |
URL GET HTTP/2cdn.jsdelivr.net/clappr/latest/clappr.min.js IP151.101.129.229:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size132 kB (131690 bytes) Hashbca50774306ac9c46fe0925a99901c4f 0fac4589ac73332b6cace09c7cc3a662d298faaa cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
GET /clappr/latest/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
content-encoding: br
accept-ranges: bytes
age: 827233
date: Thu, 18 Apr 2024 07:28:56 GMT
x-served-by: cache-fra-etou8220143-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 131690
X-Firefox-Spdy: h2
|
|
| hdfungamezz.xyz/za/az1.php | 172.67.129.138 | 200 OK | 0 B |
URL HEAD HTTP/3hdfungamezz.xyz/za/az1.php IP172.67.129.138:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerGoogle Trust Services LLC Subjecthdfungamezz.xyz Fingerprint1F:1B:27:BC:F8:D2:BA:99:24:43:FB:39:7A:69:66:51:51:98:13:A9 ValidityMon, 26 Feb 2024 10:01:33 GMT - Sun, 26 May 2024 10:01:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /za/az1.php HTTP/1.1
Host: hdfungamezz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/za/az1.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 07:28:56 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bhc9iZKrA6NvnjOoUAYA2y2jDQmFW1HIhQfdGiOv8lGFmjph6JFPfYCpjQoMSk9R88BMR%2FaxdHqU%2FoNmNwBAFdKF7MzBtX9HV8vsL%2BkuU8zrmRoMfdwUTmr%2BhfovCbJAY1E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762f0e22907b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kuthoost.net/5/7325037 |  139.45.197.243 | 200 OK | 32 kB |
IP139.45.197.243:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerLet's Encrypt Subjectkuthoost.net FingerprintC9:DB:6A:7E:E0:E8:E0:45:94:31:0D:26:AA:B9:CF:67:83:76:CA:39 ValidityThu, 29 Feb 2024 18:25:13 GMT - Wed, 29 May 2024 18:25:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash835484a1520cd011ac822a83f6322b4a b4eac00bea84b5129c569907cd71e9dec4219ca7 00dcb520bb2f7bf06a916525892d9ef0b0b94f81acca2386cbff18b6d7be986d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /5/7325037 HTTP/1.1
Host: kuthoost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 07:28:56 GMT
content-type: application/javascript
x-trace-id: effb44d6cff1cb5184f658f3a10e9e00
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=008042d37f514bb3fd08c022d442bf1b; expires=Fri, 18 Apr 2025 07:28:56 GMT; path=/; secure; SameSite=None
oaidts=1713425336; expires=Fri, 18 Apr 2025 07:28:56 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js | 151.101.129.229 | 200 OK | 169 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/@clappr/player@latest/dist/clappr.min.js IP151.101.129.229:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size169 kB (169275 bytes) Hash3dbf1ad3535560c4e487d88012784f29 6fd8110083e0c387d8fb49a4d6a5264b28c755f8 0445a4b98a570af2253cd291c241a2e716e4105ffeec79628e058a8fe77aaedd
GET /npm/@clappr/player@latest/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 169275
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.5.0
x-jsd-version-type: version
etag: W/"9749e-b9gRAIPgw4fY+0mk1qUmSyjHVfg"
content-encoding: br
accept-ranges: bytes
date: Thu, 18 Apr 2024 07:28:56 GMT
age: 8966
x-served-by: cache-fra-eddf8230062-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| my.rtmark.net/gid.js?userId=008042d37f514bb3fd08c022d442bf1b | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=008042d37f514bb3fd08c022d442bf1b IP139.45.195.8:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hashd9a7c70c3cbd8410e28a83e9fd80872c 75e1bb3063a03a98a7b80a01786a9b97ff999110 b2f8803c14db6b7e7c8c7243aeb5674d806582564e21bb3cebe5cdd20340f965
GET /gid.js?userId=008042d37f514bb3fd08c022d442bf1b HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 07:28:56 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://hdfungamezz.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008042d37f514bb3fd08c022d442bf1b; expires=Fri, 18 Apr 2025 07:28:56 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| xucrdcrdcaxnvqd.com/ | 139.45.197.162 | 200 OK | 0 B |
IP139.45.197.162:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerLet's Encrypt Subjectxucrdcrdcaxnvqd.com Fingerprint35:58:E7:B4:B6:51:8F:58:B0:FE:83:C7:B3:0B:ED:4F:BA:F4:6E:31 ValidityWed, 17 Apr 2024 11:19:58 GMT - Tue, 16 Jul 2024 11:19:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: xucrdcrdcaxnvqd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: HEAD
Access-Control-Request-Headers: content-type
Referer: https://hdfungamezz.xyz/
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 07:28:57 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://hdfungamezz.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| xucrdcrdcaxnvqd.com/ | 139.45.197.162 | 200 OK | 0 B |
IP139.45.197.162:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerLet's Encrypt Subjectxucrdcrdcaxnvqd.com Fingerprint35:58:E7:B4:B6:51:8F:58:B0:FE:83:C7:B3:0B:ED:4F:BA:F4:6E:31 ValidityWed, 17 Apr 2024 11:19:58 GMT - Tue, 16 Jul 2024 11:19:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: xucrdcrdcaxnvqd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: text/html
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 07:28:57 GMT
content-type: text/html
x-trace-id: 0e5efd09a69f6ff58d7b63f2f9cc59d3
vary: Accept-Encoding, Origin
access-control-allow-origin: https://hdfungamezz.xyz
access-control-expose-headers: Link, X-Application-Token, X-Application-Key, X-Tag, X-Auth-Token, X-DirectionPartner-Id, X-ZoneType-Id, X-Hostname
access-control-allow-credentials: true
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
timing-allow-origin: *
x-application-key: jy8dljt4EzccXmmnhzzxfnps
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
|
|
| xucrdcrdcaxnvqd.com/ | 139.45.197.162 | 200 OK | 0 B |
IP139.45.197.162:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerLet's Encrypt Subjectxucrdcrdcaxnvqd.com Fingerprint35:58:E7:B4:B6:51:8F:58:B0:FE:83:C7:B3:0B:ED:4F:BA:F4:6E:31 ValidityWed, 17 Apr 2024 11:19:58 GMT - Tue, 16 Jul 2024 11:19:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: xucrdcrdcaxnvqd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: HEAD
