urlscan.io logo urlscan.io
SecurityTrails logo

flustar.com Open in urlscan Pro
54.85.1.141  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://flustar.com/
Effective URL: https://flustar.com/
Submission: On March 08 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 15 domains to perform 54 HTTP transactions. The main IP is 54.85.1.141, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is flustar.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 21st 2020. Valid for: a year.
This is the only time flustar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

21    54.85.1.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-1-141.compute-1.amazonaws.com
flustar.com
1    2a02:26f0:3500:17::1724:a2c5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
users.api.jeeng.com
1    151.101.65.195 (United States)

ASN54113 (FASTLY, US)
sdk.jeeng.com
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
1    46.228.164.13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
3    104.84.56.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-112.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
cdn.adpushup.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googletagservices.com
4    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    23.218.209.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-154.deploy.static.akamaitechnologies.com
z.moatads.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
21 flustar.com 1 redirects flustar.com
5 pagead2.googlesyndication.com flustar.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 e3.adpushup.com cdn.adpushup.com
flustar.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 cdn.adpushup.com flustar.com
cdn.adpushup.com
2 www.google-analytics.com flustar.com
2 s7.addthis.com flustar.com
s7.addthis.com
2 securepubads.g.doubleclick.net flustar.com
securepubads.g.doubleclick.net
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.de flustar.com
1 www.google.com flustar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d.turn.com flustar.com
1 sdk.jeeng.com flustar.com
1 users.api.jeeng.com flustar.com
54 22

This site contains links to these domains. Also see Links.

Domain
leafletjs.com
www.asthmaforecast.com
www.addthis.com
Subject Issuer Validity Valid
Flustar.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-21 -
2022-01-21		 a year crt.sh
cert-00012-cdnedge-bluemix.akamaized.net
R3		 2021-01-18 -
2021-04-18		 3 months crt.sh
www.qianhetong.com.cn
GTS CA 1D2		 2021-02-15 -
2021-05-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.turn.com
DigiCert SHA2 Secure Server CA		 2020-03-18 -
2021-04-19		 a year crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2021-04-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.adpushup.com
GlobalSign RSA OV SSL CA 2018		 2020-09-03 -
2021-10-05		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://flustar.com/
Frame ID: 84F5DB23C33E6F83FF30F5C0DDF45706
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
Frame ID: AB9B3E1A514935BC1719C684D091CB12
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9400844359034485&output=html&adk=1812271804&adf=3025194257&lmt=1615217767&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fflustar.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615217767780&bpp=28&bdt=477&idt=125&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4476206383745&frm=20&pv=2&ga_vid=1909535731.1615217768&ga_sid=1615217768&ga_hid=597125531&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C21068084&oid=3&pvsid=1953180909089771&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=160
Frame ID: 869325547EB980B729A150AF7BD36171
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: AD4F3CE31CF39E5FBA8C2DDED467A2EB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://flustar.com/ HTTP 301
    https://flustar.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

54
Requests

100 %
HTTPS

50 %
IPv6

15
Domains

22
Subdomains

20
IPs

5
Countries

1701 kB
Transfer

5684 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://flustar.com/ HTTP 301
    https://flustar.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
flustar.com/
Redirect Chain
  • http://flustar.com/
  • https://flustar.com/
20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flustar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
63a7ec84177f1b582f8640888b8810261ed9e829e1e4dbbd2e47bd7a40d097fa

Request headers

Host
flustar.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
Date
Mon, 08 Mar 2021 15:36:02 GMT
Content-Length
6526

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://flustar.com/
Server
Microsoft-IIS/8.5
Date
Mon, 08 Mar 2021 15:36:01 GMT
Content-Length
143
css
flustar.com/Content/ 		213 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flustar.com/Content/css?v=4NcxcyI4sA5ZqDV7kTqpttpRZR2Qi8_x5Pg3oL76WV41
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
dd925446381486f332c50af549bc0455226c67ef29e2f4beb465c2b72621db68

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2021 15:36:02 GMT
Server
Microsoft-IIS/8.5
Vary
User-Agent
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Length
37843
Expires
Tue, 08 Mar 2022 15:36:02 GMT
modernizr
flustar.com/bundles/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flustar.com/bundles/modernizr?v=xSrVm1yAnacOXzt2tBgKSdqj7HbQqwc-_xqXR9MJaxk1
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
5cb63ee9bfe0e06ee1845c80c28bd008129f8f8579bd57ba238d1abe6563c8f1

