Report - tracking.us.nylas.com/l/a7a7512126ac4eca9ca66755dea904d4/0/48791d3d21535ff1f0bd7e61cfb062fb110696431c7ebe62827681d334c661d9?cache

Report Overview

Visited public
2024-12-10 22:30:51
Tags
suspicious
URL
tracking.us.nylas.com/l/a7a7512126ac4eca9ca66755dea904d4/0/48791d3d21535ff1f0bd7e61cfb062fb110696431c7ebe62827681d334c661d9?cache_buster=1733868639
Finishing URL
pepe.access-net.work/
IP / ASN
151.101.131.52
#54113 FASTLY
Title
PEPE REWARD SEASON
Suspicious - Anti-debugging code

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
pepe.access-net.work	unknown	2024-12-07	2024-12-10	2024-12-10	5.5 kB	9.3 MB	188.114.97.1
code.tidio.co	15677	2014-06-01	2014-11-27	2024-12-05	430 B	6.8 kB	172.67.72.223
cdn.static-cdn.co	unknown	2024-05-18	2024-09-19	2024-09-25	531 B	33 kB	104.21.1.96
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-12-04	1.3 kB	123 kB	151.101.129.229
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2024-12-04	465 B	20 kB	142.250.74.106
static-cdn.co	unknown	2024-05-18	2024-08-30	2024-09-25	436 B	818 B	172.67.128.250
tracking.us.nylas.com	unknown	2001-11-07	2024-02-15	2024-12-03	601 B	646 B	151.101.131.52
widget-v4.tidiochat.com	17456	2014-06-01	2018-06-14	2024-12-06	3.2 kB	526 kB	104.26.8.139
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2024-12-04	896 B	148 kB	104.17.25.14
1rpc.io	unknown	2022-08-02	2022-08-18	2024-12-07	511 B	5.2 kB	20.105.41.175
socket.tidio.co	14023	2014-06-01	2017-11-23	2024-12-06	1.3 kB	330 B	54.154.254.21

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	unknown	Function	37 B	2023-04-11	2025-06-25
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-06-25 04:23 Times Seen280430 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	code.tidio.co/zsljmyk2oumr6ynfk8gdqjajurdmsats.js	ScriptElement	5.9 kB	2024-12-10	2024-12-11
Pretty URL code.tidio.co/zsljmyk2oumr6ynfk8gdqjajurdmsats.js IP 172.67.72.223 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-10 22:30 Last Seen2024-12-11 23:42 Times Seen7 Hash 573cd90831835353c19cd3485341ad5d 26b7cf94408915df8d0317aea327a62d7f50a76f 631c442cb6a5a0f4fc7eebe99f256eb366a5e3be7ffd316328892599c03633ca Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js	ScriptElement	61 kB	2023-11-02	2025-06-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 21:20 Last Seen2025-06-25 03:40 Times Seen1945 Hash d9c6de0df2bf028d93924aff92487904 6596050516dd12af52d9b0e7b18ed837f1d81300 769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc Loading...

	cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js	ScriptElement	736 kB	2023-03-07	2025-06-24
Pretty URL cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:58 Last Seen2025-06-24 11:05 Times Seen1687 Hash 268d19762594655239a29d058a7e8b44 f06da2f7a68114b8dda38a0d782d65ddacc9c0e8 95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618 Loading...

	widget-v4.tidiochat.com/1_278_0/static/js/widget.32b9f29f9f96cd47ed32.js	ScriptElement	496 kB	2024-12-10	2024-12-11
Pretty URL widget-v4.tidiochat.com/1_278_0/static/js/widget.32b9f29f9f96cd47ed32.js IP 104.26.8.139 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-10 22:30 Last Seen2024-12-11 23:42 Times Seen7 Hash 2e0bc3a0f7d750d6a26012aee15893ca bb503e7bda9046dace7c736d9ae7777b5e85e284 b7d3943007504b40b1f17f9919c969d98bab8009f7473446b52ffb047dd3f736 Loading...

	unknown	Function	34 B	2023-04-11	2025-06-25
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16 Last Seen2025-06-25 02:08 Times Seen67338 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	pepe.access-net.work/725f8ecc-578f-41b3-b1bd-64ce4f808d9a.js	ScriptElement	3.2 MB	2024-12-10	2024-12-10
Pretty URL pepe.access-net.work/725f8ecc-578f-41b3-b1bd-64ce4f808d9a.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-10 22:30 Last Seen2024-12-10 22:30 Times Seen1 Hash 9774f23b652ab49be78a37ef07985036 f0cb38160c3b697a2f5d34d7b0e893b17e128731 56f1935607de5e50ee162373be6c851efedd97e4cd5c18ae1ca9c116174d0a42 Loading...

	unknown	Function	79 B	2023-04-11	2025-06-25
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-06-25 04:23 Times Seen116006 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

HTTP Transactions (32)

URL IP Response Size

GET tracking.us.nylas.com/l/a7a7512126ac4eca9ca66755dea904d4/0/48791d3d21535ff1f0bd7e61cfb062fb110696431c7ebe62827681d334c661d9?cache_buster=1733868639

151.101.131.52

301 Moved Permanently

64 B

URL User Request GET HTTP/2
tracking.us.nylas.com/l/a7a7512126ac4eca9ca66755dea904d4/0/48791d3d21535ff1f0bd7e61cfb062fb110696431c7ebe62827681d334c661d9?cache_buster=1733868639
IP
151.101.131.52:443
ASN
#54113 FASTLY

Certificate
IssuerLet's Encrypt
Subject*.us.nylas.com
Fingerprint53:82:14:9C:27:11:8F:E7:67:CE:2E:89:74:63:63:38:7A:6F:90:81
ValiditySun, 17 Nov 2024 19:53:28 GMT - Sat, 15 Feb 2025 19:53:27 GMT

File type
HTML document, ASCII text
Size
64 B (64 bytes)
Hash
9965933a72eae8af94ebe81403ce4691
43d82c4a1b42b53696924172c27ea124c906f032
1ab805fe64ac625a66811eb27ea74dfc1715e07a50c1a341dfb921b5ae81f5aa

HTTP Headers

GET /l/a7a7512126ac4eca9ca66755dea904d4/0/48791d3d21535ff1f0bd7e61cfb062fb110696431c7ebe62827681d334c661d9?cache_buster=1733868639 HTTP/1.1
Host: tracking.us.nylas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
via: 1.1 google, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-store
x-unique-id: 1734266809-ccb4305f-2516-43ed-b3ad-27188e68203f
content-type: text/html; charset=utf-8
location: https://pepe.access-net.work/
accept-ranges: bytes
date: Tue, 10 Dec 2024 22:30:24 GMT
x-served-by: cache-hel1410023-HEL, cache-hel1410034-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1733869824.816869,VS0,VE185
x-fastly-id: 2662231756
strict-transport-security: max-age=31557600
content-length: 64
X-Firefox-Spdy: h2