Access-Control-Request-Headers: content-type
Referer: https://hdfungamezz.xyz/
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 07:28:57 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://hdfungamezz.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| xucrdcrdcaxnvqd.com/ | 139.45.197.162 | 200 OK | 0 B |
IP139.45.197.162:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerLet's Encrypt Subjectxucrdcrdcaxnvqd.com Fingerprint35:58:E7:B4:B6:51:8F:58:B0:FE:83:C7:B3:0B:ED:4F:BA:F4:6E:31 ValidityWed, 17 Apr 2024 11:19:58 GMT - Tue, 16 Jul 2024 11:19:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: xucrdcrdcaxnvqd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: text/html
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 07:28:57 GMT
content-type: text/html
x-trace-id: 86b67222361f1e643d976c3e916317b3
vary: Accept-Encoding, Origin
access-control-allow-origin: https://hdfungamezz.xyz
access-control-expose-headers: Link, X-Application-Token, X-Application-Key, X-Tag, X-Auth-Token, X-DirectionPartner-Id, X-ZoneType-Id, X-Hostname
access-control-allow-credentials: true
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
timing-allow-origin: *
x-application-key: f499qrzdWvidKisod473o1c0
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
|
|
| clck.littlecdn.com/web/static/300x250/1.png |  104.22.25.116 | 200 OK | 16 kB |
URL GET HTTP/2clck.littlecdn.com/web/static/300x250/1.png IP104.22.25.116:443
Requested byhttps://hdfungamezz.xyz/za/300.php CertificateIssuerLet's Encrypt Subjectlittlecdn.com Fingerprint42:A1:9F:5B:B7:1B:88:CB:90:58:FC:E9:D1:96:3C:48:38:66:3A:9A ValidityMon, 11 Mar 2024 02:10:57 GMT - Sun, 09 Jun 2024 02:10:56 GMT
File typePNG image data, 300 x 250, 8-bit colormap, non-interlaced Hashebaa9b1b3b23ba37b8fca627324ad153 79ac3c795c48b7a9be148b3eb6d995e204a3af7c 3a45ea4bbbeb166af7e42377d80c6122b1d1e47fced5e65b3c584d640cd19dd6
GET /web/static/300x250/1.png HTTP/1.1
Host: clck.littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:28:57 GMT
content-type: image/png
content-length: 15502
last-modified: Mon, 17 Jul 2023 11:26:19 GMT
etag: "ebaa9b1b3b23ba37b8fca627324ad153"
expires: Thu, 18 Apr 2024 18:08:09 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 48048
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762f0e8284ab51b-OSL
X-Firefox-Spdy: h2
|
|
| clck.littlecdn.com/web/static/300x250/5.png | 104.22.25.116 | | 24 kB |
URL clck.littlecdn.com/web/static/300x250/5.png IP104.22.25.116:0
CertificateIssuerLet's Encrypt Subjectlittlecdn.com Fingerprint42:A1:9F:5B:B7:1B:88:CB:90:58:FC:E9:D1:96:3C:48:38:66:3A:9A ValidityMon, 11 Mar 2024 02:10:57 GMT - Sun, 09 Jun 2024 02:10:56 GMT
File typePNG image data, 300 x 250, 8-bit colormap, non-interlaced Hash717bdad3a309e347a3ef93fc847aa6ba 5da81acc946d0a886780761f127b2deaf40b1eb3 8e489172244565be3dca6602a679f6c3da05a1642d8c1f48041b89698108ba4d
GET /web/static/300x250/5.png HTTP/1.1
Host: clck.littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:28:57 GMT
content-type: image/png
content-length: 24266
last-modified: Mon, 17 Jul 2023 11:26:23 GMT
etag: "717bdad3a309e347a3ef93fc847aa6ba"
expires: Thu, 18 Apr 2024 18:07:25 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 48092
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762f0e8284db51b-OSL
X-Firefox-Spdy: h2
|
|
| hdfungamezz.xyz/za/az1.php | 172.67.129.138 | 200 OK | 35 kB |
URL HEAD HTTP/3hdfungamezz.xyz/za/az1.php IP172.67.129.138:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerGoogle Trust Services LLC Subjecthdfungamezz.xyz Fingerprint1F:1B:27:BC:F8:D2:BA:99:24:43:FB:39:7A:69:66:51:51:98:13:A9 ValidityMon, 26 Feb 2024 10:01:33 GMT - Sun, 26 May 2024 10:01:32 GMT
File typeHTML document, ASCII text, with very long lines (64841) Hashf01b263d842ce414abc1b7ebe6455196 111623d7def2320db1b1688a8b1ad4472b5484f1 b8df863a35b703c2598eeb493ed92b8246c63191292da87916f8afd584bea0fe
GET /za/az1.php HTTP/1.1
Host: hdfungamezz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:28:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uSFPcILirTTya7sQygS5WhN6Jdljgw4OIAqBQ0K1U%2B3n%2BMzJ9memuHR1RA80cP6kzWLCDTTSEQF%2FfHP3NvMbbs%2B9csetxyAFxk8RKSjukT%2Fk%2BcB0VY7hfv1kJdHt6u6rDOs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762f0de7d475693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| freehdgames.lol/chunklist/hlsch1.m3u8?wmsAuthSign=c2VydmVyX3RpbWU9NC8xOC8yMDI0IDc6Mjg6NTYgQU0maGFzaF92YWx1ZT1uNVVNUmRkdEN6SHJOWWViaUo5eUJRPT0mdmFsaWRtaW51dGVzPTcyMCZpZD05MS45MC40Mi4xNTQmc3RybV9sZW49NQ== | 172.67.169.49 | 200 OK | 3.3 MB |
URL GET HTTP/2freehdgames.lol/chunklist/hlsch1.m3u8?wmsAuthSign=c2VydmVyX3RpbWU9NC8xOC8yMDI0IDc6Mjg6NTYgQU0maGFzaF92YWx1ZT1uNVVNUmRkdEN6SHJOWWViaUo5eUJRPT0mdmFsaWRtaW51dGVzPTcyMCZpZD05MS45MC40Mi4xNTQmc3RybV9sZW49NQ== IP172.67.169.49:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerGoogle Trust Services LLC Subjectfreehdgames.lol FingerprintDF:08:5B:01:53:8C:6F:31:2D:9F:08:38:E6:11:FD:88:9A:1C:BA:42 ValidityTue, 20 Feb 2024 15:14:38 GMT - Mon, 20 May 2024 15:14:37 GMT
Size3.3 MB (3277371 bytes) Hash5d74638f05f901310b68aec33efc844b 73bc19ff165996a7024d19766d6f8cdbe2da337d 5a72bccd73d861c027d597c41243be0c690a797a1a0dfbf0bdc837275cd74d95
GET /chunklist/hlsch1.m3u8?wmsAuthSign=c2VydmVyX3RpbWU9NC8xOC8yMDI0IDc6Mjg6NTYgQU0maGFzaF92YWx1ZT1uNVVNUmRkdEN6SHJOWWViaUo5eUJRPT0mdmFsaWRtaW51dGVzPTcyMCZpZD05MS45MC40Mi4xNTQmc3RybV9sZW49NQ== HTTP/1.1
Host: freehdgames.lol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:28:57 GMT
content-type: application/vnd.apple.mpegurl
last-modified: Thu, 18 Apr 2024 07:28:56 GMT
etag: W/"6620cbb8-2a8"
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: X-requested-With, Accept, Content-Type, Origin
cache-control: max-age=2, no-store, must-revalidate, proxy-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
referrer-policy: strict-origin
