Report - elixx.one/partizan.html

Report Overview

Visited public
2024-12-28 13:02:14
Tags
URL
elixx.one/partizan.html
Finishing URL
elixx.one/partizan.html
IP / ASN
104.21.71.3
#13335 CLOUDFLARENET
Title
X-PARTIZAN - WENGER

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2024-12-25	517 B	24 kB	142.250.74.67
pubtrky.com	unknown	2023-11-21	2023-11-21	2024-12-26	925 B	1.6 kB	172.67.188.110
awistats.com	unknown	2023-08-04	2023-08-05	2024-12-20	400 B	2.2 kB	104.21.22.184
yummyadvertiseexploded.com	unknown	2024-08-19	2024-10-07	2024-10-10	1.0 kB	1.0 kB	192.243.61.225
acacdn.com	63449	2020-05-05	2020-05-08	2024-12-20	395 B	140 kB	172.67.137.119
dvxrxm-cxo.top	unknown	2024-12-23	2024-12-23	2024-12-23	421 B	68 kB	104.21.19.207
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2024-12-25	435 B	2.2 kB	142.250.74.106
acscdn.com	93608	2020-05-05	2020-05-06	2024-12-27	1.6 kB	214 kB	188.114.96.1
youradexchange.com	273384	2012-11-09	2013-02-04	2024-12-20	2.4 kB	174 kB	104.21.91.188
forgepattern.net	unknown	2024-04-01	2024-04-08	2024-10-26	1.9 kB	141 kB	188.114.96.1
recordedthereby.com	unknown	2024-05-08	2024-05-08	2024-12-22	401 B	86 kB	185.196.197.72
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-12-25	430 B	526 kB	104.18.187.31
elixx.one	unknown	unknown	No data	No data	2.4 kB	25 kB	104.21.71.3
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-12-22	433 B	423 B	18.195.160.253
progressmaturityseat.com	unknown	2024-11-27	2024-11-28	2024-12-07	476 B	35 kB	192.243.61.225
swarm.video	126884	2018-11-05	2017-10-22	2024-12-14	407 B	547 kB	104.21.74.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-28	medium	dvxrxm-cxo.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (28)

	URL	From	Size	First Seen	Last Seen
	elixx.one/schedule.html	ScriptElement	369 B	2023-03-08	2025-05-10
Pretty URL elixx.one/schedule.html IP 104.21.71.3 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 13:33 Last Seen2025-05-10 21:32 Times Seen24 Hash d50a8179753f664a3adde45b2890e687 8f32f956fd36a598e1f06a248c863f17d2965fda f7d7811e067148d847b7fa783144c6604d37943b5ab6c6b582149418872c3596 Loading...

	acscdn.com/script/ut.js?cb=1735390907925	ScriptElement	66 kB	2024-12-02	2025-04-23
Pretty URL acscdn.com/script/ut.js?cb=1735390907925 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-02 13:05 Last Seen2025-04-23 06:17 Times Seen1612 Hash 4afa2ac99f97331dc98263d49022a958 60bb7c7c45ff14e8df86ef9e0b9a7a55a7d2baca a4beaec54247a9a3cb97821ecdb68d39cacdcdcc62ae872c13c2cca2d3d88e32 Loading...

	acscdn.com/script/aclib.js	ScriptElement	134 kB	2024-12-03	2025-01-19
Pretty URL acscdn.com/script/aclib.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-03 20:46 Last Seen2025-01-19 23:48 Times Seen439 Hash d4fb9505387799ede43551f6f039d23e 7b818be8a3326a578668a5f2b4b4a193d64e4d22 1f435488d45b53058e71d6f4078fbc241c922e8adc35d521593da67830fbb005 Loading...

	forgepattern.net/embed/ugce3jz6chx	ScriptElement	44 B	2023-03-07	2025-05-11
Pretty URL forgepattern.net/embed/ugce3jz6chx IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14 Last Seen2025-05-11 18:42 Times Seen176 Hash 8fb6e79a44a0c72402372ac295ca331a 3375b6cba22e95d2035a9eac246b4889b55a8ee9 e6dce9d47c5ff7badf344ff43d4394d35dc909cb3689651d044f388f28f7f96d Loading...

	elixx.one/aw/partizan.php	ScriptElement	0 B	0001-01-01	2025-05-14
Pretty URL elixx.one/aw/partizan.php IP 104.21.71.3 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-14 05:05 Times Seen4677374 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	elixx.one/aw/partizan.php	ScriptElement	0 B	0001-01-01	2025-05-14
Pretty URL elixx.one/aw/partizan.php IP 104.21.71.3 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-14 05:05 Times Seen4677374 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	forgepattern.net/embed/ugce3jz6chx	ScriptElement	1.4 kB	2024-12-28	2024-12-28
Pretty URL forgepattern.net/embed/ugce3jz6chx IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-28 13:02 Last Seen2024-12-28 13:02 Times Seen1 Hash be5a0ce43e1bf6cd1ad943300899ab66 b26434ddcc6dfcee8a07e31461155fceb8ff463a a87ae4331188665b67e1916813090ec5321c66d6ab3ef65b58bf1e89e30d9cac Loading...

	elixx.one/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	ScriptElement	1.2 kB	2023-03-07	2025-05-14
Pretty URL elixx.one/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.21.71.3 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-14 04:28 Times Seen68783 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	acacdn.com/script/suv4.js	ScriptElement	139 kB	2024-12-14	2025-01-18
Pretty URL acacdn.com/script/suv4.js IP 172.67.137.119 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-14 18:14 Last Seen2025-01-18 22:58 Times Seen7 Hash ac81936772023f5ecb1e5cc2bfd2b80e dbf77dc191a527f850aa121d0df9092a833caa9c 2414a00260be96b3397976fa4af82e4ed9fa5eb54d2867d13857ee8aeb289adb Loading...

	acscdn.com/script/suv5.js	ScriptElement	96 kB	2024-12-03	2025-01-16
Pretty URL acscdn.com/script/suv5.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-03 20:46 Last Seen2025-01-16 10:07 Times Seen202 Hash 5d0edd6298c3d81d450b5b8a5dbf5d4a ea8ad71899a32330490ac56b65851bf43be3e9e9 0a4d2783b78bdf662e363de22187f5a5a8a8eb9c77cac7b159bf7ba9adec15e7 Loading...

	forgepattern.net/embed/ugce3jz6chx	ScriptElement	182 kB	2024-12-25	2024-12-29
Pretty URL forgepattern.net/embed/ugce3jz6chx IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-25 10:41 Last Seen2024-12-29 15:03 Times Seen13 Hash 6cf58845d9775549a66280c3903dbe30 7bd55359660a2b9bbb39e8f3973779dd345892c7 86f4473bcba9edd5705bff97ec7e7d4aba71464d0218550ad8c4322dab677dd2 Loading...

	forgepattern.net/embed/ugce3jz6chx	ScriptElement	83 B	2024-12-08	2025-04-13
Pretty URL forgepattern.net/embed/ugce3jz6chx IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-08 11:24 Last Seen2025-04-13 17:55 Times Seen14 Hash 14f9a58d57901be3889f6eb4c8242f41 1e9ef5cb43329eb7975e276a9c22e36446bada7e 2f19019c2b8cd66b011b49c11211daa02ed110e8a00ed07446f11ce63182e562 Loading...

	cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js	ScriptElement	525 kB	2023-03-07	2025-05-13
Pretty URL cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js IP 104.18.187.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-05-13 03:17 Times Seen916 Hash f55c6c796275a41ce7d97bd160e648ff 936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89 db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c Loading...

	forgepattern.net/embed/ugce3jz6chx	ScriptElement	230 B	2024-03-03	2025-01-25
Pretty URL forgepattern.net/embed/ugce3jz6chx IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-03 21:21 Last Seen2025-01-25 07:15 Times Seen92 Hash 0e8c07adb622621fa0f09640cc1d2c93 35eedadc67026f4975b05556c134957b1e05aa67 624ba8f88c519c651b41d70f82e0cc16088ac3820dccfcd7f4a68aa101133ec6 Loading...