GET pepe.access-net.work/logo.jpg

188.114.97.1

200 OK

7.7 kB

URL GET HTTP/3
pepe.access-net.work/logo.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectaccess-net.work
Fingerprint84:A4:B3:F5:DF:05:E3:98:69:C6:81:F1:34:B8:13:B8:03:92:B8:7D
ValiditySun, 08 Dec 2024 14:38:08 GMT - Sat, 08 Mar 2025 14:38:07 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3
Size
7.7 kB (7664 bytes)
Hash
a969f4c637bbd86fd529975d4d934b85
c5c3295f49af168d71f693e52d0feaa752aede25
a9e9f3ab53682728a3d5f6fcc2285cdf4fb04be0fa57ed817116a6e51ebf6157

HTTP Headers

GET /logo.jpg HTTP/1.1
Host: pepe.access-net.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 10 Dec 2024 22:30:24 GMT
content-type: image/jpeg
content-length: 7664
last-modified: Mon, 09 Dec 2024 16:19:29 GMT
etag: "1df0-628d8baa21d52"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hl8hyc%2BM1C%2BtKrxq5Euhi%2F2oSYk0W481qWiPwG9p6S8tyV0jvOoUSjMXD6Uw2LRpRw1dFs%2B9HM2Hbj1WvnUUgdVrKZXpZCq%2Bf5axZ37RXA9ponpSvZTLcmA%2Fc%2BG58p7jOyPE7GHRyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f00ade298dc0b49-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3916&min_rtt=3678&rtt_var=1854&sent=17&recv=14&lost=0&retrans=0&sent_bytes=4232&recv_bytes=2893&delivery_rate=106162&cwnd=12000&unsent_bytes=0&cid=9d25f34b05ce0ab5&ts=319&x=1", cfExtPri, cfHdrFlush;dur=0

GET pepe.access-net.work/images/solana.b216120d.png

188.114.97.1

200 OK

60 kB

URL GET HTTP/3
pepe.access-net.work/images/solana.b216120d.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectaccess-net.work
Fingerprint84:A4:B3:F5:DF:05:E3:98:69:C6:81:F1:34:B8:13:B8:03:92:B8:7D
ValiditySun, 08 Dec 2024 14:38:08 GMT - Sat, 08 Mar 2025 14:38:07 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGB, non-interlaced
Size
60 kB (60014 bytes)
Hash
f6fabe148d1582563efb8afbbef1fbba
33f7a4720bdb295588d31639b21953bbaf56cb51
fd0f44f099be26e02727200b68d997034e225706516c88a720992e966d155c5a

HTTP Headers

GET /images/solana.b216120d.png HTTP/1.1
Host: pepe.access-net.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 10 Dec 2024 22:30:24 GMT
content-type: image/png
content-length: 60014
last-modified: Mon, 09 Dec 2024 16:19:29 GMT
etag: "ea6e-628d8baa41150"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EvuVoiUmKe%2FwkyHgY5spCHPmgkWTAeA9FJoNPMj1AebKh33%2Fxx5DmrF48ztJ%2F04XXDlYemXL9kS5AsWhTb4MxdE1vlK9BG4bftZ2AXuOgQixWHzzj6D8qwBebaVLzwIclakak940uA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f00ade298e60b49-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3688&min_rtt=2090&rtt_var=1847&sent=25&recv=15&lost=0&retrans=0&sent_bytes=12841&recv_bytes=2937&delivery_rate=28566&cwnd=12000&unsent_bytes=0&cid=9d25f34b05ce0ab5&ts=324&x=1", cfExtPri, cfHdrFlush;dur=0

GET pepe.access-net.work/images/tron.a217d61c.jpg

188.114.97.1

200 OK

12 kB

URL GET HTTP/3
pepe.access-net.work/images/tron.a217d61c.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectaccess-net.work
Fingerprint84:A4:B3:F5:DF:05:E3:98:69:C6:81:F1:34:B8:13:B8:03:92:B8:7D
ValiditySun, 08 Dec 2024 14:38:08 GMT - Sat, 08 Mar 2025 14:38:07 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3
Size
12 kB (11795 bytes)
Hash
465ef03f9fff275756e2ea629c64cc55
4cc32822cdcec3053026ce72595e549bb71934d9
313df7a524f1e5e163881e7af584d56d03d4e3a25f6f2f5e56ccc6bb20b4438e

HTTP Headers

GET /images/tron.a217d61c.jpg HTTP/1.1
Host: pepe.access-net.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 10 Dec 2024 22:30:24 GMT
content-type: image/jpeg
content-length: 11795
last-modified: Mon, 09 Dec 2024 16:19:29 GMT
etag: "2e13-628d8baa41150"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kog0b%2BuhSMSfyrcCpXm1EWR5XPfmmLWHb527YWo%2B1uHDJSfsUXr0TL6O2JX5IlIXK2R6Iy2ulV%2BJqmhn1SRHisYjcAllqSkomvHM7SsZbF6qMVQHbgsrs0eT3L%2FK2qnVDJ%2Fzx3%2BYOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f00ade298e90b49-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3688&min_rtt=2090&rtt_var=1847&sent=35&recv=15&lost=0&retrans=0&sent_bytes=24841&recv_bytes=2937&delivery_rate=28566&cwnd=12000&unsent_bytes=0&cid=9d25f34b05ce0ab5&ts=324&x=1", cfExtPri, cfHdrFlush;dur=4

GET pepe.access-net.work/body.jpg

188.114.97.1

200 OK

20 kB

URL GET HTTP/3
pepe.access-net.work/body.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectaccess-net.work
Fingerprint84:A4:B3:F5:DF:05:E3:98:69:C6:81:F1:34:B8:13:B8:03:92:B8:7D
ValiditySun, 08 Dec 2024 14:38:08 GMT - Sat, 08 Mar 2025 14:38:07 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x426, components 3
Size
20 kB (19920 bytes)
Hash
294bb2aaa6ae4b2ddeb57520ec7ca351
ef15dbd2a80a30bf0940c4902d6a60fc1a71e85b
e27ab408d9bcc83f6b34c66c14ae1651d8042245b3ecd361b4eb623fa9b1c8a3

HTTP Headers

GET /body.jpg HTTP/1.1
Host: pepe.access-net.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 10 Dec 2024 22:30:24 GMT
content-type: image/jpeg
content-length: 19920
last-modified: Mon, 09 Dec 2024 16:19:29 GMT
etag: "4dd0-628d8baa20db3"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p44TSmVd4a9s2xOWRYmNjFuFVptDTO%2B6YlWnkYGVuQjMleojc2ULYZeVKrnc2FR8dnZ%2BVNgcxzmLQs1Vy9o9DnCaggkQ2I79%2BVx3NVvJOBoa%2BPNF7bWo2P2ZHUy%2FbFHObEVBh2SpXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f00ade298dd0b49-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2618&min_rtt=1108&rtt_var=1635&sent=126&recv=21&lost=0&retrans=0&sent_bytes=131994&recv_bytes=3204&delivery_rate=25396313&cwnd=48000&unsent_bytes=0&cid=9d25f34b05ce0ab5&ts=386&x=1", cfExtPri, cfHdrFlush;dur=0