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zpMrCAcptoj5cfEYcTcKlj0XINRocf8GLeeq7rky3fpTpDLJWY4BJXGghdA8WzJiZHIAm95mH7b5aGDUxZjvZrffSr4wGG%2FVaUh6I6yVjMT26VxHxwwVsr%2Bk9EhhM%2FoXUHQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762f0e5ce88568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 6.adsco.re/ | 104.17.166.186 | 200 OK | 0 B |
IP104.17.166.186:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:28:58 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://hdfungamezz.xyz
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762f0ec59c01bfa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dlwtqj2pdoes.l4.adsco.re/ | 185.200.118.51 | 200 OK | 0 B |
URL POST HTTP/2dlwtqj2pdoes.l4.adsco.re/ IP185.200.118.51:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerLet's Encrypt Subject*.l4.adsco.re Fingerprint64:CB:92:0D:BF:D8:96:99:12:40:4C:AF:A1:E5:77:E2:C3:66:7D:A4 ValidityTue, 19 Mar 2024 09:12:41 GMT - Mon, 17 Jun 2024 09:12:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: dlwtqj2pdoes.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:28:58 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 6.adsco.re/ | 104.17.166.186 | 200 OK | 0 B |
IP104.17.166.186:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 07:28:58 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762f0ed9cb70afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| adsco.re/p | 162.252.214.5 | 200 OK | 814 B |
IP162.252.214.5:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (1020), with no line terminators Hashffb37520531d597b061bf14b8319e03a eb2e038ec4c23d108664eb04fa3821d82de065b6 6ff5e8ab6429f9123c173be46d35b181dfc7eac2bad21584461210e6f8e1e255
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1515
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 07:28:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://hdfungamezz.xyz
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| dlwtqj2pdoes.n4.adsco.re/ | 38.132.109.115 | 200 OK | 0 B |
URL POST HTTP/2dlwtqj2pdoes.n4.adsco.re/ IP38.132.109.115:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerLet's Encrypt Subject*.n4.adsco.re Fingerprint79:AD:D3:EE:FE:9C:1D:72:CD:10:92:39:94:3C:36:44:0D:EF:C9:4B ValidityTue, 19 Mar 2024 09:12:30 GMT - Mon, 17 Jun 2024 09:12:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: dlwtqj2pdoes.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:28:58 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| displayvertising.com/ptuibuqgvio?ebvtqHIz=BQLyAAAAAAAACZUAAlX_iCWrDrxVw_nNx4FSAihdCPCJUwXmgaEigAW8iuMZpER_mHO7nSKFHealt0avIVdHi-Rxha87vMqzk0RNtP8nbUI10J04P4Eoqeq3mULlnXU0L6LwyjTxl_huj2T8b2EyW3bUetmxEfVNP7R7Yo7oh50nTRUUTi5l5Q6JukjCJdnFLvF2JYxTpNsRd1F9AZ8fmkY9flonIoaTNpz70P98hT-1zLM5jhGCsZlGE8PmWJQXwpEMcEyj-BQ7uJvD_oebTWstZIOb31AcExoJv0btGU_oaopfE1cfcBaPpGd7-2KWGIkZ4FaX0IB5DGz7V8R8aca98buGtCnLHhr8p722IzaYclmkl7L7DfJw8sIXii57RWNU_drlcKevOtk2VWUhu_cTnTPap3qSk_QIKYExYMw64OmwY30Ljl8-iNWVUJc37oculMoiKe0yP0iokm_zHFIPkbAYSzdM4Ik4lmm7htfN_9dNqjKxU7Zqsye9afSZS2r81DOvSkmwWCfwUZH3sMZHv-ayGYePP7n59_yWWoa6zkCqHygzTfrZBzZHSuT8LfdEotIiHvKn7zIrMC3QXcxUUFbvRodUYeg_jQ7RydqqKYn3oA7u9mDw_TaobuOaodprtuuf0V6AhacvXyiKmofIwPtzNhNljKfiLPKfA3T902mHPlbaPo00SLgw7znui2cSNtjv41JUDX53Yxa_6dDsOElnIshdpdVqxhBBvxOOebKukKAVPgDCYJF6yNuzXdjyttcah2cGukPvVv8ndvK5U4aHBx0nlVGzvKCjm5kyWzchHhcSN5UKO71fy_Jg_5ca-X7k6Qc198EPkoNdrcCovpHu5zu_AGAEruLsOt39h7C40eLv2vDTEkT9s96SUZZtkY9YXFsJvcFpyJONRy9KzeQhZ4MBgTi0N7OrHjcRcFT4kbpRMaI1_ViBbH497T3L0Uko6PpgSh_MQcA97oObIwxmzcItRF-4DeRsTAbDUA8PWC1_6Ef9tQ0x&wfjCmxzE=4&SFdlORPr=5022939&cXgqENKl=&eFzqovMj=0:1,0&XuzwxJlG=&ByGEiHsX=&s=1280,1024,1,1280,1024,0 | 216.59.56.9 | 200 OK | 1.5 kB |
URL GET HTTP/2displayvertising.com/ptuibuqgvio?ebvtqHIz=BQLyAAAAAAAACZUAAlX_iCWrDrxVw_nNx4FSAihdCPCJUwXmgaEigAW8iuMZpER_mHO7nSKFHealt0avIVdHi-Rxha87vMqzk0RNtP8nbUI10J04P4Eoqeq3mULlnXU0L6LwyjTxl_huj2T8b2EyW3bUetmxEfVNP7R7Yo7oh50nTRUUTi5l5Q6JukjCJdnFLvF2JYxTpNsRd1F9AZ8fmkY9flonIoaTNpz70P98hT-1zLM5jhGCsZlGE8PmWJQXwpEMcEyj-BQ7uJvD_oebTWstZIOb31AcExoJv0btGU_oaopfE1cfcBaPpGd7-2KWGIkZ4FaX0IB5DGz7V8R8aca98buGtCnLHhr8p722IzaYclmkl7L7DfJw8sIXii57RWNU_drlcKevOtk2VWUhu_cTnTPap3qSk_QIKYExYMw64OmwY30Ljl8-iNWVUJc37oculMoiKe0yP0iokm_zHFIPkbAYSzdM4Ik4lmm7htfN_9dNqjKxU7Zqsye9afSZS2r81DOvSkmwWCfwUZH3sMZHv-ayGYePP7n59_yWWoa6zkCqHygzTfrZBzZHSuT8LfdEotIiHvKn7zIrMC3QXcxUUFbvRodUYeg_jQ7RydqqKYn3oA7u9mDw_TaobuOaodprtuuf0V6AhacvXyiKmofIwPtzNhNljKfiLPKfA3T902mHPlbaPo00SLgw7znui2cSNtjv41JUDX53Yxa_6dDsOElnIshdpdVqxhBBvxOOebKukKAVPgDCYJF6yNuzXdjyttcah2cGukPvVv8ndvK5U4aHBx0nlVGzvKCjm5kyWzchHhcSN5UKO71fy_Jg_5ca-X7k6Qc198EPkoNdrcCovpHu5zu_AGAEruLsOt39h7C40eLv2vDTEkT9s96SUZZtkY9YXFsJvcFpyJONRy9KzeQhZ4MBgTi0N7OrHjcRcFT4kbpRMaI1_ViBbH497T3L0Uko6PpgSh_MQcA97oObIwxmzcItRF-4DeRsTAbDUA8PWC1_6Ef9tQ0x&wfjCmxzE=4&SFdlORPr=5022939&cXgqENKl=&eFzqovMj=0:1,0&XuzwxJlG=&ByGEiHsX=&s=1280,1024,1,1280,1024,0 IP216.59.56.9:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerSectigo Limited Subjectdisplayvertising.com FingerprintAD:50:CF:4F:03:26:91:93:74:1B:D5:8A:D0:EB:44:0D:13:A6:DF:96 ValidityMon, 14 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2036), with no line terminators Hashb263c1becf69aa17934bc666b7e84e0b 38d96a6fbd27f6e98dddf79f45d85087ed39deef b0279b5625552c7fd13fa443e918d27f2e864dfc503638f49889e7d0d027b558
GET /ptuibuqgvio?ebvtqHIz=BQLyAAAAAAAACZUAAlX_iCWrDrxVw_nNx4FSAihdCPCJUwXmgaEigAW8iuMZpER_mHO7nSKFHealt0avIVdHi-Rxha87vMqzk0RNtP8nbUI10J04P4Eoqeq3mULlnXU0L6LwyjTxl_huj2T8b2EyW3bUetmxEfVNP7R7Yo7oh50nTRUUTi5l5Q6JukjCJdnFLvF2JYxTpNsRd1F9AZ8fmkY9flonIoaTNpz70P98hT-1zLM5jhGCsZlGE8PmWJQXwpEMcEyj-BQ7uJvD_oebTWstZIOb31AcExoJv0btGU_oaopfE1cfcBaPpGd7-2KWGIkZ4FaX0IB5DGz7V8R8aca98buGtCnLHhr8p722IzaYclmkl7L7DfJw8sIXii57RWNU_drlcKevOtk2VWUhu_cTnTPap3qSk_QIKYExYMw64OmwY30Ljl8-iNWVUJc37oculMoiKe0yP0iokm_zHFIPkbAYSzdM4Ik4lmm7htfN_9dNqjKxU7Zqsye9afSZS2r81DOvSkmwWCfwUZH3sMZHv-ayGYePP7n59_yWWoa6zkCqHygzTfrZBzZHSuT8LfdEotIiHvKn7zIrMC3QXcxUUFbvRodUYeg_jQ7RydqqKYn3oA7u9mDw_TaobuOaodprtuuf0V6AhacvXyiKmofIwPtzNhNljKfiLPKfA3T902mHPlbaPo00SLgw7znui2cSNtjv41JUDX53Yxa_6dDsOElnIshdpdVqxhBBvxOOebKukKAVPgDCYJF6yNuzXdjyttcah2cGukPvVv8ndvK5U4aHBx0nlVGzvKCjm5kyWzchHhcSN5UKO71fy_Jg_5ca-X7k6Qc198EPkoNdrcCovpHu5zu_AGAEruLsOt39h7C40eLv2vDTEkT9s96SUZZtkY9YXFsJvcFpyJONRy9KzeQhZ4MBgTi0N7OrHjcRcFT4kbpRMaI1_ViBbH497T3L0Uko6PpgSh_MQcA97oObIwxmzcItRF-4DeRsTAbDUA8PWC1_6Ef9tQ0x&wfjCmxzE=4&SFdlORPr=5022939&cXgqENKl=&eFzqovMj=0:1,0&XuzwxJlG=&ByGEiHsX=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: displayvertising.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
