Report - news-rapuva.cc/lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4=

Report Overview

Submitted URL
news-rapuva.cc/lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4=
IP
193.108.117.220
ASN
#61003 GlobalTeleHost Corp.
Submitted
2023-05-30 12:57:15
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
11
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-29	666 B	1.4 kB	142.250.74.131
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-29	3.6 kB	78 kB	142.250.74.35
a.crystalcrafter.top	unknown	2023-04-29	2023-05-09	2023-05-30	2.5 kB	107 kB	104.21.7.3
zerossl.ocsp.sectigo.com	4049	2018-08-16	2020-05-09	2023-05-29	338 B	808 B	104.18.14.101
news-rapuva.cc	unknown	2023-04-19	2023-05-30	2023-05-30	5.4 kB	69 kB	193.108.118.14
browser.sentry-cdn.com	4393	2018-05-30	2018-07-13	2023-05-29	451 B	21 kB	151.101.130.217
alvsx.crystalcrafter.top	unknown	2023-04-29	2023-05-09	2023-05-28	9.6 kB	286 kB	104.21.7.3
alvsx.cloudpsh.top	unknown	2023-01-18	2023-01-23	2023-05-28	578 B	604 B	5.75.133.219
d.crystalcrafter.top	unknown	2023-04-29	2023-05-09	2023-05-30	7.0 kB	237 kB	104.21.7.3
www.highcpmrevenuenetwork.com	unknown	2022-12-23	2022-12-23	2023-05-29	1.1 kB	1.1 kB	192.243.59.13
feed.streampsh.top	unknown	2022-11-18	2023-05-01	2023-05-29	504 B	7.6 kB	172.67.169.207
b.crystalcrafter.top	unknown	2023-04-29	2023-05-09	2023-05-30	628 B	83 kB	104.21.7.3
c.crystalcrafter.top	unknown	2023-04-29	2023-05-09	2023-05-30	1.5 kB	44 kB	104.21.7.3
errors.house	unknown	2022-11-10	2022-11-11	2023-05-29	1.6 kB	3.0 kB	144.76.158.184
ecrwqu.com	577459	2021-11-09	2021-11-09	2023-05-29	490 B	1.6 kB	185.162.85.20
s.viiyblva.com	unknown	2023-01-13	2023-05-16	2023-05-29	3.0 kB	467 B	31.220.27.155
goto.trackpshgoto.win	unknown	2023-02-17	2023-02-19	2023-05-27	592 B	1.3 kB	20.113.187.208
azkcqs.com	22208	2021-08-04	2021-08-04	2023-05-29	517 B	184 B	185.162.85.3
pn7l1.qjbipy.com	unknown	unknown	No data	No data	617 B	202 kB	185.56.234.205
js.streampsh.top	unknown	2022-11-18	2023-05-01	2023-05-30	1.6 kB	125 kB	172.67.169.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-30 12:56:56	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-05-30 12:56:56	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-05-30 12:56:57	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-05-30 12:56:57	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-05-30 12:56:57	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-05-30 12:56:57	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-05-30 12:56:57	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-05-30 12:56:57	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-05-30 12:56:57	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-05-30 12:56:57	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-05-30 12:57:00	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-05-30	medium	ecrwqu.com

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (71)

URL IP Response Size

zerossl.ocsp.sectigo.com/

104.18.14.101

316 B

URL
zerossl.ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
316 B (316 bytes)
Hash
cb8867b418413a7c41ca8011a5869236
04849903bd3ea86b9107c4fe00d6ede149075d12
5d10e4e27661aa45b6b8a74f452dcbf35b0c9f121971842f5bf639384cd5d504

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 30 May 2023 12:56:57 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 15:08:27 GMT
Expires: Sun, 04 Jun 2023 15:08:26 GMT
Etag: "04849903bd3ea86b9107c4fe00d6ede149075d12"
Cache-Control: max-age=439472,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cf723df1f23b51b-OSL

news-rapuva.cc/revopush.js?v=4

193.108.118.14

10 kB

URL
news-rapuva.cc/revopush.js?v=4
IP
193.108.118.14:0
ASN
#61003 GlobalTeleHost Corp.

File type
ASCII text, with very long lines (9954), with no line terminators
Size
10 kB (9954 bytes)
Hash
fc284a0e5d580856ae4863715ad6733e
eb69f303c80ff8e44abc9601b8616c0cf92faafa
2240a1d10744494668058ba210d0d87203609def9fd69d2ac82092ebc79583c0

HTTP Headers

GET /revopush.js?v=4 HTTP/1.1
Host: news-rapuva.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-rapuva.cc/lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA2MzAzNHw6fDM5fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 12:56:57 GMT
content-type: application/javascript
content-length: 9954
last-modified: Thu, 15 Dec 2022 09:31:10 GMT
etag: "639ae95e-26e2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-rapuva.cc/lands/39/img/trls2.js

193.108.118.14

6.3 kB

URL
news-rapuva.cc/lands/39/img/trls2.js
IP
193.108.118.14:0
ASN
#61003 GlobalTeleHost Corp.

File type
Unicode text, UTF-8 text, with very long lines (641)
Size
6.3 kB (6260 bytes)
Hash
874e3caaea51bcb9b75271a5123294b1
02ac3a93dadc4322de9ea7c468b7855f532b54e8
e1485cbdcab7b6610dd8770633d1d9c597f1a4a20115dc9aaef7a514f2a73091

HTTP Headers

GET /lands/39/img/trls2.js HTTP/1.1
Host: news-rapuva.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-rapuva.cc/lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA2MzAzNHw6fDM5fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 12:56:57 GMT
content-type: application/javascript
content-length: 6260
last-modified: Thu, 12 Sep 2019 09:36:24 GMT
etag: "5d7a1198-1874"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-rapuva.cc/lands/39/img/icon1.png

193.108.118.14

7.3 kB

URL
news-rapuva.cc/lands/39/img/icon1.png
IP
193.108.118.14:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
7.3 kB (7252 bytes)
Hash
3d0ab5834c8bf7134e4d21fa3288317f
c31d1a6b9df206f67ea194f4c424cdc372a423c2
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

HTTP Headers

GET /lands/39/img/icon1.png HTTP/1.1
Host: news-rapuva.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-rapuva.cc/lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA2MzAzNHw6fDM5fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 12:56:57 GMT
content-type: image/png
content-length: 7252
last-modified: Thu, 12 Sep 2019 09:36:24 GMT
etag: "5d7a1198-1c54"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-rapuva.cc/lands/39/img/icon2.png

193.108.118.14

4.6 kB

URL
news-rapuva.cc/lands/39/img/icon2.png
IP
193.108.118.14:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4576 bytes)
Hash
c947d439eb93367f1af5b2a3d222f057
5b4c10820d39e624bc6df72a113679da80a8e44e
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

HTTP Headers

GET /lands/39/img/icon2.png HTTP/1.1
Host: news-rapuva.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-rapuva.cc/lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA2MzAzNHw6fDM5fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 12:56:57 GMT
content-type: image/png
content-length: 4576
last-modified: Thu, 12 Sep 2019 09:36:24 GMT
etag: "5d7a1198-11e0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-rapuva.cc/lands/39/img/icon3.png

193.108.118.14

7.8 kB

URL
news-rapuva.cc/lands/39/img/icon3.png
IP
193.108.118.14:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
7.8 kB (7847 bytes)
Hash
8f3cc830da0b1fdf66bda7d1d734747b
94588f041eec3a78a8780c8124c56a1434a89277
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

HTTP Headers

GET /lands/39/img/icon3.png HTTP/1.1
Host: news-rapuva.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-rapuva.cc/lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA2MzAzNHw6fDM5fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 12:56:57 GMT
content-type: image/png
content-length: 7847
last-modified: Thu, 12 Sep 2019 09:36:24 GMT
etag: "5d7a1198-1ea7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-rapuva.cc/lands/39/img/icon4.png

193.108.118.14

7.0 kB

URL
news-rapuva.cc/lands/39/img/icon4.png
IP
193.108.118.14:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
7.0 kB (7032 bytes)
Hash
7ad7f32c1c0df7b4975cc41bda4ac435
81d57e996ee6cd9e122592e68ffa3d55c1ba10ff
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