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2021 15:36:02 GMT
Server
Microsoft-IIS/8.5
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
4358
Expires
Tue, 08 Mar 2022 15:36:02 GMT
configs
users.api.jeeng.com/users/domains/5OWNqBBqoL/sdk/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/users/domains/5OWNqBBqoL/sdk/configs
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:17::1724:a2c5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
b04dc562badc5631a1c7e95c7855f563903b9fb9f7a6359613a9f4edbd5b7394

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 15:36:08 GMT
content-encoding
gzip
etag
W/"5a1-CMr29zR3Xu7npluBvKo3iSHyHa8"
server
Google Frontend
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
de944b1ac13bb5a84f826910d18b98f5
cache-control
max-age=3555
content-length
833
v3.js
sdk.jeeng.com/ 		1 MB
220 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.jeeng.com/v3.js
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5773993a77252a70ff178b5ccc54fda210bfc05a53b9a6c9f119dabacdf3f2d7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Mon, 08 Mar 2021 09:19:41 GMT
x-timer
S1615217768.761277,VS0,VE0
etag
"6812e162d5d5ed9ac5bbbf49011a88da68f4f10b1493afde3f03aa2d6e239e86-br"
x-served-by
cache-hhn4078-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Mon, 08 Mar 2021 15:36:07 GMT
accept-ranges
bytes
content-length
224614
x-cache-hits
1157
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		140 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 15:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50479
x-xss-protection
0
server
cafe
etag
13215137272821469477
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 08 Mar 2021 15:36:07 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
c8e96424177292c9cee75e341609660c61ad11b0a202065b047c697d485112fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 15:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"805 / 405 of 1000 / last-modified: 1615205674"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19764
x-xss-protection
0
expires
Mon, 08 Mar 2021 15:36:07 GMT
Logo.svg
flustar.com/Content/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flustar.com/Content/images/Logo.svg
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
afcf9e3307a933bd12477377c07d40649e3a2b799f2f3aa7f66ffdcb06ca36ce

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:02 GMT
Last-Modified
Fri, 22 Feb 2019 20:58:53 GMT
Server
Microsoft-IIS/8.5
ETag
"8064e66af1cad41:0"
Content-Type
image/svg+xml
Cache-Control
public,max-age=864000
Accept-Ranges
bytes
Content-Length
5247
cancer-222626152.jpg
flustar.com/Content/articles/news/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flustar.com/Content/articles/news/cancer-222626152.jpg
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
41f1729618749690081c724947e2ea4d57f01f033a49047b56605f96de3d5641

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:02 GMT
Last-Modified
Thu, 13 Sep 2018 15:37:00 GMT
Server
Microsoft-IIS/8.5
ETag
"0f6889c774bd41:0"
Content-Type
image/jpeg
Cache-Control
public,max-age=864000
Accept-Ranges
bytes
Content-Length
61514
jquery
flustar.com/bundles/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flustar.com/bundles/jquery?v=8Oos0avDZyPg-cbyVzvkIfERIE1DGSe3sRQdCSYrgEQ1
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
c6c9c55306e0cc0fbd50b3488121de96630e66f6744a6538e97e982d64144889

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2021 15:36:02 GMT
Server
Microsoft-IIS/8.5
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
32610
Expires
Tue, 08 Mar 2022 15:36:02 GMT
bootstrap
flustar.com/bundles/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flustar.com/bundles/bootstrap?v=-g7cxTWQV6ve_iRyKtg7LoBytQltgj_w8zTNeaLaBc41
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
3f959d88727d64ae731699491ec0a17e0de889419ef0bba6fcc56176598e4532

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2021 15:36:02 GMT
Server
Microsoft-IIS/8.5
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
12045
Expires
Tue, 08 Mar 2022 15:36:02 GMT
lib
flustar.com/bundles/ 		704 KB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flustar.com/bundles/lib?v=sS8LoY-ffsgjv1xGtv7qoWdG2El1w_UJO2ODzV7rKQc1
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
4fc2b93375fbc06a8c7977bc63c5432f240b8b6edcefac01f67642663cdf31cb

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2021 15:36:03 GMT
Server
Microsoft-IIS/8.5
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
239450
Expires
Tue, 08 Mar 2022 15:36:03 GMT
app
flustar.com/bundles/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flustar.com/bundles/app?v=VA3xfFbm214bvIhD6mtFaWKYj2jrNy53uLWsu6r1r6s1
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
3653cc0d75f66302ca49cf5f4c9ada84a82fab19c8f844b75e3b70f0d8da28cd

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2021 15:36:03 GMT
Server
Microsoft-IIS/8.5
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
3299
Expires
Tue, 08 Mar 2022 15:36:03 GMT
CampaignID=flustar.com,Channel=website
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc2MzQzNTgvdC8y/kv/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc2MzQzNTgvdC8y/kv/CampaignID=flustar.com,Channel=website
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.228.164.13 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Mon, 08 Mar 2021 15:36:07 GMT
x-host
s7.addthis.com
content-length
116325
pollen-map
flustar.com/bundles/ 		139 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flustar.com/bundles/pollen-map?v=UfCyXlLBBGp54rjB0zmOjcHAR4enoZG99Ft39zaxU1c1
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
335d3667d333053c1cbd628d7fb298fb5bcdc43931cfc5f6cbac663c9f7a54aa

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2021 15:36:03 GMT
Server
Microsoft-IIS/8.5
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
41536
Expires
Tue, 08 Mar 2022 15:36:03 GMT
home
flustar.com/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flustar.com/bundles/home?v=fu6P_C7pHo732fHqxGaWYDkdKa_F6Ai8vAba7ppmo8M1
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
696ad7de7e6fdad2160760bb866264001aef502bc030f3b26e3089ec9883b434

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2021 15:36:03 GMT
Server
Microsoft-IIS/8.5
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
741
Expires
Tue, 08 Mar 2022 15:36:03 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
5611
date
Mon, 08 Mar 2021 14:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Mon, 08 Mar 2021 16:02:36 GMT
adpushup.js
cdn.adpushup.com/41305/ 		331 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/41305/adpushup.js
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
5eb0caf965567a74464b93c1e1b66eafab1df5dfa2849c1cc2257e0f10b049cf

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 15:36:07 GMT
content-encoding
br
x-cf3
M
cf4ttl
604800.000
x-cf1
28371:fC.fra2:co:1614780516:cacheN.fra2-01:M
x-cf-tsc
1615217768
accept-ranges
bytes
x-cf2
M
last-modified
Mon, 08 Mar 2021 15:36:07 GMT
server
CFS 0215
x-cff
B
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900
cf4age
0
x-cf-geodata
CH
expires
Mon, 08 Mar 2021 15:51:07 GMT
flu-bg.png
flustar.com/Content/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flustar.com/Content/images/flu-bg.png
Requested by
Host: flustar.com
URL: https://flustar.com/Content/css?v=4NcxcyI4sA5ZqDV7kTqpttpRZR2Qi8_x5Pg3oL76WV41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
d09efb996a01c54ccf12f7e99a61f3325058f6b7a12a8cf9f700ab9c7b69aefb

Request headers

Referer
https://flustar.com/Content/css?v=4NcxcyI4sA5ZqDV7kTqpttpRZR2Qi8_x5Pg3oL76WV41
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:02 GMT
Last-Modified
Thu, 09 May 2019 07:20:00 GMT
Server
Microsoft-IIS/8.5
ETag
"090be9c376d51:0"
Content-Type
image/png
Cache-Control
public,max-age=864000
Accept-Ranges
bytes
Content-Length
12957
doctor.png
flustar.com/Content/images/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flustar.com/Content/images/doctor.png
Requested by
Host: flustar.com
URL: https://flustar.com/Content/css?v=4NcxcyI4sA5ZqDV7kTqpttpRZR2Qi8_x5Pg3oL76WV41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
0d40f1da28bd3e827f610a911938eb875ff6f5bb23b89ec6bc69bd7e25db7848

Request headers

Referer
https://flustar.com/Content/css?v=4NcxcyI4sA5ZqDV7kTqpttpRZR2Qi8_x5Pg3oL76WV41
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:02 GMT
Last-Modified
Fri, 01 Feb 2019 17:08:13 GMT
Server
Microsoft-IIS/8.5
ETag
"803cf1b650bad41:0"
Content-Type
image/png
Cache-Control
public,max-age=864000
Accept-Ranges
bytes
Content-Length
42773
flustar_app_square.jpg
flustar.com/Content/banners/flustar/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flustar.com/Content/banners/flustar/flustar_app_square.jpg
Requested by
Host: flustar.com
URL: https://flustar.com/Content/css?v=4NcxcyI4sA5ZqDV7kTqpttpRZR2Qi8_x5Pg3oL76WV41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
d3f9b8c42a03076a1a762d84c874f9e1bab80c078e5a79344a063c276a0f1392

Request headers

Referer
https://flustar.com/Content/css?v=4NcxcyI4sA5ZqDV7kTqpttpRZR2Qi8_x5Pg3oL76WV41
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:02 GMT
Last-Modified
Mon, 28 Oct 2019 19:31:21 GMT
Server
Microsoft-IIS/8.5
ETag
"ab90fd46c68dd51:0"
Content-Type
image/jpeg
Cache-Control
public,max-age=864000
Accept-Ranges
bytes
Content-Length
20494
flustar_app_sky.jpg
flustar.com/Content/banners/flustar/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flustar.com/Content/banners/flustar/flustar_app_sky.jpg
Requested by
Host: flustar.com
URL: https://flustar.com/Content/css?v=4NcxcyI4sA5ZqDV7kTqpttpRZR2Qi8_x5Pg3oL76WV41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
a1512294a6deb8e6f4472a27095713fffa345c67bdd984fdecd29b48ff0c3586

Request headers

Referer
https://flustar.com/Content/css?v=4NcxcyI4sA5ZqDV7kTqpttpRZR2Qi8_x5Pg3oL76WV41
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:02 GMT
Last-Modified
Mon, 28 Oct 2019 19:31:20 GMT
Server
Microsoft-IIS/8.5
ETag
"d6eee346c68dd51:0"
Content-Type
image/jpeg
Cache-Control
public,max-age=864000
Accept-Ranges
bytes
Content-Length
53950
NotoSans-Regular.woff2
flustar.com/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://flustar.com/fonts/NotoSans-Regular.woff2
Requested by
Host: flustar.com
URL: https://flustar.com/Content/css?v=4NcxcyI4sA5ZqDV7kTqpttpRZR2Qi8_x5Pg3oL76WV41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
3ee26114feb214d4f102e98ad8009b27d374efff10b05095e9bebc8df74c15b9

Request headers

Origin
https://flustar.com
Referer
https://flustar.com/Content/css?v=4NcxcyI4sA5ZqDV7kTqpttpRZR2Qi8_x5Pg3oL76WV41
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:02 GMT
Last-Modified
Tue, 30 Oct 2018 20:33:45 GMT
Server
Microsoft-IIS/8.5
ETag
"809a8eda8f70d41:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=864000
Accept-Ranges
bytes
Content-Length
15572
pubads_impl_2021030201.js
securepubads.g.doubleclick.net/gpt/ 		282 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 15:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 09:37:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101677
x-xss-protection
0
expires
Mon, 08 Mar 2021 15:36:07 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ 		227 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9400844359034485&plah=flustar.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 15:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87278
x-xss-protection
0
server
cafe
etag
4389487008424739880
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 08 Mar 2021 15:36:07 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/ Frame AB9B 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210303/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://flustar.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://flustar.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 07 Mar 2021 21:27:47 GMT
expires
Sun, 21 Mar 2021 21:27:47 GMT
content-type
text/html; charset=UTF-8
etag
14371272352318978350
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
5136
x-xss-protection
0
age
65300
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/j/ 		4 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-1876958-32&cid=1909535731.1615217768&jid=1425194433&gjid=1280328041&_gid=536607499.1615217768&_u=IGBAgEABAAAAAE~&z=1596457870
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Mar 2021 15:36:07 GMT
content-type
text/plain
access-control-allow-origin
https://flustar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=597125531&t=pageview&_s=1&dl=https%3A%2F%2Fflustar.com%2F&ul=en-us&de=UTF-8&dt=National%20Flu%20Activity%20Map%20-%20Flustar.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=1425194433&gjid=1280328041&cid=1909535731.1615217768&tid=UA-1876958-32&_gid=536607499.1615217768&z=755272484
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 06:11:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33851
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-1876958-32&cid=1909535731.1615217768&jid=1425194433&_u=IGBAgEABAAAAAE~&z=1034412893
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 15:36:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-1876958-32&cid=1909535731.1615217768&jid=1425194433&_u=IGBAgEABAAAAAE~&z=1034412893
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 15:36:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		201 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=flustar.com&callback=_gfp_s_&client=ca-pub-9400844359034485
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9400844359034485&plah=flustar.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
694674d84646dccdf40e1e605d437bdfab0d6ee5bc8b6715154b9abd8a10964c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 15:36:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=flustar.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9400844359034485&plah=flustar.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 15:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=flustar.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9400844359034485&plah=flustar.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 15:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8693 		54 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9400844359034485&output=html&adk=1812271804&adf=3025194257&lmt=1615217767&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fflustar.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615217767780&bpp=28&bdt=477&idt=125&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4476206383745&frm=20&pv=2&ga_vid=1909535731.1615217768&ga_sid=1615217768&ga_hid=597125531&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C21068084&oid=3&pvsid=1953180909089771&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=160
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9400844359034485&plah=flustar.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9400844359034485&output=html&adk=1812271804&adf=3025194257&lmt=1615217767&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fflustar.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1615217767780&bpp=28&bdt=477&idt=125&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4476206383745&frm=20&pv=2&ga_vid=1909535731.1615217768&ga_sid=1615217768&ga_hid=597125531&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C21068084&oid=3&pvsid=1953180909089771&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=160
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://flustar.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://flustar.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 08 Mar 2021 15:36:08 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 08-Mar-2021 15:51:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 08 Mar 2021 15:36:08 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9400844359034485&plah=flustar.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 15:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Mon, 08 Mar 2021 15:36:07 GMT
pb.1614258692488.js
cdn.adpushup.com/prebid/ 		363 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.1614258692488.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/41305/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
a5bdbf72ca0dc72c808c8a8ed5ad142ced6bdf367693fb95cedbb354e12df6a7

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 15:36:08 GMT
content-encoding
br
x-cf3
M
cf4ttl
604800.000
x-cf1
28371:fC.fra2:co:1614258800:cacheN.fra2-01:H
content-length
107008
x-cf-tsc
1614258878
x-cf2
H
last-modified
Thu, 25 Feb 2021 13:13:19 GMT
server
CFS 0215
x-cff
B
etag
W/"6037a26f-5aa36"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf4age
0
accept-ranges
bytes
expires
Tue, 08 Mar 2022 15:36:08 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
178 B 		Other
General
Check archive.org
Download Go to
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/41305/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 15:36:08 GMT
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://flustar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MTUyMTc3NjgzNjcsInBhY2tldElkIjoiMDAwMEExNTktYzA3Njg1M2MtODQ4MC00OTNlLWI1MTYtMDIwNDVmYTFjMTliIiwic2l0ZUlkIjo0MTMwNSwic2l0ZURvbWFpbiI6Imh0dHBzOi8vd3d3LmZsdXN0YXIuY29tLyIsInVybCI6Imh0dHBzOi8vZmx1c3Rhci5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkhPTUUiLCJwYWdlVmFyaWF0aW9uSWQiOiIwMTZhZjcwMC1mMWM4LTRiNzQtYjNiOS1iY2Q1Zjc1YTNmNjciLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkeF8zMCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJiMDY4ZTRiOS05ZTlkLTRhZGYtYTRiOC1lYzhmYzBlMjIxOGQiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9IT01FXzMwMFgyNTBfYjA2OGUiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQxMzA1XzMwMFgyNTBfYjA2OGU0YjktOWU5ZC00YWRmLWE0YjgtZWM4ZmMwZTIyMThkIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 15:36:08 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://flustar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MTUyMTc3NjgzNzAsInBhY2tldElkIjoiMDAwMEExNTktYzA3Njg1M2MtODQ4MC00OTNlLWI1MTYtMDIwNDVmYTFjMTliIiwic2l0ZUlkIjo0MTMwNSwic2l0ZURvbWFpbiI6Imh0dHBzOi8vd3d3LmZsdXN0YXIuY29tLyIsInVybCI6Imh0dHBzOi8vZmx1c3Rhci5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkhPTUUiLCJwYWdlVmFyaWF0aW9uSWQiOiIwMTZhZjcwMC1mMWM4LTRiNzQtYjNiOS1iY2Q1Zjc1YTNmNjciLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkeF8zMCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJiMDc1Mzg2OS01ZWEzLTRlZmMtOTU4Zi1mYTYxMmVmMTk3OWUiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9IT01FXzMwMFgyNTBfYjA3NTMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQxMzA1XzMwMFgyNTBfYjA3NTM4NjktNWVhMy00ZWZjLTk1OGYtZmE2MTJlZjE5NzllIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 15:36:08 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://flustar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2MTUyMTc3NjgzNzQsInBhY2tldElkIjoiMDAwMEExNTktYzA3Njg1M2MtODQ4MC00OTNlLWI1MTYtMDIwNDVmYTFjMTliIiwic2l0ZUlkIjo0MTMwNSwic2l0ZURvbWFpbiI6Imh0dHBzOi8vd3d3LmZsdXN0YXIuY29tLyIsInVybCI6Imh0dHBzOi8vZmx1c3Rhci5jb20vIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkhPTUUiLCJwYWdlVmFyaWF0aW9uSWQiOiIwMTZhZjcwMC1mMWM4LTRiNzQtYjNiOS1iY2Q1Zjc1YTNmNjciLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkeF8zMCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJiYzQwMzUyMi05NjczLTQyYjMtYjdjNC1iZjAwNzYxYzRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9IT01FXzcyOFg5MF9iYzQwMyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDEzMDVfNzI4WDkwX2JjNDAzNTIyLTk2NzMtNDJiMy1iN2M0LWJmMDA3NjFjNGJhZSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dfQ==
Requested by
Host: flustar.com
URL: https://flustar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 15:36:08 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://flustar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		1 KB
938 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210308
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.1614258692488.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd851a5aa0945cf9dcced078888bbbf83ac5d18fdcee9c46b2983ae1178d2170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
16462
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
758
etag
W/"53c-to8YJhaq32h0nkdvXFy2EBpUZPU"
x-served-by
cache-fra19141-FRA, cache-hhn4021-HHN
date
Mon, 08 Mar 2021 15:36:08 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
pollen_markets.json
flustar.com/Scripts/CustomPlugins/PollenMap/geojson/ 		348 KB
90 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://flustar.com/Scripts/CustomPlugins/PollenMap/geojson/pollen_markets.json
Requested by
Host: flustar.com
URL: https://flustar.com/bundles/jquery?v=8Oos0avDZyPg-cbyVzvkIfERIE1DGSe3sRQdCSYrgEQ1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
479d66a906aaf36386c365f5948549957b1b9072cd0a28f1c3c92d0e0c183da1

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://flustar.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Sep 2018 15:37:04 GMT
Server
Microsoft-IIS/8.5
ETag
"050eb9e774bd41:0"
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
public,max-age=864000
Accept-Ranges
bytes
Content-Length
91750
covid19
flustar.com/api/map/ 		79 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://flustar.com/api/map/covid19
Requested by
Host: flustar.com
URL: https://flustar.com/bundles/jquery?v=8Oos0avDZyPg-cbyVzvkIfERIE1DGSe3sRQdCSYrgEQ1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
a997a43929f948243c52f3f8cd3dddcc9e6a7c5d5ae99d7fe7e2ae35eeb44b0b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://flustar.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 15:36:03 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Content-Length
6933
Expires
-1
states.json
flustar.com/Scripts/CustomPlugins/PollenMap/geojson/ 		156 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://flustar.com/Scripts/CustomPlugins/PollenMap/geojson/states.json
Requested by
Host: flustar.com
URL: https://flustar.com/bundles/jquery?v=8Oos0avDZyPg-cbyVzvkIfERIE1DGSe3sRQdCSYrgEQ1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
58d7d3e19f73438b6badc28020640aa3b7f84442c7fffcd1df2f960eaa8626f9

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://flustar.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Sep 2018 15:37:04 GMT
Server
Microsoft-IIS/8.5
ETag
"050eb9e774bd41:0"
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
public,max-age=864000
Accept-Ranges
bytes
Content-Length
53653
glyphicons-halflings-regular.woff2
flustar.com/Content/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://flustar.com/Content/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: flustar.com
URL: https://flustar.com/Content/css?v=4NcxcyI4sA5ZqDV7kTqpttpRZR2Qi8_x5Pg3oL76WV41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
54.85.1.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-1-141.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Origin
https://flustar.com
Referer
https://flustar.com/Content/css?v=4NcxcyI4sA5ZqDV7kTqpttpRZR2Qi8_x5Pg3oL76WV41
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 15:36:03 GMT
Last-Modified
Tue, 04 Feb 2020 16:38:34 GMT
Server
Microsoft-IIS/8.5
ETag
"d9642e8b79dbd51:0"
Content-Type
application/font-woff2
Cache-Control
public,max-age=864000
Accept-Ranges
bytes
Content-Length
18028
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-154.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 15:36:08 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
B402EDC6F7271ED7
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=62273
accept-ranges
bytes
content-length
948
x-amz-id-2
3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9400844359034485&plah=flustar.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d148940ed61c1fe84e30ab7efa216ed74cd57db6ccc6320460093a034c0720c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 15:36:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6508
x-xss-protection
0
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-53cdb8be3e4092c3/ 		3 KB
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-53cdb8be3e4092c3/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-112.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
516edde244d8a4b24caff3c02f274be5d36edb46fec69929fb0856dfbb9fd5db

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 15:36:08 GMT
content-encoding
gzip
etag
-761955782--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=56, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
838
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9400844359034485&plah=flustar.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 15:36:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Mon, 08 Mar 2021 15:36:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame AD4F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://flustar.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://flustar.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Mon, 08 Mar 2021 15:28:15 GMT
expires
Tue, 08 Mar 2022 15:28:15 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
474
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.56.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Mon, 08 Mar 2021 15:36:09 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame AD4F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 10:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
103188
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Mon, 07 Mar 2022 10:56:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=1953180909089771&bg=!a2ilaCvNAAWsVXnBrDsAKQB2-DxaDqoqoflMW_L_z_jFxZdMAdT_DOkP9WjczG3AFHaBvkktJ7tPAgAAAKZSAAAADGgBBwoBM6OhMeI14Zq_dIlbOIkzU8jpxsKzoqBCQ1zEqUUfOryHxSx_aTr9NbZHbqH2BmPnhFVZPC6NTKeACF807601Prgpc7pG7_m4tURaE4Rpa1twKyDiTwyUmBhONMIWYnLlGetPnK3VfD-8It2wnFaGO1c8-ziXb4n1t0X5HQMAxc8yFtX14BPwoDtCks6YevHIk-lAFRhDhKqoCxTf-36UPzrBMZS5cswrAehAnl7M6VTAFDbH4z_IGpMU-hkLFSeHPG9eMDDte9jNteu4hzbZfL1KOQOENu9lCDYpf2bAD-ViVLoIWuyKDaPlSMEyuKlbbDee6GHMQtqTrLIxn5O6jTPpc45PyHmx7xISICWel73TIZU3KhrjquvDnEaq0tl28w6YrD8KPw246h7F3LNuh6o8C_iZAi1QPnsHcM87Y-TBcVs_zxTQn-x21MkS-yrjQSz9IRpUpH0dGNepXPtxq3smm-sLUIsnehgDSsP61GWK1rCvSO4oSrnhBl8zTEv-krNVCPPOztioS09Z_a1N7yhrzHne7UiLMlOugjtbDjoUSGDN9i2qnsYYjIwnqUyblQGj-_gfgujJ5hMmed89dVkjHU1CBJ86N8o26AdHYh0RRJAC51Yw3Z1_bcPU-zwO4wGX4sPNgnl2dILHGmU9hw-3xjzQmDhA47BJSOWnd2JhGtErpC_kY98-65ftBvwf6Kmy11KjccIeE5VpnK31VZAx18sdGZWxO3FhARo3zcSAXWXsyZxZYIRq7zsBvkrzJ2B84RR4yD7UZJix3udklq0ScSTY7wiwbQQiGAKloVoV9jP-4pOqAdIPwVwvDE6jebiSOQzwXM6xDMYW9Behm6pLzpGNY8hfBH6TRAFzC3rytnzSUoXFzBfhrAKUZrJ_cL0y8RC7JMnCzbOcsxWH0X-Xx_3BqCEhtss1jKEvsgAnOfx1umI-z7Vrph70SrrGfnx5j7cTQwN2ckODqDK09fw3OM6xl611EYIYkYM_F9_3ZxprI0WBs_oaAOhEyO1Rur6wy9djZlLRaywLDdFhwuqV3ifyrHDKOQGyq2sF4ztMG_OGSU0BzbtQT_jlSjvDNeB11cwwzahHCHv_eWqE3jeWCXnLWEm4VOwRpMu3HfO1kMCe0Tn22mnojTm7dDMqEvuX-Q
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flustar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 15:36:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| html5 object| Modernizr string| GoogleAnalyticsObject function| ga object| gptadslots object| googletag function| _debounce number| initW object| ggeac object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map function| $ function| jQuery object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| respond function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| setImmediate function| clearImmediate object| adpushup object| _apPbJs object| hbAnalytics object| adpTags object| hbRulesApi function| _apPbJsChunk object| _pbjsGlobals object| __core-js_shared__ string| nobidVersion object| nobid object| angular function| _ function| moment object| Highcharts object| app function| CustomLeafletMarker object| L object| gju object| leafletPip function| _leaflet_resize3 object| jeengConfig function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto boolean| __@@##MUH object| addthis_share object| addthis_config object| GoogleGcLKhOms object| _atw object| google_image_requests string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks

7 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
flustar.com/ Name: __atuvs
Value: 604644688c118132000
.flustar.com/ Name: __gads
Value: ID=08a4a7f17450f2e8-2259ec9ab6ba0074:T=1615217768:RT=1615217768:S=ALNI_MZ_qMIZD3gqd9LjmAKl4MPUlLnFPQ
.flustar.com/ Name: _ga
Value: GA1.2.1909535731.1615217768
.flustar.com/ Name: _gat
Value: 1
flustar.com/ Name: __atuvc
Value: 1%7C10
.flustar.com/ Name: _gid
Value: GA1.2.536607499.1615217768

1 Console Messages

Source Level URL
Text
console-api log URL: https://flustar.com/(Line 145)
Message:
Init Width: 1600

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.adpushup.com
cdn.jsdelivr.net
d.turn.com
e3.adpushup.com
flustar.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s7.addthis.com
sdk.jeeng.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
users.api.jeeng.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
z.moatads.com
104.84.56.112
142.250.185.226
142.250.185.66
142.250.186.34
151.101.65.195
205.234.175.175
23.218.209.154
23.97.225.52
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2001
2a00:1450:400c:c1b::9d
2a02:26f0:3500:17::1724:a2c5
2a04:4e42:1b::621
46.228.164.13
54.85.1.141
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0d40f1da28bd3e827f610a911938eb875ff6f5bb23b89ec6bc69bd7e25db7848
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
335d3667d333053c1cbd628d7fb298fb5bcdc43931cfc5f6cbac663c9f7a54aa
3653cc0d75f66302ca49cf5f4c9ada84a82fab19c8f844b75e3b70f0d8da28cd
3ee26114feb214d4f102e98ad8009b27d374efff10b05095e9bebc8df74c15b9
3f959d88727d64ae731699491ec0a17e0de889419ef0bba6fcc56176598e4532
41f1729618749690081c724947e2ea4d57f01f033a49047b56605f96de3d5641
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
479d66a906aaf36386c365f5948549957b1b9072cd0a28f1c3c92d0e0c183da1
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
4fc2b93375fbc06a8c7977bc63c5432f240b8b6edcefac01f67642663cdf31cb
516edde244d8a4b24caff3c02f274be5d36edb46fec69929fb0856dfbb9fd5db
5773993a77252a70ff178b5ccc54fda210bfc05a53b9a6c9f119dabacdf3f2d7
58d7d3e19f73438b6badc28020640aa3b7f84442c7fffcd1df2f960eaa8626f9
5cb63ee9bfe0e06ee1845c80c28bd008129f8f8579bd57ba238d1abe6563c8f1
5eb0caf965567a74464b93c1e1b66eafab1df5dfa2849c1cc2257e0f10b049cf
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
63a7ec84177f1b582f8640888b8810261ed9e829e1e4dbbd2e47bd7a40d097fa
694674d84646dccdf40e1e605d437bdfab0d6ee5bc8b6715154b9abd8a10964c
696ad7de7e6fdad2160760bb866264001aef502bc030f3b26e3089ec9883b434
6d148940ed61c1fe84e30ab7efa216ed74cd57db6ccc6320460093a034c0720c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a1512294a6deb8e6f4472a27095713fffa345c67bdd984fdecd29b48ff0c3586
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5bdbf72ca0dc72c808c8a8ed5ad142ced6bdf367693fb95cedbb354e12df6a7
a997a43929f948243c52f3f8cd3dddcc9e6a7c5d5ae99d7fe7e2ae35eeb44b0b
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
afcf9e3307a933bd12477377c07d40649e3a2b799f2f3aa7f66ffdcb06ca36ce
b04dc562badc5631a1c7e95c7855f563903b9fb9f7a6359613a9f4edbd5b7394
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
c6c9c55306e0cc0fbd50b3488121de96630e66f6744a6538e97e982d64144889
c8e96424177292c9cee75e341609660c61ad11b0a202065b047c697d485112fc
cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982
cd851a5aa0945cf9dcced078888bbbf83ac5d18fdcee9c46b2983ae1178d2170
d09efb996a01c54ccf12f7e99a61f3325058f6b7a12a8cf9f700ab9c7b69aefb
d3f9b8c42a03076a1a762d84c874f9e1bab80c078e5a79344a063c276a0f1392
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dd925446381486f332c50af549bc0455226c67ef29e2f4beb465c2b72621db68
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c