popads-node: wb4
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Thu, 18 Apr 2024 08:28:58 GMT; Max-Age=3600
fraudcheck=e0ec837af934b40c26a5da52ee0e0441; expires=Sat, 18 May 2024 07:28:58 GMT; Max-Age=2592000; path=/; domain=.popads.net
PopAds_CF_Pass=1; expires=Thu, 18 Apr 2024 13:28:58 GMT; Max-Age=21600
link: <https://apr1807.mazefoam.com>;rel=preconnect
content-length: 1495
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 07:28:58 GMT
X-Firefox-Spdy: h2
|
|
| dlwtqj2pdoes.s4.adsco.re/ |  185.200.116.51 | 200 OK | 0 B |
URL POST HTTP/2dlwtqj2pdoes.s4.adsco.re/ IP185.200.116.51:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerLet's Encrypt Subject*.s4.adsco.re Fingerprint23:E3:1E:BA:6D:AA:D3:E7:92:36:72:59:96:0F:C8:CF:4F:BB:68:FA ValidityTue, 19 Mar 2024 09:12:30 GMT - Mon, 17 Jun 2024 09:12:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: dlwtqj2pdoes.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:28:59 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| c.adsco.re/ | 104.17.166.186 | | 28 kB |
IP104.17.166.186:0
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (689) Hasha0b475c65fed312aba8d7c43a0cbc928 3fdd052b41c37318e44084be4f92d42fba4ded61 2dfb2101b24f80be00b1baecce7eec815e61a13381f6983051b6261b8035468a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 07:28:58 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sun, 19 May 2024 07:28:58 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 3152940
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762f0ed7c9c0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| clck.littlecdn.com/web/static/300x250/1.png | 104.22.25.116 | 200 OK | 16 kB |
URL GET HTTP/2clck.littlecdn.com/web/static/300x250/1.png IP104.22.25.116:443
Requested byhttps://hdfungamezz.xyz/za/300.php CertificateIssuerLet's Encrypt Subjectlittlecdn.com Fingerprint42:A1:9F:5B:B7:1B:88:CB:90:58:FC:E9:D1:96:3C:48:38:66:3A:9A ValidityMon, 11 Mar 2024 02:10:57 GMT - Sun, 09 Jun 2024 02:10:56 GMT
File typePNG image data, 300 x 250, 8-bit colormap, non-interlaced Hashebaa9b1b3b23ba37b8fca627324ad153 79ac3c795c48b7a9be148b3eb6d995e204a3af7c 3a45ea4bbbeb166af7e42377d80c6122b1d1e47fced5e65b3c584d640cd19dd6
GET /web/static/300x250/1.png HTTP/1.1
Host: clck.littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:29:07 GMT
content-type: image/png
content-length: 15502
last-modified: Mon, 17 Jul 2023 11:26:19 GMT
etag: "ebaa9b1b3b23ba37b8fca627324ad153"
expires: Thu, 18 Apr 2024 18:08:09 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 48058
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762f126a846b51b-OSL
X-Firefox-Spdy: h2
|
|
| clck.littlecdn.com/web/static/300x250/3.png | 104.22.25.116 | | 39 kB |
URL clck.littlecdn.com/web/static/300x250/3.png IP104.22.25.116:0
CertificateIssuerLet's Encrypt Subjectlittlecdn.com Fingerprint42:A1:9F:5B:B7:1B:88:CB:90:58:FC:E9:D1:96:3C:48:38:66:3A:9A ValidityMon, 11 Mar 2024 02:10:57 GMT - Sun, 09 Jun 2024 02:10:56 GMT
File typePNG image data, 300 x 250, 8-bit colormap, non-interlaced Hashaa84a9575265dfd979fc3dbfe4b3ce86 f61ba9eca54e0a4e276a940a55b0d753aaa5e4a0 68017f0eda42ac4a6c1206c0290de9cc88546b9a1d90b7d9b379b795ee5d4e9f
GET /web/static/300x250/3.png HTTP/1.1
Host: clck.littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:29:07 GMT
content-type: image/png
content-length: 39260
last-modified: Mon, 17 Jul 2023 11:26:21 GMT
etag: "aa84a9575265dfd979fc3dbfe4b3ce86"
expires: Thu, 18 Apr 2024 18:07:20 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 48107
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762f126c86ab51b-OSL
X-Firefox-Spdy: h2
|
|
| clck.littlecdn.com/web/static/300x250/1.png | 104.22.25.116 | 200 OK | 16 kB |
URL GET HTTP/2clck.littlecdn.com/web/static/300x250/1.png IP104.22.25.116:443
Requested byhttps://hdfungamezz.xyz/za/300.php CertificateIssuerLet's Encrypt Subjectlittlecdn.com Fingerprint42:A1:9F:5B:B7:1B:88:CB:90:58:FC:E9:D1:96:3C:48:38:66:3A:9A ValidityMon, 11 Mar 2024 02:10:57 GMT - Sun, 09 Jun 2024 02:10:56 GMT
File typePNG image data, 300 x 250, 8-bit colormap, non-interlaced Hashebaa9b1b3b23ba37b8fca627324ad153 79ac3c795c48b7a9be148b3eb6d995e204a3af7c 3a45ea4bbbeb166af7e42377d80c6122b1d1e47fced5e65b3c584d640cd19dd6
GET /web/static/300x250/1.png HTTP/1.1
Host: clck.littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:29:07 GMT
content-type: image/png
content-length: 15502
last-modified: Mon, 17 Jul 2023 11:26:19 GMT
etag: "ebaa9b1b3b23ba37b8fca627324ad153"
expires: Thu, 18 Apr 2024 18:08:09 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 48058
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762f126d8b6b51b-OSL
X-Firefox-Spdy: h2
|
|
| grapseex.com/btag.min.js | 139.45.197.244 | 200 OK | 45 kB |
IP139.45.197.244:443
Requested byhttps://hdfungamezz.xyz/za/300.php CertificateIssuerLet's Encrypt Subjectgrapseex.com Fingerprint79:74:53:08:D5:6D:78:49:86:C6:05:9E:57:13:E9:C3:37:7E:43:B5 ValiditySun, 24 Mar 2024 05:25:57 GMT - Sat, 22 Jun 2024 05:25:56 GMT
File typegzip compressed data, max speed, from Unix Hashb7feb3db97541c7fe194a70f0aeb64b4 b84995909bbc0fb02e0d561ff5718c4dd0d2f302 15349d9f10814ac52a723324ca07abc4775ddc6e724a1c435749eb1bd06b800e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /btag.min.js HTTP/1.1
Host: grapseex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 07:29:07 GMT
content-type: application/javascript
x-trace-id: e2e782e54f9e82764803badeb8842da2
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| clck.littlecdn.com/web/static/300x250/1.png | 104.22.25.116 | 200 OK | 16 kB |