	forgepattern.net/embed/ugce3jz6chx	ScriptElement	3.9 kB	2024-12-28	2024-12-28
Pretty URL forgepattern.net/embed/ugce3jz6chx IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-28 13:02 Last Seen2024-12-28 13:02 Times Seen1 Hash d0e40503034d31c17d31e790df8ea434 efd46bfdd80d5b7b34da07ee6548ea49a8894f5e 061283f192d7dfcb796a1070110366120f1f3274d15e2afe2aeb1ad862b75441 Loading...

	unknown	Function	34 B	2023-04-11	2025-05-13
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16 Last Seen2025-05-13 23:54 Times Seen67044 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	acscdn.com/script/aclib.js	ScriptElement	135 kB	2024-12-13	2024-12-31
Pretty URL acscdn.com/script/aclib.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-13 02:14 Last Seen2024-12-31 05:20 Times Seen3 Hash 4f899df61992f5a63790f850efb1ca22 92f7454d340d162e30e1996500458e88e3ad5220 87d2b65062b845d542d712233e014b99c3e8e05501c0725738c54d6236419c75 Loading...

	acscdn.com/script/suv5.js	ScriptElement	96 kB	2024-12-13	2024-12-31
Pretty URL acscdn.com/script/suv5.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-13 02:14 Last Seen2024-12-31 05:20 Times Seen3 Hash db791755dde6af76cf20d733a3115b8c fd5ab5e48896a27edfe152a59ecf3306ea68a6c0 cca82399113e2dcec1221231333fa60f89098ef8796176c31497c59a6ef41e3f Loading...

	acscdn.com/script/ut.js?cb=1735390907746	ScriptElement	67 kB	2024-12-08	2025-04-13
Pretty URL acscdn.com/script/ut.js?cb=1735390907746 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-08 17:56 Last Seen2025-04-13 17:02 Times Seen7 Hash 2ba3078f5977dba387cc89f9c02744fd 4a9bf9667329efeba3f848c538af8d41c1c665ff 438247447a59ce0aabec61ac46a8a1c99b53b3f0c37499a94ec0c07fc59050cf Loading...

	forgepattern.net/embed/ugce3jz6chx	ScriptElement	290 B	2023-09-16	2024-12-28
Pretty URL forgepattern.net/embed/ugce3jz6chx IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-16 17:00 Last Seen2024-12-28 13:02 Times Seen7 Hash d08a411b7f2ce3f88ec0317390de0d22 ed9efb5af342da215b7d8380aaabd4a1ed50b39e c92dc163c3498a4a3e6bf137fd1d8307fa2697711dbfcce229535dee767e8947 Loading...

	forgepattern.net/embed/ugce3jz6chx	ScriptElement	1.6 kB	2024-12-28	2024-12-28
Pretty URL forgepattern.net/embed/ugce3jz6chx IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-28 13:02 Last Seen2024-12-28 13:02 Times Seen1 Hash e9e56cc941cdd6b990f43cc48a320924 d1301910ceadc175cda55d14664b1d3b6a1096bf c8ac101845892b9cc95a6c038aa72bbc847075025439766086bd97f2d1530da7 Loading...

	forgepattern.net/embed/ugce3jz6chx	ScriptElement	160 B	2023-08-26	2025-05-11
Pretty URL forgepattern.net/embed/ugce3jz6chx IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 23:38 Last Seen2025-05-11 18:42 Times Seen140 Hash 5a8804e294acad6c8bd29a7945808ddb 90ffa7ba6d41e154ce325aab134f732e62bed676 98f7e3a041cce30a75f5b01cbf7c1128760da4d9db44e8e2ed148a2154aa3bf8 Loading...

	forgepattern.net/deb.js	ScriptElement	26 kB	2023-03-14	2025-05-11
Pretty URL forgepattern.net/deb.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:08 Last Seen2025-05-11 18:42 Times Seen103 Hash 4854629b2f59efbee5662790a405fa68 961af168c9029a8a3765356bd37631fa3941ccb2 00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5 Loading...

	forgepattern.net/js/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-05-14
Pretty URL forgepattern.net/js/jquery.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-14 00:58 Times Seen36414 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	progressmaturityseat.com/api/posts?token=LzA1LzUwLzRiLzA1NTA0Yjc4NThjYTBjMTg4OTk5Y2I0YWI2ZTU5MWQ3Lmpz	ScriptElement	94 kB	2024-12-28	2024-12-29
Pretty URL progressmaturityseat.com/api/posts?token=LzA1LzUwLzRiLzA1NTA0Yjc4NThjYTBjMTg4OTk5Y2I0YWI2ZTU5MWQ3Lmpz IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-28 13:02 Last Seen2024-12-29 14:57 Times Seen2 Hash 8bddf479614bfdd29175f9b496cabbd8 32aa88af526b019d5a543d21ba1f62905ca37592 f6568de128527b0d715a5f8b07381ae6d841a6a08c793d63f3ec41027f387cc4 Loading...

	swarm.video/j79z9kzty.js?v=1.1	ScriptElement	546 kB	2024-12-14	2025-01-05
Pretty URL swarm.video/j79z9kzty.js?v=1.1 IP 104.21.74.27 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-14 14:54 Last Seen2025-01-05 10:28 Times Seen6 Hash 014f7bc87a0d4e17912b5d46fd1bf382 be84eb9517172229f27a75d0f52a5cb28ac5260c 0c04565a4a0d1afc6836016270a684e8f2d8e3827f29ac821841a5848cf9cc15 Loading...

		Size	First Seen	Last Seen
	#1 Eval - fbbe0b7e452dfb136cbc10eb27e6efe5	6.3 kB	2024-12-28 13:02	2024-12-28 13:02
Pretty Observations First Seen2024-12-28 13:02 Last Seen2024-12-28 13:02 Times Seen1 Hash fbbe0b7e452dfb136cbc10eb27e6efe5 d6ac258aec81d040263ff9152b1bfda94e0e6b87 11fe7301759edede64bde07de4562ac9acf77a289d4332e1b477086964ca55e9 Loading...

	#2 Eval - a021bcf5facb333900d6edd5c48665a6	1.4 kB	2024-12-28 13:02	2024-12-28 13:02
Pretty Observations First Seen2024-12-28 13:02 Last Seen2024-12-28 13:02 Times Seen1 Hash a021bcf5facb333900d6edd5c48665a6 1fa6f9116144cb2ad364a77331b20aa232d44ca4 51f74e137fbbd05675cce5b53e8a412d9ff36c4ec09dc595992275fb0ef215e0 Loading...

HTTP Transactions (30)

URL IP Response Size

pubtrky.com/ut/hb.php?cb=0.02098409970312254&v=1

172.67.188.110

204 No Content

0 B

URL POST HTTP/2
pubtrky.com/ut/hb.php?cb=0.02098409970312254&v=1
IP
172.67.188.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elixx.one/partizan.html
Certificate
IssuerGoogle Trust Services
Subjectpubtrky.com
FingerprintDD:A3:0B:CC:9D:68:9D:75:F4:A8:B5:E5:73:8D:94:92:69:FB:88:A4
ValiditySat, 09 Nov 2024 10:34:14 GMT - Fri, 07 Feb 2025 10:34:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ut/hb.php?cb=0.02098409970312254&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 832
Origin: https://elixx.one
DNT: 1
Connection: keep-alive
Referer: https://elixx.one/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sat, 28 Dec 2024 13:01:48 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kkdtlv27PkdR%2ByohfyySHEa2MTHxUQXd7W%2FJhohw8udsOmXkUbI4OZ9o5Filn%2Bf5RyVxMxi%2Fj%2B7T5ShfePH3kTRV7EO%2BErU%2F6V1a51UnEtoomOrZIsZPWxyg6XD0Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f91bdb6dcaf568e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2836&min_rtt=571&rtt_var=4589&sent=9&recv=13&lost=0&retrans=0&sent_bytes=3276&recv_bytes=3075&delivery_rate=7006451&cwnd=254&unsent_bytes=0&cid=b1c5d0ffea95f22d&ts=161&x=0"
X-Firefox-Spdy: h2

acscdn.com/script/suv5.js

188.114.96.1

200 OK

32 kB

URL GET HTTP/3
acscdn.com/script/suv5.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elixx.one/aw/partizan.php
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
Fingerprint1F:E8:1B:AB:2F:10:3D:AD:4F:28:4D:C2:4F:34:DF:AD:24:FB:B8:8C
ValidityThu, 19 Dec 2024 19:16:31 GMT - Wed, 19 Mar 2025 20:15:02 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
32 kB (32407 bytes)
Hash
5d0edd6298c3d81d450b5b8a5dbf5d4a
ea8ad71899a32330490ac56b65851bf43be3e9e9
0a4d2783b78bdf662e363de22187f5a5a8a8eb9c77cac7b159bf7ba9adec15e7

HTTP Headers

GET /script/suv5.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elixx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Dec 2024 13:01:47 GMT
content-type: text/javascript
x-guploader-uploadid: AFiumC5LodnUOpRHCZ0R3-xqXq45yZ4ukkoXbtnbkQFUo_3QCz0-6v-Zuym6gu2RAKqY3Xlk
x-goog-generation: 1733237203493345
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 96192
x-goog-hash: crc32c=Qldx6Q==, md5=XQ7dYpjD2B1FC1uKXb9dSg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 28 Dec 2024 13:22:55 GMT
cache-control: public, max-age=3600
age: 1845
last-modified: Tue, 03 Dec 2024 14:46:43 GMT
etag: W/"5d0edd6298c3d81d450b5b8a5dbf5d4a"
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9U5PGFPbgDtxS2xvPVzY3ilJ%2FoAI4Xsx5yv8ZkufNAb2SS71m9U55ecdgFgyU06Fd88bGOlxrIb535zRsX%2Fk3iwKtrowtYjXkAVwmtLHi24l4pNx69AL2JSDKxSv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f91bdb69ed45685-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=QUIC&rtt=2806&min_rtt=772&rtt_var=1623&sent=129&recv=18&lost=0&retrans=0&sent_bytes=133837&recv_bytes=2373&delivery_rate=1737711&cwnd=48000&unsent_bytes=0&cid=9d3831cf43a4a018&ts=396&x=1", cfExtPri, cfHdrFlush;dur=0

youradexchange.com/script/suurl5.php?r=9082786&cbur=0.13935005387094213&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=X-PARTIZAN%20-%20WENGER&cbpage=https%3A%2F%2Felixx.one%2Fpartizan.html&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1735390907789&srs=9666407ef028bf47dc18dac61414db50&atv=57.0

104.21.91.188

200 OK

146 kB

URL GET HTTP/2
youradexchange.com/script/suurl5.php?r=9082786&cbur=0.13935005387094213&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=X-PARTIZAN%20-%20WENGER&cbpage=https%3A%2F%2Felixx.one%2Fpartizan.html&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1735390907789&srs=9666407ef028bf47dc18dac61414db50&atv=57.0
IP
104.21.91.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elixx.one/partizan.html
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint8B:14:37:06:AD:3B:34:24:D2:1C:2E:8F:85:18:45:17:CE:7A:8F:77
ValidityFri, 06 Dec 2024 14:16:45 GMT - Thu, 06 Mar 2025 14:16:44 GMT

File type
gzip compressed data, max compression, from Unix
Size
146 kB (145827 bytes)
Hash
1d3aec7212e098322bb1e6fe4e1a8a96
00892e8434a7260466aed5f2dbd0dbb0440d0c95
883d7f2ddb29daf89ae4040fb559e7fe3f51b8d1000717dc4733f66192a394a7

HTTP Headers

GET /script/suurl5.php?r=9082786&cbur=0.13935005387094213&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=X-PARTIZAN%20-%20WENGER&cbpage=https%3A%2F%2Felixx.one%2Fpartizan.html&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1735390907789&srs=9666407ef028bf47dc18dac61414db50&atv=57.0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elixx.one/
Origin: https://elixx.one
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Dec 2024 13:01:48 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7u8V8BQqlyn7E7FUQ24L%2B%2FvXclfRlnXktapGSBMgwKBiUc6rn09zVPurT9TPoMQcgrjS4VI6w9ER08AmZYEd33xjtZyNKH2wvKM9O7041cchtU5O6Rq1q77MSchQBBBHOQ8Kxeg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f91bdb62d81b517-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1534&min_rtt=631&rtt_var=1104&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3274&recv_bytes=1814&delivery_rate=6611872&cwnd=253&unsent_bytes=0&cid=23ca3a0f47fe4197&ts=226&x=0"
X-Firefox-Spdy: h2

awistats.com/js/script.js

104.21.22.184

200 OK

1.2 kB

URL GET HTTP/2
awistats.com/js/script.js
IP
104.21.22.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://forgepattern.net/embed/ugce3jz6chx
Certificate
IssuerGoogle Trust Services
Subjectawistats.com
Fingerprint1D:51:56:A0:C8:D9:7B:F2:DA:DC:AE:8F:7E:18:DC:64:95:7B:48:A6
ValidityTue, 19 Nov 2024 05:54:50 GMT - Mon, 17 Feb 2025 05:54:49 GMT

File type
JavaScript source, ASCII text, with very long lines (1346), with no line terminators
Size
1.2 kB (1168 bytes)
Hash
abd4e2373b2e8c4dac2e80159641c5f1
e273656e58ca934d873204e68dd35670fde657ed
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

HTTP Headers

GET /js/script.js HTTP/1.1
Host: awistats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://forgepattern.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Dec 2024 13:01:48 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9898
last-modified: Sat, 28 Dec 2024 10:16:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qEa6io0OtaMQ9u8A6lHM8T%2FQHi5bWkpkGPYlc3CSq9x%2BtsexJYZOS%2F3D5%2FGHLY5aKr2cIhVKQ5dHkif0JM20JpsJS%2BSeYtc5R7sLq9p5cQRZUdUc16TXrfXhO25FM4E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f91bdb94e3a1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=601&min_rtt=470&rtt_var=261&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3201&recv_bytes=1057&delivery_rate=7784946&cwnd=254&unsent_bytes=0&cid=0bce233ab9fcf436&ts=40&x=0"
X-Firefox-Spdy: h2

forgepattern.net/js/jquery.min.js

188.114.96.1

200 OK

32 kB

URL GET HTTP/3
forgepattern.net/js/jquery.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://forgepattern.net/embed/ugce3jz6chx
Certificate
IssuerGoogle Trust Services
Subjectforgepattern.net
Fingerprint7D:08:DC:06:3B:79:F6:A2:43:39:5A:71:4C:D6:AC:63:5A:CC:62:18
ValiditySat, 23 Nov 2024 21:35:24 GMT - Fri, 21 Feb 2025 21:35:23 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
32 kB (31728 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: forgepattern.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://forgepattern.net/embed/ugce3jz6chx
Cookie: hf1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Dec 2024 13:01:48 GMT
content-type: application/javascript
last-modified: Mon, 09 Nov 2020 18:05:02 GMT
etag: W/"5fa984ce-15283"
expires: Sat, 28 Dec 2024 23:43:29 GMT
cache-control: max-age=608400
cf-cache-status: HIT
age: 569899
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=whzBBc2xE3t5lJL3HKSeSs8ryuo%2F4ssqGM566mjsJG4zPEmrp0y7tes28xnQcU%2BIJirUyXxLz4fRPZCqnTgmD25FxuGURvckRi4cVXuQ5U1bxGOitD%2Bfl27%2BPhbgh7rJ4TzM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f91bdb8ed577131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3205&min_rtt=1334&rtt_var=1998&sent=16&recv=10&lost=0&retrans=0&sent_bytes=5487&recv_bytes=1522&delivery_rate=18726&cwnd=12000&unsent_bytes=0&cid=758dc8ece9289c7b&ts=88&x=1", cfExtPri, cfHdrFlush;dur=0

forgepattern.net/embed/ugce3jz6chx

188.114.96.1

200 OK

78 kB

URL GET HTTP/2
forgepattern.net/embed/ugce3jz6chx
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elixx.one/aw/partizan.php
Certificate
IssuerGoogle Trust Services
Subjectforgepattern.net
Fingerprint7D:08:DC:06:3B:79:F6:A2:43:39:5A:71:4C:D6:AC:63:5A:CC:62:18
ValiditySat, 23 Nov 2024 21:35:24 GMT - Fri, 21 Feb 2025 21:35:23 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (46403), with LF, NEL line terminators
Size
78 kB (78045 bytes)
Hash
4dcb30de762f4c0e60c1f6929a89a4ce
9ef80cc95632f463303d0c15b6552674875df471
617603f90468202b15feda320fed6d3e43f9d3a0b9958c4fe63886f574cf81f8

HTTP Headers

GET /embed/ugce3jz6chx HTTP/1.1
Host: forgepattern.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elixx.one/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Dec 2024 13:01:48 GMT
content-type: text/html; charset=UTF-8
set-cookie: hf1=1; expires=Sun, 29 Dec 2024 13:01:48 GMT; Max-Age=86400; path=/; secure; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lI8we0FmaLc8c4hnT6g3veSyfdk9PJjUVMzgUYIPsKw0OBDYsIctn%2BXv2oYfAEKQmZdpGJ%2B%2BLoY5jNTYKH5eQ8KVzL4XzGPmBBZuKEMekRm3d905C6egJSzuwiGhdELh3giA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f91bdb74d2e568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6450&min_rtt=446&rtt_var=11999&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3289&recv_bytes=1273&delivery_rate=7337837&cwnd=254&unsent_bytes=0&cid=7c6007303c84d8e0&ts=192&x=0"
X-Firefox-Spdy: h2

youradexchange.com/script/suurl5.php?r=9082786&cbur=0.5866733254608818&cbiframe=1&cbWidth=1200&cbHeight=675&cbtitle=X-PARTIZAN%20-%20WENGER&cbpage=https%3A%2F%2Felixx.one%2Fpartizan.html&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1735390908021&srs=706e7dd3a7189b456978e104e70ed701&atv=57.0

104.21.91.188

200 OK

25 kB

URL GET HTTP/2
youradexchange.com/script/suurl5.php?r=9082786&cbur=0.5866733254608818&cbiframe=1&cbWidth=1200&cbHeight=675&cbtitle=X-PARTIZAN%20-%20WENGER&cbpage=https%3A%2F%2Felixx.one%2Fpartizan.html&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1735390908021&srs=706e7dd3a7189b456978e104e70ed701&atv=57.0
IP
104.21.91.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elixx.one/aw/partizan.php
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint8B:14:37:06:AD:3B:34:24:D2:1C:2E:8F:85:18:45:17:CE:7A:8F:77
ValidityFri, 06 Dec 2024 14:16:45 GMT - Thu, 06 Mar 2025 14:16:44 GMT

File type
gzip compressed data, max compression, from Unix
Size
25 kB (24900 bytes)
Hash
fb26348f33d23e7ebe52cf0d5f838dc6
ba638e4cd8252f1abbc343e4ecde123ed14b94ea
5131a0bbc0e2b5dd2add6a261576e44c7a45aa73d04880d4872162faa8ba0cf7

HTTP Headers

GET /script/suurl5.php?r=9082786&cbur=0.5866733254608818&cbiframe=1&cbWidth=1200&cbHeight=675&cbtitle=X-PARTIZAN%20-%20WENGER&cbpage=https%3A%2F%2Felixx.one%2Fpartizan.html&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1735390908021&srs=706e7dd3a7189b456978e104e70ed701&atv=57.0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elixx.one/
Origin: https://elixx.one
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Dec 2024 13:01:48 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1u93fE6ii8tYJxDpRgPvwOzp9G3OJm8vA3mZSZZua2fstH7QlBJvxm1CKdt9STW8xEIoWIPECy792fs7euAfC3x%2FzM2iPZMY1teM9lvoJ3WAprFxAe91616dNPKJHDoCUlq0YJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f91bdb72ecfb517-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1411&min_rtt=435&rtt_var=1074&sent=11&recv=12&lost=0&retrans=0&sent_bytes=4724&recv_bytes=1814&delivery_rate=7855334&cwnd=256&unsent_bytes=0&cid=23ca3a0f47fe4197&ts=365&x=0"
X-Firefox-Spdy: h2

progressmaturityseat.com/api/posts?token=LzA1LzUwLzRiLzA1NTA0Yjc4NThjYTBjMTg4OTk5Y2I0YWI2ZTU5MWQ3Lmpz

192.243.61.225

200 OK

34 kB

URL GET HTTP/1.1
progressmaturityseat.com/api/posts?token=LzA1LzUwLzRiLzA1NTA0Yjc4NThjYTBjMTg4OTk5Y2I0YWI2ZTU5MWQ3Lmpz
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://forgepattern.net/embed/ugce3jz6chx
Certificate
IssuerLet's Encrypt
Subjectprogressmaturityseat.com
Fingerprint79:FE:9A:6A:0D:BC:E2:CC:88:4E:DF:01:83:99:3E:65:0E:38:DF:12
ValidityWed, 27 Nov 2024 11:37:00 GMT - Tue, 25 Feb 2025 11:36:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33861 bytes)
Hash
8bddf479614bfdd29175f9b496cabbd8
32aa88af526b019d5a543d21ba1f62905ca37592
f6568de128527b0d715a5f8b07381ae6d841a6a08c793d63f3ec41027f387cc4

HTTP Headers

GET /api/posts?token=LzA1LzUwLzRiLzA1NTA0Yjc4NThjYTBjMTg4OTk5Y2I0YWI2ZTU5MWQ3Lmpz HTTP/1.1
Host: progressmaturityseat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://forgepattern.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 28 Dec 2024 13:01:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: progressmaturityseat.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 2f72e69ec1881a601285d5a306a6b55e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

elixx.one/aw/partizan.php

104.21.71.3

200 OK

1.4 kB

URL GET HTTP/3
elixx.one/aw/partizan.php
IP
104.21.71.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elixx.one/partizan.html
Certificate
IssuerGoogle Trust Services
Subjectelixx.one
Fingerprint44:C3:F4:59:AA:F5:8F:53:61:C5:22:69:39:94:66:E5:15:BE:62:08
ValidityThu, 21 Nov 2024 14:53:29 GMT - Wed, 19 Feb 2025 14:53:28 GMT

File type
JavaScript source, ASCII text
Size
1.4 kB (1415 bytes)
Hash
de46b33d8598b4db878662c3c9efbc08
ee27ca77f20bda7fcb0209fc0fc0fc04f2de51a9
7798db84fc0ab74b3a7a9138f52ea31b43bc0ad1ee8788742c5d0a9e1605a43a

HTTP Headers

GET /aw/partizan.php HTTP/1.1
Host: elixx.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elixx.one/partizan.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Dec 2024 13:01:47 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
vary: Accept-Encoding,User-Agent
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fDd9wgifTayjrEKXvqVBj6pqICtAgcx%2BppIQlYwYdai8IufopqtPRfZGVu5ACfxW%2BkRcMk7bjZSMWpPqimX6%2BL%2BKuQQTVaaOg6x4SM8bK5NJDIQieFNLn3hznkk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f91bdb5195656b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12327&min_rtt=1642&rtt_var=6715&sent=15&recv=10&lost=0&retrans=0&sent_bytes=5279&recv_bytes=2056&delivery_rate=5387&cwnd=12000&unsent_bytes=0&cid=2b36063d7f44346d&ts=562&x=1", cfExtPri, cfHdrFlush;dur=0

recordedthereby.com/sfp.js

185.196.197.72

200 OK

85 kB

URL GET HTTP/1.1
recordedthereby.com/sfp.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://forgepattern.net/embed/ugce3jz6chx
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
FingerprintE0:09:99:E3:0E:A5:83:8D:96:1B:26:8A:2E:AC:12:98:C6:D3:E1:76
ValidityWed, 06 Nov 2024 14:09:18 GMT - Tue, 04 Feb 2025 14:09:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85378 bytes)
Hash
7e3e44049654b6e244c1777e68ffb8e7
8f2a8298666d607afd92a0baa362ef4dc9ccd039
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://forgepattern.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 28 Dec 2024 13:01:49 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: ed838c9c2fcc72bac5b3cb32ccd86ca1
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

proftrafficcounter.com/stats

18.195.160.253

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.195.160.253:443
ASN
#16509 AMAZON-02

Requested by
https://forgepattern.net/embed/ugce3jz6chx
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
03a00fe42a239f295c3d0ba768be3294
d07f447c70ce092f38865d39b646b439c1852254
aa21b8461f54043117d129ba86170c1634780676f2e655699f70abeb64cd8096

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://forgepattern.net
DNT: 1
Connection: keep-alive
Referer: https://forgepattern.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Dec 2024 13:01:49 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://forgepattern.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=1ab41135-8a51-4e0b-8cab-6acd69e12758:2:1; expires=Tue, 26 Dec 2034 13:01:49 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

acscdn.com/script/aclib.js

188.114.96.1

200 OK

43 kB

URL GET HTTP/3
acscdn.com/script/aclib.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elixx.one/aw/partizan.php
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
Fingerprint1F:E8:1B:AB:2F:10:3D:AD:4F:28:4D:C2:4F:34:DF:AD:24:FB:B8:8C
ValidityThu, 19 Dec 2024 19:16:31 GMT - Wed, 19 Mar 2025 20:15:02 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
43 kB (42759 bytes)
Hash
d4fb9505387799ede43551f6f039d23e
7b818be8a3326a578668a5f2b4b4a193d64e4d22
1f435488d45b53058e71d6f4078fbc241c922e8adc35d521593da67830fbb005

HTTP Headers

GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elixx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 28 Dec 2024 13:01:47 GMT
content-type: text/javascript
x-goog-generation: 1733236751689553
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 134520
x-goog-hash: crc32c=u3ryWg==, md5=1PuVBTh3me3kNVH28DnSPg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: AFiumC481PbMR_WhwRup9Y4gan30t2PgcMtuE-U76rn37P6usvKcFSVE9SnkF8uxzIy7cdXV
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 28 Dec 2024 12:38:12 GMT
cache-control: public, max-age=3600
age: 1990
last-modified: Tue, 03 Dec 2024 14:39:11 GMT
etag: W/"d4fb9505387799ede43551f6f039d23e"
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jZRQr7rTA0Ee5tnmCp0FCBrxhLKUXHMfIYqEA4YqV%2FYvcxncR6tZrgbzvQLbQzba0MThKkrFGQ%2BEnzbnMhYsCcGfwotNogeD3VksoE%2Fg9Mf9zeOgYajNj%2FFi8hEh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f91bdb61e3c5685-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=QUIC&rtt=2940&min_rtt=772&rtt_var=2089&sent=67&recv=14&lost=0&retrans=0&sent_bytes=63960&recv_bytes=1808&delivery_rate=1895058&cwnd=48000&unsent_bytes=0&cid=9d3831cf43a4a018&ts=307&x=1", cfExtPri, cfHdrFlush;dur=0

yummyadvertiseexploded.com/pixel/pure

192.243.61.225

204 No Content

0 B

URL POST HTTP/1.1
yummyadvertiseexploded.com/pixel/pure
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://forgepattern.net/embed/ugce3jz6chx
Certificate
IssuerLet's Encrypt
Subjectyummyadvertiseexploded.com
Fingerprint3D:4F:15:D7:2D:87:5D:A8:62:F5:7D:9A:F0:D8:21:2F:E5:D3:CC:DE
ValidityWed, 18 Dec 2024 21:23:41 GMT - Tue, 18 Mar 2025 21:23:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /pixel/pure HTTP/1.1
Host: yummyadvertiseexploded.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://forgepattern.net/
Origin: https://forgepattern.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.21.6
Date: Sat, 28 Dec 2024 13:01:50 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

yummyadvertiseexploded.com/pixel/pure

192.243.61.225

200 OK

0 B

URL POST HTTP/1.1
yummyadvertiseexploded.com/pixel/pure
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://forgepattern.net/embed/ugce3jz6chx
Certificate
IssuerLet's Encrypt
Subjectyummyadvertiseexploded.com
Fingerprint3D:4F:15:D7:2D:87:5D:A8:62:F5:7D:9A:F0:D8:21:2F:E5:D3:CC:DE
ValidityWed, 18 Dec 2024 21:23:41 GMT - Tue, 18 Mar 2025 21:23:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /pixel/pure HTTP/1.1
Host: yummyadvertiseexploded.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 74
Origin: https://forgepattern.net
DNT: 1
Connection: keep-alive
Referer: https://forgepattern.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 28 Dec 2024 13:01:50 GMT
Content-Length: 0
Connection: keep-alive
Host: yummyadvertiseexploded.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

acacdn.com/script/suv4.js

172.67.137.119

200 OK

139 kB

URL GET HTTP/2
acacdn.com/script/suv4.js
IP
172.67.137.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elixx.one/aw/partizan.php
Certificate
IssuerGoogle Trust Services
Subjectacacdn.com
FingerprintA9:BC:DF:83:5C:50:E1:3A:4F:6C:C1:C6:6B:70:78:4C:89:99:89:1A
ValidityMon, 23 Dec 2024 02:24:35 GMT - Sun, 23 Mar 2025 03:22:09 GMT

File type

Size
139 kB (138647 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/suv4.js HTTP/1.1
Host: acacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elixx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Dec 2024 13:01:57 GMT
content-type: text/javascript
x-guploader-uploadid: AFiumC5gDwLGRi8DsSSKKeeUKdmuCkDCYqSGCtpIfeRo8Jcgl2b5G7-Y6I-oJhJf6Mt5Wlos_pSK2fY
x-goog-generation: 1733237195342236
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 138647
x-goog-hash: crc32c=bMeDrQ==, md5=rIGTZ3ICP17LHlzCv9K4Dg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sat, 28 Dec 2024 12:57:19 GMT
cache-control: public, max-age=14400
age: 2865
last-modified: Tue, 03 Dec 2024 14:46:35 GMT
etag: W/"ac81936772023f5ecb1e5cc2bfd2b80e"
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BuIT35ecyc9GSFKQ9JX5KF44NttsPx34y2QO6lZd%2FW57WnIkJ%2BTYekctReSarN6NmuZ0SisGx4igZN9cYvJnCdtjuOeWcvm2uL10JcFY6wJ1jls0pF8RbkWqBE44"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f91bdf55b1bb517-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=633&min_rtt=488&rtt_var=273&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3195&recv_bytes=1052&delivery_rate=5950684&cwnd=254&unsent_bytes=0&cid=6f9119ac54628795&ts=36&x=0"
X-Firefox-Spdy: h2

youradexchange.com/script/suurl5.php?r=6144270&cbur=0.5563618263343793&cbiframe=1&cbWidth=1200&cbHeight=675&cbtitle=X-PARTIZAN%20-%20WENGER&cbpage=https%3A%2F%2Felixx.one%2Fpartizan.html&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1735390918120&srs=706e7dd3a7189b456978e104e70ed701&atv=57.0-sw-suv5

104.21.91.188

200 OK

843 B

URL GET HTTP/2
youradexchange.com/script/suurl5.php?r=6144270&cbur=0.5563618263343793&cbiframe=1&cbWidth=1200&cbHeight=675&cbtitle=X-PARTIZAN%20-%20WENGER&cbpage=https%3A%2F%2Felixx.one%2Fpartizan.html&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1735390918120&srs=706e7dd3a7189b456978e104e70ed701&atv=57.0-sw-suv5
IP
104.21.91.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elixx.one/aw/partizan.php
Certificate
IssuerGoogle Trust Services
Subjectyouradexchange.com
Fingerprint8B:14:37:06:AD:3B:34:24:D2:1C:2E:8F:85:18:45:17:CE:7A:8F:77
ValidityFri, 06 Dec 2024 14:16:45 GMT - Thu, 06 Mar 2025 14:16:44 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (869), with no line terminators
Size
843 B (843 bytes)
Hash
525d4d533aa5c26355681da8d78da59f
2a14e0b6a7201027cc39ca8408d10e30839c04f0
32a9be7144130f1a1b0d297cb2230c3852a6d7292876ba5931710ca8f05b0e19

HTTP Headers

GET /script/suurl5.php?r=6144270&cbur=0.5563618263343793&cbiframe=1&cbWidth=1200&cbHeight=675&cbtitle=X-PARTIZAN%20-%20WENGER&cbpage=https%3A%2F%2Felixx.one%2Fpartizan.html&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits&ts=1735390918120&srs=706e7dd3a7189b456978e104e70ed701&atv=57.0-sw-suv5 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elixx.one/
Origin: https://elixx.one
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Dec 2024 13:01:58 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eAqCaCmW%2BQdHJyJZkdDzF52fqlJXK4xnbqJh4a4BbFctgJvfEBcl87myLa7dfTDsfG9w%2Fv1W9aRdiwztoqPnUHopu5P61dpFfoFbiX4fCJFDmRFun%2F11udY6tbM%2Fi6mfAENXcV0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f91bdf64c4bb517-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1375&min_rtt=435&rtt_var=877&sent=15&recv=14&lost=0&retrans=0&sent_bytes=5882&recv_bytes=2161&delivery_rate=7855334&cwnd=256&unsent_bytes=0&cid=23ca3a0f47fe4197&ts=10469&x=0"
X-Firefox-Spdy: h2

forgepattern.net/css/embed.min.css?v=0.5

188.114.96.1

200 OK

1.3 kB

URL GET HTTP/3
forgepattern.net/css/embed.min.css?v=0.5
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://forgepattern.net/embed/ugce3jz6chx
Certificate
IssuerGoogle Trust Services
Subjectforgepattern.net
Fingerprint7D:08:DC:06:3B:79:F6:A2:43:39:5A:71:4C:D6:AC:63:5A:CC:62:18
ValiditySat, 23 Nov 2024 21:35:24 GMT - Fri, 21 Feb 2025 21:35:23 GMT

File type
ASCII text, with very long lines (1265), with no line terminators
Size
1.3 kB (1264 bytes)
Hash
f413142146e449f5b24093c83d876f95
4b687922907a8a847a961b768887a5989508315f
8808c318228b4eeecd5e15377ddc71fcd592ad54884dc86b649469b7973edf63

HTTP Headers

GET /css/embed.min.css?v=0.5 HTTP/1.1
Host: forgepattern.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://forgepattern.net/embed/ugce3jz6chx
Cookie: hf1=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Dec 2024 13:01:48 GMT
content-type: text/css
last-modified: Thu, 09 Jun 2022 09:49:16 GMT
etag: W/"62a1c21c-4f0"
expires: Sat, 28 Dec 2024 23:43:29 GMT
cache-control: max-age=608400
cf-cache-status: HIT
age: 569899
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HSEL1ChRjR%2B8oI9y1NLKWQ2FCFWVdVNwEF4r1z4btgXAcoueJ877E61X5%2BCKu0MPwOwIHOlNomt0mBVOe62dXA8MQN5APvD7sJ2G%2FVWad6rfLADwYbLQkWLUrajWQXgelrdq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f91bdb8ed547131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3450&min_rtt=1334&rtt_var=2011&sent=14&recv=9&lost=0&retrans=0&sent_bytes=4189&recv_bytes=1479&delivery_rate=445225&cwnd=12000&unsent_bytes=0&cid=758dc8ece9289c7b&ts=85&x=1", cfExtPri, cfHdrFlush;dur=0

forgepattern.net/deb.js

188.114.96.1

200 OK

26 kB

URL GET HTTP/3
forgepattern.net/deb.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://forgepattern.net/embed/ugce3jz6chx
Certificate
IssuerGoogle Trust Services
Subjectforgepattern.net
Fingerprint7D:08:DC:06:3B:79:F6:A2:43:39:5A:71:4C:D6:AC:63:5A:CC:62:18
ValiditySat, 23 Nov 2024 21:35:24 GMT - Fri, 21 Feb 2025 21:35:23 GMT

File type
JavaScript source, ASCII text, with very long lines (21359)
Size
26 kB (25680 bytes)
Hash
4854629b2f59efbee5662790a405fa68
961af168c9029a8a3765356bd37631fa3941ccb2
00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5

HTTP Headers

GET /deb.js HTTP/1.1
Host: forgepattern.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://forgepattern.net/embed/ugce3jz6chx
Cookie: hf1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Dec 2024 13:01:48 GMT
content-type: application/javascript
last-modified: Wed, 22 Feb 2023 13:57:38 GMT
etag: W/"63f61f52-6450"
expires: Sat, 04 Jan 2025 09:39:14 GMT
cache-control: max-age=608400
cf-cache-status: HIT
age: 15754
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2Bmxc9rSGYPulGjDiZVWMk77J%2FaEbxS%2F8IN3eNt5VdLblYppr5%2Bu4M01y8LwyUdO6%2FEG0d4khp1wgCmMDT8uZDGTw4DLqQWyd6kDQT%2FEk6itnBmm%2Fr9QD4kNhst%2B9xP%2BdthI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f91bdb90d817131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2771&min_rtt=1006&rtt_var=1900&sent=45&recv=13&lost=0&retrans=0&sent_bytes=38258&recv_bytes=1864&delivery_rate=20600855&cwnd=24000&unsent_bytes=0&cid=758dc8ece9289c7b&ts=102&x=1", cfExtPri, cfHdrFlush;dur=0

swarm.video/j79z9kzty.js?v=1.1

104.21.74.27

200 OK

546 kB

URL GET HTTP/2
swarm.video/j79z9kzty.js?v=1.1
IP
104.21.74.27:443
ASN
#13335 CLOUDFLARENET

Requested by
https://forgepattern.net/embed/ugce3jz6chx
Certificate
IssuerGoogle Trust Services
Subjectswarm.video
Fingerprint79:A8:AC:D9:5D:EA:92:AD:91:E1:F6:DB:0B:90:DB:93:B4:08:77:4A
ValiditySat, 16 Nov 2024 06:31:22 GMT - Fri, 14 Feb 2025 06:31:21 GMT

File type

Size
546 kB (545594 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /j79z9kzty.js?v=1.1 HTTP/1.1
Host: swarm.video
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://forgepattern.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Dec 2024 13:01:48 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
cache-control: public, max-age=31536000
last-modified: Mon, 10 Jul 2023 00:04:26 GMT
etag: W/"8533a-1893d1d213a"
cf-cache-status: HIT
age: 645588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FSvEYKjf1PMdIBgiJRpuOzkOm2rn9Q2FE4wdd2y%2FTNIVVKs97LGnmcKJxgQWSidLBnRFoulfdA%2BwYwsdTwBqyZxBawjT4FPSGxTDQ54N9pMUNFflUjaa28J1OGH5VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f91bdb93cf5569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=504&min_rtt=440&rtt_var=173&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3273&recv_bytes=1187&delivery_rate=7941499&cwnd=253&unsent_bytes=0&cid=d562f69c8558bd05&ts=45&x=0"
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

104.18.187.31

200 OK

525 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://forgepattern.net/embed/ugce3jz6chx
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type

Size
525 kB (525081 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npm/clappr@latest/dist/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://forgepattern.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Dec 2024 13:01:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 145133
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 0.3.13
x-jsd-version-type: version
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
content-encoding: br
x-served-by: cache-fra-eddf8230067-FRA, cache-lga21958-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 25934
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DkCOXZfaw97wPXQrLhZ78cv%2BS8v%2FpmFCcjxpwhU57o%2BZKr7gh0GpVVxUAyXOPOjqYEH%2BG89XMUl%2BgzfPLnyAbJX5XR7MlR1lYGMVMzJeTveLIgEQwaN1wg%2BmVHEVxtvR5mU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f91bdb9295ab517-OSL
X-Firefox-Spdy: h2

elixx.one/partizan.html

104.21.71.3

200 OK

3.8 kB

URL User Request GET HTTP/2
elixx.one/partizan.html
IP
104.21.71.3:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectelixx.one
Fingerprint44:C3:F4:59:AA:F5:8F:53:61:C5:22:69:39:94:66:E5:15:BE:62:08
ValidityThu, 21 Nov 2024 14:53:29 GMT - Wed, 19 Feb 2025 14:53:28 GMT

File type
JavaScript source, ASCII text, with very long lines (4093), with no line terminators
Size
3.8 kB (3787 bytes)
Hash
f54e7ea4c059ab9ef9782f588ce5f951
d27e90d6256fcc63dd707b485c465c3642dfd94f
c40d16c0ed8115da84a77506730f63ee5dd4afbf06222a52eb971ab7f0fba29a

HTTP Headers

GET /partizan.html HTTP/1.1
Host: elixx.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Dec 2024 13:01:47 GMT
content-type: text/html
cf-cache-status: DYNAMIC
last-modified: Fri, 29 Nov 2024 18:46:49 GMT
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=02uR9syI4odpY0xJLjpgaRWxUl24hRyTpyIMB%2BaSfSowp6Na6aHKXCVW5qnB%2F%2BjBDLjPMrMioi7YpHjLPXpiihowT%2B5ctWafXteanyzeVdOHHGhvsZcrzHRdFJw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f91bdb189365696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5797&min_rtt=439&rtt_var=10649&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3267&recv_bytes=1244&delivery_rate=5792000&cwnd=254&unsent_bytes=0&cid=9447127b8971148b&ts=139&x=0"
X-Firefox-Spdy: h2

elixx.one/favicon.ico

104.21.71.3

404 Not Found

315 B

URL GET HTTP/3
elixx.one/favicon.ico
IP
104.21.71.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elixx.one/partizan.html
Certificate
IssuerGoogle Trust Services
Subjectelixx.one
Fingerprint44:C3:F4:59:AA:F5:8F:53:61:C5:22:69:39:94:66:E5:15:BE:62:08
ValidityThu, 21 Nov 2024 14:53:29 GMT - Wed, 19 Feb 2025 14:53:28 GMT

File type
HTML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: elixx.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elixx.one/partizan.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 28 Dec 2024 13:01:47 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2FqXm%2BWCn8P10TAGS%2FMhmWM1Zc6uP7UfYWLgoJSDzV6lwRKv068leXZQM4s2xbvx7BWjD5xw7d4aowngt33YQ0gsp6DVXMWVib6w%2Fee2Bu0jv2UL59m1wB9tXDU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f91bdb599fb56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10280&min_rtt=1642&rtt_var=7240&sent=20&recv=12&lost=0&retrans=0&sent_bytes=9547&recv_bytes=2144&delivery_rate=501023&cwnd=12000&unsent_bytes=0&cid=2b36063d7f44346d&ts=645&x=1", cfExtPri, cfHdrFlush;dur=0

elixx.one/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.21.71.3

200 OK

1.2 kB

URL GET HTTP/3
elixx.one/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.21.71.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elixx.one/partizan.html
Certificate
IssuerGoogle Trust Services
Subjectelixx.one
Fingerprint44:C3:F4:59:AA:F5:8F:53:61:C5:22:69:39:94:66:E5:15:BE:62:08
ValidityThu, 21 Nov 2024 14:53:29 GMT - Wed, 19 Feb 2025 14:53:28 GMT

File type
HTML document, ASCII text, with very long lines (1271), with no line terminators
Size
1.2 kB (1239 bytes)
Hash
40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: elixx.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elixx.one/partizan.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Dec 2024 13:01:47 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 15:31:09 GMT
etag: W/"675318bd-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zXLgYmB%2BH3%2B4HDY0aEbDZx5EFD5BbA1u2jbrG2zVWs9aVJaEw5v6lPHgsZTXmYbyEQCLNDksDRMVtbWEOFUa2N%2BuZ1L5gNp0pCDQC8bwWrhB%2BTA3fmAAM2OOapA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f91bdb3af0f56b5-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 13:01:47 GMT
cache-control: max-age=172800, public
content-encoding: gzip

elixx.one/schedule.html

104.21.71.3

200 OK

14 kB

URL GET HTTP/3
elixx.one/schedule.html
IP
104.21.71.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elixx.one/partizan.html
Certificate
IssuerGoogle Trust Services
Subjectelixx.one
Fingerprint44:C3:F4:59:AA:F5:8F:53:61:C5:22:69:39:94:66:E5:15:BE:62:08
ValidityThu, 21 Nov 2024 14:53:29 GMT - Wed, 19 Feb 2025 14:53:28 GMT

File type
HTML document, ASCII text
Size
14 kB (13846 bytes)
Hash
e9db1b7728d94d48c7a14dc7e3e9faa0
cd167af1aaaa2bbdc76d05ef7b879742affba38e
a4a77eafcfe4e09c509e4c7e11f84344ae07a8cef41b1df33379cf4adcbfb83e

HTTP Headers

GET /schedule.html HTTP/1.1
Host: elixx.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elixx.one/partizan.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Dec 2024 13:01:47 GMT
content-type: text/html
cf-cache-status: DYNAMIC
last-modified: Fri, 27 Dec 2024 22:28:57 GMT
vary: Accept-Encoding,User-Agent
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SYT41AHBkqMmypXfg3jrkkXixhu3c1nRFyx%2BZTV9JfaGmrxRhkZB4oznD1JYcHJZJqkOdjz0U7%2BX2lBUqWbW33jF97bpGBv1TwfTdppZjHVUPkRc4BSgdwDxR%2Fk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f91bdb5195b56b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11065&min_rtt=1642&rtt_var=7561&sent=17&recv=11&lost=0&retrans=0&sent_bytes=6887&recv_bytes=2100&delivery_rate=13191&cwnd=12000&unsent_bytes=0&cid=2b36063d7f44346d&ts=574&x=1", cfExtPri, cfHdrFlush;dur=0

acscdn.com/script/ut.js?cb=1735390907925

188.114.96.1

200 OK

66 kB

URL GET HTTP/3
acscdn.com/script/ut.js?cb=1735390907925
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elixx.one/aw/partizan.php
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
Fingerprint1F:E8:1B:AB:2F:10:3D:AD:4F:28:4D:C2:4F:34:DF:AD:24:FB:B8:8C
ValidityThu, 19 Dec 2024 19:16:31 GMT - Wed, 19 Mar 2025 20:15:02 GMT

File type

Size
66 kB (66473 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/ut.js?cb=1735390907925 HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elixx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Dec 2024 13:01:47 GMT
content-type: text/javascript
x-goog-generation: 1733127707295818
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 66473
x-goog-hash: crc32c=VBET1w==, md5=SvoqyZ+XMx3JgmPUkCKpWA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: AFiumC7oCBlmwuK17K9zFz_TIMhxuxXfJxbDTu_Fy_cch2oRS5kzViGYukoXL__ReQlXSoycFq8pXvs
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 28 Dec 2024 12:51:13 GMT
cache-control: public, max-age=3600
age: 2018
last-modified: Mon, 02 Dec 2024 08:21:47 GMT
etag: W/"4afa2ac99f97331dc98263d49022a958"
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nT8%2B%2BsF5IkIrgpwisCUctPZkxpAZqNlFTy25unP%2FI%2FxXekprSwf6wnh3etos66tSAhHmgvwG0BpXyFlyu8rp8VbhDF5pv2XfecSfbTfAm4al4%2Fx2SOrnT2x0eOyk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f91bdb68ec55685-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=QUIC&rtt=2735&min_rtt=772&rtt_var=1975&sent=107&recv=17&lost=0&retrans=0&sent_bytes=108403&recv_bytes=2328&delivery_rate=3437827&cwnd=48000&unsent_bytes=0&cid=9d3831cf43a4a018&ts=384&x=1", cfExtPri, cfHdrFlush;dur=0

pubtrky.com/ut/hb.php?cb=0.7740251209660817&v=1

172.67.188.110

204 No Content

0 B

URL POST HTTP/2
pubtrky.com/ut/hb.php?cb=0.7740251209660817&v=1
IP
172.67.188.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elixx.one/aw/partizan.php
Certificate
IssuerGoogle Trust Services
Subjectpubtrky.com
FingerprintDD:A3:0B:CC:9D:68:9D:75:F4:A8:B5:E5:73:8D:94:92:69:FB:88:A4
ValiditySat, 09 Nov 2024 10:34:14 GMT - Fri, 07 Feb 2025 10:34:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ut/hb.php?cb=0.7740251209660817&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 863
Origin: https://elixx.one
DNT: 1
Connection: keep-alive
Referer: https://elixx.one/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sat, 28 Dec 2024 13:01:48 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1CLDXeeATAgXzxkdSoGnnr%2BBO7RhZzRFK%2BJnOjYuv6LaFOpfMfxwZxUkxF0UNER5ybJ0dYJzRev%2B90NrdaaIz3GLP%2BGcNXbKlkB3oFpC8lUBEx0z6FDRDm%2FbmjzNug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f91bdb6ecc1568e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2836&min_rtt=571&rtt_var=4589&sent=10&recv=13&lost=0&retrans=0&sent_bytes=3861&recv_bytes=3075&delivery_rate=7006451&cwnd=254&unsent_bytes=0&cid=b1c5d0ffea95f22d&ts=179&x=0"
X-Firefox-Spdy: h2

dvxrxm-cxo.top/script/ut.js?cb=1735390908721

104.21.19.207

200 OK

66 kB

URL GET HTTP/2
dvxrxm-cxo.top/script/ut.js?cb=1735390908721
IP
104.21.19.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://forgepattern.net/embed/ugce3jz6chx
Certificate
IssuerGoogle Trust Services
Subjectdvxrxm-cxo.top
Fingerprint34:C3:9E:9D:83:B3:8F:ED:EF:DE:39:7C:7B:AE:F3:05:07:11:2D:8E
ValidityMon, 23 Dec 2024 03:54:41 GMT - Sun, 23 Mar 2025 04:53:23 GMT

File type

Size
66 kB (66473 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/ut.js?cb=1735390908721 HTTP/1.1
Host: dvxrxm-cxo.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://forgepattern.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 28 Dec 2024 13:01:48 GMT
content-type: text/javascript
x-goog-generation: 1733127707295818
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 66473
x-goog-hash: crc32c=VBET1w==, md5=SvoqyZ+XMx3JgmPUkCKpWA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: AFiumC7-VLF6iOlNPgIdRsxYI8-7srOUWviOT8fRwRhOTAGmc5QEJ4meGUHohc1YwJWCrTwU
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 28 Dec 2024 13:33:52 GMT
cache-control: public, max-age=14400
age: 155
last-modified: Mon, 02 Dec 2024 08:21:47 GMT
etag: W/"4afa2ac99f97331dc98263d49022a958"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pokY5qUeBajWZz4loRUJ78XdzjUrHguzUMIA6etk5Z9Zm4Po%2B90M0y3mRvdQIwPDMqlgLpc1M7i4xXf9b3Qh1eEdj%2BwxgwCgaWCSXof8oLqFBkHEEpfPlY0RtJ5pRJEdmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f91bdbbad29712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=492&min_rtt=470&rtt_var=80&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3206&recv_bytes=1072&delivery_rate=8000000&cwnd=251&unsent_bytes=0&cid=1903998ff1f6acaf&ts=30&x=0"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:400,700

142.250.74.106

200 OK

1.6 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Lato:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://forgepattern.net/embed/ugce3jz6chx
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
ASCII text, with very long lines (1588), with no line terminators
Size
1.6 kB (1556 bytes)
Hash
773216660268a6008bd6fae9c2dfcd0f
14fd680e323867c66d00962ec0eafc87e5bb6fd3
22a29e1129011731e40c11d6742243ce0f95030dc7a430a4c94118b49805dafd

HTTP Headers

GET /css?family=Lato:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://forgepattern.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Dec 2024 13:01:48 GMT
date: Sat, 28 Dec 2024 13:01:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.67

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://forgepattern.net/embed/ugce3jz6chx
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://forgepattern.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Dec 2024 03:52:48 GMT
expires: Sun, 28 Dec 2025 03:52:48 GMT
cache-control: public, max-age=31536000
age: 32940
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

acscdn.com/script/ut.js?cb=1735390907746

188.114.96.1

200 OK

66 kB

URL GET HTTP/3
acscdn.com/script/ut.js?cb=1735390907746
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elixx.one/partizan.html
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
Fingerprint1F:E8:1B:AB:2F:10:3D:AD:4F:28:4D:C2:4F:34:DF:AD:24:FB:B8:8C
ValidityThu, 19 Dec 2024 19:16:31 GMT - Wed, 19 Mar 2025 20:15:02 GMT

File type

Size
66 kB (66473 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/ut.js?cb=1735390907746 HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elixx.one/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 28 Dec 2024 13:01:47 GMT
content-type: text/javascript
x-goog-generation: 1733127707295818
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 66473
x-goog-hash: crc32c=VBET1w==, md5=SvoqyZ+XMx3JgmPUkCKpWA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: AFiumC7oCBlmwuK17K9zFz_TIMhxuxXfJxbDTu_Fy_cch2oRS5kzViGYukoXL__ReQlXSoycFq8pXvs
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 28 Dec 2024 12:51:13 GMT
cache-control: public, max-age=3600
age: 2018
last-modified: Mon, 02 Dec 2024 08:21:47 GMT
etag: W/"4afa2ac99f97331dc98263d49022a958"
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N1GIaLLzbu0I2Arfvhxjzh3PonPhsTRwJiKjsjjJx6MAIE6%2FtnpfxgywJztgo45mE5tgDLUGH2zYwrU9bj9rSImNYfWA8rv6BzZOi1aC1eGqH2%2BY1YTMyK65cnHj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f91bdb57d835685-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=QUIC&rtt=3535&min_rtt=1647&rtt_var=1851&sent=43&recv=11&lost=0&retrans=0&sent_bytes=38470&recv_bytes=1489&delivery_rate=13563599&cwnd=24000&unsent_bytes=0&cid=9d3831cf43a4a018&ts=209&x=1", cfExtPri, cfHdrFlush;dur=0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML