stfly.me Open in urlscan Pro
2606:4700:3037::681f:53b5 Public Scan

URL:
https://stfly.me/931C5
Submission: On October 06 via api (October 6th 2020, 11:04:39 pm UTC) from US

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 16 domains to perform 35 HTTP transactions. The main IP is 2606:4700:3037::681f:53b5, located in United States and belongs to CLOUDFLARENET, US. The main domain is stfly.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 19th 2020. Valid for: a year.

This is the only time stfly.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3037::681f:53b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
4	139.45.196.80 139.45.196.80	9002 (RETN-AS) (RETN-AS)
1	2600:9000:20e... 2600:9000:20eb:4c00:1a:c7f7:5540:21	16509 (AMAZON-02) (AMAZON-02)
5	139.45.196.41 139.45.196.41	9002 (RETN-AS) (RETN-AS)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	34.196.151.230 34.196.151.230	14618 (AMAZON-AES) (AMAZON-AES)
3	13.224.193.94 13.224.193.94	16509 (AMAZON-02) (AMAZON-02)
1	143.204.201.84 143.204.201.84	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:87b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
1 1	108.168.193.183 108.168.193.183	36351 (SOFTLAYER) (SOFTLAYER)
1	94.31.29.131 94.31.29.131	6461 (ZAYO-6461) (ZAYO-6461)
1	46.105.199.75 46.105.199.75	16276 (OVH) (OVH)
35	16

6 2606:4700:3037::681f:53b5 (United States)

ASN13335 (CLOUDFLARENET, US)

stfly.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.196.80 (Ascension Island)

ASN9002 (RETN-AS, EU)

omchanseyr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:4c00:1a:c7f7:5540:21 (United States)

ASN16509 (AMAZON-02, US)

d38itq6vdv6gr9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.196.41 (Ascension Island)

ASN9002 (RETN-AS, EU)

cdn.uponelectabuzzor.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.151.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-151-230.compute-1.amazonaws.com

tabookbusines.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.193.94 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-94.fra2.r.cloudfront.net

eevidespre.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.84 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-84.fra53.r.cloudfront.net

horiticalagen.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:87b (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (Ascension Island)

ASN9002 (RETN-AS, EU)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.168.193.183 (Dallas, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.c1.a86c.ip4.static.sl-reverse.com

ngp1.intnotif.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.131 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.131.IPYX-077437-ZYO.above.net

www.ssaimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.199.75 (France)

ASN16276 (OVH, FR)

cdn.adx1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	stfly.me stfly.me	74 KB
5	google.com www.google.com	35 KB
5	uponelectabuzzor.club cdn.uponelectabuzzor.club	123 KB
4	omchanseyr.com omchanseyr.com	22 KB
3	eevidespre.top eevidespre.top	5 KB
2	wowreality.info o.wowreality.info	395 B
1	adx1.com cdn.adx1.com	25 KB
1	ssaimg.com www.ssaimg.com	4 KB
1	intnotif.club ngp1.intnotif.club Failed	183 B
1	lalaping.com static.lalaping.com	32 KB
1	horiticalagen.club horiticalagen.club	366 B
1	tabookbusines.info tabookbusines.info	16 KB
1	gstatic.com fonts.gstatic.com	9 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	cloudfront.net d38itq6vdv6gr9.cloudfront.net	35 KB
1	googleapis.com fonts.googleapis.com	987 B
35	16

	Domain	Requested by
6	stfly.me	stfly.me ajax.cloudflare.com
5	www.google.com	stfly.me
5	cdn.uponelectabuzzor.club	stfly.me cdn.uponelectabuzzor.club
4	omchanseyr.com	stfly.me omchanseyr.com
3	eevidespre.top	d38itq6vdv6gr9.cloudfront.net
2	o.wowreality.info	static.lalaping.com
1	cdn.adx1.com
1	www.ssaimg.com
1	ngp1.intnotif.club
1	static.lalaping.com	cdn.uponelectabuzzor.club
1	horiticalagen.club	stfly.me
1	tabookbusines.info	stfly.me
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.cloudflare.com	stfly.me
1	d38itq6vdv6gr9.cloudfront.net	stfly.me
1	fonts.googleapis.com	stfly.me
35	16

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-19` - `2021-06-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
omchanseyr.com Let's Encrypt Authority X3	`2020-07-28` - `2020-10-26`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.uponelectabuzzor.club Let's Encrypt Authority X3	`2020-07-24` - `2020-10-22`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
tabookbusines.info Let's Encrypt Authority X3	`2020-09-23` - `2020-12-22`	3 months	crt.sh
eevidespre.top Amazon	`2020-10-04` - `2021-11-03`	a year	crt.sh
horiticalagen.club Amazon	`2020-09-06` - `2021-10-06`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
o.wowreality.info Let's Encrypt Authority X3	`2020-08-15` - `2020-11-13`	3 months	crt.sh
www.ssaimg.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-12` - `2022-04-14`	2 years	crt.sh
cdn.adx1.com Let's Encrypt Authority X3	`2020-09-02` - `2020-12-01`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://stfly.me/931C5
Frame ID: B2EAAF383E32196C81FF60B43DF6F4EB
Requests: 28 HTTP requests in this frame

Frame: https://omchanseyr.com/fac.php
Frame ID: 0EF7DEDA4375B2CE4367302D1109D8DD
Requests: 1 HTTP requests in this frame

Frame: https://eevidespre.top/SUM0NXUoIVdYSih+VhMAOy8JEEcPZgZzEXp7XUEEfzVQQ0MuMQ0bFiUsQVETOyxaQVsnJkAQRw8Je3JMHxR8RRcIB0cQRwsRYUIyBBRidjQfO1lsIAQmdmYsegVxXSYOEQFlIAh3Z3sgcCV2ciM9E1wBFwU5TH02IigBeicbJWFbOHAFckEmEwsAVy0IcltXMzEOfE8aMxEEBTcEFwRWIBgGQ2UzMQ1wWBJ4BWF8MgYXZVc9H3NgVyMYCmdYESYWWGA6BylxYCEIAll4M3EPeG03OBBYcDcAFwRiPR9yWHsnPSFnWBEmBWFBPhNxU3Y9H3JYVCA5LWxYWAwLYE0zAhkGUhcaAQwAJRhyUHEhfTtwXUQtBgYEPw1zclgXJXt/bUZ5OXFeAgoMbAQ8LHNEWxQLGWZ3MQt6Z3QSAA5wRicfc25CFCIzVncMKnByBEQCGUwANgpzclkRInd+bUcTcWB0GQIZBlI/HhJfBT4hDlBtJwc3Z2RMCxlZABYdFX0THzosWkVIBQUBXRQOLgFSHnl2cA
Frame ID: BAC6C2D60EB1F924C9C7B23581AF7871
Requests: 1 HTTP requests in this frame

Frame: https://www.ssaimg.com/~lDwrnvAdJts/9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7.png
Frame ID: 73D33AE1BC3B31094E1D4A42B663C53F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

35
Requests

97 %
HTTPS

44 %
IPv6

16
Domains

16
Subdomains

16
IPs

5
Countries

387 kB
Transfer

1020 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://ngp1.intnotif.club/adServe/wpnFeed/getImage?ai=BNdG0VyVM1Gu5zTofLxYwlt248FJq917Hy1WQF77YQqEqPUJWXM0RNGbZDOZtxltGvQr_ZmJTzMdtwQ0JepOuax_kfbd4fxPoq5j2_ioPXD8SRrDshmUeZ9tJVU0tWTVC6XYdpXy4mN1BTi3-pRjL-919RoRkfzePbCwSTGEfdMLMKvK1b9FbyrK-GGBPN46zfTRxinZ9teg-5UU7nZBtoH49u_hyZF_Ijl-jLjI3M5HEzTJoK1DBE7plBcqmzQ4dbg2u0RI-6e3QoECx4ZuPtuD1c_GctQMoR3Kcig5k7_4SJRNkJ2_QCbIPDuwBCvsoaE3I_XCSBgZ-3nWVMJJ3zjBYHeRnnmp93Z7RuCQ6zrXJAeNMC7WLnkJqpVMATHBt6ZcGxQYNoUfiMpEzUq2ncbG5aJvBj0ErsUoD-PxEVOIedDy2Xr1mxGV-qQtd1gLLa0UWVGSTKcpUgZNHAqAUMcazqyNeWQSuo_mmjUvVf_LOh-PI-KQ53NBLv2Tt8G0KEpZuV2EwB-Q6KBN6uHP6lJ_GDZszYsawH_P9YfzNe9N6VWN1BeEhWyvWo5elBrOuQRyY5UPQn43Mv4U10y83ZX2as8d9u4b HTTP 302
https://www.ssaimg.com/~lDwrnvAdJts/9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7.png

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 931C5 Show response
stfly.me/ 2 KB
1 KB 271ms
241ms Document
text/html 2606:4700:3037::681f:53b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stfly.me/931C5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:53b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e585f983a6aa6da808fd8dd2556d8ccbf537d2495c3d391ee9be0f40d54fe45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: stfly.me
:scheme: https
:path: /931C5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 06 Oct 2020 23:04:21 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df39046432d2408ebd618d69a78bada321602025461; expires=Thu, 05-Nov-20 23:04:21 GMT; path=/; domain=.stfly.me; HttpOnly; SameSite=Lax; Secure
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-request-id: 05a1c1adfb00002b7deb177200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602025461"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5de3055ccddf2b7d-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 12 KB
987 B 22ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Requested by

Host: stfly.me
URL: https://stfly.me/931C5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8be5c6301da1b9998a2eda72be2f3fa24ae903241e176be45031da127cb7f4ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 21:05:32 GMT
server: ESF
date: Tue, 06 Oct 2020 23:04:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Oct 2020 23:04:21 GMT

GET
H2 200 bootstrap.min.css
stfly.me/customfiles/ 108 KB
16 KB 25ms
19ms Stylesheet
text/css 2606:4700:3037::681f:53b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stfly.me/customfiles/bootstrap.min.css

Requested by

Host: stfly.me
URL: https://stfly.me/931C5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:53b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83521aad7c96625246ef4168f1d84d12b0652e8eb61ad0875066fee1fa797daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 23:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 43257
status: 200
vary: Accept-Encoding,User-Agent
cf-request-id: 05a1c1aefe00002b7deb183200000001
last-modified: Tue, 06 Oct 2020 10:59:12 GMT
server: cloudflare
etag: W/"1ae1b-5b0fe7d3703c3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602025462"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5de3055e68b22b7d-FRA
expires: Thu, 05 Nov 2020 11:03:24 GMT

GET
H2 200 main.css
stfly.me/customfiles/ 24 KB
5 KB 18ms
13ms Stylesheet
text/css 2606:4700:3037::681f:53b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stfly.me/customfiles/main.css

Requested by

Host: stfly.me
URL: https://stfly.me/931C5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:53b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89e38ae45e4ab6870530ad77bc793c32dcb03a600156b9930ffe3104f6702b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 23:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 43257
status: 200
cf-bgj: minify
cf-request-id: 05a1c1aeff00002b7deb184200000001
last-modified: Tue, 06 Oct 2020 10:59:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61d1-5b0fe7d370b93-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602025462"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5de3055e68b52b7d-FRA
expires: Thu, 05 Nov 2020 11:03:24 GMT

GET
H2 200 custom.css
stfly.me/customfiles/ 47 KB
18 KB 22ms
17ms Stylesheet
text/css 2606:4700:3037::681f:53b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stfly.me/customfiles/custom.css

Requested by

Host: stfly.me
URL: https://stfly.me/931C5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:53b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b62d3ff7ec9f5543b6d6a2429170ed375b550d869b90d9886464143cd89b83ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 23:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 43257
status: 200
cf-bgj: minify
cf-request-id: 05a1c1aeff00002b7deb185200000001
last-modified: Tue, 06 Oct 2020 10:59:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"bddd-5b0fe7d370b93-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602025462"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5de3055e68b82b7d-FRA
expires: Thu, 05 Nov 2020 11:03:24 GMT

GET
H/1.1 200
OK apu.php Show response
omchanseyr.com/ 61 KB
22 KB 73ms
21ms Script
application/javascript 139.45.196.80
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://omchanseyr.com/apu.php?zoneid=3381289

Requested by

Host: stfly.me
URL: https://stfly.me/931C5

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.80 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

08de179c683515890ed3dfa227bf05e5705455cead325b4c12cdabadf88d8848

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 06 Oct 2020 23:04:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: df256679d87c716458d1ebcbf8cee2c5
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 service-worker.js Show response
stfly.me/ 93 KB
34 KB 26ms
22ms Script
application/javascript 2606:4700:3037::681f:53b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stfly.me/service-worker.js

Requested by

Host: stfly.me
URL: https://stfly.me/931C5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:53b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b07896066a93d42080d1e46f1258421a2b89a91be490e4a53d33aa86604f8329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 23:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 689193
cf-polished: origSize=95651
status: 200
cf-request-id: 05a1c1aeff00002b7deb186200000001
expires: Wed, 28 Oct 2020 23:37:48 GMT
last-modified: Sat, 25 Apr 2020 13:55:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"175a3-5a41dd5d3fd00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602025462"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5de3055e68ba2b7d-FRA
cf-bgj: minify

GET
H2 200 / Show response
d38itq6vdv6gr9.cloudfront.net/ 95 KB
35 KB 187ms
155ms Script
text/plain 2600:9000:20eb:4c00:1a:c7f7:5540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38itq6vdv6gr9.cloudfront.net/?vqtid=893399
Requested by: Host: stfly.me
URL: https://stfly.me/931C5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4c00:1a:c7f7:5540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 992a713ceb69bacadbdb1a5d3b27f68eacbb301e1352808d3df168f0f0a0278e

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Oct 2020 23:04:21 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 35570
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
x-amz-cf-id: tlM8CA2gWATftW4seojCGjjMWosm73fpjmP_JD_dadIqIIPVOsC0og==

GET
H2 200 1 Show response
cdn.uponelectabuzzor.club/ 7 KB
4 KB 63ms
15ms Script
text/javascript 139.45.196.41
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.uponelectabuzzor.club/1?z=3381275
Requested by: Host: stfly.me
URL: https://stfly.me/931C5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.41 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: 685fee9c572408b5bceccb5aa174fc2e9cb99fa2b25793e586d5cea118fcef46

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Oct 2020 23:04:21 GMT
content-encoding: gzip
x-sc: F5oHF8jDb4zZUSX3Pt25DgXNiCzR9m1taaSzIqIGUCfuTE3v_NDk6PBGSg-Dtz9WHTnC2P9YBipydQkt4ARe0BPSy1c=
server: nginx
status: 200
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 12ms
9ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: stfly.me
URL: https://stfly.me/931C5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 23:04:21 GMT
content-encoding: gzip
vary: Accept-Encoding
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05a1c1aeff0000062d2dba8200000001
last-modified: Thu, 01 Oct 2020 22:18:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f7655a1-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602025462"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5de3055e6daf062d-FRA
expires: Thu, 08 Oct 2020 23:04:21 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://stfly.me
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:23:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 16865
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:23:16 GMT

GET
H2 200 bllQRFMVeyMzDBsrPGZpTDEkMCMdY39rIBo%2FPD19Azx%2FNzYcLzknNkMuPzY4Cyt%2BLiBMdXI3Pgh7anV%2FTC0xIwwHPXJ%2BcVZrZHdjXnt8ZiAbOw8tN1x7amZmDGw0fWZaYX0iY1k6fXBgXG19fDcLa310awpqZ3BhWz0zJWJMJA Show response
tabookbusines.info/ 38 KB
16 KB 2184ms
111ms Script
application/javascript 34.196.151.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tabookbusines.info/bllQRFMVeyMzDBsrPGZpTDEkMCMdY39rIBo%2FPD19Azx%2FNzYcLzknNkMuPzY4Cyt%2BLiBMdXI3Pgh7anV%2FTC0xIwwHPXJ%2BcVZrZHdjXnt8ZiAbOw8tN1x7amZmDGw0fWZaYX0iY1k6fXBgXG19fDcLa310awpqZ3BhWz0zJWJMJA
Requested by: Host: stfly.me
URL: https://stfly.me/service-worker.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.196.151.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-151-230.compute-1.amazonaws.com
Software: / Express
Resource Hash: d709f60e354f7e19d85948f6b641289a991fdff7b1f06e2a5b61303a0c63bb21

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"9848-N6QewCAa41XBaaScZXnR6NTgEcU"
status: 200
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

OPTIONS
H/1.1 204
No Content options
omchanseyr.com/ Frame 0
0 2096ms
2050ms Other 139.45.196.80
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://omchanseyr.com/options?option_args=CKmwzgESIGJjMDM5NjM1Y2VkZjQxYjc5M2VlYTFkNDdiNTExN2EwGixodHRwOi8vb21jaGFuc2V5ci5jb20vYXB1LnBocD96b25laWQ9MzM4MTI4OSIWaHR0cHM6Ly9zdGZseS5tZS85MzFDNQ==

Protocol

HTTP/1.1

Server

139.45.196.80 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://stfly.me
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 06 Oct 2020 23:04:23 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://stfly.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

POST
H/1.1 200
OK options Show response
omchanseyr.com/ 0
675 B 16ms
16ms XHR
text/html 139.45.196.80
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://omchanseyr.com/options?option_args=CKmwzgESIGJjMDM5NjM1Y2VkZjQxYjc5M2VlYTFkNDdiNTExN2EwGixodHRwOi8vb21jaGFuc2V5ci5jb20vYXB1LnBocD96b25laWQ9MzM4MTI4OSIWaHR0cHM6Ly9zdGZseS5tZS85MzFDNQ==

Requested by

Host: omchanseyr.com
URL: https://omchanseyr.com/apu.php?zoneid=3381289

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.80 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Tue, 06 Oct 2020 23:04:23 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 0
X-Trace-Id: 0930428e6d9a42a72fb3819b299e96ba
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=utf8
Access-Control-Allow-Origin: https://stfly.me
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 204
No Content fac.php
omchanseyr.com/ Frame 0EF7 0
0 21ms
20ms Document
text/html 139.45.196.80
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://omchanseyr.com/fac.php

Requested by

Host: omchanseyr.com
URL: https://omchanseyr.com/apu.php?zoneid=3381289

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.80 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: omchanseyr.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://stfly.me/931C5
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://stfly.me/931C5

Response headers

Server: nginx
Date: Tue, 06 Oct 2020 23:04:21 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: f496738ffc68d6c7e68be259796b6cc3
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H2 204 utx Show response
eevidespre.top/ 0
408 B 2091ms
112ms XHR
text/plain 13.224.193.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eevidespre.top/utx?cb=u1QQxbwKfAJS&top=stfly.me&tid=893399
Requested by: Host: d38itq6vdv6gr9.cloudfront.net
URL: https://d38itq6vdv6gr9.cloudfront.net/?vqtid=893399
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-94.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Oct 2020 23:04:23 GMT
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://stfly.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: BcW7Ujww62W9R-HiwbOS09MVhtiiFlxnfajgbNbj3MJ30_49mmDltg==

GET
H2 200 HhJfBT4hDlBtJwc3Z2RMCxlZABYdFX0THzosWkVIBQUBXRQOLgFSHnl2cA
eevidespre.top/SUM0NXUoIVdYSih+VhMAOy8JEEcPZgZzEXp7XUEEfzVQQ0MuMQ0bFiUsQVETOyxaQVsnJkAQRw8Je3JMHxR8RRcIB0cQRwsRYUIyBBRidjQfO1lsIAQmdmYsegVxXSYOEQFlIAh3Z3sgcCV2ciM9E1wBFwU5TH02IigBeicbJWFbOHAFckEmEw... Frame BAC6 0
0 2058ms
112ms Document
text/html 13.224.193.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eevidespre.top/SUM0NXUoIVdYSih+VhMAOy8JEEcPZgZzEXp7XUEEfzVQQ0MuMQ0bFiUsQVETOyxaQVsnJkAQRw8Je3JMHxR8RRcIB0cQRwsRYUIyBBRidjQfO1lsIAQmdmYsegVxXSYOEQFlIAh3Z3sgcCV2ciM9E1wBFwU5TH02IigBeicbJWFbOHAFckEmEwsAVy0IcltXMzEOfE8aMxEEBTcEFwRWIBgGQ2UzMQ1wWBJ4BWF8MgYXZVc9H3NgVyMYCmdYESYWWGA6BylxYCEIAll4M3EPeG03OBBYcDcAFwRiPR9yWHsnPSFnWBEmBWFBPhNxU3Y9H3JYVCA5LWxYWAwLYE0zAhkGUhcaAQwAJRhyUHEhfTtwXUQtBgYEPw1zclgXJXt/bUZ5OXFeAgoMbAQ8LHNEWxQLGWZ3MQt6Z3QSAA5wRicfc25CFCIzVncMKnByBEQCGUwANgpzclkRInd+bUcTcWB0GQIZBlI/HhJfBT4hDlBtJwc3Z2RMCxlZABYdFX0THzosWkVIBQUBXRQOLgFSHnl2cA
Requested by: Host: d38itq6vdv6gr9.cloudfront.net
URL: https://d38itq6vdv6gr9.cloudfront.net/?vqtid=893399
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-94.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

:method: GET
:authority: eevidespre.top
:scheme: https
:path: /SUM0NXUoIVdYSih+VhMAOy8JEEcPZgZzEXp7XUEEfzVQQ0MuMQ0bFiUsQVETOyxaQVsnJkAQRw8Je3JMHxR8RRcIB0cQRwsRYUIyBBRidjQfO1lsIAQmdmYsegVxXSYOEQFlIAh3Z3sgcCV2ciM9E1wBFwU5TH02IigBeicbJWFbOHAFckEmEwsAVy0IcltXMzEOfE8aMxEEBTcEFwRWIBgGQ2UzMQ1wWBJ4BWF8MgYXZVc9H3NgVyMYCmdYESYWWGA6BylxYCEIAll4M3EPeG03OBBYcDcAFwRiPR9yWHsnPSFnWBEmBWFBPhNxU3Y9H3JYVCA5LWxYWAwLYE0zAhkGUhcaAQwAJRhyUHEhfTtwXUQtBgYEPw1zclgXJXt/bUZ5OXFeAgoMbAQ8LHNEWxQLGWZ3MQt6Z3QSAA5wRicfc25CFCIzVncMKnByBEQCGUwANgpzclkRInd+bUcTcWB0GQIZBlI/HhJfBT4hDlBtJwc3Z2RMCxlZABYdFX0THzosWkVIBQUBXRQOLgFSHnl2cA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://stfly.me/931C5
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://stfly.me/931C5

Response headers

status: 200
content-type: text/html
content-length: 1233
date: Tue, 06 Oct 2020 23:04:23 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Pwn3blvD1w-2uXNsqKKjNcj6HU3lDy3vGkJ96ywJNueyhNzSdlbP3w==

GET
H2 200 modernizr.min.js Show response
stfly.me/customfiles/ 1 KB
816 B 11ms
11ms Script
application/javascript 2606:4700:3037::681f:53b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stfly.me/customfiles/modernizr.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:53b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

147b08aa6afaa0b704ebedb56d0b146a7e33600a971e5d20773b3371db70be11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 23:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 43257
status: 200
vary: Accept-Encoding,User-Agent
cf-request-id: 05a1c1affa00002b7deb18f200000001
last-modified: Tue, 06 Oct 2020 10:59:12 GMT
server: cloudflare
etag: W/"5f6-5b0fe7d370f7b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602025462"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5de3055ffad02b7d-FRA
expires: Thu, 05 Nov 2020 11:03:24 GMT

GET
H2 200 8f395e8b492cdc5aba57254a9ff7bf5e Show response
cdn.uponelectabuzzor.club/27/ 360 KB
118 KB 1899ms
1898ms Script
application/javascript 139.45.196.41
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.uponelectabuzzor.club/27/8f395e8b492cdc5aba57254a9ff7bf5e

Requested by

Host: cdn.uponelectabuzzor.club
URL: https://cdn.uponelectabuzzor.club/1?z=3381275

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.41 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

d1a772ee487577d614860d261bad0fb67d590c10cdfba34f65dffc5aef39befe

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 23:04:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Sep 2020 07:12:55 GMT
server: nginx
status: 200
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Tue, 29 Oct 2080 07:12:55 GMT

GET
H2 200 38 Show response
cdn.uponelectabuzzor.club/42/ 0
584 B 1945ms
1945ms Script
text/plain 139.45.196.41
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.uponelectabuzzor.club/42/38?z=3381275
Requested by: Host: cdn.uponelectabuzzor.club
URL: https://cdn.uponelectabuzzor.club/1?z=3381275
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.41 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Oct 2020 23:04:23 GMT
x-sc: QFuluIp9IZjM9WBHiaON-52H8ZosiGIQLr4aCNo2sy_IpVp_5R5OKGE3FWMvSa_7C4ky4CDHL2hjzoHZVjV78FTuBU0=
server: nginx
status: 200
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 popunder.gif
horiticalagen.club/ 35 B
366 B 1680ms
114ms Image
image/gif 143.204.201.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://horiticalagen.club/popunder.gif
Requested by: Host: stfly.me
URL: https://stfly.me/931C5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-84.fra53.r.cloudfront.net
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Tue, 06 Oct 2020 23:04:23 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
status: 200
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
content-length: 58
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
x-amz-cf-id: kiiZwvsT7hnfOoYk1qp6W_mItMegQIpJowuSTV9kmFJkatUctz2VnA==

OPTIONS
H2 204 9
cdn.uponelectabuzzor.club/ Frame 0
0 54ms
19ms Other 139.45.196.41
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.uponelectabuzzor.club/9?z=3381275&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fstfly.me%2F931C5&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=2&ist=0
Protocol: H2
Server: 139.45.196.41 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://stfly.me
Sec-Fetch-Mode: cors

Response headers

status: 204
server: nginx
date: Tue, 06 Oct 2020 23:04:23 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://stfly.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ 81 KB
32 KB 30ms
15ms Script
application/javascript 2606:4700:20::681a:87b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: cdn.uponelectabuzzor.club
URL: https://cdn.uponelectabuzzor.club/27/8f395e8b492cdc5aba57254a9ff7bf5e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:87b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d4c1a5cb08881bd2e504662656c8b2007d4fd18b3ed716dee3a7ef9aec5e2c4

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 23:04:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Jul 2020 11:58:43 GMT
server: cloudflare
age: 24
etag: W/"5f05b4f3-14294"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5de3056c9b492bce-FRA
cf-request-id: 05a1c1b7e300002bcecc2d8200000001

POST
H2 204 9 Show response
cdn.uponelectabuzzor.club/ 0
592 B 17ms
17ms XHR
text/plain 139.45.196.41
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.uponelectabuzzor.club/9?z=3381275&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fstfly.me%2F931C5&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=2&ist=0
Requested by: Host: cdn.uponelectabuzzor.club
URL: https://cdn.uponelectabuzzor.club/27/8f395e8b492cdc5aba57254a9ff7bf5e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.41 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 06 Oct 2020 23:04:23 GMT
x-sc: cm1TYtqSA8ydrnTwgwzCG_rmUdyH-uRp8S0NXd4xFKb_aKTYVBmmWNVC9ddbkpdEPat_uM4z6ahgnuo0NQ1N0gWpXKA=
server: nginx
status: 204
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://stfly.me
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 44ms
43ms Image
image/png 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: stfly.me
URL: https://stfly.me/931C5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 23:04:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Tue, 06 Oct 2020 23:04:23 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 41ms
40ms Image
image/png 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: stfly.me
URL: https://stfly.me/931C5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 23:04:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Tue, 06 Oct 2020 23:04:23 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 50ms
49ms Image
image/png 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: stfly.me
URL: https://stfly.me/931C5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 23:04:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Tue, 06 Oct 2020 23:04:23 GMT

GET
H2 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 44ms
43ms Image
image/png 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: stfly.me
URL: https://stfly.me/931C5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 23:04:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Tue, 06 Oct 2020 23:04:23 GMT

GET
H2 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 41ms
41ms Image
image/png 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: stfly.me
URL: https://stfly.me/931C5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 23:04:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Tue, 06 Oct 2020 23:04:23 GMT

GET
H2 200 floater Show response
eevidespre.top/ 6 KB
5 KB 628ms
627ms XHR
text/plain 13.224.193.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eevidespre.top/floater?tid=893399&red=1&cs=TjhpazV%2FDloJDXdZC10DdgFcWwV%2B&abt=0&v=0.5.50.2&sm=83&k=&sts=0&prn=0&emb=0&fs=1&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fstfly.me%2F931C5&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&tzd=2&uloc=&if=0&_UmWj=1602025463845&crc=1
Requested by: Host: d38itq6vdv6gr9.cloudfront.net
URL: https://d38itq6vdv6gr9.cloudfront.net/?vqtid=893399
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-94.fra2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: a1b8df5bce742d2e46c5234f0f17a54f6b3dab921736548bd1db3bcb1997dec2

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Oct 2020 23:04:24 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: FRA2-C1
status: 200
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://stfly.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: text/plain
content-length: 4400
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-id: nF2xkVSxmbn835idCvH0Yei-byCzxNgwHSZHUpM0IVCNsP4wqz2OAQ==

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 63ms
31ms Other 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://stfly.me
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 06 Oct 2020 23:04:25 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://stfly.me

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
395 B 59ms
28ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stfly.me/931C5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Tue, 06 Oct 2020 23:04:25 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://stfly.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

GET getImage
ngp1.intnotif.club/adServe/wpnFeed/ 0
0

GET
H2

200

9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7.png
www.ssaimg.com/~lDwrnvAdJts/ Frame 73D3
Redirect Chain

https://ngp1.intnotif.club/adServe/wpnFeed/getImage?ai=BNdG0VyVM1Gu5zTofLxYwlt248FJq917Hy1WQF77YQqEqPUJWXM0RNGbZDOZtxltGvQr_ZmJTzMdtwQ0JepOuax_kfbd4fxPoq5j2_ioPXD8SRrDshmUeZ9tJVU0tWTVC6XYdpXy4mN1BT...
https://www.ssaimg.com/~lDwrnvAdJts/9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7.png

4 KB
4 KB

65ms
15ms

Image
image/png

94.31.29.131
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ssaimg.com/~lDwrnvAdJts/9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.131 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.131.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 23:04:27 GMT
last-modified: Thu, 01 Oct 2020 11:38:48 GMT
server: NetDNA-cache/2.2
etag: "5f75bfc8-102d"
x-cache: HIT
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 4141

Redirect headers

status: 302
date: Tue, 06 Oct 2020 23:04:26 GMT
server: nginx
access-control-allow-origin: *
content-length: 0
location: https://www.ssaimg.com/~lDwrnvAdJts/9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7.png
access-control-allow-methods: POST

GET
H2 200 6acf4266ebe2b1edcdc25b3b9e451ecf.png
cdn.adx1.com/ Frame 73D3 24 KB
25 KB 86ms
36ms Image
image/png 46.105.199.75
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adx1.com/6acf4266ebe2b1edcdc25b3b9e451ecf.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.199.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 8fc22626a2c0d84180ce8ae5305edcb1dadc961d941e38619223d5889a7920cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 17:33:32 GMT
last-modified: Tue, 11 Aug 2020 08:27:11 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "5f32565f-61ad"
x-cacheable: Matched cache
content-type: image/png
status: 200
cache-control: max-age=1209600
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 25005
x-request-id: 246448194
expires: Sun, 11 Oct 2020 17:33:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ngp1.intnotif.club
URL: https://ngp1.intnotif.club/adServe/wpnFeed/getImage?ai=BNdG0VyVM1Gu5zTofLxYwlt248FJq917Hy1WQF77YQqEqPUJWXM0RNGbZDOZtxltGvQr_ZmJTzMdtwQ0JepOuax_kfbd4fxPoq5j2_ioPXD8SRrDshmUeZ9tJVU0tWTVC6XYdpXy4mN1BTi3-pRjL-919RoRkfzePbCwSTGEfdMLMKvK1b9FbyrK-GGBPN46zfTRxinZ9teg-5UU7nZBtoH49u_hyZF_Ijl-jLjI3M5HEzTJoK1DBE7plBcqmzQ4dbg2u0RI-6e3QoECx4ZuPtuD1c_GctQMoR3Kcig5k7_4SJRNkJ2_QCbIPDuwBCvsoaE3I_XCSBgZ-3nWVMJJ3zjBYHeRnnmp93Z7RuCQ6zrXJAeNMC7WLnkJqpVMATHBt6ZcGxQYNoUfiMpEzUq2ncbG5aJvBj0ErsUoD-PxEVOIedDy2Xr1mxGV-qQtd1gLLa0UWVGSTKcpUgZNHAqAUMcazqyNeWQSuo_mmjUvVf_LOh-PI-KQ53NBLv2Tt8G0KEpZuV2EwB-Q6KBN6uHP6lJ_GDZszYsawH_P9YfzNe9N6VWN1BeEhWyvWo5elBrOuQRyY5UPQn43Mv4U10y83ZX2as8d9u4b

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.stfly.me/	1970-01-19 13:43:37	Name: __cfduid Value: df39046432d2408ebd618d69a78bada321602025461

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
cdn.adx1.com
cdn.uponelectabuzzor.club
d38itq6vdv6gr9.cloudfront.net
eevidespre.top
fonts.googleapis.com
fonts.gstatic.com
horiticalagen.club
ngp1.intnotif.club
o.wowreality.info
omchanseyr.com
static.lalaping.com
stfly.me
tabookbusines.info
www.google.com
www.ssaimg.com
ngp1.intnotif.club
108.168.193.183
13.224.193.94
139.45.195.254
139.45.196.41
139.45.196.80
143.204.201.84
2600:9000:20eb:4c00:1a:c7f7:5540:21
2606:4700:20::681a:87b
2606:4700:3037::681f:53b5
2606:4700::6810:a723
2a00:1450:4001:808::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2004
34.196.151.230
46.105.199.75
94.31.29.131
08de179c683515890ed3dfa227bf05e5705455cead325b4c12cdabadf88d8848
147b08aa6afaa0b704ebedb56d0b146a7e33600a971e5d20773b3371db70be11
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
4e585f983a6aa6da808fd8dd2556d8ccbf537d2495c3d391ee9be0f40d54fe45
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
685fee9c572408b5bceccb5aa174fc2e9cb99fa2b25793e586d5cea118fcef46
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83521aad7c96625246ef4168f1d84d12b0652e8eb61ad0875066fee1fa797daf
89e38ae45e4ab6870530ad77bc793c32dcb03a600156b9930ffe3104f6702b25
8be5c6301da1b9998a2eda72be2f3fa24ae903241e176be45031da127cb7f4ac
8d4c1a5cb08881bd2e504662656c8b2007d4fd18b3ed716dee3a7ef9aec5e2c4
8fc22626a2c0d84180ce8ae5305edcb1dadc961d941e38619223d5889a7920cc
9174ab3ac4e83931e76281a9773fa2f08a39cce63e890e30fff3817773f513d7
992a713ceb69bacadbdb1a5d3b27f68eacbb301e1352808d3df168f0f0a0278e
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a1b8df5bce742d2e46c5234f0f17a54f6b3dab921736548bd1db3bcb1997dec2
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
b07896066a93d42080d1e46f1258421a2b89a91be490e4a53d33aa86604f8329
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b62d3ff7ec9f5543b6d6a2429170ed375b550d869b90d9886464143cd89b83ef
d1a772ee487577d614860d261bad0fb67d590c10cdfba34f65dffc5aef39befe
d709f60e354f7e19d85948f6b641289a991fdff7b1f06e2a5b61303a0c63bb21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

stfly.me Open in urlscan Pro 2606:4700:3037::681f:53b5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

35 Requests

97 %HTTPS

44 %IPv6

16 Domains

16 Subdomains

16 IPs

5 Countries

387 kBTransfer

1020 kBSize

1 Cookies

0 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

stfly.me Open in urlscan Pro
2606:4700:3037::681f:53b5 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

97 %
HTTPS

44 %
IPv6

16
Domains

16
Subdomains

16
IPs

5
Countries

387 kB
Transfer

1020 kB
Size

1
Cookies

35 HTTP transactions
0 data transactions