URL GET HTTP/2clck.littlecdn.com/web/static/300x250/1.png IP104.22.25.116:443
Requested byhttps://hdfungamezz.xyz/za/300.php CertificateIssuerLet's Encrypt Subjectlittlecdn.com Fingerprint42:A1:9F:5B:B7:1B:88:CB:90:58:FC:E9:D1:96:3C:48:38:66:3A:9A ValidityMon, 11 Mar 2024 02:10:57 GMT - Sun, 09 Jun 2024 02:10:56 GMT
File typePNG image data, 300 x 250, 8-bit colormap, non-interlaced Hashebaa9b1b3b23ba37b8fca627324ad153 79ac3c795c48b7a9be148b3eb6d995e204a3af7c 3a45ea4bbbeb166af7e42377d80c6122b1d1e47fced5e65b3c584d640cd19dd6
GET /web/static/300x250/1.png HTTP/1.1
Host: clck.littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:29:17 GMT
content-type: image/png
content-length: 15502
last-modified: Mon, 17 Jul 2023 11:26:19 GMT
etag: "ebaa9b1b3b23ba37b8fca627324ad153"
expires: Thu, 18 Apr 2024 18:08:09 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 48068
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762f1665b3db51b-OSL
X-Firefox-Spdy: h2
|
|
| clck.littlecdn.com/web/static/300x250/2.png | 104.22.25.116 | 200 OK | 11 kB |
URL GET HTTP/2clck.littlecdn.com/web/static/300x250/2.png IP104.22.25.116:443
Requested byhttps://hdfungamezz.xyz/za/300.php CertificateIssuerLet's Encrypt Subjectlittlecdn.com Fingerprint42:A1:9F:5B:B7:1B:88:CB:90:58:FC:E9:D1:96:3C:48:38:66:3A:9A ValidityMon, 11 Mar 2024 02:10:57 GMT - Sun, 09 Jun 2024 02:10:56 GMT
File typePNG image data, 300 x 250, 8-bit colormap, non-interlaced Hash664ef47e5e57a086571a3ab30d1a2366 e0b40ea9002df5c090ca6426e73e9363fd121873 fd76a538f793b17d97c6773a83db4094e59377b0c6d431a8c7bc79c503287352
GET /web/static/300x250/2.png HTTP/1.1
Host: clck.littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:29:17 GMT
content-type: image/png
content-length: 10778
last-modified: Mon, 17 Jul 2023 11:26:20 GMT
etag: "664ef47e5e57a086571a3ab30d1a2366"
expires: Thu, 18 Apr 2024 18:08:02 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 48075
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762f1668b70b51b-OSL
X-Firefox-Spdy: h2
|
|
| awhauchoa.net/5/7210422 | 139.45.197.243 | 200 OK | 46 kB |
IP139.45.197.243:443
Requested byhttps://hdfungamezz.xyz/za/300.php CertificateIssuerLet's Encrypt Subjectawhauchoa.net Fingerprint70:0E:FB:69:A6:6E:AD:8C:76:85:7B:3B:62:68:EC:7F:BF:00:FC:B1 ValidityWed, 17 Apr 2024 18:19:12 GMT - Tue, 16 Jul 2024 18:19:11 GMT
File typegzip compressed data, max speed, from Unix Hash437ce693a71ddce5df87da6fd1fac3b8 ab356f30bb0e3d36775e778cfc4a3435c4962ccb 7ac2fba1aa0a20afea820930587b03f9ade7ecfa954f729f78368f44b1ebf336
GET /5/7210422 HTTP/1.1
Host: awhauchoa.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=008042f9a17849fde9b1e6c07dfd9849; oaidts=1713425337
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 07:29:07 GMT
content-type: application/javascript
x-trace-id: 21fcd81fe997df0ff74320f983f19df8
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=008042f9a17849fde9b1e6c07dfd9849; expires=Fri, 18 Apr 2025 07:29:07 GMT; path=/; secure; SameSite=None
oaidts=1713425337; expires=Fri, 18 Apr 2025 07:29:07 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| waisheph.com/?rb=pFJNwxo3O_H0Tp_K8ZXcMlOd1K7XgqzlUGkP5UMDoJ6JeRZsVq_kwSJdJ-w-GCCP3Ufqo6k6MSGWpORBbhrE_ZADoVbxotVi-IHevUcyMv2lPqhue7K3x8ibE5eE54p8ltL-tzuWR_A-8LniYJOmXKErDj4sKDBPczB4dkvpTiBobi1EEYnEXejRsq5pnk1fOKb42ks80REVxZr8N-f_7p3xlmlk7gDD5WabVlVsckL39RPVcMjPw27hea7Nzr4tmNcVQVgsA5Q%3D&request_ab2=0&zoneid=6270443&js_build=iclick-v1.773.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=4&pl=https%3A%2F%2Fhdfungamezz.xyz%2Fza%2Faz1.php&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.773.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=b3b6b490-94b9-4e86-8b39-ca46dc6fd2e0&userId=008042d37f514bb3fd08c022d442bf1b&m=link | 139.45.197.245 | 200 OK | 2.6 kB |
URL GET HTTP/2waisheph.com/?rb=pFJNwxo3O_H0Tp_K8ZXcMlOd1K7XgqzlUGkP5UMDoJ6JeRZsVq_kwSJdJ-w-GCCP3Ufqo6k6MSGWpORBbhrE_ZADoVbxotVi-IHevUcyMv2lPqhue7K3x8ibE5eE54p8ltL-tzuWR_A-8LniYJOmXKErDj4sKDBPczB4dkvpTiBobi1EEYnEXejRsq5pnk1fOKb42ks80REVxZr8N-f_7p3xlmlk7gDD5WabVlVsckL39RPVcMjPw27hea7Nzr4tmNcVQVgsA5Q%3D&request_ab2=0&zoneid=6270443&js_build=iclick-v1.773.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=4&pl=https%3A%2F%2Fhdfungamezz.xyz%2Fza%2Faz1.php&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.773.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=b3b6b490-94b9-4e86-8b39-ca46dc6fd2e0&userId=008042d37f514bb3fd08c022d442bf1b&m=link IP139.45.197.245:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerLet's Encrypt Subjectwaisheph.com FingerprintA9:8B:DF:A0:A2:80:A9:70:4A:F5:46:4A:EB:8E:00:E7:82:98:AC:8E ValidityTue, 19 Mar 2024 01:27:24 GMT - Mon, 17 Jun 2024 01:27:23 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2577), with no line terminators Hash23ff3e8847cf5a94054d3bafdbd45a62 ff961e75d7e639cb307cf85d10b338eb365cda0d 8e48af3d0cfab014ccab3fe9344035141f410bf9bb90a4f2709cc742258146d6
GET /?rb=pFJNwxo3O_H0Tp_K8ZXcMlOd1K7XgqzlUGkP5UMDoJ6JeRZsVq_kwSJdJ-w-GCCP3Ufqo6k6MSGWpORBbhrE_ZADoVbxotVi-IHevUcyMv2lPqhue7K3x8ibE5eE54p8ltL-tzuWR_A-8LniYJOmXKErDj4sKDBPczB4dkvpTiBobi1EEYnEXejRsq5pnk1fOKb42ks80REVxZr8N-f_7p3xlmlk7gDD5WabVlVsckL39RPVcMjPw27hea7Nzr4tmNcVQVgsA5Q%3D&request_ab2=0&zoneid=6270443&js_build=iclick-v1.773.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=4&pl=https%3A%2F%2Fhdfungamezz.xyz%2Fza%2Faz1.php&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.773.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=b3b6b490-94b9-4e86-8b39-ca46dc6fd2e0&userId=008042d37f514bb3fd08c022d442bf1b&m=link HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hdfungamezz.xyz/
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Cookie: OAID=0080420defdd46e7eab3827fc1c4dd2e; oaidts=1713425337
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 07:28:58 GMT
content-type: application/json
x-trace-id: f48d18b7ef49683ab274a77f72f62b36
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://hdfungamezz.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008042d37f514bb3fd08c022d442bf1b; expires=Fri, 18 Apr 2025 07:28:58 GMT; path=/; secure; SameSite=None