HTTP Headers

GET /lands/39/img/icon4.png HTTP/1.1
Host: news-rapuva.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-rapuva.cc/lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA2MzAzNHw6fDM5fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 12:56:57 GMT
content-type: image/png
content-length: 7032
last-modified: Thu, 12 Sep 2019 09:36:24 GMT
etag: "5d7a1198-1b78"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-rapuva.cc/lands/39/img/icon5.png

193.108.118.14

3.3 kB

URL
news-rapuva.cc/lands/39/img/icon5.png
IP
193.108.118.14:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3264 bytes)
Hash
1e1a7582b5da63e10485d63f97abc9a0
ca3ee3067f96c732f455bc7c99ec5100194f13f6
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

HTTP Headers

GET /lands/39/img/icon5.png HTTP/1.1
Host: news-rapuva.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-rapuva.cc/lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA2MzAzNHw6fDM5fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 12:56:57 GMT
content-type: image/png
content-length: 3264
last-modified: Thu, 12 Sep 2019 09:36:24 GMT
etag: "5d7a1198-cc0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-rapuva.cc/lands/39/img/icon7.png

193.108.118.14

3.3 kB

URL
news-rapuva.cc/lands/39/img/icon7.png
IP
193.108.118.14:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3283 bytes)
Hash
b512735542cb07b3b2dcf153a7dfe456
93bde8875412ce266600e2af1c37123483a50376
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

HTTP Headers

GET /lands/39/img/icon7.png HTTP/1.1
Host: news-rapuva.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-rapuva.cc/lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA2MzAzNHw6fDM5fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 12:56:57 GMT
content-type: image/png
content-length: 3283
last-modified: Thu, 12 Sep 2019 09:36:24 GMT
etag: "5d7a1198-cd3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

news-rapuva.cc/lands/39/img/icon8.png

193.108.118.14

4.1 kB

URL
news-rapuva.cc/lands/39/img/icon8.png
IP
193.108.118.14:0
ASN
#61003 GlobalTeleHost Corp.

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4064 bytes)
Hash
f92d6474ebc6a3a0b576749cfb4afe98
0f4ce3dcf04873b8098c01d20c44967fb9fce0cc
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

HTTP Headers

GET /lands/39/img/icon8.png HTTP/1.1
Host: news-rapuva.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://news-rapuva.cc/lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4=
Cookie: clickdata=ODA2MzAzNHw6fDM5fDp8fDp8fDp8fDp8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 12:56:57 GMT
content-type: image/png
content-length: 4064
last-modified: Thu, 12 Sep 2019 09:36:24 GMT
etag: "5d7a1198-fe0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

errors.house/js-sdk-loader/f1c7cfc107e94764b41b7a2b50de5ae0.min.js

144.76.158.184

1.9 kB

URL
errors.house/js-sdk-loader/f1c7cfc107e94764b41b7a2b50de5ae0.min.js
IP
144.76.158.184:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (512)
Size
1.9 kB (1855 bytes)
Hash
80932f4dcde89b05c9a4e8f491d1137a
790824b7aee301fa9a3794fa34b7cef37a88f730
9a0262ebf8e5fcb4028b6ea0876c9e06270170be66a752a08dd4acdfa6ca7b93

HTTP Headers

GET /js-sdk-loader/f1c7cfc107e94764b41b7a2b50de5ae0.min.js HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://news-rapuva.cc
DNT: 1
Connection: keep-alive
Referer: https://news-rapuva.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 30 May 2023 13:17:02 GMT
Content-Type: text/javascript
Content-Length: 1855
Connection: close
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
Surrogate-Key: project/3 sdk/7.15.0 sdk-loader
X-Frame-Options: deny
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000

browser.sentry-cdn.com/7.15.0/bundle.es5.min.js

151.101.130.217

20 kB

URL
browser.sentry-cdn.com/7.15.0/bundle.es5.min.js
IP
151.101.130.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (61994)
Size
20 kB (20163 bytes)
Hash
634a37896246a038d0abc4b8b3974e7a
3939dc20706846266b49b796189ba050c97e5e31
cab38c92e159d807e061b6e26849de7e32ce1b6e7cbd155aa8d755b8290cd333

HTTP Headers

GET /7.15.0/bundle.es5.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://news-rapuva.cc
DNT: 1
Connection: keep-alive
Referer: https://news-rapuva.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 17 Jan 2024 06:21:06 GMT
last-modified: Mon, 10 Oct 2022 12:23:16 GMT
etag: "630573cba95f68cf0b327187fb13c020"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Tue, 30 May 2023 12:56:58 GMT
age: 11514952
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20163
X-Firefox-Spdy: h2

errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0

144.76.158.184

429 Too Many Requests

162 B

URL POST HTTP/1.1
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP
144.76.158.184:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://news-rapuva.cc/lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4=
Certificate
IssuerLet's Encrypt
Subjecterrors.house
Fingerprint28:19:5A:CF:06:5E:24:D0:73:7E:FF:E4:C3:F2:2B:14:DE:32:A8:C2
ValidityThu, 11 May 2023 15:30:43 GMT - Wed, 09 Aug 2023 15:30:42 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae

HTTP Headers

POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://news-rapuva.cc/
Content-Type: text/plain;charset=UTF-8
Content-Length: 811
Origin: https://news-rapuva.cc
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Tue, 30 May 2023 13:17:02 GMT
Content-Type: text/html
Content-Length: 162
Connection: close

errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0

144.76.158.184

429 Too Many Requests

162 B

URL POST HTTP/1.1
errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0
IP
144.76.158.184:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://news-rapuva.cc/lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4=
Certificate
IssuerLet's Encrypt
Subjecterrors.house
Fingerprint28:19:5A:CF:06:5E:24:D0:73:7E:FF:E4:C3:F2:2B:14:DE:32:A8:C2
ValidityThu, 11 May 2023 15:30:43 GMT - Wed, 09 Aug 2023 15:30:42 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
7f44c7691673d77d8557d4d5699ef23a
f30daebcb81f94af5e6dfd9e70585b8904d72ac1
413d294fad14524bf94e764b33ff0f327682549408545171fcf9240189c154ae

HTTP Headers

POST /api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 HTTP/1.1
Host: errors.house
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 136
Origin: https://news-rapuva.cc
DNT: 1
Connection: keep-alive
Referer: https://news-rapuva.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 429 Too Many Requests
Server: nginx/1.22.1
Date: Tue, 30 May 2023 13:17:03 GMT
Content-Type: text/html
Content-Length: 162
Connection: close

azkcqs.com/rpe?a=1&s=1&act=17&src=2&p=1080404&st=1176688&wd=406073&d=qjbipy.com&tpl=63&rnd=0.1732446546956654&sbid=&sbid2=

185.162.85.3

0 B

URL
azkcqs.com/rpe?a=1&s=1&act=17&src=2&p=1080404&st=1176688&wd=406073&d=qjbipy.com&tpl=63&rnd=0.1732446546956654&sbid=&sbid2=
IP
185.162.85.3:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rpe?a=1&s=1&act=17&src=2&p=1080404&st=1176688&wd=406073&d=qjbipy.com&tpl=63&rnd=0.1732446546956654&sbid=&sbid2= HTTP/1.1
Host: azkcqs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qjbipy.com
DNT: 1
Connection: keep-alive
Referer: https://qjbipy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 30 May 2023 12:56:59 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-origin: *
X-Firefox-Spdy: h2

pn7l1.qjbipy.com/video-14?h=waWQiOjEwODA0MDQsInNpZCI6MTE3NjY4OCwid2lkIjo0MDYwNzMsInNyYyI6Mn0=eyJ&i=1

185.56.234.205

202 kB

URL
pn7l1.qjbipy.com/video-14?h=waWQiOjEwODA0MDQsInNpZCI6MTE3NjY4OCwid2lkIjo0MDYwNzMsInNyYyI6Mn0=eyJ&i=1
IP
185.56.234.205:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Size
202 kB (202074 bytes)
Hash
c414fcf6dd9332d4e0d16974fe3bf0fa
a01e92a62e88dd3054da00a06075691755912097
2cdd4be1b91e462e96d37d27271207147c6566c1f6a0cbe6b04492d987c8f208

HTTP Headers

GET /video-14?h=waWQiOjEwODA0MDQsInNpZCI6MTE3NjY4OCwid2lkIjo0MDYwNzMsInNyYyI6Mn0=eyJ&i=1 HTTP/1.1
Host: pn7l1.qjbipy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qjbipy.com/
Cookie: truniq=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.1
date: Tue, 30 May 2023 12:56:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-zone: eu
content-encoding: gzip
X-Firefox-Spdy: h2

ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjEwODA0MDQsInNpZCI6MTE3NjY4OCwid2lkIjo0MDYwNzN9

185.162.85.20

1.3 kB

URL
ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjEwODA0MDQsInNpZCI6MTE3NjY4OCwid2lkIjo0MDYwNzN9
IP
185.162.85.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
gzip compressed data, from Unix\012- data
Size
1.3 kB (1319 bytes)
Hash
35f2d290489a3eb440130487590d789c
32a2104ab2b7a5ce1607954306f0378d2e8debbf
1778d66faafe156a16c5aa33260f63124c3b63c80d0048ff1701681dbedddd97

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /phtbload?a=1&e=aeyJwaWQiOjEwODA0MDQsInNpZCI6MTE3NjY4OCwid2lkIjo0MDYwNzN9 HTTP/1.1
Host: ecrwqu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pn7l1.qjbipy.com/
Origin: https://pn7l1.qjbipy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 30 May 2023 12:56:59 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Platform-Version
content-encoding: gzip
X-Firefox-Spdy: h2

s.viiyblva.com/favicon.ico

31.220.27.155

0 B

URL
s.viiyblva.com/favicon.ico
IP
31.220.27.155:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: s.viiyblva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.viiyblva.com/h/1524/m2deuqm24v4vvjxasdoi5lgjwktuk55ny6w7zd65wb5hqgd2n57hyeduafrcp5vpt72u4kq5zm33su7mk2h7o7osgovms6xiohfo5rxmwctm7cvensbesonaipay5hhflo2fn4nm37fdd4tqystohymwxgj27nci6f2w7yckkqda3q2rd2afurcxinhkkybtqjyhtkdsjpxelif46reos5fhu33vpccbv3ozd222szkec6duxiyz7kf3zv42u3okn24eqshbop3k7h7vj3qhosihpnqhcy3wibavgc2gijawerlslb2vizttpziekvl57bjetidxkgxedicai7fxi5hsg5zwb7sspdtnlpdoidq3or3pnrvgadscekkvwxvel7wfnfmbpxjdhpxuoc4hdhe6j2lfc2bkb4av263qmn5xgf3haj2wu4tgo5bekvqdcfar42kbpugsgwbwfbyqarpnjbe54sxozcutjvk2kdveczwcwmflo4h27cfxfo2epptzu4mrowjlhqfpw62ipc2gv5n4wvrlauarecc5lupt6bbfiazb4mjieiiqibjne4rco3aehjmge2lrcalroec5kejr6cdniz4vm4k2mjwtucadbb3xsytzovfwgbd6nj3wk42fjrkqmvardesbklibgqkw26t4k5duwkjheu6h6q35az6ws5treyeqcb2adqjridyzfzjskargpn4fsqs6pmwge7d2ifsqo6llorrxeesgaqfugri3gvccydl6bvrfc6dlpvpxe7tbob3uaziapzei3jveuskobivpxb4xr4e6q2ogsagpykxpm2qszd6mdd3ygox7fag6kqvxev2thlvh4ytzda7bunswp5scyfywbevt4cjyfubsa2jofattchaqcelv4brnjfquo7cypzkh4kbgbrdyitlakr4ntfuesvfwe3s7iju2her2kk7p4wc5dat5xvtfzsfdgtkujjefmcdi3iaisdfonqf2yajnfagtuzriiq======?u=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx/1.23.2
date: Tue, 30 May 2023 12:57:00 GMT
X-Firefox-Spdy: h2

s.viiyblva.com/cnt/api/index

31.220.27.155

0 B

URL
s.viiyblva.com/cnt/api/index
IP
31.220.27.155:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cnt/api/index HTTP/1.1
Host: s.viiyblva.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3173
Origin: https://s.viiyblva.com
DNT: 1
Connection: keep-alive
Referer: https://s.viiyblva.com/h/1524/m2deuqm24v4vvjxasdoi5lgjwktuk55ny6w7zd65wb5hqgd2n57hyeduafrcp5vpt72u4kq5zm33su7mk2h7o7osgovms6xiohfo5rxmwctm7cvensbesonaipay5hhflo2fn4nm37fdd4tqystohymwxgj27nci6f2w7yckkqda3q2rd2afurcxinhkkybtqjyhtkdsjpxelif46reos5fhu33vpccbv3ozd222szkec6duxiyz7kf3zv42u3okn24eqshbop3k7h7vj3qhosihpnqhcy3wibavgc2gijawerlslb2vizttpziekvl57bjetidxkgxedicai7fxi5hsg5zwb7sspdtnlpdoidq3or3pnrvgadscekkvwxvel7wfnfmbpxjdhpxuoc4hdhe6j2lfc2bkb4av263qmn5xgf3haj2wu4tgo5bekvqdcfar42kbpugsgwbwfbyqarpnjbe54sxozcutjvk2kdveczwcwmflo4h27cfxfo2epptzu4mrowjlhqfpw62ipc2gv5n4wvrlauarecc5lupt6bbfiazb4mjieiiqibjne4rco3aehjmge2lrcalroec5kejr6cdniz4vm4k2mjwtucadbb3xsytzovfwgbd6nj3wk42fjrkqmvardesbklibgqkw26t4k5duwkjheu6h6q35az6ws5treyeqcb2adqjridyzfzjskargpn4fsqs6pmwge7d2ifsqo6llorrxeesgaqfugri3gvccydl6bvrfc6dlpvpxe7tbob3uaziapzei3jveuskobivpxb4xr4e6q2ogsagpykxpm2qszd6mdd3ygox7fag6kqvxev2thlvh4ytzda7bunswp5scyfywbevt4cjyfubsa2jofattchaqcelv4brnjfquo7cypzkh4kbgbrdyitlakr4ntfuesvfwe3s7iju2her2kk7p4wc5dat5xvtfzsfdgtkujjefmcdi3iaisdfonqf2yajnfagtuzriiq======?u=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.23.2
date: Tue, 30 May 2023 12:57:00 GMT
content-type: application/json
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://s.viiyblva.com
X-Firefox-Spdy: h2

goto.trackpshgoto.win/15GTfe?camp=638762&site=1417802323204974&category=1560&cost=0.0012&external_id=cnv018531d44826143041c3f917ce4fc8a2

20.113.187.208

320 B

URL
goto.trackpshgoto.win/15GTfe?camp=638762&site=1417802323204974&category=1560&cost=0.0012&external_id=cnv018531d44826143041c3f917ce4fc8a2
IP
20.113.187.208:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document, ASCII text, with very long lines (320), with no line terminators
Size
320 B (320 bytes)
Hash
b978aa75b64108600c90f0bf0dc45216
8653b0171d429b27aca3e230ba0bdf4e1d8d1411
238dfa4077e94571850f0a43c09858454e6fe9e6e6672bbbfcb02e79757a5105

HTTP Headers

GET /15GTfe?camp=638762&site=1417802323204974&category=1560&cost=0.0012&external_id=cnv018531d44826143041c3f917ce4fc8a2 HTTP/1.1
Host: goto.trackpshgoto.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.23.0
Date: Tue, 30 May 2023 12:57:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 320
Connection: keep-alive
X-Powered-By: Express
Set-Cookie: 15GTfeo=20230530151685451452525; domain=.goto.trackpshgoto.win; path=/;expires=Wed, 31 May 2023 12:57:00 GMT;  httpOnly=true;SameSite=None; Secure;
_pc_lc_id=15GTfe; domain=.goto.trackpshgoto.win; path=/;expires=Wed, 31 May 2023 12:57:00 GMT;  httpOnly=true;SameSite=None; Secure;
peerclickcid=3faa7b8a648a130e409858ad2df5100f-42510-0530; domain=.goto.trackpshgoto.win; path=/;expires=Wed, 31 May 2023 12:57:00 GMT;  httpOnly=true;SameSite=None; Secure;
_norg=1; domain=.goto.trackpshgoto.win; path=/;expires=Wed, 31 May 2023 12:57:00 GMT;  httpOnly=true;SameSite=None; Secure;
Location: https://alvsx.cloudpsh.top/?pl=ilQCmFnYrkuT1vv7YSUY4Q&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974
Vary: Accept

alvsx.cloudpsh.top/?pl=ilQCmFnYrkuT1vv7YSUY4Q&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974

5.75.133.219

0 B

URL
alvsx.cloudpsh.top/?pl=ilQCmFnYrkuT1vv7YSUY4Q&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974
IP
5.75.133.219:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pl=ilQCmFnYrkuT1vv7YSUY4Q&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974 HTTP/1.1
Host: alvsx.cloudpsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Tue, 30 May 2023 12:57:01 GMT
content-length: 0
location: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
set-cookie: ilQCmFnYrkuT1vv7YSUY4Q=19; max-age=345600; path=/; samesite=lax
__pl=fcd88fdf-4b43-4a77-b3e1-5ff144e1dbca; expires=Fri, 30 May 2025 12:57:01 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2

alvsx.crystalcrafter.top/ph-new/assets/thumb-big.jpg

104.21.7.3

83 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/thumb-big.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1237x691, components 3\012- data
Size
83 kB (82623 bytes)
Hash
cb5cedbae6d67e62dc9fde274b7f7dbe
f31d7811c4b6e50ae053f315152366501a8b6002
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788

HTTP Headers

GET /ph-new/assets/thumb-big.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:01 GMT
content-type: image/jpeg
content-length: 82623
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-142bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9nFXVtj9aTAwA2OWunFgmSF3KH5A5cG1Yg02U0ccGqpuF7I5%2F5b0L1DlWH2PZOves3tu6N7KQkD6d8YzKdJVeOjjWm39cK%2Fqh2jaRFxEaxPoSePtxJKAGWPYcZQhKykOD64qCc2bAoUD1c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723f8ef910b49-OSL
alt-svc: h3=":443"; ma=86400

alvsx.crystalcrafter.top/favicon.ico

104.21.7.3

0 B

URL
alvsx.crystalcrafter.top/favicon.ico
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Tue, 30 May 2023 12:57:01 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IU%2B%2B1XX%2FmocOLH%2Ffkgw7W6pau1%2B8j4VcLagosoolfyeX5kzyGzVHo%2FejYvrsNEXn7BeO2pDCW4Hm6itDr61s4tCHHVEoFmMDjlNYB7uRdTwUt8s1ZG6dHoatkp07aNL3yCUCWaUhfQ6mHkU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723fad9af0b49-OSL
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 12:57:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/firebasejs/8.4.1/firebase-app.js

142.250.74.35

6.8 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (21158)
Size
6.8 kB (6763 bytes)
Hash
e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2

HTTP Headers

GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 06:18:59 GMT
expires: Fri, 24 May 2024 06:18:59 GMT
cache-control: public, max-age=31536000
age: 455883
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

alvsx.crystalcrafter.top/ph-new/assets/rec-1.jpg

104.21.7.3

14 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/rec-1.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
14 kB (14404 bytes)
Hash
b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47

HTTP Headers

GET /ph-new/assets/rec-1.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2DpHhDAHhZ6vMVwbBJ3AnUdRQC%2BTDn8xmjT8ifqUddjifvl9%2FmOfNIoelMPYHBPlWOA3VWUXPxy1O6YtWqIgnA57qcxu%2F7VGnGVeeX4WhFVT7Nw%2FP3BMddYZPRPtcPfUhDPScqSB570Gws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723fcac120b49-OSL
alt-svc: h3=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/rec-3.jpg

104.21.7.3

15 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/rec-3.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
15 kB (15217 bytes)
Hash
4d58cecaa4f40c979917c8e4d907033f
f0c6d616bcc3f4bd5a1dadbca8254d9f34f2921c
9ee7f1aecdeb64f4ce54c5d0b7ea3d92b2e9d06a7f9cb7b793e39262cda05996

HTTP Headers

GET /ph-new/assets/rec-3.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: image/jpeg
content-length: 15217
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3b71"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKJ2vkgs1LAh8sjEmJxg4pEHxJWb5qcoGmr%2BRaBVgtSyQ5bUQUaESetlU0fuAtMrrcXAzf8XpC%2FgJOfsKrb0tRFbsgM1Yq8miF7BVIu4BJf3Nlt0JVv2gfoi4cU4v9dMEAMa346xu%2FbFR90%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723fcac1d0b49-OSL
alt-svc: h3=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/rec-4.jpg

104.21.7.3

8.9 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/rec-4.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
8.9 kB (8900 bytes)
Hash
8375f2a1249ce00f118c5b616ab71492
4e2d3bc095c01632578b0b39afbfc03f43e3fa42
f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483

HTTP Headers

GET /ph-new/assets/rec-4.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: image/jpeg
content-length: 8900
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-22c4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICqdtXJzzCW8Rw91fmsmJhkDvdBnFBtahAy3hY7TnWb7NVokiVmOEknfvBlV%2BjZe3HGf5V6WyRJioGtdp6iOHPbcv%2FZMZ7HUnsyKusU4EvClYzHcU1ITAO%2FXDjqr6wJrEq3gfgTU1eLWgQY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723fcbc2c0b49-OSL
alt-svc: h3=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/rec-5.jpg

104.21.7.3

13 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/rec-5.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
13 kB (13149 bytes)
Hash
f9ec603fbe19b12e8a8c1874eea3e5f2
0e24410f618ffa17dc6a9380a5b9a4c06dfba4a9
a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02

HTTP Headers

GET /ph-new/assets/rec-5.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: image/jpeg
content-length: 13149
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-335d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62GEczGtt0mcvJqQBPceE5TqayoBnLsxUDkbv6AarJT5T0S3KT0e%2F1UyNwSVAmQpS8M19d0MiJ%2FItMD3%2BWbi%2BWZbfRC6HzttzGmjjzogb4U6Yk9OjzV3iQ3%2FA20t5b7WNy8vRn%2Bs9FmuTHI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723fcbc310b49-OSL
alt-svc: h3=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/rec-6.jpg

104.21.7.3

16 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/rec-6.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
16 kB (15988 bytes)
Hash
4887925f773d2ba9caea39686f764c7f
98c9abb09854fee425dbd78ad623af053cec6721
6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773

HTTP Headers

GET /ph-new/assets/rec-6.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: image/jpeg
content-length: 15988
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3e74"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMTaKhALT8EdbTHzgpDQw%2FQYYIsghs1J9Id0tBqhs1It52SBIQK5Q5in1NhTgoMzEIk%2BD%2F7wz%2BwEKLTN7V3Hm7BcxlbB53RUPnRyJBjBnxcgIHrN8MXyqF1ByJXQfqvyKWVvOOuzS3pY6XE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723fcbc330b49-OSL
alt-svc: h3=":443"; ma=86400

news-rapuva.cc/lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4=

193.108.118.14

12 kB

URL
news-rapuva.cc/lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4=
IP
193.108.118.14:0
ASN
#61003 GlobalTeleHost Corp.

File type
gzip compressed data, from Unix\012- data
Size
12 kB (12536 bytes)
Hash
f73b9b99a16cb5ae0362775b55b3886b
dc1a6d477e97665b5ed4a80d8c845e4df1a843a2
e68253133bea70af2828924a1c7bf6db634e7ab00609217ca41274c43a9239f3

HTTP Headers

GET /lands/39/?site=8063034&sub1=&sub2=&sub3=&sub4= HTTP/1.1
Host: news-rapuva.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 30 May 2023 12:56:57 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
pragma: no-cache
set-cookie: clickdata=ODA2MzAzNHw6fDM5fDp8fDp8fDp8fDp8; expires=Tue, 30-May-2023 13:56:57 GMT; Max-Age=3600; path=/
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
95fb9634ddcd95a261bb9a2757a6ae8e
e30d5b20450fdd6588dd8034ef0acbe38159a0bf
65f215904c284124663185e58f9c710e2050afe21509684a22ce96c09a425bf4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 May 2023 12:57:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

alvsx.crystalcrafter.top/ph-new/assets/rec-8.jpg

104.21.7.3

13 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/rec-8.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
13 kB (12992 bytes)
Hash
eb826882457e1589d8a7d3b3499c4556
91284882dec199a9cc02ffa3ef3c86505159ce12
4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940

HTTP Headers

GET /ph-new/assets/rec-8.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: image/jpeg
content-length: 12992
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-32c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByACfeRAdv0N8E5Xlb6zqhFofquuhPnlWOFrh7JfSW4oKxk9%2FR4fBnRP1ACuLSHUf7R%2BKxecExihdhP0hmriUlgGg63R1RaJ2EKgO61Fks3gMGHYpXxTwEpzXZVHiMzUKtKrRNLXTI0RRtk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723fcbc380b49-OSL
alt-svc: h3=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/rec-7.jpg

104.21.7.3

14 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/rec-7.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
14 kB (13963 bytes)
Hash
f8af6bb4bdbbf2788da61a614e2f214e
d4a22a315356fcbc5f4a6af2d8a15e96721abddc
edb8c2bdc0f5612a5bf789af233ccaa63dd3751fbfaffb01be48e6e43e78b0bc

HTTP Headers

GET /ph-new/assets/rec-7.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: image/jpeg
content-length: 13963
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-368b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMcd83OUUvsSQ5iJ3UcOQQR7msrNXq2mV7F0zWIWT4gMyAlq7KEFszFoedyAaAER78UjFMWkktYq7VWw84qM5yw97YWzhMMeaTyV%2FdlsXVZPzCFs11pyxhYM8Wgr83ZIlFoGKiiCvzliJ0U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723fcbc350b49-OSL
alt-svc: h3=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/1.jpg

104.21.7.3

14 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/1.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
14 kB (14404 bytes)
Hash
b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47

HTTP Headers

GET /ph-new/assets/1.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUEDJebvLI%2BXDd7z61ni%2BPCqjFhbYw7dbdxUnPTgpWrzhHVj82Xpvl2KCpqSu%2FmtcmG2bhj5bXHnVddSLWxgxiQVXDBxclu8H3f%2BGACxGs5YD8OMuUY1Kt4ln7yBeRXnFSSKbE63z8vCAs0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723fccc3e0b49-OSL
alt-svc: h3=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/3.jpg

104.21.7.3

11 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/3.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
11 kB (11094 bytes)
Hash
3f9b232e4a112a89dedcae34ff319dda
5c633886ceeaf3b1185e24253df6be39378c8e85
55fddecdb3ed8e536018523555d995f39f85304bbc00f65ab96472236b57a49a

HTTP Headers

GET /ph-new/assets/3.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: image/jpeg
content-length: 11094
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2b56"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWvSf3jH2%2BjeUcfiXS7LOiIs4i220B67ZCfmauC%2FlgJrB1UQpAEtWlS%2FfECJXkK0mbll%2B29W8nGaW%2FulpQyPlBmrfUu7ntPaKVufYB1zFtCRLZU0rOIqCPMWkUNTmsoJap4%2FJO%2BOSfvTivU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723fccc490b49-OSL
alt-svc: h3=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/4.jpg

104.21.7.3

14 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/4.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
14 kB (13611 bytes)
Hash
a4bef91e21afc13fed7f0bebcc6c4495
5dd2288d13e016a66fbe1f5605b2ed0fc3ad6326
44d3bf237a20f5d36a663aedd4a909a6118e6e35d6fe84971861f5638c070ecd

HTTP Headers

GET /ph-new/assets/4.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: image/jpeg
content-length: 13611
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-352b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXxVSAixmhqA10wnqgnHOYLSVNScIU16c6Smr%2BYteFxLc9PTxlwxlC2wWNS9nwrXDuH52ALOR9qkKfoxaNtAAeqMjRI6t3u66qk4MUDI1BRkPDU%2FCyfe53JGAvJSK37N3UJqwotN2sMSrmg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723fccc510b49-OSL
alt-svc: h3=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/5.jpg

104.21.7.3

12 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/5.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
12 kB (11713 bytes)
Hash
113d196991f086fe21f82ee35286eddc
093b74a20c8902f13be1ee735f90a93e397227f9
34a3bc9a7aee67e35d57d4bb0bdccf08c3639da85d2421c58f6c4a92f5eee5e1

HTTP Headers

GET /ph-new/assets/5.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: image/jpeg
content-length: 11713
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2dc1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xf0uzXDKAoMZGk1DQmDF6%2BpvqUSLZOe%2FHr4XcjsRJAJsUH7IYc%2FYV6EDB24PGmHNZ1UkQ%2BGbfxeFXMs%2Ftife53%2BAHGYUCkIolj6hNZD1mGd7YbFbPJIMnl0aJHzpzrnNRSXwrgcTMfpPoUY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723fccc4c0b49-OSL
alt-svc: h3=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/assets/2.jpg

104.21.7.3

21 kB

URL
alvsx.crystalcrafter.top/ph-new/assets/2.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
21 kB (21253 bytes)
Hash
c3f3eb5d00c73ac19828309a4cde4e96
be66f4e10a00d90a0f8fdc0a5a4dbd19c143d97d
626b570f2ffdf83add77f51246ccb195fec4c15e4289173b8183cd47e7cfd763

HTTP Headers

GET /ph-new/assets/2.jpg HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: image/jpeg
content-length: 21253
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-5305"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3365
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhUxZM4Vw3bXsNzmrYEuFuNPoPbxZvEZ%2FQY3c0AMcu90IoHjZlVNOUKuN9zmQWAdl8yibF9IK2PneyQH4qxZc%2FaryC%2FB6%2BA6XljnvWu1gH8MpzAfGRLwRBOXFutvimQDmde%2BjWP6DsoXLN8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723fccc450b49-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

142.250.74.35

11 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40976)
Size
11 kB (10908 bytes)
Hash
a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

HTTP Headers

GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 18:53:40 GMT
expires: Wed, 22 May 2024 18:53:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 583402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

a.crystalcrafter.top/ph-new/assets/thumb-big.jpg

104.21.7.3

83 kB

URL
a.crystalcrafter.top/ph-new/assets/thumb-big.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1237x691, components 3\012- data
Size
83 kB (82623 bytes)
Hash
cb5cedbae6d67e62dc9fde274b7f7dbe
f31d7811c4b6e50ae053f315152366501a8b6002
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788

HTTP Headers

GET /ph-new/assets/thumb-big.jpg HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: image/jpeg
content-length: 82623
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-142bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3344
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SvTNCDyVStnGQF3Id5T5JWug34RueboNLLYQW8QSQUT9O%2BfikKuGNeCDA76r82xA%2BBL102yeg8OhMc3yn3ph0Kr92nkhwUUy7%2Ffrc2TCfZkzbWZhLZrWDLvSQgDI08UyckbOvulqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723ff1f140b49-OSL
alt-svc: h3=":443"; ma=86400

a.crystalcrafter.top/favicon.ico

104.21.7.3

0 B

URL
a.crystalcrafter.top/favicon.ico
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Tue, 30 May 2023 12:57:02 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3483
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fe97LweMQWmagIwv6AifYZNZuhTlM94iEdTjdLa5T3GBFFzJySc487XSMGnJx5kKRzixv%2BkHTswOE4qaPfS0Y17zoul%2B6LOGTVUAXvZIBWVLSARPA3AX46xTNFi21y3PT19psW8%2BbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf7240098bf0b49-OSL
alt-svc: h3=":443"; ma=86400

feed.streampsh.top/ps/config.js?id=ilQCmFnYrkuT1vv7YSUY4Q

172.67.169.207

7.0 kB

URL
feed.streampsh.top/ps/config.js?id=ilQCmFnYrkuT1vv7YSUY4Q
IP
172.67.169.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
7.0 kB (6996 bytes)
Hash
7b9735de10e6d0a2ffe8e42f8986c659
38a544a3f6c7d28319cd944b2ae755c7d192cf1a
bc8f01c22a60dbb9098f8be9baa7e484bce7ec5335a6dcf02fee212202fb2045

HTTP Headers

GET /ps/config.js?id=ilQCmFnYrkuT1vv7YSUY4Q HTTP/1.1
Host: feed.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/
Cookie: __psu=7d13331a-85ea-43e9-a914-deb6181b2b27
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0dx4cwxGHd%2FSMP9uEJBR5PV9hCbUlwTzZ%2FBUDUob%2B5mO3C4PsFQrCJPQHGc4R6en4ZaGkbWGwbKxLcW1iYa8NQHaX5WCtnz9ELtRiWsMRz8XC%2BvM%2Fbjc7apgZPs0Nxz5V%2BRliQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf72400bb411c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

142.250.74.35

11 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40976)
Size
11 kB (10908 bytes)
Hash
a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

HTTP Headers

GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 18:53:40 GMT
expires: Wed, 22 May 2024 18:53:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 583402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

b.crystalcrafter.top/ph-new/assets/thumb-big.jpg

104.21.7.3

83 kB

URL
b.crystalcrafter.top/ph-new/assets/thumb-big.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1237x691, components 3\012- data
Size
83 kB (82623 bytes)
Hash
cb5cedbae6d67e62dc9fde274b7f7dbe
f31d7811c4b6e50ae053f315152366501a8b6002
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788

HTTP Headers

GET /ph-new/assets/thumb-big.jpg HTTP/1.1
Host: b.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:03 GMT
content-type: image/jpeg
content-length: 82623
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-142bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3073
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ypux4Imr8TEaZJnkDtqa2rJb9ar6yGp29ioyQL36w4BV%2Bnt6waC%2B9cCS977knlFDDsVteOe7kbe%2B6Cz90Lgvo%2FTnSOiFhpGaT16pdGlCUZNe%2BaEgge0ODg6NoxDjBIzn4UUX%2BRI%2FSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf724029adf0b49-OSL
alt-svc: h3=":443"; ma=86400

a.crystalcrafter.top/ph-new/assets/trls.js

104.21.7.3

2.9 kB

URL
a.crystalcrafter.top/ph-new/assets/trls.js
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Size
2.9 kB (2913 bytes)
Hash
2d452480e0a1246e5ed7e13278b99eee
dc1115b9c20884a07335bdf5abea5c399f5293d6
19b0897b045b6f67abdae0b9f6ca5987202456aa0d7bfc3b17128e94d2cf761d

HTTP Headers

GET /ph-new/assets/trls.js HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: application/javascript
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-1e3f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3344
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxTDgkDHZpwxORtRr3X06ViVfWJV%2Bl%2F6GI%2FCL5EawZuRTiUWB8QOUqDtjkZzu%2BvWqf8d7qJaJtVElGZRPNTnIIlBcIfp7i5B7EliPYbfEMjxAVAKcYRuLQCzQBtuDIZKyrpWnEoQxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723ff0f110b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-app.js

142.250.74.35

6.8 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (21158)
Size
6.8 kB (6763 bytes)
Hash
e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2

HTTP Headers

GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 06:18:59 GMT
expires: Fri, 24 May 2024 06:18:59 GMT
cache-control: public, max-age=31536000
age: 455884
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

a.crystalcrafter.top/ph-new/assets/style.css

104.21.7.3

19 kB

URL
a.crystalcrafter.top/ph-new/assets/style.css
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
19 kB (19084 bytes)
Hash
807d696b86114245f8eda3dce43f61ff
6d65ffaf8ec2107db8f1d29c410f152a8b809a56
7524af6d5f36df3e5d5c8148bc63e3956de050fa262fc0589e2a58dc606977bc

HTTP Headers

GET /ph-new/assets/style.css HTTP/1.1
Host: a.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: text/css
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-5f33"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3344
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3lBDqgwiRXZ7oqPPGZRBGE3sOBItu4BIFsZzVaS88JPEdw65bOaM64ESoFeLAFlo1asfxNOUbjmCysU46yx6Qjp3MCtG%2FjB0CyEqXkT70%2FkYzUXRzHBSAXdM5qJrjW8z8oBe5sa6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723ff0f120b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

js.streampsh.top/ps/pl.js?edg=true&fullscreen=true

172.67.169.207

84 kB

URL
js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
IP
172.67.169.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2763), with no line terminators
Size
84 kB (83790 bytes)
Hash
c8409dd7d34d07dcb58bcc964fb674da
09110579eed1a3a7cedf79aa258bd337a74bd644
daa69a5e86f32de4ab6cdac3ee241b8a3b7a30d60ecb335bfc20236fb675cbdb

HTTP Headers

GET /ps/pl.js?edg=true&fullscreen=true HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.crystalcrafter.top/
Cookie: __psu=ab92d01b-6222-4bb3-bec1-ed9adf94d8cb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:02 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3Ydp5l6U2TGHUwUqX6tdVkuj%2F%2FGo%2Fa4F5TmSLByE8xvp5swyJpXB%2F8eXcur6MJwP29cngiSd8oT9lfCgOml4TabVjFymPP8WJGRWAv9yDe2%2F1V7sWaseAJiywvSfVyNfrLq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723ff498f1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&appspot=

172.67.169.207

17 kB

URL
js.streampsh.top/ps/ps.js?edg=true&fullscreen=true&pl=true&id=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&appspot=
IP
172.67.169.207:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (23337), with no line terminators
Size
17 kB (17132 bytes)
Hash
4cdf9ad02c219afaf21fa331ef7e9f3b
e7ad9a3be392e1ede58c9102bab97be63c05d477
1d91368645aa102503ac9ec82787daf94c687705464a7580da65f50dd2ea5155

HTTP Headers

GET /ps/ps.js?edg=true&fullscreen=true&pl=true&id=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&appspot= HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Cookie: __psu=ab92d01b-6222-4bb3-bec1-ed9adf94d8cb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:03 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkI6sgh%2FjMM4Gp9evr0D9jOYzf1KlWRnMXIoMTDx%2Bq06p0JHzEAGzM1m5BXyBpMcWzwMxyDrhMJU%2Bt97MgHQD4JxLpmwoksbfhKITMLZYCV5cHMmER4vyD7SUmzAsa5z2EUK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf724031e1a1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-app.js

142.250.74.35

6.8 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (21158)
Size
6.8 kB (6763 bytes)
Hash
e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2

HTTP Headers

GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 06:18:59 GMT
expires: Fri, 24 May 2024 06:18:59 GMT
cache-control: public, max-age=31536000
age: 455884
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

142.250.74.35

11 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40976)
Size
11 kB (10908 bytes)
Hash
a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

HTTP Headers

GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 18:53:40 GMT
expires: Wed, 22 May 2024 18:53:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 583403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

d.crystalcrafter.top/ph-new/assets/thumb-big.jpg

104.21.7.3

83 kB

URL
d.crystalcrafter.top/ph-new/assets/thumb-big.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1237x691, components 3\012- data
Size
83 kB (82623 bytes)
Hash
cb5cedbae6d67e62dc9fde274b7f7dbe
f31d7811c4b6e50ae053f315152366501a8b6002
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788

HTTP Headers

GET /ph-new/assets/thumb-big.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:04 GMT
content-type: image/jpeg
content-length: 82623
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-142bf"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2526
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRklmV3LmZK6o%2BEjjsgBWzbPRdWrM9%2Fd61ffzZ5TsZRKWfpmfvqxHhoUFno2g4YFbRPyRXs2aalxwjFoESvd7EQRVYg8ciS7vcxpixhDenxJdWBdNv7ewcfH6WWFaQ4Ns7icG1AkmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf7240869900b49-OSL
alt-svc: h3=":443"; ma=86400

c.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721

104.21.7.3

16 kB

URL
c.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Size
16 kB (15727 bytes)
Hash
c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a

HTTP Headers

GET /ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721 HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:03 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlQ4yMyycgqRlEqZ%2BCrlw86LuO80eP%2B8qqEB7CFLjhMZ4J6%2F8qg2%2FcyrTnE8I7F1s9APICHGdGQXZr412hM3tJpy5hZW9THTMIK2%2BuLCQWlWze9NbwxGyzPbUzV78OT7aATbRV30nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf72404ed8a0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/8.4.1/firebase-app.js

142.250.74.35

6.8 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-app.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (21158)
Size
6.8 kB (6763 bytes)
Hash
e20da9cfaabf0b23d89c2335c06e2b03
b1af5616825acaba44bd714bd2685327abe896fd
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2

HTTP Headers

GET /firebasejs/8.4.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 06:18:59 GMT
expires: Fri, 24 May 2024 06:18:59 GMT
cache-control: public, max-age=31536000
age: 455885
last-modified: Tue, 13 Apr 2021 06:56:11 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js

142.250.74.35

11 kB

URL
www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40976)
Size
11 kB (10908 bytes)
Hash
a498cb0f91ef52cc08969e1737b34638
c0e12b338ca7adea31b105546fde021edecbfc3c
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7

HTTP Headers

GET /firebasejs/8.4.1/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 18:53:40 GMT
expires: Wed, 22 May 2024 18:53:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Apr 2021 06:56:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 583404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

c.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721

104.21.7.3

27 kB

URL
c.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
27 kB (27369 bytes)
Hash
a63e43e1190bb6705550b2aa8e55c611
d347d7a2e763d51eecb321f5bdeb3fba4248d471
e556a3fb6b1cda86ce059a481aff6b9bf0a0f4cd3e6b4121fdd2354a9fff400f

HTTP Headers

GET /ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721 HTTP/1.1
Host: c.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:03 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RznYKIVpn177yCGtOq7OqbNl1X8UIWnJZwsUa2UTThfziVDmvYFYZCSdYsMuOCyEvJiJrOCmLLIjwzZu5FE2Efrblh7QkaZAoeVH6Ftv7KyDKvstWJwHx3bjPP41oDSFmfWnKDwN%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf724058e320b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721

104.21.7.3

27 kB

URL
d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4233), with CRLF line terminators
Size
27 kB (26649 bytes)
Hash
c916b0032230dc45461448a9d5191da9
cca43f6ac66a63721abbfe3382eeef1638621175
247b5e37452e79fe61fd06fb5c1448b2ae4a13b12128851dd8cdb0c7b71c236a

HTTP Headers

GET /ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721 HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:04 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdraQZ%2F%2FP0xy%2BoWXSO9UeLyYnbt%2FyfYWILxVsBvFm4YyfcFDNmtMd%2B3Hrl0NzBO661Ss4lWzYSxfT97J1Zopb428ndc6SEZgF24W7T4BQ5CmWHJ6d2PH1I%2B95s612KMpyLW4vI0M3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf7240879960b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/style.css

104.21.7.3

18 kB

URL
d.crystalcrafter.top/ph-new/assets/style.css
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
18 kB (18492 bytes)
Hash
807d696b86114245f8eda3dce43f61ff
6d65ffaf8ec2107db8f1d29c410f152a8b809a56
7524af6d5f36df3e5d5c8148bc63e3956de050fa262fc0589e2a58dc606977bc

HTTP Headers

GET /ph-new/assets/style.css HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:04 GMT
content-type: text/css
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: W/"643e420e-5f33"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2526
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZVtMibRMvKLMpXSSNgR6XWEdoT8KUllM7xWIrpyOSBzn8BfbUZeb199uYWpxIlW8HPVGnO2Kdp6q%2Fp1tfdGdoPUv67W1hA0FaX%2BECxoFrqp75ck%2F02nKm5MIYJTKdDyPIJErJG%2BbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf7240869860b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/rec-4.jpg

104.21.7.3

8.9 kB

URL
d.crystalcrafter.top/ph-new/assets/rec-4.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
8.9 kB (8900 bytes)
Hash
8375f2a1249ce00f118c5b616ab71492
4e2d3bc095c01632578b0b39afbfc03f43e3fa42
f71320d61eb339fdb7b5d20249d4f6aa6e37e22e618dc83e8459da1db3f79483

HTTP Headers

GET /ph-new/assets/rec-4.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:04 GMT
content-type: image/jpeg
content-length: 8900
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-22c4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2443
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cKgCdGEd5THg%2F55j7N1VpyhQbOpxXNBbchGltjBTd%2BLj43kYkgTXSIB2lZh%2FG6481cGewwGi8kXYBwd6xqr9v%2B4%2FkzbS%2F0%2FG9G%2BbUsV7K%2Fz5cTJWZ3bRwUj%2Bz2seGfWPnajSSMBAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf7240bfd4f0b49-OSL
alt-svc: h3=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/rec-5.jpg

104.21.7.3

13 kB

URL
d.crystalcrafter.top/ph-new/assets/rec-5.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
13 kB (13149 bytes)
Hash
f9ec603fbe19b12e8a8c1874eea3e5f2
0e24410f618ffa17dc6a9380a5b9a4c06dfba4a9
a77b6918c2799981aa1a09fc5f787ff109883093f2efd28beaf79031f5a8ac02

HTTP Headers

GET /ph-new/assets/rec-5.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:04 GMT
content-type: image/jpeg
content-length: 13149
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-335d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2443
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdJFmXSTqkcjRZZ1c3a4mJolOXvRkQe%2FU3%2FeYbjgr%2FPcCZsjjBxbHcYkc1GkUakJukKQYkv5uhilM7%2BM2ObtcCOp3gUpgs%2FzP8KmR%2FQZPhQYsuvZwa3uchfK1eK5MaHd7iTaK2K%2Bww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf7240bfd590b49-OSL
alt-svc: h3=":443"; ma=86400

alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721

104.21.7.3

26 kB

URL
alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
26 kB (26115 bytes)
Hash
07637924d44ab1abc0414af4aaffa931
1e3e85f3f8a7d7dca3795d1c51232bf6fe19dcf2
83fc541016d1e674538b9ee37c4754252a8a164d6124ec2b83db9bfc2fe610c6

HTTP Headers

GET /ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721 HTTP/1.1
Host: alvsx.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:01 GMT
content-type: text/html
last-modified: Mon, 01 May 2023 15:50:37 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Te4%2FLG0iVNK9MrvNR5poy0KC7DxQPPc7wiFN%2Bz%2BTi4IWRHoiAjQz8%2Fw1yRkl9K5nFAkOuVYnRTvozDAPvDWPe1rmDM2lVQGUF37SVfgrGgVIWxQYLpR%2FOXrnWgZ%2BbOWmO9bduj8Dmhjhmps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cf723f8ef920b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/1.jpg

104.21.7.3

14 kB

URL
d.crystalcrafter.top/ph-new/assets/1.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
14 kB (14404 bytes)
Hash
b2abcc52b7bf315893f6751d5fc7875e
5997c599c5e6c408b9019159f4608026a78223cf
098b2a4c2b05fc238c6eae8654ea2a3bc9d5fac7c59cb420242d405fcc83ed47

HTTP Headers

GET /ph-new/assets/1.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:04 GMT
content-type: image/jpeg
content-length: 14404
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3844"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2443
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Evrsi9K5mAfcafybeT2UuUqPClk05GctlNk6%2F882zDDeCjJS4eaZwK0jZrkKGXni3CfVpZvxCBYOfAqTsFGm%2Bu5p492fXx9vNB%2B5YxQlvPZ4pa%2FVBgqmCGIpIInL2JNA4oVDbO4P0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf7240c0d780b49-OSL
alt-svc: h3=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/rec-8.jpg

104.21.7.3

13 kB

URL
d.crystalcrafter.top/ph-new/assets/rec-8.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
13 kB (12992 bytes)
Hash
eb826882457e1589d8a7d3b3499c4556
91284882dec199a9cc02ffa3ef3c86505159ce12
4fad6c5d1cd5bdb7eea1b216774e831a6e59a11ddcc8b0881747a4d278d86940

HTTP Headers

GET /ph-new/assets/rec-8.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:04 GMT
content-type: image/jpeg
content-length: 12992
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-32c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2443
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtktYR%2FDUSJiYlzZlXy7qeUODJo%2F1yXoUwn6SCXvMSIJ33g5vMlJ2aDMXcPKw26Yj6CR5RBs0hVIz8FRmv6BEV2vv3MaRtxkBPxtK7XXYkp%2FoQUonHTC0Zmh%2BGR84x73okgcPW%2F49A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf7240c0d7a0b49-OSL
alt-svc: h3=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/rec-6.jpg

104.21.7.3

16 kB

URL
d.crystalcrafter.top/ph-new/assets/rec-6.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
16 kB (15988 bytes)
Hash
4887925f773d2ba9caea39686f764c7f
98c9abb09854fee425dbd78ad623af053cec6721
6e1e474a8fc326cd06593e0c1a55d0e73126ada3bf169713b847e82d28646773

HTTP Headers

GET /ph-new/assets/rec-6.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:04 GMT
content-type: image/jpeg
content-length: 15988
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-3e74"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2443
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqBFimcvTNDGNAuq1JQrFNR9nLORZeoDEShZc20ck6FL3y21ChKROOQEksiKvNHGx5oA9VmchXAb4HaMESjMlEJL1xOcqHTWjvYCQXlBDKJCSCSXDrESKqwjAHKo1s%2B%2Ftn3yzlj5ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf7240bfd5f0b49-OSL
alt-svc: h3=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/4.jpg

104.21.7.3

14 kB

URL
d.crystalcrafter.top/ph-new/assets/4.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
14 kB (13611 bytes)
Hash
a4bef91e21afc13fed7f0bebcc6c4495
5dd2288d13e016a66fbe1f5605b2ed0fc3ad6326
44d3bf237a20f5d36a663aedd4a909a6118e6e35d6fe84971861f5638c070ecd

HTTP Headers

GET /ph-new/assets/4.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:04 GMT
content-type: image/jpeg
content-length: 13611
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-352b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2443
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2jBmqreKI47UnUztwBMBS5pS%2FhkVIRrEady3EjJcAGsAd2%2BhB9Z6RmXEC4DWWRwJxhroC5LGWiSdoeMV0bt%2B9x8uLFhJ1kM4uEmlDSh%2B5CvkmN%2FVJp8YWwO7g%2F%2Bx%2FrCIgRofL2UOTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf7240c0d7d0b49-OSL
alt-svc: h3=":443"; ma=86400

js.streampsh.top/ps/pl.js?edg=true&fullscreen=true

172.67.169.207

22 kB

URL
js.streampsh.top/ps/pl.js?edg=true&fullscreen=true
IP
172.67.169.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2763), with no line terminators
Size
22 kB (22420 bytes)
Hash
c8409dd7d34d07dcb58bcc964fb674da
09110579eed1a3a7cedf79aa258bd337a74bd644
daa69a5e86f32de4ab6cdac3ee241b8a3b7a30d60ecb335bfc20236fb675cbdb

HTTP Headers

GET /ps/pl.js?edg=true&fullscreen=true HTTP/1.1
Host: js.streampsh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alvsx.crystalcrafter.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 30 May 2023 12:57:01 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLGU04X9s5%2Boo2UXTEjfXCNo1oONINZg7K%2F32o8lZBay2z47JhUmDBJ5Wk36RLcry%2B29wlowJR8amNK14GcNGqnQMLqwJ5Az9SwztMLcGrIE%2FfzfuWQ9kHIoG2uEsPnr%2BwEZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf723f94f3cb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

d.crystalcrafter.top/ph-new/assets/3.jpg

104.21.7.3

11 kB

URL
d.crystalcrafter.top/ph-new/assets/3.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
11 kB (11094 bytes)
Hash
3f9b232e4a112a89dedcae34ff319dda
5c633886ceeaf3b1185e24253df6be39378c8e85
55fddecdb3ed8e536018523555d995f39f85304bbc00f65ab96472236b57a49a

HTTP Headers

GET /ph-new/assets/3.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:04 GMT
content-type: image/jpeg
content-length: 11094
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2b56"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2443
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2TccY8ogKfQree01kvwoPcNrmHoA4%2BqAuhBjTVBFDMRFDK0aTjaLn267x5dhQWRJSXAr1OotoyfbqzJla4SPSlIIpiiIwB%2B%2F%2FZCzssF1uFtVKdkj08QOH6i5j65mBLEtU%2BaqH9r8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf7240c0d7b0b49-OSL
alt-svc: h3=":443"; ma=86400

d.crystalcrafter.top/ph-new/assets/5.jpg

104.21.7.3

12 kB

URL
d.crystalcrafter.top/ph-new/assets/5.jpg
IP
104.21.7.3:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Size
12 kB (11713 bytes)
Hash
113d196991f086fe21f82ee35286eddc
093b74a20c8902f13be1ee735f90a93e397227f9
34a3bc9a7aee67e35d57d4bb0bdccf08c3639da85d2421c58f6c4a92f5eee5e1

HTTP Headers

GET /ph-new/assets/5.jpg HTTP/1.1
Host: d.crystalcrafter.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/ph-new/?pl=ilQCmFnYrkuT1vv7YSUY4Q&sm=ph-new&click_id=3faa7b8a648a130e409858ad2df5100f-42510-0530&sub_id=1417802323204974&hash=ee3w9y6gJWqnm9XjJiQJBA&exp=1685451721
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 30 May 2023 12:57:04 GMT
content-type: image/jpeg
content-length: 11713
last-modified: Tue, 18 Apr 2023 07:09:02 GMT
etag: "643e420e-2dc1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2443
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGMhus38QlJMpiW37KT9Q6zWzLrvAn%2F1juy3pvYIyNg3IwnU7CIZHoqk6fglMGZqEhuNJkdKvRCznCU4ePB%2BXqJM9Ye7IgWMLig0CzL8jFSXTjv3E8Qoub%2BYMFjXSo0KXUKgb1oPrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cf7240c0d830b49-OSL
alt-svc: h3=":443"; ma=86400

www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f

192.243.59.13

200 OK

115 B

URL User Request GET HTTP/1.1
www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerLet's Encrypt
Subjecthighcpmrevenuenetwork.com
Fingerprint4A:B9:EF:7A:95:F5:EB:F1:0F:44:6B:99:79:4A:95:32:BE:12:C7:AB
ValiditySat, 22 Apr 2023 06:23:55 GMT - Fri, 21 Jul 2023 06:23:54 GMT

File type
ASCII text, with no line terminators
Size
115 B (115 bytes)
Hash
16579cc322e9e105427ecfa57890ef69
8bb47ec30cf894ab49032d7271a45f0c778baa05
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590

HTTP Headers

GET /n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d.crystalcrafter.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 30 May 2023 12:57:05 GMT
Content-Type: text/html
Content-Length: 115
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17984642; expires=Wed, 31 May 2023 12:57:05 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1a9a6b9bdd1b48d28a8bcb23630a5b38
Strict-Transport-Security: max-age=0; includeSubdomains

www.highcpmrevenuenetwork.com/favicon.ico

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
www.highcpmrevenuenetwork.com/favicon.ico
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f
Certificate
IssuerLet's Encrypt
Subjecthighcpmrevenuenetwork.com
Fingerprint4A:B9:EF:7A:95:F5:EB:F1:0F:44:6B:99:79:4A:95:32:BE:12:C7:AB
ValiditySat, 22 Apr 2023 06:23:55 GMT - Fri, 21 Jul 2023 06:23:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.highcpmrevenuenetwork.com/n78fnnif?key=1f14d464e54c81b0291dd5fcaa1f098f
Cookie: u_pl=17984642
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 30 May 2023 12:57:05 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 43c4db88f49053a6ff51dd2f283e802d
Strict-Transport-Security: max-age=0; includeSubdomains

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (71)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type