GET pepe.access-net.work/styles/app.css

188.114.97.1

200 OK

2.6 kB

URL GET HTTP/3
pepe.access-net.work/styles/app.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectaccess-net.work
Fingerprint84:A4:B3:F5:DF:05:E3:98:69:C6:81:F1:34:B8:13:B8:03:92:B8:7D
ValiditySun, 08 Dec 2024 14:38:08 GMT - Sat, 08 Mar 2025 14:38:07 GMT

File type
ASCII text, with very long lines (9295), with no line terminators
Size
2.6 kB (2552 bytes)
Hash
15f01ed8edfd756f8c0cbfba8029d5d5
4924579a5946dd2a27d697acc556830f73c55bfd
f9f8e027876579870afdf4be6afe58a7ebdd1beb717dc9c16ffacd82f9d3c3c9

HTTP Headers

GET /styles/app.css HTTP/1.1
Host: pepe.access-net.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 10 Dec 2024 22:30:24 GMT
content-type: text/css
content-length: 2552
last-modified: Mon, 09 Dec 2024 16:19:29 GMT
etag: "244f-628d8baa71e8d-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=goXGQHX7IfT2bGH%2FvZ%2BWsp9sYtJHcJdU27MLxeeeJZUrfCCEc%2F3CbDRzdSsMZwm26Z7WTQ9MdkTKTOrzul%2BnumRH83byqeZBwwmAbvPzjJDlc%2FKf8qNTCHJ3FSp%2B3Kqcdq50meXlxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f00ade298da0b49-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2048&min_rtt=844&rtt_var=1306&sent=184&recv=25&lost=0&retrans=0&sent_bytes=199875&recv_bytes=3386&delivery_rate=19868631&cwnd=96000&unsent_bytes=0&cid=9d25f34b05ce0ab5&ts=394&x=1", cfExtPri, cfHdrFlush;dur=0

GET pepe.access-net.work/images/loading.54054662.gif

188.114.97.1

200 OK

54 kB

URL GET HTTP/3
pepe.access-net.work/images/loading.54054662.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectaccess-net.work
Fingerprint84:A4:B3:F5:DF:05:E3:98:69:C6:81:F1:34:B8:13:B8:03:92:B8:7D
ValiditySun, 08 Dec 2024 14:38:08 GMT - Sat, 08 Mar 2025 14:38:07 GMT

File type
GIF image data, version 89a, 240 x 240
Size
54 kB (54143 bytes)
Hash
4e3f150734058659a6b9b90b433d98c3
93c02516d4c0731ffce955ec5fb0f468d56fd6ba
9f9cf73dcb9971a674e558767f9a9a0c3bccf023577eca4a93a357243bbf6947

HTTP Headers

GET /images/loading.54054662.gif HTTP/1.1
Host: pepe.access-net.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 10 Dec 2024 22:30:24 GMT
content-type: image/gif
content-length: 54143
last-modified: Mon, 09 Dec 2024 16:19:29 GMT
etag: "d37f-628d8baa3a3f1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s7DQZ4DlfASKHOmxz%2BOhagXROryOa17wB90Qo49VUVoS%2BnbjilFE0B6c%2FFhW2Ro8w6ouzJGZVbI8dN6ZwANHmPiIVV2epvKbAlaLoxBgmYBf9BbxqlZjldGGFO31q5XNv%2BOyLdE5cw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f00ade298e00b49-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1856&min_rtt=844&rtt_var=1047&sent=274&recv=27&lost=0&retrans=0&sent_bytes=306406&recv_bytes=3477&delivery_rate=4566797&cwnd=96000&unsent_bytes=0&cid=9d25f34b05ce0ab5&ts=403&x=1", cfExtPri, cfHdrFlush;dur=1

GET widget-v4.tidiochat.com/zsljmyk2oumr6ynfk8gdqjajurdmsats.js

104.26.8.139

302 Found

7.0 kB

URL GET HTTP/2
widget-v4.tidiochat.com/zsljmyk2oumr6ynfk8gdqjajurdmsats.js
IP
104.26.8.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint98:23:8F:C6:A0:05:B5:86:45:40:D6:0F:88:9B:AA:96:DB:25:0E:7F
ValidityFri, 08 Nov 2024 06:03:50 GMT - Thu, 06 Feb 2025 06:03:49 GMT

File type
data
Size
7.0 kB (6977 bytes)
Hash
80277d3a1d60c5fc586211bc8e943961
30e563c3d6da11d53fa6fcc03d46be90f98fc664
b480526af9878a20c5da47738235b44600c12783e9d6c153ce18b80e285005cf

HTTP Headers

GET /zsljmyk2oumr6ynfk8gdqjajurdmsats.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pepe.access-net.work/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 10 Dec 2024 22:30:24 GMT
content-type: text/html
location: https://widget-v4.tidiochat.com/1_278_0/static/js/render.32b9f29f9f96cd47ed32.js
cache-control: private, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JEeYMaYRZ%2B9Xsjc9IhqjNO0gNwBaplcV%2FOV2oDKLDIEQPa0%2FhXuVzee6jQ2VqsOHLg%2BNkxSZbgfQDcfck9c%2F6HebV5pWPlHqtT%2Br00vV1nMTNG5GfB%2FJTQzK3r%2BX2KfGoY8Tnuthw%2FvL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f00ade41f3b0b41-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=486&min_rtt=423&rtt_var=145&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3206&recv_bytes=1086&delivery_rate=7743315&cwnd=254&unsent_bytes=0&cid=c01b46e415ccae69&ts=92&x=0"
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js

104.17.25.14

200 OK

20 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02
ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT

File type
JavaScript source, ASCII text, with very long lines (60819), with no line terminators
Size
20 kB (19621 bytes)
Hash
d9c6de0df2bf028d93924aff92487904
6596050516dd12af52d9b0e7b18ed837f1d81300
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc

HTTP Headers

GET /ajax/libs/crypto-js/4.2.0/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Dec 2024 22:30:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 19621
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65384d58-4ca5"
last-modified: Tue, 24 Oct 2023 23:03:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1111115
expires: Sun, 30 Nov 2025 22:30:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wPGnldkR8enlRWh0U8JCW7Iqoh616ajPNQIeovoAi%2B%2BJvWvM5NFPBgmH4pSbe0d%2BNjLCLiX7HZ00nv4Ylk2qM5u6UcIKmrXZhLZ5EACiGHpRaim6tO56XFvRNufYAEIlrb7zp6XM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8f00ade8abc2b500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js