oaidts=1713425338; expires=Fri, 18 Apr 2025 07:28:58 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 25 Apr 2024 07:28:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| hdfungamezz.xyz/za/300.php | 172.67.129.138 | 200 OK | 493 B |
URL GET HTTP/3hdfungamezz.xyz/za/300.php IP172.67.129.138:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerGoogle Trust Services LLC Subjecthdfungamezz.xyz Fingerprint1F:1B:27:BC:F8:D2:BA:99:24:43:FB:39:7A:69:66:51:51:98:13:A9 ValidityMon, 26 Feb 2024 10:01:33 GMT - Sun, 26 May 2024 10:01:32 GMT
File typeHTML document, ASCII text, with very long lines (532), with no line terminators Hash01d6eba3799f238b8eaac4640e5f08d3 46c023b4708da673cfb8b49827a90e450da14177 8d0a0a51a893f34ffd6b1028f7f0db3165919aa3d15bbe5a995e6564c87acef8
GET /za/300.php HTTP/1.1
Host: hdfungamezz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/za/az1.php
Cookie: prefetchAd_7325037=true
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 07:28:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VyBNPPRjC04WhoLRJlpwdH3Le9KpV%2FOVvDoNPpxD%2FiQqjx7SAfjwkpVaHj9OP0EMwgSeGAIOtu01um6jo7lO3oMWYzG9pMuclREiptM%2BiLMP0ucuXENkYefPA71qmuZPMB0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762f0e52c6bb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| apr1807.mazefoam.com/favicon.ico | 104.21.1.28 | 200 OK | 0 B |
URL GET HTTP/2apr1807.mazefoam.com/favicon.ico IP104.21.1.28:443
Requested bymoz-nullprincipal:{509e3c51-655c-495d-b0d5-a423d84d83d0}?https://hdfungamezz.xyz CertificateIssuerGoogle Trust Services LLC Subjectmazefoam.com Fingerprint2E:95:72:D8:69:2B:E9:EE:8C:DB:29:BE:FE:2F:07:BC:20:EC:24:36 ValidityMon, 19 Feb 2024 09:36:10 GMT - Sun, 19 May 2024 09:36:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: apr1807.mazefoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:28:59 GMT
content-type: image/x-icon
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: dc50e00f1f6f0457f2eb77ee3191bfa6
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 18 Apr 2024 07:28:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=li3bqUunMSPuv%2FMsWdxEPzYDQAVlXkhjS2eIWNAdPB9eaATt%2FLaTMVAK5gnTzI4wnFKXqvErOPLFCHx1MrvvI%2BL%2BM3gHTmNhOS%2F9VoNY01rcOU%2BLlCLrIaH94clNVYyTiHzQVDuxhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762f0f34e06b500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| hdfungamezz.xyz/za/300.php | 172.67.129.138 | 200 OK | 493 B |
URL GET HTTP/3hdfungamezz.xyz/za/300.php IP172.67.129.138:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerGoogle Trust Services LLC Subjecthdfungamezz.xyz Fingerprint1F:1B:27:BC:F8:D2:BA:99:24:43:FB:39:7A:69:66:51:51:98:13:A9 ValidityMon, 26 Feb 2024 10:01:33 GMT - Sun, 26 May 2024 10:01:32 GMT
File typeHTML document, ASCII text, with very long lines (532), with no line terminators Hash01d6eba3799f238b8eaac4640e5f08d3 46c023b4708da673cfb8b49827a90e450da14177 8d0a0a51a893f34ffd6b1028f7f0db3165919aa3d15bbe5a995e6564c87acef8
GET /za/300.php HTTP/1.1
Host: hdfungamezz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: prefetchAd_7325037=true; a=qt2nBCnQQgNrKRpgvIO5AkD3chdHNqZw; prefetchAd_6270443=true; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BQLyAAAAAAAACZUAAlX_iCWrDrxVw_nNx4FSAihdCPCJUwXmgaEigAW8iuMZpER_mHO7nSKFHealt0avIVdHi-Rxha87vMqzk0RNtP8nbUI10J04P4Eoqeq3mULlnXU0L6LwyjTxl_huj2T8b2EyW3bUetmxEfVNP7R7Yo7oh50nTRUUTi5l5Q6JukjCJdnFLvF2JYxTpNsRd1F9AZ8fmkY9flonIoaTNpz70P98hT-1zLM5jhGCsZlGE8PmWJQXwpEMcEyj-BQ7uJvD_oebTWstZIOb31AcExoJv0btGU_oaopfE1cfcBaPpGd7-2KWGIkZ4FaX0IB5DGz7V8R8aca98buGtCnLHhr8p722IzaYclmkl7L7DfJw8sIXii57RWNU_drlcKevOtk2VWUhu_cTnTPap3qSk_QIKYExYMw64OmwY30Ljl8-iNWVUJc37oculMoiKe0yP0iokm_zHFIPkbAYSzdM4Ik4lmm7htfN_9dNqjKxU7Zqsye9afSZS2r81DOvSkmwWCfwUZH3sMZHv-ayGYePP7n59_yWWoa6zkCqHygzTfrZBzZHSuT8LfdEotIiHvKn7zIrMC3QXcxUUFbvRodUYeg_jQ7RydqqKYn3oA7u9mDw_TaobuOaodprtuuf0V6AhacvXyiKmofIwPtzNhNljKfiLPKfA3T902mHPlbaPo00SLgw7znui2cSNtjv41JUDX53Yxa_6dDsOElnIshdpdVqxhBBvxOOebKukKAVPgDCYJF6yNuzXdjyttcah2cGukPvVv8ndvK5U4aHBx0nlVGzvKCjm5kyWzchHhcSN5UKO71fy_Jg_5ca-X7k6Qc198EPkoNdrcCovpHu5zu_AGAEruLsOt39h7C40eLv2vDTEkT9s96SUZZtkY9YXFsJvcFpyJONRy9KzeQhZ4MBgTi0N7OrHjcRcFT4kbpRMaI1_ViBbH497T3L0Uko6PpgSh_MQcA97oObIwxmzcItRF-4DeRsTAbDUA8PWC1_6Ef9tQ0x
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 07:29:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q13HL3439GMobnJ%2FLI1ChKtBIGTegfxJkbMI%2FmGwMCuoO5%2FwUjEFO9%2F3bkHWpKFeOIoRY3YY%2FAAp7PEt5NvQvt82MDvatn5ykrcgFpuCaGzrCCdYzoKktPF25FGU1V1RibA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762f125deb4b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 6.adsco.re:2087/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://hdfungamezz.xyz/za/az1.php
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| 4.adsco.re/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://hdfungamezz.xyz/za/az1.php
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| hdfungamezz.xyz/za/300.php | 172.67.129.138 | 200 OK | 493 B |
URL GET HTTP/3hdfungamezz.xyz/za/300.php IP172.67.129.138:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerGoogle Trust Services LLC Subjecthdfungamezz.xyz Fingerprint1F:1B:27:BC:F8:D2:BA:99:24:43:FB:39:7A:69:66:51:51:98:13:A9 ValidityMon, 26 Feb 2024 10:01:33 GMT - Sun, 26 May 2024 10:01:32 GMT
File typeHTML document, ASCII text, with very long lines (532), with no line terminators Hash01d6eba3799f238b8eaac4640e5f08d3 46c023b4708da673cfb8b49827a90e450da14177 8d0a0a51a893f34ffd6b1028f7f0db3165919aa3d15bbe5a995e6564c87acef8
GET /za/300.php HTTP/1.1
Host: hdfungamezz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: prefetchAd_7325037=true; a=qt2nBCnQQgNrKRpgvIO5AkD3chdHNqZw; prefetchAd_6270443=true; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BQLyAAAAAAAACZUAAlX_iCWrDrxVw_nNx4FSAihdCPCJUwXmgaEigAW8iuMZpER_mHO7nSKFHealt0avIVdHi-Rxha87vMqzk0RNtP8nbUI10J04P4Eoqeq3mULlnXU0L6LwyjTxl_huj2T8b2EyW3bUetmxEfVNP7R7Yo7oh50nTRUUTi5l5Q6JukjCJdnFLvF2JYxTpNsRd1F9AZ8fmkY9flonIoaTNpz70P98hT-1zLM5jhGCsZlGE8PmWJQXwpEMcEyj-BQ7uJvD_oebTWstZIOb31AcExoJv0btGU_oaopfE1cfcBaPpGd7-2KWGIkZ4FaX0IB5DGz7V8R8aca98buGtCnLHhr8p722IzaYclmkl7L7DfJw8sIXii57RWNU_drlcKevOtk2VWUhu_cTnTPap3qSk_QIKYExYMw64OmwY30Ljl8-iNWVUJc37oculMoiKe0yP0iokm_zHFIPkbAYSzdM4Ik4lmm7htfN_9dNqjKxU7Zqsye9afSZS2r81DOvSkmwWCfwUZH3sMZHv-ayGYePP7n59_yWWoa6zkCqHygzTfrZBzZHSuT8LfdEotIiHvKn7zIrMC3QXcxUUFbvRodUYeg_jQ7RydqqKYn3oA7u9mDw_TaobuOaodprtuuf0V6AhacvXyiKmofIwPtzNhNljKfiLPKfA3T902mHPlbaPo00SLgw7znui2cSNtjv41JUDX53Yxa_6dDsOElnIshdpdVqxhBBvxOOebKukKAVPgDCYJF6yNuzXdjyttcah2cGukPvVv8ndvK5U4aHBx0nlVGzvKCjm5kyWzchHhcSN5UKO71fy_Jg_5ca-X7k6Qc198EPkoNdrcCovpHu5zu_AGAEruLsOt39h7C40eLv2vDTEkT9s96SUZZtkY9YXFsJvcFpyJONRy9KzeQhZ4MBgTi0N7OrHjcRcFT4kbpRMaI1_ViBbH497T3L0Uko6PpgSh_MQcA97oObIwxmzcItRF-4DeRsTAbDUA8PWC1_6Ef9tQ0x
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 07:29:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2T4xmS3zFEd%2FNiqEyQaFuwqjEiJehVYUCHwe6%2Bx3JCMB%2BC6R2r7qyEvED4%2B7KdyaZkxvq48MxWZGUwBPTMrG1NakKt32BrwBJQvmOVj4FzLUEuS7Y%2BiHflL6RFfammnyc8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762f1654838b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bifsrehd.site/hlsch1_25_375.png |  188.114.96.1 | 200 OK | 3.3 MB |
URL GET HTTP/2bifsrehd.site/hlsch1_25_375.png IP188.114.96.1:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerGoogle Trust Services LLC Subjectbifsrehd.site FingerprintC7:3C:82:83:67:CB:50:FA:80:21:EF:7B:DD:B1:88:45:5C:1F:BD:FF ValidityWed, 20 Mar 2024 22:18:58 GMT - Tue, 18 Jun 2024 22:18:57 GMT
Size3.3 MB (3277216 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hlsch1_25_375.png HTTP/1.1
Host: bifsrehd.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:28:57 GMT
content-type: image/png
content-length: 3277216
last-modified: Thu, 18 Apr 2024 02:47:29 GMT
etag: "662089c1-3201a0"
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: X-requested-With, Accept, Content-Type, Origin
cache-control: max-age=2, no-store, must-revalidate, proxy-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
referrer-policy: strict-origin
access-control-allow-origin: *
cf-cache-status: HIT
age: 15533
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TiVQpO7egrOIv1FS%2BSxHfOReCmihPJYlrrhwP7y6J9kWZ1duq7UTkoBbcG6SEsSo%2BeLdkOHRHSjC224EKoFqYBbE%2FDEgs%2BSLevszUZz32n8cdjc47TfyKjywwHW5Ly6Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762f0e85a7956b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| kuthoost.net/?rb=Vpc5HtQx690PeNKXgokWEIX6ESIyy7x4BghfIJmeTktoCMJ29NQGBT8D5YlCPJXa-QmMGbJuyLLwlRwqrJiDhpBPJ2ugSqbKcfBrQuBmqXfdS6nodK2tr2jM_lR7U8hc_BV3Gi0_OBr8axwicNPm788nRh6NUWDLf46YYgXRKXZFgi7xxxtNegab7eNlkHB2DmRdXcMqwhbQ937sLpkwva7hoUOGe2hGJ6xx0qq4odvaOr_XUrA30aK4eqIpDe-Z6R2B5vY-iwc%3D&request_ab2=0&zoneid=7325037&js_build=iclick-v1.773.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fhdfungamezz.xyz%2Fza%2Faz1.php&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.773.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=ec732b3b-d926-4849-a9ee-2ad8e294d877&userId=008042d37f514bb3fd08c022d442bf1b&m=link | 139.45.197.243 | 200 OK | 2.6 kB |
URL GET HTTP/2kuthoost.net/?rb=Vpc5HtQx690PeNKXgokWEIX6ESIyy7x4BghfIJmeTktoCMJ29NQGBT8D5YlCPJXa-QmMGbJuyLLwlRwqrJiDhpBPJ2ugSqbKcfBrQuBmqXfdS6nodK2tr2jM_lR7U8hc_BV3Gi0_OBr8axwicNPm788nRh6NUWDLf46YYgXRKXZFgi7xxxtNegab7eNlkHB2DmRdXcMqwhbQ937sLpkwva7hoUOGe2hGJ6xx0qq4odvaOr_XUrA30aK4eqIpDe-Z6R2B5vY-iwc%3D&request_ab2=0&zoneid=7325037&js_build=iclick-v1.773.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fhdfungamezz.xyz%2Fza%2Faz1.php&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.773.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=ec732b3b-d926-4849-a9ee-2ad8e294d877&userId=008042d37f514bb3fd08c022d442bf1b&m=link IP139.45.197.243:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerLet's Encrypt Subjectkuthoost.net FingerprintC9:DB:6A:7E:E0:E8:E0:45:94:31:0D:26:AA:B9:CF:67:83:76:CA:39 ValidityThu, 29 Feb 2024 18:25:13 GMT - Wed, 29 May 2024 18:25:12 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2577), with no line terminators Hash2e7486fe8caec255bee3aa67084e3010 29535b955c1d80653778e831a041049baf0b5f8f 778657c0761b075fa3f49e533606d1ac142264e27eb7fb8bcfd3a4f0251da01b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /?rb=Vpc5HtQx690PeNKXgokWEIX6ESIyy7x4BghfIJmeTktoCMJ29NQGBT8D5YlCPJXa-QmMGbJuyLLwlRwqrJiDhpBPJ2ugSqbKcfBrQuBmqXfdS6nodK2tr2jM_lR7U8hc_BV3Gi0_OBr8axwicNPm788nRh6NUWDLf46YYgXRKXZFgi7xxxtNegab7eNlkHB2DmRdXcMqwhbQ937sLpkwva7hoUOGe2hGJ6xx0qq4odvaOr_XUrA30aK4eqIpDe-Z6R2B5vY-iwc%3D&request_ab2=0&zoneid=7325037&js_build=iclick-v1.773.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=2&pl=https%3A%2F%2Fhdfungamezz.xyz%2Fza%2Faz1.php&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.773.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=ec732b3b-d926-4849-a9ee-2ad8e294d877&userId=008042d37f514bb3fd08c022d442bf1b&m=link HTTP/1.1
Host: kuthoost.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hdfungamezz.xyz/
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Cookie: OAID=008042d37f514bb3fd08c022d442bf1b; oaidts=1713425336
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 07:28:57 GMT
content-type: application/json
x-trace-id: f3f54859f84346c229a2445f415f79b2
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://hdfungamezz.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008042d37f514bb3fd08c022d442bf1b; expires=Fri, 18 Apr 2025 07:28:56 GMT; path=/; secure; SameSite=None
oaidts=1713425336; expires=Fri, 18 Apr 2025 07:28:56 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 25 Apr 2024 07:28:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.displayvertising.com/atag-it.min.css |  185.76.9.14 | 200 OK | 37 kB |
URL GET HTTP/2www.displayvertising.com/atag-it.min.css IP185.76.9.14:443 ASN#60068 Datacamp Limited
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerLet's Encrypt Subject1503693843.rsc.cdn77.org FingerprintCA:57:18:18:A8:AF:C8:D7:D8:78:92:07:DC:03:A7:94:D5:87:A1:A7 ValidityTue, 20 Feb 2024 02:39:32 GMT - Mon, 20 May 2024 02:39:31 GMT
File typeJavaScript source, ASCII text, with very long lines (1568) Hash7f03d8de8c3492a0cd8b82ad8c3d145e 4a90af18e8609461701612df22789d743b0929fe c1a4e226553b53ec9f58b8db821465579d85a1dda9599e5379434bf08558b243
GET /atag-it.min.css HTTP/1.1
Host: www.displayvertising.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:28:56 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
popads-node: wb12
expires: Tue, 23 Apr 2024 06:52:31 GMT
access-control-allow-origin: https://hdfungamezz.xyz
link: <https://displayvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwgBuUwJDQFBDAG5TAoBAfcQqwIADAGckiEnAfd5AAAA
x-77-nzt-ray: c0a4cc285c9b7269b8cb206694f93930
x-accel-expires: @1713855151
x-accel-date: 1713250472
x-77-cache: HIT
x-77-age: 174985
content-encoding: gzip
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| 4.adsco.re:2087/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://hdfungamezz.xyz/za/az1.php
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 4.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hdfungamezz.xyz
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| waisheph.com/5/6270443 | 139.45.197.245 | 200 OK | 84 kB |
IP139.45.197.245:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerLet's Encrypt Subjectwaisheph.com FingerprintA9:8B:DF:A0:A2:80:A9:70:4A:F5:46:4A:EB:8E:00:E7:82:98:AC:8E ValidityTue, 19 Mar 2024 01:27:24 GMT - Mon, 17 Jun 2024 01:27:23 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hasha1869fbebcde3d0c8d0f9fc7801778d1 fb23d829db040e1bb0acfc5bfbc87029cef90264 694391238f0a35558238fd3bcb18fb56c281245b5088c2a3b31b10e5a7cfa08a
GET /5/6270443 HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Cookie: OAID=0080420defdd46e7eab3827fc1c4dd2e; oaidts=1713425337
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 07:28:57 GMT
content-type: application/javascript
x-trace-id: 8eead6f8e9c3f655f4c6a47544c24c35
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080420defdd46e7eab3827fc1c4dd2e; expires=Fri, 18 Apr 2025 07:28:57 GMT; path=/; secure; SameSite=None
oaidts=1713425337; expires=Fri, 18 Apr 2025 07:28:57 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| hdfungamezz.xyz/favicon.ico | 172.67.129.138 | 404 Not Found | 708 B |
URL GET HTTP/3hdfungamezz.xyz/favicon.ico IP172.67.129.138:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerGoogle Trust Services LLC Subjecthdfungamezz.xyz Fingerprint1F:1B:27:BC:F8:D2:BA:99:24:43:FB:39:7A:69:66:51:51:98:13:A9 ValidityMon, 26 Feb 2024 10:01:33 GMT - Sun, 26 May 2024 10:01:32 GMT
File typeHTML document, ASCII text, with very long lines (739), with no line terminators Hash9a088ded79e56cc72e737869c04f755f 1431a084bae06f9a31fc4f1f9c87887be8f64b2d 768cb8655c2f2a1c7d68551a7e858fe3f13e2101172c4898638a2240b5b25ad2
GET /favicon.ico HTTP/1.1
Host: hdfungamezz.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/za/az1.php
Cookie: prefetchAd_7325037=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 07:28:57 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MPT%2FlDrthTVQ5qDDXDe1cAmA2JiHz%2Br6jdtrrjT4JwwJ9jorBaAE%2FjRX%2Fl7H0xzA69lPQlFTDFo8B0KW9obhdsyeUB2wLY2KAV9yQWPjX5%2Fk5prJPjNa%2BUb%2BWEuac4UYGb0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762f0e5ed17b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| clck.littlecdn.com/web/static/300x250/4.png | 104.22.25.116 | 200 OK | 12 kB |
URL GET HTTP/2clck.littlecdn.com/web/static/300x250/4.png IP104.22.25.116:443
Requested byhttps://hdfungamezz.xyz/za/300.php CertificateIssuerLet's Encrypt Subjectlittlecdn.com Fingerprint42:A1:9F:5B:B7:1B:88:CB:90:58:FC:E9:D1:96:3C:48:38:66:3A:9A ValidityMon, 11 Mar 2024 02:10:57 GMT - Sun, 09 Jun 2024 02:10:56 GMT
File typePNG image data, 300 x 250, 8-bit colormap, non-interlaced Hash5dcde62b114a6dcbf72713c623e453fd 94486b5d893f4531c139326f2bd601db76438dab 664a6bd86517161735dc294decff6c6bd1a2745453985cfa4136153ea01eb446
GET /web/static/300x250/4.png HTTP/1.1
Host: clck.littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 07:29:17 GMT
content-type: image/png
content-length: 12329
last-modified: Mon, 17 Jul 2023 11:26:22 GMT
etag: "5dcde62b114a6dcbf72713c623e453fd"
expires: Thu, 18 Apr 2024 18:08:21 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 48056
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762f166ab90b51b-OSL
X-Firefox-Spdy: h2
|
|
| waisheph.com/5/6270443 | 139.45.197.245 | 200 OK | 84 kB |
IP139.45.197.245:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerLet's Encrypt Subjectwaisheph.com FingerprintA9:8B:DF:A0:A2:80:A9:70:4A:F5:46:4A:EB:8E:00:E7:82:98:AC:8E ValidityTue, 19 Mar 2024 01:27:24 GMT - Mon, 17 Jun 2024 01:27:23 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashe064432f01c781827b4289cdba9cb5bf 3e937e43005e0d31bb920ce830634b0c83592428 03abb348676a894d00044c36f28fd405723994a723ac12cf6a39cd6f9ddbf473
GET /5/6270443 HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 07:28:57 GMT
content-type: application/javascript
x-trace-id: d75ad6e1da72e09c4930ec97991acac3
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0080420defdd46e7eab3827fc1c4dd2e; expires=Fri, 18 Apr 2025 07:28:57 GMT; path=/; secure; SameSite=None
oaidts=1713425337; expires=Fri, 18 Apr 2025 07:28:57 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| c.adsco.re/ | 104.17.166.186 | 200 OK | 82 kB |
IP104.17.166.186:443
Requested byhttps://hdfungamezz.xyz/za/az1.php CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (689) Hasha0b475c65fed312aba8d7c43a0cbc928 3fdd052b41c37318e44084be4f92d42fba4ded61 2dfb2101b24f80be00b1baecce7eec815e61a13381f6983051b6261b8035468a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hdfungamezz.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 07:28:58 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sun, 19 May 2024 07:28:58 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 3152940
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762f0ec5b8c0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
0.0.0.0