Submitted URL: http://crotpedia.net/0.02336489175882639
Effective URL: https://185.193.17.214/0.02336489175882639
Submission: On May 10 via api from US — Scanned from DE

Summary

This website contacted 13 IPs in 5 countries across 11 domains to perform 38 HTTP transactions. The main IP is 185.193.17.214, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is 185.193.17.214.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on March 23rd 2024. Valid for: 3 months.
This is the only time 185.193.17.214 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 158.220.106.212 51167 (CONTABO)
18 185.193.17.214 51167 (CONTABO)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.17.24.14 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 23.109.170.77 7979 (SERVERS-COM)
4 192.0.77.2 2635 (AUTOMATTIC)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 199.232.192.134 54113 (FASTLY)
2 216.58.212.130 15169 (GOOGLE)
1 149.56.240.27 16276 (OVH)
38 13
Apex Domain
Subdomains
Transfer
4 wp.com
i0.wp.com — Cisco Umbrella Rank: 3774
5 MB
3 gstatic.com
fonts.gstatic.com
36 KB
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 13913
s4.histats.com — Cisco Umbrella Rank: 13947
11 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
241 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
51 KB
1 disqus.com
crotpedia-baru.disqus.com
2 KB
1 quaternnerka.com
quaternnerka.com
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
253 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
872 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
100 KB
1 crotpedia.net
crotpedia.net
123 B
38 11
Domain Requested by
4 i0.wp.com 185.193.17.214
3 fonts.gstatic.com fonts.googleapis.com
3 cdnjs.cloudflare.com 185.193.17.214
cdnjs.cloudflare.com
2 pagead2.googlesyndication.com 185.193.17.214
2 s10.histats.com 185.193.17.214
s10.histats.com
1 s4.histats.com s10.histats.com
1 crotpedia-baru.disqus.com 185.193.17.214
1 quaternnerka.com 185.193.17.214
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com 185.193.17.214
1 www.googletagmanager.com 185.193.17.214
1 crotpedia.net 1 redirects
38 12
Subject Issuer Validity Valid
185.193.17.214
ZeroSSL RSA Domain Secure Site CA
2024-03-23 -
2024-06-21
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
quaternnerka.com
R3
2024-05-09 -
2024-08-07
3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2023-11-28 -
2024-12-28
a year crt.sh
s10.histats.com
E1
2024-04-11 -
2024-07-10
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA
2024-04-16 -
2025-04-16
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
histats.com
R3
2024-02-16 -
2024-05-16
3 months crt.sh

This page contains 1 frames:

Primary Page: https://185.193.17.214/0.02336489175882639
Frame ID: 2D90B404E1C23C9CD5DEAAAABB382F3E
Requests: 40 HTTP requests in this frame

Screenshot

Page Title

Page Not Found - CrotPedia

Page URL History Show full URLs

  1. http://crotpedia.net/0.02336489175882639 HTTP 307
    https://crotpedia.net/0.02336489175882639 HTTP 301
    http://158.220.106.212/0.02336489175882639 HTTP 307
    https://158.220.106.212/0.02336489175882639 HTTP 301
    https://185.193.17.214/0.02336489175882639 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

100 %
HTTPS

38 %
IPv6

11
Domains

12
Subdomains

13
IPs

5
Countries

5714 kB
Transfer

6625 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://crotpedia.net/0.02336489175882639 HTTP 307
    https://crotpedia.net/0.02336489175882639 HTTP 301
    http://158.220.106.212/0.02336489175882639 HTTP 307
    https://158.220.106.212/0.02336489175882639 HTTP 301
    https://185.193.17.214/0.02336489175882639 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 0.02336489175882639
185.193.17.214/
Redirect Chain
  • http://crotpedia.net/0.02336489175882639
  • https://crotpedia.net/0.02336489175882639
  • http://158.220.106.212/0.02336489175882639
  • https://158.220.106.212/0.02336489175882639
  • https://185.193.17.214/0.02336489175882639
76 KB
21 KB
Document
General
Full URL
https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
3c2118bb93bb025feba75e27c07416204fe65986898aaad8fd7643adc2b9561c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 10 May 2024 21:04:30 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://185.193.17.214/wp-json/>; rel="https://api.w.org/"
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
162
content-type
text/html
date
Fri, 10 May 2024 21:04:29 GMT
location
https://185.193.17.214/0.02336489175882639
server
nginx
strict-transport-security
max-age=31536000
js
www.googletagmanager.com/gtag/
301 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FZ8NH74NEP
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c36677910ee7992aac8aef75f16a2e0928a649d265a5be45c0e00f77ee50ee67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102177
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 10 May 2024 21:04:30 GMT
autoptimize_single_3f95dfea891885f0ef3c55bda95e16a9.css
185.193.17.214/wp-content/cache/autoptimize/css/
411 B
615 B
Stylesheet
General
Full URL
https://185.193.17.214/wp-content/cache/autoptimize/css/autoptimize_single_3f95dfea891885f0ef3c55bda95e16a9.css?ver=1.6.5
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
05d684a81118e1a3a342ac613db1c934994f67750cfe30647eb133893704790d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 May 2024 12:21:04 GMT
server
nginx
etag
"663233b0-19b"
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
content-length
411
expires
Sat, 11 May 2024 09:04:30 GMT
autoptimize_single_e6fa0ab1e511473032e374f0ec4fc1ec.css
185.193.17.214/wp-content/cache/autoptimize/css/
70 KB
12 KB
Stylesheet
General
Full URL
https://185.193.17.214/wp-content/cache/autoptimize/css/autoptimize_single_e6fa0ab1e511473032e374f0ec4fc1ec.css?ver=4.2.7
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
a757256a908cd221551a885b12d46ffd33ef7127101afe4ed3593a33d9bc6fd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 01 May 2024 12:21:04 GMT
server
nginx
etag
W/"663233b0-11711"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sat, 11 May 2024 09:04:30 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/
82 KB
15 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css?ver=6.5.3
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1271144
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14850
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"619c057b-3a02"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FI2fcltbwR1LRKIWsWWH4cWgjR9WapdpT%2FN3%2FsN4UmTyL2vF%2FzxPOQIRsj9K4oBiebDev1G2DoMsFdG19KOfts%2B%2BSYJUV5YJPlosUohvuKgbM7%2BQy0LKxtaCpvCtS3OX1TmBgG%2Fj"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
881ce1cdffff1c6d-FRA
expires
Wed, 30 Apr 2025 21:04:30 GMT
autoptimize_single_34ed60bfe8d9e46ba5e158024717bf25.css
185.193.17.214/wp-content/cache/autoptimize/css/
41 KB
11 KB
Stylesheet
General
Full URL
https://185.193.17.214/wp-content/cache/autoptimize/css/autoptimize_single_34ed60bfe8d9e46ba5e158024717bf25.css?ver=6.5.3
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
40ff6cf33d75a69fd250cc72092bd59dbdcd88880c0ca230948007f4f4cf1ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 01 May 2024 12:21:04 GMT
server
nginx
etag
W/"663233b0-a2c4"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sat, 11 May 2024 09:04:30 GMT
sweetalert2.min.css
185.193.17.214/wp-content/themes/ZManga/assets/css/
30 KB
5 KB
Stylesheet
General
Full URL
https://185.193.17.214/wp-content/themes/ZManga/assets/css/sweetalert2.min.css?ver=6.5.3
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
5fbdef4b06a2f251d6b53984888d52b3d0029c6d5ee2cf64939afd46fd2baea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 23 Mar 2024 14:18:25 GMT
server
nginx
etag
W/"65fee4b1-76d6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sat, 11 May 2024 09:04:30 GMT
autoptimize_single_223005bf4fec8b3d40947cc804ab5b0d.css
185.193.17.214/wp-content/cache/autoptimize/css/
8 KB
3 KB
Stylesheet
General
Full URL
https://185.193.17.214/wp-content/cache/autoptimize/css/autoptimize_single_223005bf4fec8b3d40947cc804ab5b0d.css?ver=2.3.4
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
2e56185894441064e5f040533ef31b9080a5c196f12de09916581b9ef7291df5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 01 May 2024 12:21:04 GMT
server
nginx
etag
W/"663233b0-2036"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sat, 11 May 2024 09:04:30 GMT
jquery.min.js
185.193.17.214/wp-content/themes/ZManga/assets/js/
91 KB
36 KB
Script
General
Full URL
https://185.193.17.214/wp-content/themes/ZManga/assets/js/jquery.min.js
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
e0108076470765be9ef1e9b242b8a52ef78c8f4532c7263426abc05ea4b60240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 23 Mar 2024 14:18:25 GMT
server
nginx
etag
W/"65fee4b1-16bab"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 11 May 2024 09:04:30 GMT
css2
fonts.googleapis.com/
2 KB
872 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Titillium+Web:wght@400;600;700&display=swap
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/wp-content/cache/autoptimize/css/autoptimize_single_34ed60bfe8d9e46ba5e158024717bf25.css?ver=6.5.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6884674b81f68b9f37fc3c18cfaf83441f7f12b7789ee690b8762ba23689dea6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 May 2024 21:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 May 2024 20:58:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 May 2024 21:04:30 GMT
arc-public.js
185.193.17.214/wp-content/plugins/anonymous-restricted-content/public/js/
3 KB
1 KB
Script
General
Full URL
https://185.193.17.214/wp-content/plugins/anonymous-restricted-content/public/js/arc-public.js?ver=1.6.5
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
8f3fecaef5016488536e64abbebb600b2b7464c9123caf12d835ef00cfccafa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 23 Mar 2024 14:18:20 GMT
server
nginx
etag
W/"65fee4ac-ce1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 11 May 2024 09:04:30 GMT
collect
region1.google-analytics.com/g/
0
253 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FZ8NH74NEP&gtm=45je4580v9182070316za200&_p=1715375070342&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1374446554.1715375071&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715375070&sct=1&seg=0&dl=https%3A%2F%2F185.193.17.214%2F0.02336489175882639&dt=Page%20Not%20Found%20-%20CrotPedia&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1601
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FZ8NH74NEP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 21:04:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://185.193.17.214
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Popup.js
185.193.17.214/wp-content/plugins/popup-builder/public/js/
38 KB
9 KB
Script
General
Full URL
https://185.193.17.214/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.2.7
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
113500b83a965388babfdb15b9740741f750db1890f6fa3677cf1bcaddd96089
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 23 Mar 2024 14:18:22 GMT
server
nginx
etag
W/"65fee4ae-981c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 11 May 2024 09:04:30 GMT
PopupConfig.js
185.193.17.214/wp-content/plugins/popup-builder/public/js/
6 KB
2 KB
Script
General
Full URL
https://185.193.17.214/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.2.7
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
3fe8c79d67b21039a5d059ef40761950fb76e1d17933d61509f7eb3c68f5aeeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 23 Mar 2024 14:18:22 GMT
server
nginx
etag
W/"65fee4ae-177a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 11 May 2024 09:04:30 GMT
PopupBuilder.js
185.193.17.214/wp-content/plugins/popup-builder/public/js/
80 KB
20 KB
Script
General
Full URL
https://185.193.17.214/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.2.7
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
12ff59b61b2d94ec029a1eda78cbc4b857eb7f7a5e0916bbaa656174b2834a3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 23 Mar 2024 14:18:22 GMT
server
nginx
etag
W/"65fee4ae-14099"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 11 May 2024 09:04:30 GMT
sweetalert2.all.min.js
185.193.17.214/wp-content/themes/ZManga/assets/js/
67 KB
16 KB
Script
General
Full URL
https://185.193.17.214/wp-content/themes/ZManga/assets/js/sweetalert2.all.min.js?ver=6.5.3
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
397ef71ffbac051b5536db3f974c25570a73b72e541c3e640c2b1ee2e8137e7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 23 Mar 2024 14:18:25 GMT
server
nginx
etag
W/"65fee4b1-10b88"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 11 May 2024 09:04:30 GMT
favorites.min.js
185.193.17.214/wp-content/plugins/favorites/assets/js/
19 KB
5 KB
Script
General
Full URL
https://185.193.17.214/wp-content/plugins/favorites/assets/js/favorites.min.js?ver=2.3.4
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
4483ba181b31ae3b0da032b419ae416a97076deb6e1b753219c591608ca27a99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 30 Mar 2024 13:24:35 GMT
server
nginx
etag
W/"66081293-4c90"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 11 May 2024 09:04:30 GMT
60806
quaternnerka.com/rqmdo5rLgbkAYx/
0
1 KB
Script
General
Full URL
https://quaternnerka.com/rqmdo5rLgbkAYx/60806
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.77 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 21:04:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://185.193.17.214
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Logo_20220602042150.png
i0.wp.com/38.242.194.12/wp-content/uploads/2022/07/
44 KB
44 KB
Image
General
Full URL
https://i0.wp.com/38.242.194.12/wp-content/uploads/2022/07/Logo_20220602042150.png
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
a56b542481bae3a016638396e12ce00ee8c7002e4b30c959aa9b0f01149a6138
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
44868
x-nc
HIT hhn 1
last-modified
Thu, 14 Jul 2022 08:35:02 GMT
server
nginx
etag
"d828b05f25aecbb8"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://38.242.194.12/wp-content/uploads/2022/07/Logo_20220602042150.png>; rel="canonical"
expires
Sat, 13 Jul 2024 20:35:02 GMT
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4273 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
4312
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
881ce1d02e531e4c-FRA
content-length
4547
icon.png
185.193.17.214/wp-content/plugins/chp-ads-block-detector/assets/img/
27 KB
27 KB
Image
General
Full URL
https://185.193.17.214/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
1b69924344adf7d64d2d4e06fad49867dbc58246cded8f2d132bface5a2dbf61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 23 Mar 2024 14:18:22 GMT
server
nginx
etag
"65fee4ae-6a7e"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
27262
expires
Sun, 09 Jun 2024 21:04:30 GMT
no-avatar.jpg
185.193.17.214/wp-content/themes/ZManga/assets/img/
1 KB
1 KB
Image
General
Full URL
https://185.193.17.214/wp-content/themes/ZManga/assets/img/no-avatar.jpg
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
83119d8b6e34c424cbc88305b0fd2d2146d3c5f79e5bdd289d4d55ed35db72d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 23 Mar 2024 14:18:25 GMT
server
nginx
etag
"65fee4b1-48b"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1163
expires
Sun, 09 Jun 2024 21:04:30 GMT
NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v17/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/titilliumweb/v17/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Titillium+Web:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://185.193.17.214
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 18:24:20 GMT
x-content-type-options
nosniff
age
528010
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12372
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:30:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 May 2025 18:24:20 GMT
NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v17/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Titillium+Web:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://185.193.17.214
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 08:27:48 GMT
x-content-type-options
nosniff
age
304602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12136
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:07:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 08:27:48 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/
122 KB
123 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css?ver=6.5.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css?ver=6.5.3
Origin
https://185.193.17.214
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
159086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
125064
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"619c057b-1e888"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DF4%2B7mEZwFXTuwo6zwGSw1WPva26YU6FxW0Krzqg4tDM3%2B4e4iWpDDVTTdMZCagYFoDwYRR22cFk8UOw37kOugN%2FDpBfm4adwo7s5cgjkL0YL3iKt%2F20ZTHrp1ximlSS5v4E5xsy"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
881ce1d02eac1cbf-FRA
expires
Wed, 30 Apr 2025 21:04:30 GMT
NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v17/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Titillium+Web:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://185.193.17.214
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 14:17:44 GMT
x-content-type-options
nosniff
age
110806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11796
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:48:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 May 2025 14:17:44 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/
103 KB
103 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css?ver=6.5.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a252d6393cbd6debe0ac517229c7aa258a0ee68fc0253f8be6a7cee8b65ee9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css?ver=6.5.3
Origin
https://185.193.17.214
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
263601
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
105204
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"619c057b-19af4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jg1a66dhZz%2FFnZnrMjKsUCrUkZ9Wx%2BwtL34tnyzwOz8iJZqa%2FdmFX2rIKafTtf2qZdtvUXPLqIUA0CZA9Ya5N2r3wvS17KkodPmLfl0YjIIlVH0zq2C1C3pARofrpLxsfIG8AhcD"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
881ce1d02ea81cbf-FRA
expires
Wed, 30 Apr 2025 21:04:30 GMT
KartuPoker-v2.gif
i0.wp.com/gambar.segs.my.id/images/2024/04/09/
4 MB
4 MB
Image
General
Full URL
https://i0.wp.com/gambar.segs.my.id/images/2024/04/09/KartuPoker-v2.gif
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
e8c9e2af7d9c76461c62555e76c3f4f0602b8772dfd6def5a7f3a6c1d14c5000
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
4391110
x-nc
HIT hhn 2
last-modified
Tue, 09 Apr 2024 05:06:10 GMT
server
nginx
etag
"37ecc7d9b09837e3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://gambar.segs.my.id/images/2024/04/09/KartuPoker-v2.gif>; rel="canonical"
expires
Thu, 09 Apr 2026 17:06:10 GMT
comment_count.js
185.193.17.214/wp-content/plugins/disqus-comment-system/public/js/
889 B
1 KB
Script
General
Full URL
https://185.193.17.214/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.1.1
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 03 Apr 2024 04:52:31 GMT
server
nginx
etag
"660ce08f-379"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
889
expires
Sat, 11 May 2024 09:04:30 GMT
count.js
crotpedia-baru.disqus.com/
1 KB
2 KB
Script
General
Full URL
https://crotpedia-baru.disqus.com/count.js
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 21:04:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW56-P1
Age
137
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 08 May 2024 16:51:37 GMT
Server
nginx
ETag
"663bad99-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
evAh60h1XeIaoY1FElNdK_05OwphEh5v2swsbFFsZOJRVAf3YdKQ9A==
DEWATOGEL_728x90-bokep-updated.gif
i0.wp.com/gambar.segs.my.id/images/2024/05/10/
243 KB
244 KB
Image
General
Full URL
https://i0.wp.com/gambar.segs.my.id/images/2024/05/10/DEWATOGEL_728x90-bokep-updated.gif
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
943f0a8b8e26f2b99a30c211d46c6a292b525f2a0112549245afb5d2e72f187f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
249196
x-nc
HIT hhn 3
last-modified
Fri, 10 May 2024 05:28:19 GMT
server
nginx
etag
"078103ef2e0f88c7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://gambar.segs.my.id/images/2024/05/10/DEWATOGEL_728x90-bokep-updated.gif>; rel="canonical"
expires
Sun, 10 May 2026 17:28:19 GMT
RP888__GIF_960x110.gif
i0.wp.com/gambar.segs.my.id/images/2024/04/16/
512 KB
513 KB
Image
General
Full URL
https://i0.wp.com/gambar.segs.my.id/images/2024/04/16/RP888__GIF_960x110.gif
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
27783c92f0e6ed4a3a641443c8460fc65d97decdcc44c2146d78ce91a4a6906b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
523932
x-nc
HIT hhn 3
last-modified
Tue, 16 Apr 2024 11:04:51 GMT
server
nginx
etag
"4a1db8acfe2590d3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://gambar.segs.my.id/images/2024/04/16/RP888__GIF_960x110.gif>; rel="canonical"
expires
Thu, 16 Apr 2026 23:04:51 GMT
truncated
/
298 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
596e00978d5880392bd798b549957a30a59c409885affe284076fc8b253c7c55

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
151 KB
51 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a7a722f36f7d96f637c86ef42579f1952b302338acf2ab9a2a2f27e5a43b5828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52053
x-xss-protection
0
server
cafe
etag
6093553755309070249
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 10 May 2024 21:04:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
151 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/0.02336489175882639
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a7a722f36f7d96f637c86ef42579f1952b302338acf2ab9a2a2f27e5a43b5828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52053
x-xss-protection
0
server
cafe
etag
6093553755309070249
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 10 May 2024 21:04:30 GMT
4863298.php
s4.histats.com/stats/
97 B
231 B
Script
General
Full URL
https://s4.histats.com/stats/4863298.php?4863298&@f16&@g1&@h1&@i1&@j1715375070784&@k0&@l1&@mPage%20Not%20Found%20-%20CrotPedia&@n0&@o1000&@q0&@r0&@s15&@tde-DE&@u1600&@b1:145929723&@b3:1715375071&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2F185.193.17.214%2F0.02336489175882639&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.27 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534106.ip-149-56-240.net
Software
/
Resource Hash
6abe93032e65b56a9f14e1d35d4cd32e9ee9173fc5999a9755e008c6ef742b62

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 10 May 2024 21:04:31 GMT
Connection
close
Content-Length
97
Content-Type
text/html;charset=UTF-8
cc_15.js
s10.histats.com/counters/
16 KB
6 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_15.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4273 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b76cdf7169347ad1b4152724086671ef9d7d8c1b4d85aaf3ec7314eda65e3a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:56 GMT
server
cloudflare
age
32477
etag
"-1124130572"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
881ce1d33a5c1e4c-FRA
content-length
6465
admin-ajax.php
185.193.17.214/wp-admin/
136 B
646 B
XHR
General
Full URL
https://185.193.17.214/wp-admin/admin-ajax.php
Requested by
Host: 185.193.17.214
URL: https://185.193.17.214/wp-content/themes/ZManga/assets/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
3e176c43cdbb2c2086f235770f7100b27e55a0b3f9abccc36aa024f45bf33817
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://185.193.17.214/0.02336489175882639
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff, nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Friday, 10-May-2024 21:04:31 GMT
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-cache
From 185.193.17.214
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://185.193.17.214
cache-control
no-cache, must-revalidate, max-age=0, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
x-xss-protection
1; mode=block
expires
Wed, 11 Jan 1984 05:00:00 GMT
cropped-Favicon-32x32.png
185.193.17.214/wp-content/uploads/2023/03/
2 KB
3 KB
Other
General
Full URL
https://185.193.17.214/wp-content/uploads/2023/03/cropped-Favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.193.17.214 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi1753953.contaboserver.net
Software
nginx /
Resource Hash
695a50b1146e24b541f66317578b7a5e0271f001bd1194554d308e5be659e46e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://185.193.17.214/0.02336489175882639
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 21:04:31 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 23 Mar 2024 14:18:26 GMT
server
nginx
etag
"65fee4b2-975"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2421
expires
Sun, 09 Jun 2024 21:04:31 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e02b26b45a3ef527ec86338da9d03e171a635a39b9114468ebf24dc533f5f33e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| $ function| jQuery object| ArcPubLStrings object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| sgpbPublicUrl object| SGPB_JS_LOCALIZATION function| SGPopup function| PopupConfig object| obj object| SGPB_POPUP_PARAMS object| SGPB_JS_PACKAGES object| SGPB_JS_PARAMS function| sgAddEvent function| SGPBPopup function| SgpbEventListener number| SGPB_ORDER function| Sweetalert2 function| swal function| sweetAlert object| favorites_data object| Favorites function| favorites_after_button_submit function| favorites_after_initial_load object| _Hasync object| _0xc27e function| _0xe99c function| ngltdhhwwfexwwebfnlcvaapurunrbwcuvjusgnprljqmfjhzfjzuirxfwxzjyqwuurzmyuhleqqikmezikmez function| hasClass function| addClass function| removeClass function| umdmxpwhdjwhfjamlwjfoajdyvhrrmnejvnauvmwgkvbuxzutrrcqfeghscjqqxqmnokjrvwikmezikmez function| dkhkbzvynwjsboeulvnwzhdzhqcellqurduzmmlnnlbjbzzhexpwwevtqqqruvlzghsnvvfsyvswikmezikmez function| chp_ads_blocker_detector function| fairAdblock function| adsBlocked function| checkMultiple function| init function| fetchResults object| countVars string| disqus_shortname object| jQuery110205459865904540597 object| SGPB_SOUND function| chfh function| chfh2 string| _HST_cntval object| Histats object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint object| DISQUSWIDGETS undefined| disqus_domain object| _HistatsCounterGraphics_15_setValues boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_15 function| histats_canvascounters_base.js

11 Cookies

Domain/Path Name / Value
185.193.17.214/ Name: _ga_FZ8NH74NEP
Value: GS1.1.1715375070.1.0.1715375070.0.0.0
185.193.17.214/ Name: _ga
Value: GA1.1.1374446554.1715375071
185.193.17.214/ Name: HstCfa4863298
Value: 1715375070784
185.193.17.214/ Name: HstCla4863298
Value: 1715375070784
185.193.17.214/ Name: HstCmu4863298
Value: 1715375070784
185.193.17.214/ Name: HstPn4863298
Value: 1
185.193.17.214/ Name: HstPt4863298
Value: 1
185.193.17.214/ Name: HstCnv4863298
Value: 1
185.193.17.214/ Name: HstCns4863298
Value: 1
quaternnerka.com/ Name: GL_UI4
Value: eJw9jU1OwzAYRPOfFprASDkAR0hcCuoScQiWkWN%2FTk0Tu3JMIm6PhQSrGY3e6EVRlDQPiNdij%2FSLn%2FDEuxcpOR%2FO7VkyodirEnQ8HRULM1OKYa%2BX3vNhIp9ht8zc%2Bd6vGQ4jGXJa9MJKqvAYqL%2FlauxmMuSD40ZWyOdATBXKwdltIdekyAyfCcX7xdmQ%2Bcw%2FrUPasefQtQk9bpHYpUnrO5Qf2shwrA9Iurauiwj3t4l7Zd3ca1nEyEfHJSF%2Bw05wT6N13yglLVdvb4CdZP%2FP%2F3rTrWtRSFq1CHLrL%2BR%2BACEiT0k%3D
quaternnerka.com/ Name: GL_GI10
Value: eJwNw9EKgjAUBuCd%2F2IRpPCTzzHYCvLexIuewmyEF23jKIZvXx98xhg0J2IurIO%2FOe%2BvLvjWhQvlTdx7Yko8DFE%2FY9opWhGaKsr0P9M%2B4v6NTyItPHZZS9ZxjZRihVizBbG8GkPZ7PkHTzwVuw%3D%3D

3 Console Messages

Source Level URL
Text
network error URL: https://185.193.17.214/0.02336489175882639
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://185.193.17.214/0.02336489175882639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://185.193.17.214/0.02336489175882639
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
crotpedia-baru.disqus.com
crotpedia.net
fonts.googleapis.com
fonts.gstatic.com
i0.wp.com
pagead2.googlesyndication.com
quaternnerka.com
region1.google-analytics.com
s10.histats.com
s4.histats.com
www.googletagmanager.com
104.17.24.14
149.56.240.27
158.220.106.212
185.193.17.214
192.0.77.2
199.232.192.134
2001:4860:4802:32::36
216.58.212.130
23.109.170.77
2606:4700:10::6814:4273
2a00:1450:4001:80e::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::2008
05d684a81118e1a3a342ac613db1c934994f67750cfe30647eb133893704790d
113500b83a965388babfdb15b9740741f750db1890f6fa3677cf1bcaddd96089
11b76cdf7169347ad1b4152724086671ef9d7d8c1b4d85aaf3ec7314eda65e3a
12ff59b61b2d94ec029a1eda78cbc4b857eb7f7a5e0916bbaa656174b2834a3f
1b69924344adf7d64d2d4e06fad49867dbc58246cded8f2d132bface5a2dbf61
27783c92f0e6ed4a3a641443c8460fc65d97decdcc44c2146d78ce91a4a6906b
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e56185894441064e5f040533ef31b9080a5c196f12de09916581b9ef7291df5
33a252d6393cbd6debe0ac517229c7aa258a0ee68fc0253f8be6a7cee8b65ee9
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
397ef71ffbac051b5536db3f974c25570a73b72e541c3e640c2b1ee2e8137e7a
3c2118bb93bb025feba75e27c07416204fe65986898aaad8fd7643adc2b9561c
3e176c43cdbb2c2086f235770f7100b27e55a0b3f9abccc36aa024f45bf33817
3fe8c79d67b21039a5d059ef40761950fb76e1d17933d61509f7eb3c68f5aeeb
40ff6cf33d75a69fd250cc72092bd59dbdcd88880c0ca230948007f4f4cf1ce0
4483ba181b31ae3b0da032b419ae416a97076deb6e1b753219c591608ca27a99
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
596e00978d5880392bd798b549957a30a59c409885affe284076fc8b253c7c55
5fbdef4b06a2f251d6b53984888d52b3d0029c6d5ee2cf64939afd46fd2baea9
6884674b81f68b9f37fc3c18cfaf83441f7f12b7789ee690b8762ba23689dea6
695a50b1146e24b541f66317578b7a5e0271f001bd1194554d308e5be659e46e
6abe93032e65b56a9f14e1d35d4cd32e9ee9173fc5999a9755e008c6ef742b62
83119d8b6e34c424cbc88305b0fd2d2146d3c5f79e5bdd289d4d55ed35db72d6
8f3fecaef5016488536e64abbebb600b2b7464c9123caf12d835ef00cfccafa6
943f0a8b8e26f2b99a30c211d46c6a292b525f2a0112549245afb5d2e72f187f
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
a56b542481bae3a016638396e12ce00ee8c7002e4b30c959aa9b0f01149a6138
a757256a908cd221551a885b12d46ffd33ef7127101afe4ed3593a33d9bc6fd9
a7a722f36f7d96f637c86ef42579f1952b302338acf2ab9a2a2f27e5a43b5828
c36677910ee7992aac8aef75f16a2e0928a649d265a5be45c0e00f77ee50ee67
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
e0108076470765be9ef1e9b242b8a52ef78c8f4532c7263426abc05ea4b60240
e02b26b45a3ef527ec86338da9d03e171a635a39b9114468ebf24dc533f5f33e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c9e2af7d9c76461c62555e76c3f4f0602b8772dfd6def5a7f3a6c1d14c5000