104.17.25.14

200 OK

126 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02
ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
126 kB (125841 bytes)
Hash
268d19762594655239a29d058a7e8b44
f06da2f7a68114b8dda38a0d782d65ddacc9c0e8
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618

HTTP Headers

GET /ajax/libs/ethers/5.6.9/ethers.umd.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 10 Dec 2024 22:30:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 125841
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62ad87d5-1eb91"
last-modified: Sat, 18 Jun 2022 08:07:49 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1459413
expires: Sun, 30 Nov 2025 22:30:25 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mscny7myBmeZOuyCqTSWdJcHT7ifzOTZuU1Obg50Rnx2v9oKrHHpO0KoOQCn1I3mffYofNqmZUx1jVLxKumIlSUSOTPUVLwA%2FecMlAtmYPHsnb01UrPGammlGGIIURtS3cJksfWN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8f00ade95df956aa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET widget-v4.tidiochat.com/1_278_0/static/js/chunk-WidgetIframe-32b9f29f9f96cd47ed32.js

104.26.8.139

200 OK

142 kB

URL GET HTTP/2
widget-v4.tidiochat.com/1_278_0/static/js/chunk-WidgetIframe-32b9f29f9f96cd47ed32.js
IP
104.26.8.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint98:23:8F:C6:A0:05:B5:86:45:40:D6:0F:88:9B:AA:96:DB:25:0E:7F
ValidityFri, 08 Nov 2024 06:03:50 GMT - Thu, 06 Feb 2025 06:03:49 GMT

File type
gzip compressed data, from Unix
Size
142 kB (142238 bytes)
Hash
0a88f517a3571d0868619352743ba40a
1e761586b35a6ecfbcb9c9d7c2a7456aae6e4687
0caceec9bf8d26f52307746d1dbb8e7bdfd4b8552847ce010a60ec99a0c789ee

HTTP Headers

GET /1_278_0/static/js/chunk-WidgetIframe-32b9f29f9f96cd47ed32.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 10 Dec 2024 22:30:25 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 13:40:28 GMT
vary: Accept-Encoding
etag: W/"675844cc-5df5f"
content-encoding: gzip
cache-control: max-age=691200
cf-cache-status: HIT
age: 2663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bub7MU0PpHbZe9ZSlaD1Hfj5Fj%2B4WkKslsedzmGGrasYGbSNIManUaaNZeOjiezCn6IKD%2B8ebJ24WLN9VHXWKqnTL%2BCd19USWIjn%2Fd6cAR4QT5k2WdTpf0RAGDOOht7G9SR0I%2BwgSTDa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f00ade96b090b41-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=582&min_rtt=423&rtt_var=227&sent=14&recv=15&lost=0&retrans=0&sent_bytes=6999&recv_bytes=1478&delivery_rate=7743315&cwnd=257&unsent_bytes=0&cid=c01b46e415ccae69&ts=892&x=0"
X-Firefox-Spdy: h2

GET widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2

104.26.8.139

200 OK

27 kB

URL GET HTTP/2
widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
IP
104.26.8.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint98:23:8F:C6:A0:05:B5:86:45:40:D6:0F:88:9B:AA:96:DB:25:0E:7F
ValidityFri, 08 Nov 2024 06:03:50 GMT - Thu, 06 Feb 2025 06:03:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27400, version 1.0
Size
27 kB (27400 bytes)
Hash
d96e6550e1c6b3063f60875bfd4a0870
c1b22f0d075bd4413686866134fffcccb3f487b8
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

HTTP Headers

GET /fonts/mulish_SGhgqk3wotYKNnBQ.woff2 HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pepe.access-net.work
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 10 Dec 2024 22:30:25 GMT
content-type: font/woff2
content-length: 27400
last-modified: Tue, 10 Dec 2024 13:40:26 GMT
etag: "675844ca-6b08"
access-control-allow-origin: *
cache-control: max-age=691200
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2BYyLy0882JLHp1Voj5OuRsLePJ27hPLVd%2BeUQRQgkeBVYX15sDXlw4cxOn8BG5QGUYoXy3EGL4l48OV9vHuKxOBlZlj7nQ0zGq7i2pMUozsRbR8YjZukxhoyVK%2B3BGtBJY%2FWFBv1NwN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f00ade96b0b0b41-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=666&min_rtt=423&rtt_var=113&sent=124&recv=40&lost=0&retrans=0&sent_bytes=151762&recv_bytes=1745&delivery_rate=65971962&cwnd=257&unsent_bytes=0&cid=c01b46e415ccae69&ts=936&x=0"
X-Firefox-Spdy: h2

GET widget-v4.tidiochat.com//tururu.mp3

104.26.8.139

206 Partial Content

7.2 kB

URL GET HTTP/2
widget-v4.tidiochat.com//tururu.mp3
IP
104.26.8.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint98:23:8F:C6:A0:05:B5:86:45:40:D6:0F:88:9B:AA:96:DB:25:0E:7F
ValidityFri, 08 Nov 2024 06:03:50 GMT - Thu, 06 Feb 2025 06:03:49 GMT

File type
MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Monaural
Size
7.2 kB (7224 bytes)
Hash
5061b4d134a7b4d5d744f9a127b757a8
c5e240ac60d3914cb3836ba6652105c67720b845
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

HTTP Headers

GET //tururu.mp3 HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Tue, 10 Dec 2024 22:30:25 GMT
content-type: audio/mpeg
content-length: 7224
last-modified: Wed, 20 Nov 2024 09:57:05 GMT
etag: "673db271-1c38"
expires: Fri, 06 Dec 2024 05:41:18 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1615747
content-range: bytes 0-7223/7224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w4Vz8e4cxQJa0TEN7zuKrxf%2BBFONWX0DTHD2vYUoXvsVx%2F42YlHzB7%2B%2FZnsFs6sEm0xsseVJrUuECUX%2B62VlcVB7VFeLflHmGCm5SWm23EgIOVgxQNd7IhrnKIHThUYprD%2BkcOp8EWBV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f00adeb7ceb0b41-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=9702&min_rtt=423&rtt_var=16182&sent=282&recv=56&lost=0&retrans=1&sent_bytes=364811&recv_bytes=1820&delivery_rate=3553374&cwnd=259&unsent_bytes=0&cid=c01b46e415ccae69&ts=1221&x=0"
X-Firefox-Spdy: h2

GET widget-v4.tidiochat.com/1_278_0/static/js/widget.32b9f29f9f96cd47ed32.js

104.26.8.139

200 OK

191 kB

URL GET HTTP/2
widget-v4.tidiochat.com/1_278_0/static/js/widget.32b9f29f9f96cd47ed32.js
IP
104.26.8.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint98:23:8F:C6:A0:05:B5:86:45:40:D6:0F:88:9B:AA:96:DB:25:0E:7F
ValidityFri, 08 Nov 2024 06:03:50 GMT - Thu, 06 Feb 2025 06:03:49 GMT

File type
gzip compressed data, from Unix
Size
191 kB (190680 bytes)
Hash
de42feeb1cf9d8be17a9e8433540b412
a665d464981d82489ee9109d6176a2f72c5e539d
6155d0f7ad2ef7960d558a052ddd4c2c4790e48dae43d6176cf25f9685716eda

HTTP Headers

GET /1_278_0/static/js/widget.32b9f29f9f96cd47ed32.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 10 Dec 2024 22:30:25 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 13:40:28 GMT
vary: Accept-Encoding
etag: W/"675844cc-78fa3"
content-encoding: gzip
cache-control: max-age=691200
cf-cache-status: HIT
age: 2665
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5sGtwmtLLUcnkPPKg4hTQPkDUVewk4%2BpL83HOWJdlMVo3q%2Fd6leegUhAYb1Mj1hoTxUHX9OTSvzHDHKgycjY7J%2BnTP0GrqwVHaLnai%2FxFyhBEUlv5jMewxgXkHvSpDnxnynwbnCivxRg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f00ade9bb4a0b41-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=655&min_rtt=423&rtt_var=80&sent=146&recv=47&lost=0&retrans=0&sent_bytes=179885&recv_bytes=1745&delivery_rate=65971962&cwnd=257&unsent_bytes=0&cid=c01b46e415ccae69&ts=941&x=0"
X-Firefox-Spdy: h2

GET pepe.access-net.work/725f8ecc-578f-41b3-b1bd-64ce4f808d9a.js

188.114.97.1

200 OK

1.2 MB

URL GET HTTP/3
pepe.access-net.work/725f8ecc-578f-41b3-b1bd-64ce4f808d9a.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectaccess-net.work
Fingerprint84:A4:B3:F5:DF:05:E3:98:69:C6:81:F1:34:B8:13:B8:03:92:B8:7D
ValiditySun, 08 Dec 2024 14:38:08 GMT - Sat, 08 Mar 2025 14:38:07 GMT

File type
gzip compressed data, from Unix
Size
1.2 MB (1188647 bytes)
Hash
95dbb055f29fde707219ccf48e48b0a4
d06c8f31f0e9e8ec9cf5542111558eb465528f2b
0a287d727eec5a3c81425bffe0154957c2f2945560b3c294b3c6a110ab0285ef

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Anti-debugging code

HTTP Headers

GET /725f8ecc-578f-41b3-b1bd-64ce4f808d9a.js HTTP/1.1
Host: pepe.access-net.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 10 Dec 2024 22:30:24 GMT
content-type: text/javascript
last-modified: Mon, 09 Dec 2024 16:19:29 GMT
etag: "310165-628d8baa8188c-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YyQzJELPTuHuliH7jZa3siq5XLTxR3o3kdkNiLEKHrZq7nZgVMv82AKfRMa2jZmaejaca2InXmOR%2Fz61I%2BYNsPMcnxYMz7HExIjSGMcl5TBmatO3OEVd4z81aFQTTCZzPHSZcPKlLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f00ade298d90b49-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3005&min_rtt=1108&rtt_var=1725&sent=89&recv=19&lost=0&retrans=0&sent_bytes=87846&recv_bytes=3114&delivery_rate=35201098&cwnd=48000&unsent_bytes=0&cid=9d25f34b05ce0ab5&ts=370&x=1", cfExtPri, cfHdrFlush;dur=0

OPTIONS 1rpc.io/bnb

20.105.41.175

200 OK

4.9 kB

URL OPTIONS HTTP/2
1rpc.io/bnb
IP
20.105.41.175:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://pepe.access-net.work/
Certificate
IssuerLet's Encrypt
Subject1rpc.io
FingerprintE1:EE:51:A5:A3:43:41:87:2B:A4:0F:1D:B4:64:C0:E1:F7:62:CD:31
ValiditySun, 08 Dec 2024 12:48:25 GMT - Sat, 08 Mar 2025 12:48:24 GMT

File type
JSON text data
Size
4.9 kB (4902 bytes)
Hash
995869c31a9df37b5bd1af3046e8e1f2
6c6e9b66a02c0f04c60b1b19eb83718cfa7e3ac6
9d5afa615447c26d83c55d3f0bd0856c6f1a6622b3ce9244f4db9e886a565ddb

HTTP Headers

OPTIONS /bnb HTTP/1.1
Host: 1rpc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pepe.access-net.work/
Origin: https://pepe.access-net.work
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: AutomataGeode/0.1.0
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
access-control-allow-credentials: true
date: Tue, 10 Dec 2024 22:30:25 GMT
X-Firefox-Spdy: h2

socket.tidio.co/socket.io/?ppk=zsljmyk2oumr6ynfk8gdqjajurdmsats&device=desktop&cmv=2_0&EIO=4&transport=websocket

54.154.254.21

101 Switching Protocols

0 B

URL
socket.tidio.co/socket.io/?ppk=zsljmyk2oumr6ynfk8gdqjajurdmsats&device=desktop&cmv=2_0&EIO=4&transport=websocket
IP
54.154.254.21:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socket.io/?ppk=zsljmyk2oumr6ynfk8gdqjajurdmsats&device=desktop&cmv=2_0&EIO=4&transport=websocket HTTP/1.1
Host: socket.tidio.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://pepe.access-net.work
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /10zmQrVld1NqwK4NKP4vg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Tue, 10 Dec 2024 22:30:26 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: h+xWZvO6ZyaO0XxiNN91wE7q3ws=

GET pepe.access-net.work/styles/modal-12-seed.css

188.114.97.1

200 OK

5.1 kB

URL GET HTTP/3
pepe.access-net.work/styles/modal-12-seed.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectaccess-net.work
Fingerprint84:A4:B3:F5:DF:05:E3:98:69:C6:81:F1:34:B8:13:B8:03:92:B8:7D
ValiditySun, 08 Dec 2024 14:38:08 GMT - Sat, 08 Mar 2025 14:38:07 GMT

File type
ASCII text, with very long lines (29381), with no line terminators
Size
5.1 kB (5116 bytes)
Hash
e3e81fcf59ccd09e58a6b2d236358763
a0af6da6b9d6cd063a0d15746fa66cdb80e2ce98
3457317dd30b5da56a84c62342b66e60acaaa1641b210916f6c23216b558b4cd

HTTP Headers

GET /styles/modal-12-seed.css HTTP/1.1
Host: pepe.access-net.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Cookie: gacfxdn1x7=jQMNUgHPjRjwdvK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 10 Dec 2024 22:30:26 GMT
content-type: text/css
content-length: 5116
last-modified: Mon, 09 Dec 2024 16:19:29 GMT
etag: "72c5-628d8baa72e2d-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fnxKFWmdkvE6Ig3j1RGuyjflGkAsMvCzYjH54MiLwJCkDVxKiZuGP2EUDoqSw5mzSa2lYlJskpXaHFjJNeggI8WflpiCHl9FX4U9FU05uUbXuaCwGnNBn0QVlJ2ao%2B6hnzSe6jev8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f00aded5b450b49-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1301&min_rtt=736&rtt_var=390&sent=1191&recv=65&lost=0&retrans=0&sent_bytes=1395851&recv_bytes=6383&delivery_rate=590365&cwnd=192000&unsent_bytes=0&cid=9d25f34b05ce0ab5&ts=2049&x=1", cfExtPri, cfHdrFlush;dur=0

GET cdn.jsdelivr.net/npm/merkletreejs@latest/merkletree.js

151.101.129.229

200 OK

47 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/merkletreejs@latest/merkletree.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://pepe.access-net.work/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
47 kB (47359 bytes)
Hash
67e7ca8c0bde845803e52cc2847e0073
be80e61db6a187d6ac4a4a719a1f899b2c9608c0
c277622a66901d9b5b7fa8765ce15798265c5e30d832e08c0d69157e28de7460

HTTP Headers

GET /npm/merkletreejs@latest/merkletree.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.4.0
x-jsd-version-type: version
etag: W/"35cec-voDmHbahh9asSkpxmh+JmyyWCMA"
content-encoding: br
accept-ranges: bytes
age: 19991
date: Tue, 10 Dec 2024 22:30:26 GMT
x-served-by: cache-fra-etou8220103-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47359
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/autocompleter@9.2.1/autocomplete.min.js

151.101.129.229

200 OK

2.3 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/autocompleter@9.2.1/autocomplete.min.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://pepe.access-net.work/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (5512)
Size
2.3 kB (2332 bytes)
Hash
a86b4d0b78aa81ae3448dd179e63a6a1
4ff79fc850d8512126aa77e34734166a85c6c5ec
ad210c53d6d3b61146779594a306e0d0f48272ebf884284700613baa05919c74

HTTP Headers

GET /npm/autocompleter@9.2.1/autocomplete.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 9.2.1
x-jsd-version-type: version
etag: W/"1778-T/efyFDYUSEmqnfjRzQWaoXGxew"
content-encoding: br
accept-ranges: bytes
age: 1249317
date: Tue, 10 Dec 2024 22:30:26 GMT
x-served-by: cache-fra-eddf8230045-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2332
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

142.250.74.106

200 OK

19 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintD4:A3:E0:67:E1:FB:D8:0C:7B:58:AE:DA:81:4F:CA:47:9A:07:6E:5B
ValidityMon, 04 Nov 2024 08:38:51 GMT - Mon, 27 Jan 2025 08:38:50 GMT

File type
gzip compressed data, max compression
Size
19 kB (19118 bytes)
Hash
9feec253873f0098333e029267d95900
c857e240b1a974936919ba820ac492671eb8a381
088e0ad6c8903ae20133c7a5de70dcf909dfb3f81678fa6906bce3dab33f8e2a

HTTP Headers

GET /css2?family=Inter:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 10 Dec 2024 22:30:24 GMT
date: Tue, 10 Dec 2024 22:30:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET widget-v4.tidiochat.com/1_278_0/static/js/chunk-WidgetIframe-32b9f29f9f96cd47ed32.js

104.26.8.139

200 OK

139 kB

URL GET HTTP/2
widget-v4.tidiochat.com/1_278_0/static/js/chunk-WidgetIframe-32b9f29f9f96cd47ed32.js
IP
104.26.8.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint98:23:8F:C6:A0:05:B5:86:45:40:D6:0F:88:9B:AA:96:DB:25:0E:7F
ValidityFri, 08 Nov 2024 06:03:50 GMT - Thu, 06 Feb 2025 06:03:49 GMT

File type
gzip compressed data, from Unix
Size
139 kB (138811 bytes)
Hash
a249aa00b936e196112f5cd9be2cbf49
f2ec8f04fd609ec385b54d951443a1ad75ec2fe6
1599dca71c507b9919bb9e7216321f4baf40d6250e7a1359d5f0dbecf3402782

HTTP Headers

GET /1_278_0/static/js/chunk-WidgetIframe-32b9f29f9f96cd47ed32.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 10 Dec 2024 22:30:26 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 13:40:28 GMT
vary: Accept-Encoding
etag: W/"675844cc-5df5f"
content-encoding: gzip
cache-control: max-age=691200
cf-cache-status: HIT
age: 2664
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BrwVUZqkemLfI3bSYCP1uwsZw0USJJIrdSrOPP%2FSPd9JRWy%2B5%2BvgFyAqD7iv6Fw3k9TLe5anpctBImA6hiOKwxPV55dlWgLhoL4ckBuRAOI0T7T%2FobWuXKZOOVyE46OM7TR83t6N0rAc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f00adef3f8e0b41-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=4288&min_rtt=423&rtt_var=6672&sent=290&recv=64&lost=0&retrans=1&sent_bytes=372541&recv_bytes=1929&delivery_rate=12358463&cwnd=267&unsent_bytes=0&cid=c01b46e415ccae69&ts=1818&x=0"
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/sweetalert2@11

151.101.129.229

200 OK

71 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://pepe.access-net.work/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (46717)
Size
71 kB (70970 bytes)
Hash
6c0330d159d6024aa63cb37ecc794017
792948b232bca583e2a8b2eb9a673386be2095e7
d66e2a55bb1d712535f6dba55536de4117a0d018d9896eb219f7e796bfcd26ee

HTTP Headers

GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.14.5
x-jsd-version-type: version
etag: W/"1153a-eSlIsjK8pYPiqLLrmmczhr4glec"
content-encoding: br
accept-ranges: bytes
date: Tue, 10 Dec 2024 22:30:26 GMT
age: 17645
x-served-by: cache-fra-eddf8230029-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18376
X-Firefox-Spdy: h2

GET code.tidio.co/zsljmyk2oumr6ynfk8gdqjajurdmsats.js

172.67.72.223

302 Found

5.9 kB

URL GET HTTP/2
code.tidio.co/zsljmyk2oumr6ynfk8gdqjajurdmsats.js
IP
172.67.72.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjecttidio.co
Fingerprint17:B9:EA:72:CF:2C:31:80:D4:75:CC:9A:32:AA:D7:EC:C1:89:F8:A7
ValidityFri, 08 Nov 2024 00:24:50 GMT - Thu, 06 Feb 2025 00:24:49 GMT

File type

Size
5.9 kB (5944 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zsljmyk2oumr6ynfk8gdqjajurdmsats.js HTTP/1.1
Host: code.tidio.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 10 Dec 2024 22:30:24 GMT
content-type: text/html; charset=UTF-8
location: https://widget-v4.tidiochat.com/zsljmyk2oumr6ynfk8gdqjajurdmsats.js
cache-control: public, s-maxage=300, max-age=0
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9lNZYY6R12fHBYz43uxM89IUoyvGQmVleJDJGnthW1iAs7WRNI%2FzKfKAKcK8B60NO8JtdJEVDbc7MsFiyd0y%2FA%2BV8Ek8Gr%2BufJEpZe9qFxKhECtdHBcN3Z4OshjXEDA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f00ade2f91f0b45-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=624&min_rtt=466&rtt_var=287&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3189&recv_bytes=1079&delivery_rate=7702127&cwnd=254&unsent_bytes=0&cid=69a57e9af7723f0c&ts=103&x=0"
X-Firefox-Spdy: h2

GET socket.tidio.co/socket.io/?ppk=zsljmyk2oumr6ynfk8gdqjajurdmsats&device=desktop&cmv=2_0&EIO=4&transport=websocket

54.154.254.21

101 Switching Protocols

0 B

URL GET HTTP/1.1
socket.tidio.co/socket.io/?ppk=zsljmyk2oumr6ynfk8gdqjajurdmsats&device=desktop&cmv=2_0&EIO=4&transport=websocket
IP
54.154.254.21:443
ASN
#16509 AMAZON-02

Requested by
https://pepe.access-net.work/
Certificate
IssuerAmazon
Subjecttidio.co
Fingerprint98:9E:BA:DC:FE:5D:11:F4:A3:32:E0:6C:3C:07:32:AA:D4:ED:7F:03
ValidityMon, 19 Feb 2024 00:00:00 GMT - Thu, 20 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socket.io/?ppk=zsljmyk2oumr6ynfk8gdqjajurdmsats&device=desktop&cmv=2_0&EIO=4&transport=websocket HTTP/1.1
Host: socket.tidio.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://pepe.access-net.work
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /10zmQrVld1NqwK4NKP4vg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Tue, 10 Dec 2024 22:30:26 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: h+xWZvO6ZyaO0XxiNN91wE7q3ws=

GET pepe.access-net.work/scripts/onboard.js

188.114.97.1

200 OK

4.9 MB

URL GET HTTP/3
pepe.access-net.work/scripts/onboard.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectaccess-net.work
Fingerprint84:A4:B3:F5:DF:05:E3:98:69:C6:81:F1:34:B8:13:B8:03:92:B8:7D
ValiditySun, 08 Dec 2024 14:38:08 GMT - Sat, 08 Mar 2025 14:38:07 GMT

File type

Size
4.9 MB (4880407 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /scripts/onboard.js HTTP/1.1
Host: pepe.access-net.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Cookie: gacfxdn1x7=jQMNUgHPjRjwdvK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Dec 2024 22:30:26 GMT
content-type: text/javascript
last-modified: Mon, 09 Dec 2024 16:19:29 GMT
etag: "4a7817-628d8baa5690f-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7y1MhacTCHkITk9v24YLOro697e%2BfEe%2BaMUFqtWF%2BN%2B1eHzIf%2BtlnAA%2FSJeszJeaaIn2GZ%2FwNNrP3aw%2F0UGBvPPSW%2FZKVAWSWmcSA4dk%2BS9PFyOvqBwqfc1O3xbZp5ql3P6e2xE58g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f00aded5b490b49-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1243&min_rtt=736&rtt_var=318&sent=1292&recv=67&lost=0&retrans=0&sent_bytes=1516435&recv_bytes=6473&delivery_rate=21327714&cwnd=192000&unsent_bytes=0&cid=9d25f34b05ce0ab5&ts=2091&x=1", cfExtPri, cfHdrFlush;dur=0

GET static-cdn.co/Pnut-tate_banner.jpg

172.67.128.250

404 Not Found

0 B

URL GET HTTP/2
static-cdn.co/Pnut-tate_banner.jpg
IP
172.67.128.250:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectstatic-cdn.co
Fingerprint64:4A:6D:F3:36:33:74:7E:C7:33:94:03:DD:38:5E:ED:55:F9:33:3D
ValidityMon, 28 Oct 2024 22:03:33 GMT - Sun, 26 Jan 2025 23:03:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /Pnut-tate_banner.jpg HTTP/1.1
Host: static-cdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Tue, 10 Dec 2024 22:30:26 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Pkk%2BsmkEO3D3iYD7KNAETPuMYvyh1JzrRzjG0VxJhy550eE%2FNYbOP3bXm4i8CBCV8qmP0YyICT49rmCuJOHpZEH76T4MocFm9FEKbeHWC8lMPxE%2FPc3ivc5qxyGXaah"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f00ade96c92b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5844&min_rtt=480&rtt_var=10714&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3263&recv_bytes=1209&delivery_rate=7325463&cwnd=254&unsent_bytes=0&cid=b9bedfb44c236ed4&ts=867&x=0"
X-Firefox-Spdy: h2

GET pepe.access-net.work/scripts/wallet-connect-v4.js?v=3

188.114.97.1

200 OK

2.6 MB

URL GET HTTP/3
pepe.access-net.work/scripts/wallet-connect-v4.js?v=3
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectaccess-net.work
Fingerprint84:A4:B3:F5:DF:05:E3:98:69:C6:81:F1:34:B8:13:B8:03:92:B8:7D
ValiditySun, 08 Dec 2024 14:38:08 GMT - Sat, 08 Mar 2025 14:38:07 GMT

File type

Size
2.6 MB (2632354 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /scripts/wallet-connect-v4.js?v=3 HTTP/1.1
Host: pepe.access-net.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Cookie: gacfxdn1x7=jQMNUgHPjRjwdvK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Dec 2024 22:30:26 GMT
content-type: text/javascript
last-modified: Mon, 09 Dec 2024 16:19:29 GMT
etag: "282aa2-628d8baa6c0ce-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QpYctg5hcoe1d%2FCyZOy92ZXzGy2J5K%2BDSyGrrRYySmWkIulBnyMpx4Ru5ZUC6Y7C7GT2YQFs1j3pCewmWAYkdVClD9Npc26baR4za41FEWoSVjMGVRwCxbIKyhnVVD%2BEfX%2BUVkFuqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f00aded4b340b49-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1267&min_rtt=736&rtt_var=362&sent=1196&recv=66&lost=0&retrans=0&sent_bytes=1401792&recv_bytes=6428&delivery_rate=86196&cwnd=192000&unsent_bytes=0&cid=9d25f34b05ce0ab5&ts=2060&x=1", cfExtPri, cfHdrFlush;dur=0

GET widget-v4.tidiochat.com/1_278_0/static/js/render.32b9f29f9f96cd47ed32.js

104.26.8.139

200 OK

5.9 kB

URL GET HTTP/2
widget-v4.tidiochat.com/1_278_0/static/js/render.32b9f29f9f96cd47ed32.js
IP
104.26.8.139:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint98:23:8F:C6:A0:05:B5:86:45:40:D6:0F:88:9B:AA:96:DB:25:0E:7F
ValidityFri, 08 Nov 2024 06:03:50 GMT - Thu, 06 Feb 2025 06:03:49 GMT

File type
JavaScript source, ASCII text, with very long lines (6095), with no line terminators
Size
5.9 kB (5944 bytes)
Hash
527c3c6cd5b24be7bc32c9cd3fa8dcd5
5d5761d907740402939158086233d606b8d75460
ea3b5405eef6613cd9fec3b94d041a3705a48326db335d34bd7a55caf22a1c04

HTTP Headers

GET /1_278_0/static/js/render.32b9f29f9f96cd47ed32.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pepe.access-net.work/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Dec 2024 22:30:24 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 13:40:28 GMT
vary: Accept-Encoding
etag: W/"675844cc-1738"
content-encoding: gzip
cache-control: max-age=691200
cf-cache-status: HIT
age: 2665
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=97SWjaqjjgXqZr9MZ1aSWKJRuXAwH1A60GZoCX5gtwGfS7dpUq886B3rFLnyOXs85nCblufy3z6imaVjmFbqkDPkcrvIGkQaQKgm7t%2BzWblCNd29TLO91e8btmFtmTA597WvQeQnuQPr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f00ade48f8e0b41-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=577&min_rtt=423&rtt_var=290&sent=10&recv=12&lost=0&retrans=0&sent_bytes=4083&recv_bytes=1187&delivery_rate=7743315&cwnd=257&unsent_bytes=0&cid=c01b46e415ccae69&ts=109&x=0"
X-Firefox-Spdy: h2

GET pepe.access-net.work/scripts/bip39.js

188.114.97.1

200 OK

260 kB

URL GET HTTP/3
pepe.access-net.work/scripts/bip39.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectaccess-net.work
Fingerprint84:A4:B3:F5:DF:05:E3:98:69:C6:81:F1:34:B8:13:B8:03:92:B8:7D
ValiditySun, 08 Dec 2024 14:38:08 GMT - Sat, 08 Mar 2025 14:38:07 GMT

File type

Size
260 kB (259848 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /scripts/bip39.js HTTP/1.1
Host: pepe.access-net.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Cookie: gacfxdn1x7=jQMNUgHPjRjwdvK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Dec 2024 22:30:26 GMT
content-type: text/javascript
last-modified: Mon, 09 Dec 2024 16:19:29 GMT
etag: "3f708-628d8baa47eb0-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RswbKxUSfJEE8%2FkUlekOA0ctydDeJkw0EDywpeKEvh5CqeCjBZMpyJvF5FBW%2FP%2BvbotF9g2ko%2FFFxJ2hwV2k0WfQPuTHC0VFhIVfAqtIkWQo5d3EhRljE6tfCZtBQy605CrJsTZSUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f00aded4b370b49-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1243&min_rtt=736&rtt_var=318&sent=1265&recv=67&lost=0&retrans=0&sent_bytes=1484271&recv_bytes=6473&delivery_rate=21327714&cwnd=192000&unsent_bytes=0&cid=9d25f34b05ce0ab5&ts=2078&x=1", cfExtPri, cfHdrFlush;dur=0

GET pepe.access-net.work/

188.114.97.1

200 OK

138 kB

URL User Request GET HTTP/2
pepe.access-net.work/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectaccess-net.work
Fingerprint84:A4:B3:F5:DF:05:E3:98:69:C6:81:F1:34:B8:13:B8:03:92:B8:7D
ValiditySun, 08 Dec 2024 14:38:08 GMT - Sat, 08 Mar 2025 14:38:07 GMT

File type

Size
138 kB (137662 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: pepe.access-net.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Dec 2024 22:30:24 GMT
content-type: text/html
last-modified: Mon, 09 Dec 2024 16:19:29 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HoX%2B0fUUuUQTFuVxRyKPj6bSwKz5HesX6GiJ9jeftOy4853y0ac1Yu6lNPknyjL35oHbNgdy6MAYOFZJj0bZVw62vVZgtWY4hh%2BabnaDTeSyZFAePBV7ORlBu6dRT2sceQHEmjpJ4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f00ade07bfab503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6373&min_rtt=422&rtt_var=11872&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3283&recv_bytes=1253&delivery_rate=6483582&cwnd=254&unsent_bytes=0&cid=cb5272bb149bc85f&ts=78&x=0"
X-Firefox-Spdy: h2

GET cdn.static-cdn.co/dist/fonts/Alfphabet-IV.7dd98814.ttf

104.21.1.96

200 OK

32 kB

URL GET HTTP/2
cdn.static-cdn.co/dist/fonts/Alfphabet-IV.7dd98814.ttf
IP
104.21.1.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pepe.access-net.work/
Certificate
IssuerGoogle Trust Services
Subjectcdn.static-cdn.co
FingerprintC2:4F:8A:34:18:CF:59:4B:24:9D:6F:E9:97:71:76:83:7B:7D:1A:8D
ValiditySun, 17 Nov 2024 18:08:05 GMT - Sat, 15 Feb 2025 19:08:00 GMT

File type
TrueType Font data, 17 tables, 1st "FFTM", 24 names, Macintosh
Size
32 kB (31676 bytes)
Hash
566b676345b97109a38ed89b18bd9683
83d732c311b5acb52b63dcaf54c879aac362ed08
0e5be9b35993df397389fd04a0e76b44b059284abfe146db1f600704587f568a

HTTP Headers

GET /dist/fonts/Alfphabet-IV.7dd98814.ttf HTTP/1.1
Host: cdn.static-cdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pepe.access-net.work
DNT: 1
Connection: keep-alive
Referer: https://pepe.access-net.work/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Dec 2024 22:30:26 GMT
content-type: font/ttf
access-control-allow-origin: *
etag: W/"566b676345b97109a38ed89b18bd9683"
last-modified: Sat, 30 Nov 2024 17:10:17 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lyACynDBFrYSq186cDHGb2qUiABDO72leTimSzLCndyeyOn9odD2eGmzl8AS6HZsSzmCJ2TG8oKbqp3EMI1zEW7%2FAeu6Y4jbkjj7hBZU7z%2FkHscZ0FlHzNcOpuSyQG2WvPevpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f00ade97f69b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5806&min_rtt=534&rtt_var=10369&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3272&recv_bytes=1282&delivery_rate=7812949&cwnd=252&unsent_bytes=0&cid=96a5f53d4bc9148b&ts=847&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (8)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (32)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN