Report - ngdft.blogspot.bg/

Report Overview

Submitted URL
ngdft.blogspot.bg/
IP
216.58.207.193
ASN
#15169 GOOGLE
Submitted
2024-03-29 15:37:10
Access
public
Website Title
Узнaйте скoлько Вы смoжете зaрaбaтывaть на инвестициях?
Final URL
z7gq5.shop/20V/NNFe77Aa
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
z7gq5.shop	unknown	unknown	No data	No data	14 kB	4.7 MB	172.67.211.101
l2nv8.shop	unknown	2024-03-12	2024-03-12	2024-03-13	518 B	40 kB	188.114.96.1
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-03-28	511 B	1.2 kB	35.244.181.201
get.geojs.io	17418	2017-02-18	2017-03-30	2024-03-28	426 B	960 B	172.67.70.233
ngdft.blogspot.bg	unknown	unknown	No data	No data	472 B	682 B	216.58.207.193
ngdft.blogspot.com	unknown	2000-07-31	2024-02-28	2024-03-07	473 B	16 kB	142.250.74.1
sh4737904.c.had.su	unknown	2017-05-10	2023-11-16	2024-03-28	545 B	489 B	81.91.178.100

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-29	medium	ngdft.blogspot.bg/	Gazprom

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	z7gq5.shop/l/hello_kitty/form/js/libs/jquery-3.6.0.min.js	151 kB	2023-03-07	2024-03-31
Pretty URL z7gq5.shop/l/hello_kitty/form/js/libs/jquery-3.6.0.min.js IP 172.67.211.101 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-03-07 12:01:31 Last Seen2024-03-31 20:17:21 Times Seen1567 Hash 2f9ce5c0e6e3b112156a7ff05ba9e682 5da37b54f5ac446e0d72005a12fcd21dd86f3ac0 8c1d8308190d402fce06d8cd4119a3013d87f1599c65cc6b34a698ed093b191d Loading...

	z7gq5.shop/l/hello_kitty/form/js/libs/utils.js	382 kB	2023-05-22	2024-03-31
Pretty URL z7gq5.shop/l/hello_kitty/form/js/libs/utils.js IP 172.67.211.101 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-05-22 08:52:07 Last Seen2024-03-31 20:17:21 Times Seen1525 Hash fa4d12a59a70432bcfea49469386291e 3b24fcc6ef44ca3635266a10530d68df4857e7a1 5084ebd7703c470e9e39d58de78661fa7780812d49bf2293217f278429b66c78 Loading...

	z7gq5.shop/l/hello_kitty/form/js/libs/jquery.maskedinput.js	17 kB	2023-05-22	2024-03-31
Pretty URL z7gq5.shop/l/hello_kitty/form/js/libs/jquery.maskedinput.js IP 172.67.211.101 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-05-22 08:52:07 Last Seen2024-03-31 20:17:21 Times Seen1537 Hash d37c584165f7d01f34ba29f5852daacb 7607f09ab544c30e1942c834e54410d15043c60a d4fe2470c43d76c8d1be7f4cf8c835b1032d48641efbd071da6ab79fb506d786 Loading...

	z7gq5.shop/l/hello_kitty/form/js/libs.js	136 B	2023-05-23	2024-03-31
Pretty URL z7gq5.shop/l/hello_kitty/form/js/libs.js IP 172.67.211.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-23 13:43:09 Last Seen2024-03-31 20:17:21 Times Seen962 Hash f8bb29b6886202015e7f5d3e139c3452 2056a53c03c0c412b97eb971e1fc5fda6dc69d63 7a37931451de32846c093d2b676ea92e6d46461299e82b8d448d757fec1a17f3 Loading...

	z7gq5.shop/l/hello_kitty/form/js/main-form.js?v=3.2	11 kB	2024-03-28	2024-03-31
Pretty URL z7gq5.shop/l/hello_kitty/form/js/main-form.js?v=3.2 IP 172.67.211.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 04:38:56 Last Seen2024-03-31 17:50:17 Times Seen45 Hash 0d3f3895c801c582f062a7c3da87f7ee 092df80a92df02b4dd5084642d30947e42a32650 b7a72083d8d371d8d463405f694ff83c0f79f43463287c5413dafe834665044a Loading...

	z7gq5.shop/l/hello_kitty/assets/js/bootstrap.min.js	60 kB	2023-03-07	2024-04-29
Pretty URL z7gq5.shop/l/hello_kitty/assets/js/bootstrap.min.js IP 172.67.211.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-29 04:25:04 Times Seen6372 Hash 6bea60c34c5db6797150610dacdc6bce 544afefd148715da7dd52d368a414703390ca0e0 38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff Loading...

	z7gq5.shop/l/hello_kitty/js/custom.js	1.5 kB	2023-09-30	2024-03-31
Pretty URL z7gq5.shop/l/hello_kitty/js/custom.js IP 172.67.211.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-30 06:33:49 Last Seen2024-03-31 20:17:20 Times Seen964 Hash 7e1a2668f51815ae6f958a894ad2952b bd109a14d6c33954760efb8387391485ee00a931 3b648ed95045a3f19d7b14f37b6532f51a100f7672afe92f325cab9a00b6ec15 Loading...

	z7gq5.shop/l/hello_kitty/form/js/functions.js?v=6	8.1 kB	2024-03-11	2024-03-31
Pretty URL z7gq5.shop/l/hello_kitty/form/js/functions.js?v=6 IP 172.67.211.101 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-11 18:24:54 Last Seen2024-03-31 20:17:20 Times Seen166 Hash 45cb8b56592fca85d2d963dfee4fcf06 dd83aa93527864a1e70628006cba0d69dd8a15a7 77985e719c883be1a0274141e1d75522d6c0409951b6f1b2d44520bd3376ba75 Loading...

	z7gq5.shop/l/hello_kitty/js/jquery-3.1.1.min.js	87 kB	2023-03-07	2024-04-29
Pretty URL z7gq5.shop/l/hello_kitty/js/jquery-3.1.1.min.js IP 172.67.211.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-29 04:25:04 Times Seen264355 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	z7gq5.shop/l/hello_kitty/js/main.js	218 B	2023-03-12	2024-03-31
Pretty URL z7gq5.shop/l/hello_kitty/js/main.js IP 172.67.211.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:04:51 Last Seen2024-03-31 20:17:20 Times Seen942 Hash d2cbe4b2dc5aa429de73bbcc5d5b9d55 ecbd45ad404bc33ba8618a991fa397a652860349 67ffe5d5aeacdc2c2d1df68ad8bd5fb8d07df0ba6d4982ae5c44a588c06ed520 Loading...

	z7gq5.shop/l/hello_kitty/form/js/libs/intlTelInput.js	97 kB	2023-05-22	2024-03-31
Pretty URL z7gq5.shop/l/hello_kitty/form/js/libs/intlTelInput.js IP 172.67.211.101 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-05-22 08:52:07 Last Seen2024-03-31 20:17:20 Times Seen1030 Hash 6680c3e6c8ad99d661fd6e4d8b02b93c c9180217f601bcb8b24fd16e5842f4e27849194f 760829886ac05de7bb063d7df7821013bbda8aee258a12326d3e34077a5bf7fc Loading...

HTTP Transactions (36)

URL IP Response Size

ngdft.blogspot.bg/

216.58.207.193

194 B

URL
ngdft.blogspot.bg/
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text
Size
194 B (194 bytes)
Hash
b7fe3fb0bd8aad5a340bd1f669813abd
ed739d385fe1906ace176a3a3ea839ffb1575679
b33410e6545153b298b46b03218ad974a920ff68b461bdb33d243b319f4c9d7b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET / HTTP/1.1
Host: ngdft.blogspot.bg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://ngdft.blogspot.com/
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Fri, 29 Mar 2024 15:36:44 GMT
expires: Fri, 29 Mar 2024 15:36:44 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 194
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ngdft.blogspot.com/

142.250.74.1

15 kB

URL
ngdft.blogspot.com/
IP
142.250.74.1:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (7139)
Size
15 kB (15026 bytes)
Hash
981b5b538601485a919195728f923ec3
5319190b0d2309036b48cabdcd906811c48136c2
ecb5e62cb119da1f6f28873486e2aa8deddb810666d9e1516c8f3dac5dda9e32

HTTP Headers

GET / HTTP/1.1
Host: ngdft.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Fri, 29 Mar 2024 15:36:45 GMT
date: Fri, 29 Mar 2024 15:36:45 GMT
cache-control: private, max-age=0
last-modified: Thu, 14 Mar 2024 01:03:57 GMT
etag: W/"7e00402736ffda8114bb90c8c8e7b1735001b2c4a54241468d8a6c4f8cb3c117"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 15026
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sh4737904.c.had.su/auto_domain1700087633.php?sid=4185

81.91.178.100

302 Found

0 B

URL User Request GET HTTP/2
sh4737904.c.had.su/auto_domain1700087633.php?sid=4185
IP
81.91.178.100:443
ASN
#204601 Zomro B.V.

Certificate
IssuerLet's Encrypt
Subjectsh4737904.c.had.su
Fingerprint5D:B7:8A:F2:18:4B:ED:51:81:12:EC:64:12:69:EB:18:59:04:45:C6
ValidityTue, 05 Mar 2024 09:47:51 GMT - Mon, 03 Jun 2024 09:47:50 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /auto_domain1700087633.php?sid=4185 HTTP/1.1
Host: sh4737904.c.had.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ngdft.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: ddos-guard
set-cookie: __ddg1_=6a1Tb8K5ROwIpDXx75pd; Domain=.had.su; HttpOnly; Path=/; Expires=Sat, 29-Mar-2025 15:36:45 GMT
date: Fri, 29 Mar 2024 15:36:46 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.2.16
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
location: https://l2nv8.shop/Ujm/go?sid=4185
X-Firefox-Spdy: h2

z7gq5.shop/l/hello_kitty/content/pic1.jpg

172.67.211.101

200 OK

243 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/content/pic1.jpg
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Macintosh), datetime=2024:03:15 23:41:51], progressive, precision 8, 800x445, components 3
Size
243 kB (242601 bytes)
Hash
48ed517d70ca58a35e227d3e25e64107
5c54f9779bfdda8386cb0af1a840e78064489691
cba9eadf9468d6d82ac193d4cb0572dd18d74176e7530c51aad772c243c23301

HTTP Headers

GET /l/hello_kitty/content/pic1.jpg HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: image/jpeg
content-length: 242601
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: "65f4c59b-3b3a9"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C0KXc%2BvcYMuo2xT9I%2FpoJJNEA0vzn8dT%2BHmYIbgrdcR2KVCw%2BOpWcUuBtgGz1dK7uVQO8A4sdZS%2BLx80dRR%2BscOJlx7HFY3Z93rDN9YeVG5LJa9W7%2BI%2BSRcf%2BlD0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f000bbf40afe-OSL
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/content/pic3.jpg

172.67.211.101

200 OK

97 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/content/pic3.jpg
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Macintosh), datetime=2024:03:15 23:42:09], progressive, precision 8, 1280x825, components 3
Size
97 kB (96572 bytes)
Hash
e9e5d8cd1cdeb5db6e9f501b195c3283
fb358c77d11a25a8da280f77e93774dc674aa1d0
c6286b4e9308fc8739e135e41e92e5bc1179e16fd58dff9154d34a90d935e0ed

HTTP Headers

GET /l/hello_kitty/content/pic3.jpg HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: image/jpeg
content-length: 96572
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: "65f4c59b-1793c"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ct3iQKC24aeCMBTLfaVTMRQdyyiHgPNgZ%2FusHHpLQ6AfzYULaA57ExT89HtzvYko1qgsMNIq34Iy6tMu7GnnVaYSYQTprX00OWbFwL76TFJ%2BA8CrCeKr%2FDs9j667"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f000bbf60afe-OSL
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/content/pic4.jpg

172.67.211.101

200 OK

82 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/content/pic4.jpg
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Macintosh), datetime=2024:03:15 23:42:34], progressive, precision 8, 1920x1080, components 3
Size
82 kB (82443 bytes)
Hash
ae6ee1525a40e1c166b09283750e34e0
a58ab378efe975a58e9b0de02d4c2b2343da21f7
ef88af929c5c577c591f70f6861b6ca529f632f117cf7411da608f9788e1accd

HTTP Headers

GET /l/hello_kitty/content/pic4.jpg HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: image/jpeg
content-length: 82443
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: "65f4c59b-1420b"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MsIy3hu1DYM8nP7DVUwA5HOSHZ%2Bo9oLdtZvqLDqvzFyj9rSZsvntk67HnhdbiOT9LE8a84GigeAwJcLC50SMSf1Xfgmbbr0dszNhMXv3AY0EvE8n9RWzue6zz56v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f000bbf90afe-OSL
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/content/pic5.jpg

172.67.211.101

200 OK

130 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/content/pic5.jpg
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Macintosh), datetime=2024:03:15 23:42:53], progressive, precision 8, 900x900, components 3
Size
130 kB (130185 bytes)
Hash
e3d0ad7562b050fe95e10a5b4a083d7b
3cd204be40b940753d0942379e77906853c350f6
16cc235730aaa390f75c2779d91a087dc2ed1ff3015ec3b1271d60559694f72f

HTTP Headers

GET /l/hello_kitty/content/pic5.jpg HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: image/jpeg
content-length: 130185
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: "65f4c59b-1fc89"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VoSCaQpZscgUpymMRzhmHvmGb2LYo%2BfuptXSJMGltFrNECeoQuFALgV6CqLN%2BbrIKuNtyt6g4VoRq6PbkskNBeInmECuAtYqKnZvqIGPNOyCqccmHZQadLf8YRR0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f000bbfb0afe-OSL
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/content/pic7.jpg

172.67.211.101

200 OK

57 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/content/pic7.jpg
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Macintosh), datetime=2024:03:15 23:43:32], progressive, precision 8, 870x400, components 3
Size
57 kB (56761 bytes)
Hash
7542a68aae41b4ae59282116aa30d25f
4280d7f3af29bc8b50e1c4ae5867987430b0bc8d
385a1331c683ecb36eeafb04c3ce3c63928c79600eda11cded327b0173b786f8

HTTP Headers

GET /l/hello_kitty/content/pic7.jpg HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: image/jpeg
content-length: 56761
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: "65f4c59b-ddb9"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2pntkKZf1f88QLyTfUV4fuGtN9YH%2FXCHk%2BmahC22dmEjmuYR3hqkkry6Hom%2FqOFaXWj8qJMDxziP1thq3rEF0nHlrEotGncbNEI9z7GTQZbXKpgX%2BtvBajvMPSvm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f000dc120afe-OSL
alt-svc: h3=":443"; ma=86400

l2nv8.shop/Ujm/go?sid=4185

188.114.96.1

302 Found

39 kB

URL User Request GET HTTP/2
l2nv8.shop/Ujm/go?sid=4185
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectl2nv8.shop
Fingerprint3C:C3:59:C8:F2:46:67:D3:91:0E:46:09:AB:7B:72:70:C2:C9:F0:C8
ValidityTue, 12 Mar 2024 21:44:20 GMT - Mon, 10 Jun 2024 21:44:19 GMT

File type
data
Size
39 kB (38982 bytes)
Hash
ff5b5f3095827e1e781972d75d99f1c2
1d6188b0a10e8b3b15730a5aeda51aa97b529648
16943134f0195ebbe3159dac2c902f0aa152b4a2fe9a80f900b2fb011a63a197

HTTP Headers

GET /Ujm/go?sid=4185 HTTP/1.1
Host: l2nv8.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ngdft.blogspot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 29 Mar 2024 15:36:46 GMT
content-type: text/html; charset=UTF-8
location: https://z7gq5.shop/20V/NNFe77Aa?sid=4185
x-powered-by: PHP/8.2.13
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
pragma: no-cache
expires: -1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EuTDvxPFUkz9NRJo11hTg9qwp3g29wVkMnwyOJbYUla869E5TTcGFLxMjW0Bnv%2BJRFPVJSJDdRT2nBrFgPrUVXVkAQamHAffZdSjlye4ACjyD0vjXvDAiJGHCSaO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0eff99ad3712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z7gq5.shop/l/hello_kitty/form/css/form.css

172.67.211.101

200 OK

1.1 MB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/form/css/form.css
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
ASCII text, with very long lines (475)
Size
1.1 MB (1093846 bytes)
Hash
95481761f3f85efb66fc286ee71e78c9
c81a7f1a536bdd711a8beb369ee561d66ef888f1
428cb8ead48d6fb8d12644a63cd104d772abfd7f16f7dc1ab2560778336be401

HTTP Headers

GET /l/hello_kitty/form/css/form.css HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: text/css
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-1a1f"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2BGQplKg2%2BVkjkDiy%2B8p4wAabWzF8t0zPw89umy45WCwK6fl6gCghYO6Jr0a8MFuSheZbJRnQ9jEXNPCmg8QeCk3JRbE2t%2BXZJ3AOQmcvjQbZ5FTPjItGtlBvP8V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f000abea0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/form/js/libs/utils.js

172.67.211.101

200 OK

64 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/form/js/libs/utils.js
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
JavaScript source, ASCII text, with very long lines (1338)
Size
64 kB (64033 bytes)
Hash
fa4d12a59a70432bcfea49469386291e
3b24fcc6ef44ca3635266a10530d68df4857e7a1
5084ebd7703c470e9e39d58de78661fa7780812d49bf2293217f278429b66c78

HTTP Headers

GET /l/hello_kitty/form/js/libs/utils.js HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/l/hello_kitty/form/js/libs.js
Cookie: sid=4185
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:48 GMT
content-type: application/javascript; charset=utf8
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-5d2f3"
expires: Sun, 28 Apr 2024 15:36:48 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a4pXt05eizflGf58wQaB6J%2FaD0uQ0HQgggFdcngUN4YD6bfqPLNXNAE%2Fp%2BIuXWXF9ruZ10hrirJuXNlMHzcjVMKGqn63rT0UHPtffroaHffhSLqTBM66ePsG0tbC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f002fd990afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/form/img/flags.png

172.67.211.101

200 OK

71 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/form/img/flags.png
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced
Size
71 kB (70857 bytes)
Hash
416250f60d785a2e02f17e054d2e4e44
21572c9751e5a3dc20395befa0fcb349c32c4811
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

HTTP Headers

GET /l/hello_kitty/form/img/flags.png HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/l/hello_kitty/form/css/intlTelInput.css
Cookie: sid=4185
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:48 GMT
content-type: image/png
content-length: 70857
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: "65f4c59b-114c9"
expires: Sun, 28 Apr 2024 12:01:52 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12896
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tZcVj1yFfYFaPPGanZY5CpmT7%2F%2BMsOS1IEpCwFgjvouskqnM6B1CtsiArjBNx7W9XZNG5tt%2BEUSHnO7L5qSVr%2BntiHjC2dmNjJgQXfn%2BZ5AfnNNJfnJPA0gAaQiL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f00969c60afe-OSL
alt-svc: h3=":443"; ma=86400

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-04-29-22-13-57.chain; p384ecdsa=D3A3Wg0ZL83Ri5-yU9iIpUAHYkN8Oyz_MRxuQVg-UNG2ukY_yCQZqq8pgm0edTIC6pJhHME34yCuLhLt5G8BP76TxVVaUfxjwyCd_SzF2pyZIppPN74BhRDpIjeXR2Dp
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Fri, 29 Mar 2024 15:35:53 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 69
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

z7gq5.shop/20V/NNFe77Aa?sid=4185

172.67.211.101

302 Found

62 kB

URL User Request GET HTTP/2
z7gq5.shop/20V/NNFe77Aa?sid=4185
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type

Size
62 kB (61645 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /20V/NNFe77Aa?sid=4185 HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ngdft.blogspot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: text/html; charset=UTF-8
location: https://z7gq5.shop/20V/NNFe77Aa
x-powered-by: PHP/8.2.13
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: sid=4185; expires=Tue, 14 Mar 2084 15:36:47 GMT; Max-Age=1892160000; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F9OofxEL5M37z1WQv46oGU%2BJjXjjng80r7SPcVeCfHds0fbOXFJv%2BxLIBYhWeHlxHCmYVFAXguQGx0M1M4LQ7yCo1bPH7XS6ODoEDZMbtUDX%2FPJD1SIuezIe%2FxeM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0effcb8dd56c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z7gq5.shop/l/hello_kitty/assets/js/bootstrap.min.js

172.67.211.101

200 OK

60 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/assets/js/bootstrap.min.js
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
JavaScript source, ASCII text, with very long lines (59893)
Size
60 kB (60174 bytes)
Hash
6bea60c34c5db6797150610dacdc6bce
544afefd148715da7dd52d368a414703390ca0e0
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

HTTP Headers

GET /l/hello_kitty/assets/js/bootstrap.min.js HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: application/javascript; charset=utf8
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-eb0e"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kgNNDF%2BM2TgJvubuf3o5gNhVKQCISra%2FbwKWabdtdMUDG3A127sR%2B%2BMyEtr2C%2BSDw0fW56AZsaKvlMLenpIkf4P6YCCSzuSsbnrvSv9%2BBj5PdBMRKPOur3ARnOWr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f0012c440afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/form/js/libs/jquery-3.6.0.min.js

172.67.211.101

200 OK

151 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/form/js/libs/jquery-3.6.0.min.js
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
JavaScript source, ASCII text, with very long lines (755)
Size
151 kB (150945 bytes)
Hash
2f9ce5c0e6e3b112156a7ff05ba9e682
5da37b54f5ac446e0d72005a12fcd21dd86f3ac0
8c1d8308190d402fce06d8cd4119a3013d87f1599c65cc6b34a698ed093b191d

HTTP Headers

GET /l/hello_kitty/form/js/libs/jquery-3.6.0.min.js HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/l/hello_kitty/form/js/libs.js
Cookie: sid=4185
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:48 GMT
content-type: application/javascript; charset=utf8
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-24da1"
expires: Sun, 28 Apr 2024 15:36:47 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbbvVelmb0okTcRuqBGEVE89O%2F5dypIzqlIbaXnKXClaKWsP6PfOf7HmMq6gxFujddxR4qnGu5azI%2FoOq%2FY0vo9FkbQnoUsIkVoWiEA7Dzf%2FYqm3fuO6qcLpkgDC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f002fd920afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/form/js/libs/jquery.maskedinput.js

172.67.211.101

200 OK

17 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/form/js/libs/jquery.maskedinput.js
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
JavaScript source, ASCII text
Size
17 kB (16746 bytes)
Hash
d37c584165f7d01f34ba29f5852daacb
7607f09ab544c30e1942c834e54410d15043c60a
d4fe2470c43d76c8d1be7f4cf8c835b1032d48641efbd071da6ab79fb506d786

HTTP Headers

GET /l/hello_kitty/form/js/libs/jquery.maskedinput.js HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/l/hello_kitty/form/js/libs.js
Cookie: sid=4185
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:48 GMT
content-type: application/javascript; charset=utf8
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-416a"
expires: Sun, 28 Apr 2024 15:36:48 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJUCujt5Pz%2F0N1yU2pxmhPLNMOYRuPvlQJ6pEBSqyqTPMyD09c6RxutYuTuy3QRfDtiZGdtMamSY05QAIyB%2Bwy12N85x3D%2B8d%2BUUx24kPiGl4tLpzSsO8fg50Xld"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f002fd9a0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/form/js/functions.js?v=6

172.67.211.101

200 OK

8.1 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/form/js/functions.js?v=6
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
Unicode text, UTF-8 text, with very long lines (8264), with no line terminators
Size
8.1 kB (8074 bytes)
Hash
445d29b579d8c8891938596d87178172
d7aa070c8d6959f9dbff50dcb1861903fad8d677
4cecc898bea1e927ce0c3a773cc422ec25271d67d756a2b8536b2206739c8fbe

HTTP Headers

GET /l/hello_kitty/form/js/functions.js?v=6 HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/l/hello_kitty/form/js/main-form.js?v=3.2
Cookie: sid=4185
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:48 GMT
content-type: application/javascript; charset=utf8
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-1f8a"
expires: Sun, 28 Apr 2024 15:36:48 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FMp3EQI4zQuuoEPLsKMRuTyU5JD6LZrAbLEee9zsyyppqLGZYYsEL0WoYe6TfOdECeq3VZxr3%2FDeTsRNijLj%2B1h5Ty1gmxQ96hIoi70MVzMu0NfvBrIx4%2B0Gx%2BWd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f0034dc80afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/style/app.css

172.67.211.101

200 OK

251 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/style/app.css
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
ASCII text
Size
251 kB (251074 bytes)
Hash
3f061abacbdb579fe29aa6abae07ed5b
76509d96931d3dca282186e041b33d59dafb89b2
18a3021390d85960612d0078549a0aa4587ba21088e30f49baf1090ee6e01738

HTTP Headers

GET /l/hello_kitty/style/app.css HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: text/css
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-3d4c2"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CpeC1KbwkSCto9eUBl18HC687F4zz2HxJIA9l%2B%2BBba45c7%2Fc3aHIBpme74bpZrTGIcVD1PoQul03%2FjPhrrFWWtUVmFRu8K%2Fur8gfA0mA4FWygv2dOQVFkFwzvByD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f000abee0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/style/css_002.css

172.67.211.101

200 OK

7.6 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/style/css_002.css
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
ASCII text, with very long lines (7860), with no line terminators
Size
7.6 kB (7636 bytes)
Hash
dd7011d80d6cc455e39ee5c0dd22c5c9
9e2e1e309028ef62b252be4c0b75fc577155260b
018b57c2738888ac6c710457c47fbbe00e32d86c801817683ed9f6a931b77ef4

HTTP Headers

GET /l/hello_kitty/style/css_002.css HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: text/css
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-1dd4"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GAPDmAkUXM%2FYlqEOkVVV3QN4V%2Fb%2FLHCQMLXIB9yMm1A9w8iU1F71%2BeyPaCxQjU5ZnKpthVZHXd1BJ4Y57PSPPUTGQ%2BxukZyy2Xiz%2FTaiaFFXg9MGesFW3qyvHgxO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f000bbf30afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/form/css/intlTelInput.css

172.67.211.101

200 OK

25 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/form/css/intlTelInput.css
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
ASCII text
Size
25 kB (25254 bytes)
Hash
a69aa970266649e0b08c2cb4bc166568
d9314a52085a2bb6d284421bb18a4c546ecb73d4
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491

HTTP Headers

GET /l/hello_kitty/form/css/intlTelInput.css HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/l/hello_kitty/form/css/form.css
Cookie: sid=4185
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: text/css
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-62a6"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HYoMnD%2FQ9eNGcBu3QDIqccV5SvoCwK5WbB1ouEjW7shAaKrGudlScvhwd1kJZp%2BLh2UVV4J3wTdb0YtaIEjUl%2BOSg8q3sPFVB9ddTxzekwQFT0wXXaUyFUiMQjFd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f0014c5f0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/20V/NNFe77Aa

172.67.211.101

200 OK

62 kB

URL User Request GET HTTP/2
z7gq5.shop/20V/NNFe77Aa
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type

Size
62 kB (61645 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /20V/NNFe77Aa HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ngdft.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: sid=4185
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.13
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E9I%2Ff2YSt%2F%2FTQGrQJ8zNsCXOrFXcLToz70MhH308BQySA019dT3wzlxzJO7E4p0jKw41ueTbL31mGD%2BnXOoytUPHnIqIb5NxOn2wqF13WVucg9T%2BKbx5G9DVlY%2Fz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0effe5a3656c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z7gq5.shop/l/hello_kitty/chunk-vendors.css

172.67.211.101

200 OK

309 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/chunk-vendors.css
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
ASCII text, with very long lines (58126)
Size
309 kB (308569 bytes)
Hash
db356a68a05b7743b166031b677190ab
c3327a043adb6bed2d1ebec33277bedb3a004750
c4c8b35ba21338214dcee8a9a9e26972fd8029cc9b8d26940cc654e459b51fac

HTTP Headers

GET /l/hello_kitty/chunk-vendors.css HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: text/css
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-4b559"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HInj7QoLy6zRRMGHbh3RcehrDaqao4PHa%2BugQSvUW%2FgvhlghHaO3m6oD4X%2BKCkr8Rv7s6%2FGWzp4DcttfYtfrLG1zJyFaZOs9CwgGwaOtJau%2F3pXCMDAwE6abPVEi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f000abef0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/app.css

172.67.211.101

200 OK

251 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/app.css
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
ASCII text
Size
251 kB (251074 bytes)
Hash
3f061abacbdb579fe29aa6abae07ed5b
76509d96931d3dca282186e041b33d59dafb89b2
18a3021390d85960612d0078549a0aa4587ba21088e30f49baf1090ee6e01738

HTTP Headers

GET /l/hello_kitty/app.css HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: text/css
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-3d4c2"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tF9AAdg4IU%2B0EdkQrHECjjhvni44%2B0j%2Bu8Y4moe6rO54wrZKh64wuzxdONMGKwMOZuCAEJnKrtd0h1Pjjmk9k5UaEemlZVdQ2L0i%2BeFCWfqD4tj2TwNXnuUqozG6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f000abf00afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/form/js/libs/intlTelInput.js

172.67.211.101

200 OK

97 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/form/js/libs/intlTelInput.js
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type

Size
97 kB (96729 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /l/hello_kitty/form/js/libs/intlTelInput.js HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/l/hello_kitty/form/js/libs.js
Cookie: sid=4185
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:48 GMT
content-type: application/javascript; charset=utf8
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-179d9"
expires: Sun, 28 Apr 2024 15:36:48 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgLcTGkl7%2FtOycSTzeKhkim6amyuzc%2FB4WJUKeR18JPPKGSvgNOueW47BvYLclcoKH7%2FhRBsx6Ov1INu2Y30UXNseBb%2B9rXqc6EJK9gzCzFq8lwCcVsv7fOLemT9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f002fd970afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

get.geojs.io/v1/ip/country.json

172.67.70.233

200 OK

71 B

URL GET HTTP/2
get.geojs.io/v1/ip/country.json
IP
172.67.70.233:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerLet's Encrypt
Subjectgeojs.io
FingerprintB4:9E:CC:F3:6D:DD:E3:68:A0:4A:B0:10:ED:5E:C2:60:0E:41:FE:36
ValidityMon, 11 Mar 2024 03:28:55 GMT - Sun, 09 Jun 2024 03:28:54 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
71 B (71 bytes)
Hash
c2e58ee58e944b511238efb5a3d9137f
a88d5d17096b9d989640717f15ff283d24518e05
f0c22e4edc2bd23e07eb0e2372551f213d59f46a4d32f76c3f106a04e4115043

HTTP Headers

GET /v1/ip/country.json HTTP/1.1
Host: get.geojs.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://z7gq5.shop
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 15:36:48 GMT
content-type: application/json
x-request-id: bc7cbd335fbf5ba94c973549b2e4994d-AMS
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
x-geojs-location: AMS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZgXyRBfOEkm7M6JxigtFveACesr4SbS1Ls6xx557mUl1nXweERXgxicUM6yDRFw71pHUgH069b0fmgSVnkhWxlGgt3TL6NrsePHEj65UuCyawKiakTpPQs4BbtlwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 86c0f008ce11712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

z7gq5.shop/l/hello_kitty/js/jquery-3.1.1.min.js

172.67.211.101

200 OK

87 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/js/jquery-3.1.1.min.js
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
JavaScript source, ASCII text, with very long lines (32030)
Size
87 kB (86709 bytes)
Hash
e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

HTTP Headers

GET /l/hello_kitty/js/jquery-3.1.1.min.js HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: application/javascript; charset=utf8
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-152b5"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lcITGAVHcwLGBhx7vegNkpoY8KJ3t%2FZROn8Wo306bKtLY5W2SsCM4jvslrXutmVIIDPdpH3F3bTnGCrGHJnfbEsqTyutO4mwTLBTFifwjbqnFiy7XDKFJ%2BXJkV07"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f0011c410afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/js/custom.js

172.67.211.101

200 OK

1.5 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/js/custom.js
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
JavaScript source, ASCII text, with very long lines (1688), with no line terminators
Size
1.5 kB (1531 bytes)
Hash
a7dd43cd0a4faf3a5d7987968e5607b4
1fdb7a97bd6fe031f7417e97aa3a8c645396a338
17952283c6fc648b37d2fc23ad6ab2636392ab9d30f17545fb1b0cfe03ef834e

HTTP Headers

GET /l/hello_kitty/js/custom.js HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: application/javascript; charset=utf8
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-5fb"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FpzXdLg67hFyT8VwUZ1VmbTe8799bSdTu1D0u1lDSrXhjqP1ycABAJDVgB1fJSZdZezkoV%2FhyNd6kl1LN85hj6x2N4eij0MxlCnCzKD5uUTvezb2PHr8EwIQJIzk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f0012c460afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/form/js/libs.js

172.67.211.101

200 OK

136 B

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/form/js/libs.js
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
ASCII text, with no line terminators
Size
136 B (136 bytes)
Hash
412b9a563a3527ea92c8acd0477d1256
a511a6b0e6feb8bcdec25e27404fa59a75bffd09
89e68d47f5ad24040ec77c8355be82213e9a0065f865a1d300d23125cadd8463

HTTP Headers

GET /l/hello_kitty/form/js/libs.js HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: application/javascript; charset=utf8
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-88"
expires: Sun, 28 Apr 2024 15:36:47 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ICXUuF1b8hUKojgEq13gy0kqRbnKlZbIndJu%2Bu0kOSbb3ZpqeBtOTQfkUyLWiEqItAoGwIvhXoYSzvGR5%2Fc3ySg3GMXv9RxM12ZOg63nxyPgNnHk61WZ4TrR5Z%2FZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f0012c490afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/form/js/main-form.js?v=3.2

172.67.211.101

200 OK

11 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/form/js/main-form.js?v=3.2
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type

Size
11 kB (11167 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /l/hello_kitty/form/js/main-form.js?v=3.2 HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: application/javascript; charset=utf8
last-modified: Wed, 27 Mar 2024 19:42:54 GMT
etag: W/"660476be-2b9f"
expires: Sun, 28 Apr 2024 15:36:47 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1sySS1B%2BnLvpq5ozNuSoW1UIo7qAj9uz9bTCQ5xPQp7PKDaQspmV6NR65t5WyY%2FmR%2F%2FFU0GRK97ALbZr1xZKkXS5zj7GNn7jUc%2FdnQpgJWQMcVKwPNzn3DQN8s8E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f0012c4a0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/content/video.gif

172.67.211.101

200 OK

1.1 MB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/content/video.gif
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
GIF image data, version 89a, 720 x 576
Size
1.1 MB (1060841 bytes)
Hash
1025f8e9a1f615a5c03a7a06aa363a9e
2be8a2708b15c29cce7c5183e2465ca104668090
58515f4ec9ad8e6356a40adf432c048ba64401e43dc81ac2b660a38b17912074

HTTP Headers

GET /l/hello_kitty/content/video.gif HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: image/gif
content-length: 1060841
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: "65f4c59b-102fe9"
expires: Sun, 28 Apr 2024 12:01:51 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12896
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W2mhKeVZXlgtlongmJgb8sSGrpyIuWYcgu6fZdx5E%2BGRFoggKgnYUJvUxijxdbtQ0FjuRGR055W%2FabquQ9KqbcPUrnzCgfAck%2F5uZSF0C9L7bL2a8TaSsSy%2Fy97J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f0029d4d0afe-OSL
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/js/main.js

172.67.211.101

200 OK

218 B

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/js/main.js
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
Unicode text, UTF-8 text, with no line terminators
Size
218 B (218 bytes)
Hash
6744ee14a2ff901a384e836d91be6ae1
0b9fc1e6adba8dae4ee2701371e44b53196e806d
e3f909ec16da01389e2cd2ca61df466e355ccb3d4aece742bb1bc68460e7e846

HTTP Headers

GET /l/hello_kitty/js/main.js HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: application/javascript; charset=utf8
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-da"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ZWVV0u5SmNdPwIY5UNT9R3gZdFKDjFFnCq4htRraS%2BezrsUSqIXnkU1OlNWgajB4MR%2FgFTLlokoqEqAt7OrVrl8D78A7oNoq5SWhPk%2BSjBdj2mtr0HCreXeR8iD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f0012c470afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/form/css/modal-error.css

172.67.211.101

200 OK

4.0 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/form/css/modal-error.css
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
ASCII text, with very long lines (4209), with no line terminators
Size
4.0 kB (3971 bytes)
Hash
c690ad3206aec810e24ea2a2f90c023d
9b229c4d9ff6acdde231dd7b278f116713bda30b
d8202caf1c0d1d4d4e4199d8766f31f8dcb13d680d824d658df21e5812dfd3c8

HTTP Headers

GET /l/hello_kitty/form/css/modal-error.css HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/l/hello_kitty/form/css/form.css
Cookie: sid=4185
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: text/css
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-f83"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tAYpocVVVoIKJlmN3kePRUlMnnos7FCRyxWeGV46lcIjWMF2ZgwRi3YSRQnXqCJWNGYRVMfgP2FVHIrik23aDmJzZw%2B37dABigLLzUyX7uO8NzlHiBGbeP0SQXMz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f0014c610afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/favicon.ico

172.67.211.101

200 OK

0 B

URL GET HTTP/3
z7gq5.shop/favicon.ico
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:48 GMT
content-type: image/x-icon
content-length: 0
last-modified: Thu, 09 Feb 2023 00:38:17 GMT
etag: "63e44079-0"
expires: Sun, 28 Apr 2024 09:22:26 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 22462
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yDG6Ql4h6C07v5%2BA6w3qsPdEk%2FG%2F%2FWlyfXUsAGFFDW4qoiU3ANdqqP7kk5qHqZ3uVU7YhKM2vc7HtfCX2ywe3YaUGme4k0GNcapdSAmR3GQn%2BcsqtyUAePxeHJqg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f00919940afe-OSL
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/final-page.css

172.67.211.101

200 OK

380 kB

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/final-page.css
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type
ASCII text, with very long lines (33105)
Size
380 kB (379794 bytes)
Hash
d406ae0e843fe32e24ebaa62af70dd7b
2d813e3c2d46dca714c2b61fd1fc31adb1e70be6
91db0ffc1c47bfb038af493e253458b15d956e53ca961dec3f343a5718e52b6a

HTTP Headers

GET /l/hello_kitty/final-page.css HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/20V/NNFe77Aa
Cookie: sid=4185
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: text/css
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: W/"65f4c59b-5cb92"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxOR4Uv7OWNuVvxGiDbeaMA1sKLKmvNcG7ffSieXqYdTBMZ3C5NWBgIZhl783WOO6roQsfIrbIEIP5HjCZSKykNAaGN6NJ0jq%2FWxYJJXZ1QOUXY8hnplaGt2jtPE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f000bbf10afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

z7gq5.shop/l/hello_kitty/form/css/flags.css

172.67.211.101

200 OK

0 B

URL GET HTTP/3
z7gq5.shop/l/hello_kitty/form/css/flags.css
IP
172.67.211.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://z7gq5.shop/20V/NNFe77Aa
Certificate
IssuerGoogle Trust Services LLC
Subjectz7gq5.shop
Fingerprint1A:F0:72:52:0A:04:4E:8C:1A:A8:05:27:D4:1B:5A:70:19:AE:20:73
ValidityTue, 26 Mar 2024 18:01:09 GMT - Mon, 24 Jun 2024 18:01:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /l/hello_kitty/form/css/flags.css HTTP/1.1
Host: z7gq5.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://z7gq5.shop/l/hello_kitty/form/css/form.css
Cookie: sid=4185
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:36:47 GMT
content-type: text/css
content-length: 0
last-modified: Fri, 15 Mar 2024 22:03:07 GMT
etag: "65f4c59b-0"
expires: Sun, 28 Apr 2024 12:01:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 12897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m7MDWBWqSW2P%2FkRSZv4J6R3kAg7SFljya%2FWp2bgeCMW%2BiSp3Sqr8Uj3WMFjvSbaLwpg1EkL%2Bq68Ycw5idF6zHBqSq917fT6nJqciT%2BM3kclKvmQlCLRMCXdGJ1Yo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f0014c5e0afe-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML