urlscan.io logo urlscan.io
SecurityTrails logo

devil1.tk Open in urlscan Pro
168.119.143.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.go.earn4money.cf/
Effective URL: https://devil1.tk/?link=
Submission: On September 02 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 6 countries across 32 domains to perform 159 HTTP transactions. The main IP is 168.119.143.69, located in Germany and belongs to HETZNER-AS, DE. The main domain is devil1.tk.
TLS certificate: Issued by R3 on August 10th 2021. Valid for: 3 months.
This is the only time devil1.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 88.99.0.156 24940 (HETZNER-AS)
28 168.119.143.69 24940 (HETZNER-AS)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
19 104.19.136.78 13335 (CLOUDFLAR...)
4 188.34.181.16 24940 (HETZNER-AS)
3 52.95.249.167 16509 (AMAZON-02)
5 104.18.16.65 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
10 162.0.235.241 22612 (NAMECHEAP...)
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
2 162.0.235.250 22612 (NAMECHEAP...)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 3 2600:9000:223... 16509 (AMAZON-02)
1 192.0.77.48 2635 (AUTOMATTIC)
4 104.19.136.80 13335 (CLOUDFLAR...)
7 2606:4700:e0:... 13335 (CLOUDFLAR...)
5 104.19.139.80 13335 (CLOUDFLAR...)
3 2a03:90c0:41:... 199524 (GCORE)
1 4 13.32.121.21 16509 (AMAZON-02)
4 142.250.185.130 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 104.19.130.80 13335 (CLOUDFLAR...)
2 2 76.223.111.131 16509 (AMAZON-02)
1 66.29.141.47 22612 (NAMECHEAP...)
1 104.19.133.78 13335 (CLOUDFLAR...)
2 52.213.68.56 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2a0c:5c81:509... 55081 (24SHELLS)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
159 41
1    88.99.0.156 (Germany)

ASN24940 (HETZNER-AS, DE)
www.go.earn4money.cf
28    168.119.143.69 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: pro.fastest-server.com
devil1.tk
4    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
19    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
servicer.mgid.com
cm.mgid.com
4    188.34.181.16 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.16.181.34.188.clients.your-server.de
adsrv.adcryp.to
3    52.95.249.167 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-95-249-167.ap-south-1.compute.amazonaws.com
megaadv.com
5    104.18.16.65 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
s-img.adskeeper.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
2    2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
10    162.0.235.241 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium160-1.web-hosting.com
ayelads.xyz
4    2606:4700:3036::6815:e43 (United States)

ASN13335 (CLOUDFLARENET, US)
lunagyja.xyz
api.lunagyja.xyz
5    2606:4700:3037::ac43:a12f (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
2    162.0.235.250 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium161-4.web-hosting.com
ayelads.com
8    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2600:9000:223f:8400:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
1    192.0.77.48 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
4    104.19.136.80 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.steepto.com
cm.steepto.com
7    2606:4700:e0::ac40:6a1c (United States)

ASN13335 (CLOUDFLARENET, US)
adcryp.to
5    104.19.139.80 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.steepto.com
3    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.steepto.com
video-native.mgid.com
4    13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net
sb.scorecardresearch.com
4    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2606:4700:3032::6815:2613 (United States)

ASN13335 (CLOUDFLARENET, US)
icon2.cleanpng.com
1    104.19.130.80 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.adskeeper.co.uk
2    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    66.29.141.47 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium212-3.web-hosting.com
nex-url.cyou
1    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
servicer.mgid.com
2    52.213.68.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-68-56.eu-west-1.compute.amazonaws.com
d.adroll.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ec76967b9fc19a8ac93530f209c4595d.safeframe.googlesyndication.com
1    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adlane.info
5    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
6    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
28 devil1.tk
devil1.tk
339 KB
22 mgid.com
jsc.mgid.com
c.mgid.com
servicer.mgid.com
cm.mgid.com
video-native.mgid.com
173 KB
11 adcryp.to
adsrv.adcryp.to
adcryp.to
343 KB
10 googlesyndication.com
ec76967b9fc19a8ac93530f209c4595d.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
43 KB
10 steepto.com
cdn.steepto.com
s-img.steepto.com
cm.steepto.com
video-native.steepto.com
142 KB
10 ayelads.xyz
ayelads.xyz
76 KB
8 gstatic.com
fonts.gstatic.com
191 KB
6 fontawesome.com
kit.fontawesome.com
ka-f.fontawesome.com
176 KB
5 ampproject.org
cdn.ampproject.org
102 KB
5 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
153 KB
5 adroll.com
s.adroll.com
d.adroll.com
46 KB
5 adskeeper.com
jsc.adskeeper.com
c.adskeeper.com
servicer.adskeeper.com
s-img.adskeeper.com
78 KB
4 scorecardresearch.com
sb.scorecardresearch.com
2 KB
4 lunagyja.xyz
lunagyja.xyz
api.lunagyja.xyz
18 KB
4 googletagmanager.com
www.googletagmanager.com
192 KB
4 googleapis.com
fonts.googleapis.com
3 KB
3 google.com
adservice.google.com
www.google.com
1 KB
3 google-analytics.com
www.google-analytics.com
19 KB
3 megaadv.com
megaadv.com
40 KB
2 adsrvr.org
match.adsrvr.org
907 B
2 ayelads.com
ayelads.com
2 KB
2 addtoany.com
static.addtoany.com
62 KB
1 adlane.info
s.adlane.info
365 B
1 facebook.net
connect.facebook.net
26 KB
1 google.de
adservice.google.de
853 B
1 nex-url.cyou
nex-url.cyou
560 B
1 adskeeper.co.uk
cdn.adskeeper.co.uk
2 KB
1 cleanpng.com
icon2.cleanpng.com
12 KB
1 w.org
s.w.org
567 B
1 blogspot.com
1.bp.blogspot.com
778 B
1 onesignal.com
cdn.onesignal.com
3 KB
1 earn4money.cf
www.go.earn4money.cf
338 B
159 32
Domain Requested by
28 devil1.tk devil1.tk
10 ayelads.xyz devil1.tk
ayelads.xyz
9 c.mgid.com jsc.mgid.com
devil1.tk
8 fonts.gstatic.com fonts.googleapis.com
7 adcryp.to adsrv.adcryp.to
adcryp.to
6 tpc.googlesyndication.com adcryp.to
securepubads.g.doubleclick.net
cdn.ampproject.org
tpc.googlesyndication.com
6 servicer.mgid.com jsc.mgid.com
cdn.steepto.com
video-native.mgid.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 s-img.steepto.com devil1.tk
5 ka-f.fontawesome.com kit.fontawesome.com
devil1.tk
4 securepubads.g.doubleclick.net adcryp.to
securepubads.g.doubleclick.net
4 sb.scorecardresearch.com 1 redirects jsc.mgid.com
devil1.tk
4 adsrv.adcryp.to devil1.tk
adsrv.adcryp.to
4 jsc.mgid.com devil1.tk
jsc.mgid.com
4 www.googletagmanager.com devil1.tk
www.googletagmanager.com
ayelads.xyz
4 fonts.googleapis.com devil1.tk
securepubads.g.doubleclick.net
ayelads.xyz
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
devil1.tk
3 s.adroll.com 1 redirects devil1.tk
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 lunagyja.xyz 1 redirects devil1.tk
lunagyja.xyz
3 megaadv.com devil1.tk
megaadv.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 d.adroll.com s.adroll.com
2 video-native.mgid.com cdn.steepto.com
video-native.mgid.com
2 match.adsrvr.org 2 redirects
2 cm.steepto.com jsc.mgid.com
2 cdn.steepto.com devil1.tk
jsc.mgid.com
2 ayelads.com devil1.tk
ayelads.xyz
2 static.addtoany.com devil1.tk
static.addtoany.com
2 jsc.adskeeper.com devil1.tk
jsc.adskeeper.com
1 googleads.g.doubleclick.net devil1.tk
1 s.adlane.info nex-url.cyou
1 connect.facebook.net s.adroll.com
1 ec76967b9fc19a8ac93530f209c4595d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 s-img.adskeeper.com devil1.tk
1 servicer.adskeeper.com jsc.adskeeper.com
1 nex-url.cyou ayelads.xyz
1 cm.mgid.com devil1.tk
1 cdn.adskeeper.co.uk devil1.tk
1 icon2.cleanpng.com ayelads.xyz
1 c.adskeeper.com jsc.adskeeper.com
1 video-native.steepto.com cdn.steepto.com
1 api.lunagyja.xyz lunagyja.xyz
1 s.w.org devil1.tk
1 1.bp.blogspot.com devil1.tk
1 cdn.onesignal.com devil1.tk
1 kit.fontawesome.com devil1.tk
1 www.go.earn4money.cf 1 redirects
159 50
Subject Issuer Validity Valid
www.devil1.tk
R3		 2021-08-10 -
2021-11-08		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
adsrv.adcryp.to
R3		 2021-07-29 -
2021-10-27		 3 months crt.sh
megaadv.mlink.li
R3		 2021-08-19 -
2021-11-17		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
ayelads.xyz
Sectigo RSA Domain Validation Secure Server CA		 2021-03-08 -
2022-03-08		 a year crt.sh
*.lunagyja.xyz
R3		 2021-07-08 -
2021-10-06		 3 months crt.sh
ayelads.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-23 -
2021-12-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
s.adroll.com
Amazon		 2021-08-02 -
2022-08-31		 a year crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA		 2019-12-19 -
2021-12-18		 2 years crt.sh
*.steepto.com
Go Daddy Secure Certificate Authority - G2		 2020-08-21 -
2021-10-20		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
nex-url.cyou
Sectigo RSA Domain Validation Secure Server CA		 2021-08-13 -
2022-08-13		 a year crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2020-09-13 -
2021-10-15		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
s.adlane.info
ZeroSSL ECC Domain Secure Site CA		 2021-08-10 -
2021-11-08		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://devil1.tk/?link=
Frame ID: 41CDA27725DBF8A00476C41F93C1AC2A
Requests: 105 HTTP requests in this frame

Frame: https://ayelads.xyz/ads/display.php?ad=daLVZT3
Frame ID: 86F7783EC6A33D64038EBAC5D8F7B0C6
Requests: 12 HTTP requests in this frame

Frame: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=2030&pid=384&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=345&page_data=05eeddbbbd9eaeda04512934a026412f&time=1630594891&deliver=devil1.tk&search_keywords=&page_referrer=aHR0cHM6Ly9kZXZpbDEudGsvP2xpbms9&page_title=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&meta_description=World%20Best%20website%20for%20Movies
Frame ID: 2AACCEC6C60EBDD80086DAD192F2CBF6
Requests: 6 HTTP requests in this frame

Frame: https://ayelads.xyz/display/items.php?ad=daw1kJm&s=1
Frame ID: 75682DE63AF4A4723EBF03616E5B64DD
Requests: 3 HTTP requests in this frame

Frame: https://api.lunagyja.xyz/register/_fa7cdd4c68507744/XXv-Qee_kbby8v9wRh7LynLmJd49Ng/w40uw5cQw4_CpcKyw5kzwoPCk8KXdDPCtsOl.html
Frame ID: FD8DB7A2B8D49AD691C477428CD8D9AA
Requests: 1 HTTP requests in this frame

Frame: https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
Frame ID: CB74B282E9D2BA897A71BED2D1B81C05
Requests: 12 HTTP requests in this frame

Frame: https://cm.steepto.com/i-noref.js?cbuster=1630594892327991586877
Frame ID: B58A9E588D4BF61058C9AAF20FD89942
Requests: 1 HTTP requests in this frame

Frame: https://nex-url.cyou/page/banners.php?size=728x90_adlane
Frame ID: A0DAA571D178EDEBA4678A60F366B14A
Requests: 2 HTTP requests in this frame

Frame: https://ec76967b9fc19a8ac93530f209c4595d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 463D22D2A0C1B7B23925F0495B5A395E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: F66F654778F1DDD4A4992A51E72779A3
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D62A561229C2350FD5DB53E46C85A30F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 25031459F8755916B8E11839A2B5B6F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Movies Devil - World Best website for Movies

Page URL History Show full URLs

  1. https://www.go.earn4money.cf/ HTTP 302
    https://devil1.tk/?link= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i
Overall confidence: 100%
Detected patterns
  • script /addtoany\.com\/menu\/page\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

159
Requests

100 %
HTTPS

57 %
IPv6

32
Domains

50
Subdomains

41
IPs

6
Countries

2245 kB
Transfer

5197 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.go.earn4money.cf/ HTTP 302
    https://devil1.tk/?link= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://lunagyja.xyz/supply/register?iid=w40uw5cQw4_CpcKyw5kzwoPCk8KXdDPCtsOl HTTP 302
  • https://api.lunagyja.xyz/register/_fa7cdd4c68507744/XXv-Qee_kbby8v9wRh7LynLmJd49Ng/w40uw5cQw4_CpcKyw5kzwoPCk8KXdDPCtsOl.html
Request Chain 95
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=120&ns__t=1630594892450&ns_c=UTF-8&cv=3.5&c8=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&c7=https%3A%2F%2Fdevil1.tk%2F%3Flink%3D&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=120&ns__t=1630594892450&ns_c=UTF-8&cv=3.5&c8=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&c7=https%3A%2F%2Fdevil1.tk%2F%3Flink%3D&c9=
Request Chain 98
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=4542317b-e924-4479-938c-67d3b456f7eb&ttl=1633186894
Request Chain 114
  • https://s.adroll.com/j/exp/FGSYSKTLJNHG3MJYOTGNVJ/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 148
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

159 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
devil1.tk/
Redirect Chain
  • https://www.go.earn4money.cf/
  • https://devil1.tk/?link=
77 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
6159b4451df11eca389f5436e6f7b8a03ce7a46c24260e20c2df9efaf257abe4

Request headers

:method
GET
:authority
devil1.tk
:scheme
https
:path
/?link=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
link
<https://devil1.tk/wp-json/>; rel="https://api.w.org/"
content-encoding
br
vary
Accept-Encoding
date
Thu, 02 Sep 2021 15:01:31 GMT
server
LiteSpeed
alt-svc
h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

Redirect headers

content-type
text/html
content-length
683
date
Thu, 02 Sep 2021 15:01:30 GMT
server
LiteSpeed
cache-control
no-cache, no-store, must-revalidate, max-age=0
location
https://devil1.tk/?link=
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
vary
User-Agent
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
style.min.css
devil1.tk/wp-includes/css/dist/block-library/ 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Tue, 20 Jul 2021 18:12:51 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9960
expires
Thu, 09 Sep 2021 15:01:31 GMT
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0146c024c298254bb1c605e5586a6283890403a3c650f9bf38b720854ea4fbd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 02 Sep 2021 13:11:51 GMT
server
ESF
date
Thu, 02 Sep 2021 15:01:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Sep 2021 15:01:31 GMT
font-awesome.min.css
devil1.tk/wp-content/themes/hitmag/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-content/themes/hitmag/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

:path
/wp-content/themes/hitmag/css/font-awesome.min.css?ver=4.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Wed, 02 Jun 2021 02:14:25 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6658
expires
Thu, 09 Sep 2021 15:01:31 GMT
style.css
devil1.tk/wp-content/themes/hitmag/ 		67 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-content/themes/hitmag/style.css?ver=5.8
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
84f76ac52e65b502c5436e6ac186554753443f4564ccec2f619305860f85c1e4

Request headers

:path
/wp-content/themes/hitmag/style.css?ver=5.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Wed, 02 Jun 2021 02:14:25 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12277
expires
Thu, 09 Sep 2021 15:01:31 GMT
flexslider.css
devil1.tk/wp-content/themes/hitmag/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-content/themes/hitmag/css/flexslider.css?ver=5.8
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
52db182ccc9de3f83db429d2180241038f48d81cce854d1ba9f1377e634fe6fe

Request headers

:path
/wp-content/themes/hitmag/css/flexslider.css?ver=5.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Wed, 02 Jun 2021 02:14:25 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1333
expires
Thu, 09 Sep 2021 15:01:31 GMT
magnific-popup.css
devil1.tk/wp-content/themes/hitmag/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-content/themes/hitmag/css/magnific-popup.css?ver=5.8
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

:path
/wp-content/themes/hitmag/css/magnific-popup.css?ver=5.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Wed, 02 Jun 2021 02:14:25 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1660
expires
Thu, 09 Sep 2021 15:01:31 GMT
addtoany.min.css
devil1.tk/wp-content/plugins/add-to-any/ 		1 KB
423 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Request headers

:path
/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Sat, 07 Aug 2021 06:16:09 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
402
expires
Thu, 09 Sep 2021 15:01:31 GMT
jquery.min.js
devil1.tk/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Tue, 20 Jul 2021 18:12:51 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30273
expires
Thu, 09 Sep 2021 15:01:31 GMT
jquery-migrate.min.js
devil1.tk/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 13:36:06 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3995
expires
Thu, 09 Sep 2021 15:01:31 GMT
addtoany.min.js
devil1.tk/wp-content/plugins/add-to-any/ 		129 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

:path
/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
last-modified
Sat, 07 Aug 2021 06:16:09 GMT
server
LiteSpeed
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
129
expires
Thu, 09 Sep 2021 15:01:31 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-199645029-1
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c0478561c96152444cd2a7e3e682fb56164e262e05222831be194bb32a91806f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41220
x-xss-protection
0
expires
Thu, 02 Sep 2021 15:01:31 GMT
js
www.googletagmanager.com/gtag/ 		129 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KHCBSQ6P2T
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de1259dfb3c623631997df5eb7cf3ab25e0119bee52f3731e2ea4d7d3a6040d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51771
x-xss-protection
0
expires
Thu, 02 Sep 2021 15:01:31 GMT
css2
fonts.googleapis.com/ 		4 KB
606 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0f334da460abbd2499d5f315918eddc40a343949f7f041a1a56b8aff122974ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 02 Sep 2021 13:09:22 GMT
server
ESF
date
Thu, 02 Sep 2021 15:01:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Sep 2021 15:01:31 GMT
7e6cf9a1ad.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/7e6cf9a1ad.js
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a965ef392842a2b19ccaf9454ef114560791badb2ee2161764361e38602e389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Origin
https://devil1.tk
Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
68879d35ff455c98-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FqEJahAbGEseedw_H9sh
interclicks.js
devil1.tk/ 		2 KB
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/interclicks.js
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
46bcff3d9d443579078650ce5de19fd497212d54f481ca65b98b60978f3a5478

Request headers

:path
/interclicks.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Thu, 26 Aug 2021 14:49:25 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
742
expires
Thu, 09 Sep 2021 15:01:31 GMT
wp-emoji-release.min.js
devil1.tk/wp-includes/js/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-includes/js/wp-emoji-release.min.js?ver=5.8
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Tue, 20 Jul 2021 18:12:51 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4539
expires
Thu, 09 Sep 2021 15:01:31 GMT
devil1.tk.1146671.js
jsc.mgid.com/d/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/d/e/devil1.tk.1146671.js
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77e5334e1e6ea0df8ed81d8a8425d7e6613826e1ad8f8195f405ab5f42ae1b5c

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
569AEE99FR9NG04E
last-modified
Mon, 30 Aug 2021 10:36:51 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2
/niAJ4gpmo9QqNPz5lgwxVUAUDWRJA45m2Aq7Xl64sIVa9RuA9xGxKLYzRrC6Bpd1EWudKyrFr4=
cf-bgj
minify
server
cloudflare
etag
W/"5495b4da251b8537f122dc7c34b90344"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
68879d36af0d3b49-CDG
expires
Thu, 02 Sep 2021 18:01:31 GMT
items.php
adsrv.adcryp.to/display/ 		64 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsrv.adcryp.to/display/items.php?2030&384&300&250&4&0&0
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
582124e39d4c294baddee533250bdde975284a65c16baf46e0f9a1bf4e6e5e77

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Sep 2021 15:01:31 GMT
Last-Modified
Thu, 02 Sep 2021 15:01:31 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
application/javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT
ad.js
megaadv.com/assets/ads/ 		1 KB
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://megaadv.com/assets/ads/ad.js
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.95.249.167 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-95-249-167.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
b797cdac21728e43925df934e893935801626514419c847dd6ba1298867f829f

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Sat, 17 Apr 2021 10:59:44 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
456
expires
Thu, 09 Sep 2021 15:01:31 GMT
devil1.tk.1130710.js
jsc.adskeeper.com/d/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/d/e/devil1.tk.1130710.js
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c588a05216fdbf5766ea1c9286bb0a0ffd47550821b2a04a1df5ba37530174a

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
289FVVPTWNY572TB
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
739
x-amz-id-2
/RuXDsZpFpbGQzaOrPNlVo5b/VfLW7B2nEa3NoYaonh/LKpWujOmBMifn85zd5Y7WNp/u9IUUSY=
last-modified
Mon, 30 Aug 2021 10:45:17 GMT
server
cloudflare
etag
"d3ccdda1014dbbe7d8b3b4b8b6a25f35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68879d36aa313fea-CDG
expires
Thu, 02 Sep 2021 19:01:31 GMT
devil1.tk.1146656.js
jsc.mgid.com/d/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/d/e/devil1.tk.1146656.js
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07199e76bcaa4ee3c2958d29c5b7c47571164ac63b645cb5109f28577b38a94e

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
5694QJT211K7G686
last-modified
Mon, 30 Aug 2021 10:35:32 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2
SmGNOIbmpW5FVEUoW3NZ5lcbdBqC9akJ9SI6cGVu9ZTnRQHCvkdw35QtbIm0Y9dWYuPr4lwvLms=
cf-bgj
minify
server
cloudflare
etag
W/"a73cfc5a6d9c52d39cf0d35b5c786275"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
68879d36af0e3b49-CDG
expires
Thu, 02 Sep 2021 18:01:31 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b70aa192cf670ffbccd24885ff71e159e03c809b890abe15e74cce9f497dd8e5

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1774
etag
W/"3e792b2dc76a5a063e1c4f30d40ae527"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
68879d367c512bc2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Sun, 05 Sep 2021 15:01:31 GMT
btn_close.gif
1.bp.blogspot.com/-_A83iDM6JYc/VhtxROLILrI/AAAAAAAADK4/aM4ikIA6aqI/s1600/ 		362 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-_A83iDM6JYc/VhtxROLILrI/AAAAAAAADK4/aM4ikIA6aqI/s1600/btn_close.gif
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 11:09:26 GMT
x-content-type-options
nosniff
age
13925
content-disposition
inline;filename="btn_close.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
362
x-xss-protection
0
server
fife
etag
"vcb0"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 25 Aug 2021 19:07:47 GMT
navigation.js
devil1.tk/wp-content/themes/hitmag/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-content/themes/hitmag/js/navigation.js?ver=20151215
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
ccabeb2cb5391e2956a1866ea45523a82f4117cbfc70e46b2aac5aaa6d3d359a

Request headers

:path
/wp-content/themes/hitmag/js/navigation.js?ver=20151215
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Wed, 02 Jun 2021 02:14:25 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1184
expires
Thu, 09 Sep 2021 15:01:31 GMT
skip-link-focus-fix.js
devil1.tk/wp-content/themes/hitmag/js/ 		683 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-content/themes/hitmag/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034

Request headers

:path
/wp-content/themes/hitmag/js/skip-link-focus-fix.js?ver=20151215
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Wed, 02 Jun 2021 02:14:25 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
329
expires
Thu, 09 Sep 2021 15:01:31 GMT
jquery.flexslider-min.js
devil1.tk/wp-content/themes/hitmag/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-content/themes/hitmag/js/jquery.flexslider-min.js?ver=5.8
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
8b2c3d7393c0c588c830ba08b65816fd313fc7e0095948423aaa45205196f6bf

Request headers

:path
/wp-content/themes/hitmag/js/jquery.flexslider-min.js?ver=5.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Wed, 02 Jun 2021 02:14:25 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6192
expires
Thu, 09 Sep 2021 15:01:31 GMT
scripts.js
devil1.tk/wp-content/themes/hitmag/js/ 		1 KB
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-content/themes/hitmag/js/scripts.js?ver=5.8
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
bc151b4badf02c641a4b27235f476a854c3db0a5371203731a58b3b181974f69

Request headers

:path
/wp-content/themes/hitmag/js/scripts.js?ver=5.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Wed, 02 Jun 2021 02:14:25 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
477
expires
Thu, 09 Sep 2021 15:01:31 GMT
jquery.magnific-popup.min.js
devil1.tk/wp-content/themes/hitmag/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-content/themes/hitmag/js/jquery.magnific-popup.min.js?ver=5.8
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

:path
/wp-content/themes/hitmag/js/jquery.magnific-popup.min.js?ver=5.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Wed, 02 Jun 2021 02:14:25 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7043
expires
Thu, 09 Sep 2021 15:01:31 GMT
wp-embed.min.js
devil1.tk/wp-includes/js/ 		1 KB
708 B 		Script
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 19:59:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
663
expires
Thu, 09 Sep 2021 15:01:31 GMT
page.js
static.addtoany.com/menu/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
116261
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Fri, 14 May 2021 06:41:59 GMT
server
cloudflare
etag
W/"14f2c-5c2448a7281f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=172800
cf-ray
68879d367ccb5b68-FRA
cf-bgj
minify
display.php
ayelads.xyz/ads/ Frame 86F7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ayelads.xyz/ads/display.php?ad=daLVZT3
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed / PHP/7.2.34
Resource Hash
719f1d8a1d984f7ec868ac9e36e0aac7162c9f8295aebb5b6575c52df60649d9

Request headers

:method
GET
:authority
ayelads.xyz
:scheme
https
:path
/ads/display.php?ad=daLVZT3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://devil1.tk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://devil1.tk/

Response headers

x-powered-by
PHP/7.2.34
set-cookie
PHPSESSID=d56370fe93d8226d063b752a2f75f0b1; path=/; secure AYID=%7B%22sec_to_refresh%22%3A1%2C%22time_ads%22%3A1630594891%2C%22ads_viewed%22%3A%5B%5D%7D; expires=Thu, 02-Sep-2021 16:01:31 GMT; Max-Age=3600; path=/; SameSite=None; Secure daLVZT3=%7B%22dataTag%22%3A%7B%22username%22%3A%22djenjoy30%22%2C%22site%22%3A%221693%22%2C%22domain%22%3A%22devil1.tk%22%2C%22startG%22%3A%220%22%2C%22tag%22%3A%22daLVZT3%22%2C%22status%22%3A%22Active%22%2C%22country%22%3A%22GB%22%2C%22device%22%3A%22Desktop%22%2C%22category%22%3A%2237%22%2C%22size%22%3A%22320x70%22%2C%22tRotate%22%3A0%7D%7D; expires=Thu, 02-Sep-2021 16:01:32 GMT; Max-Age=3600; path=/; SameSite=None; Secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
content-length
548
content-encoding
br
vary
Accept-Encoding
date
Thu, 02 Sep 2021 15:01:32 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
main.js
lunagyja.xyz/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lunagyja.xyz/main.js
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:e43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af94e0eaf997f74e8c2e07939881ace2500a1de4cf47353a4a7629b6cd1eb6ff

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Sep 2021 06:32:13 GMT
server
cloudflare
age
30558
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdjreHJf4Pe0CDxr9DS%2F6znbFKPoDwwHDzqjQ86SKUjqzvQd7itZ6kTrDT6Oo%2BRcdtXzPphYsqUW3Uz04nYJqVfD%2BW0dL4qkOHQGyrv%2FYnjybNKdlsqRBUPXl3iitg2I4%2BomkEloaIiLD5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400, s-maxage=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68879d3678db5c50-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
free.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=7e6cf9a1ad
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7e6cf9a1ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
etag
W/"390b4210e10c744c3c597500bcf0b31a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AQ8mryYdqXD%2B5eS6OEMfZ%2BYxgaHFUe5cWgYciTEmjplLIPxRejkEkGlXI3mXpAtode63Z3wLBSLLJjeerveguEkQpg9Ns%2FxebdgkWpJ9TQJBOe2Y0YDgBabwl4fXWPi70tvjn5JVKIRMVIpHv06Pw3p9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
68879d365cfc4e07-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
Y3XqW9WOSnLm9IC27zeUADCB6r9iH491Fu5U2sdLUQFs-QVoKj75AA==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=7e6cf9a1ad
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7e6cf9a1ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
via
1.1 fb49d852ca52c03c834ce98098b51517.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
etag
W/"8a99ce81ec2f89fbca03f2c8cf1a3679"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGda%2Fju50beJ3bN3SXXV3wFR1hVv4AlKlJ%2BAPqmYYRjHTuzgQeTb2jBtx4EortWrB%2BaaM5ouEA6OOYTesHHfq4GXXq1FDSRZPaON3duQbWn%2F4PA1Rfv1DBPLCAPAhmjrHjyPQGOcHz1%2F%2BjDsZnYmj%2B5kJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
68879d365cfd4e07-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
loEUNDRcStHQDR6IO_hZ7DC2rDdBAjeDaAynlfIhKXfV0usgohkbsw==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-font-face.min.css?token=7e6cf9a1ad
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7e6cf9a1ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
via
1.1 5c14dc328191a14142654d833f772c6d.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
etag
W/"22be82a519ceafc43258d8f58a37fcf5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVEWCz98wGVgwzDRWLCvJyaKKOG6gqE6%2F8Si3co5yzUqp2NI5MG8MteDMz8Vy6jz4MYIQTVBKp%2FmAGSYXp4eNgxXl0egLNzaS5GTsKSEWxqLiLWkYUttMINAMix7ucHm5VfdmxZzcwyp%2FLZquoHGWy6b3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
68879d365cff4e07-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
IPxpsSjn-itsrI-JHbfq6nMJyCwUVIJuHqXqglHCrW8gwZDsE2o3sg==
close.png
ayelads.com/res/files/images/ 		870 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ayelads.com/res/files/images/close.png
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium161-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
55fc896cba0f3d0a634bd0b580f72ad2445ca0e1545099b516a66c02e1a15109

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
last-modified
Fri, 12 Mar 2021 16:13:37 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
870
expires
Thu, 09 Sep 2021 15:01:31 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://devil1.tk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 17:38:06 GMT
x-content-type-options
nosniff
age
422605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Aug 2022 17:38:06 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://devil1.tk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 14:28:00 GMT
x-content-type-options
nosniff
age
174811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 14:28:00 GMT
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://devil1.tk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 19:48:38 GMT
x-content-type-options
nosniff
age
155573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28968
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:43 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 19:48:38 GMT
fontawesome-webfont.woff2
devil1.tk/wp-content/themes/hitmag/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://devil1.tk/wp-content/themes/hitmag/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: devil1.tk
URL: https://devil1.tk/wp-content/themes/hitmag/css/font-awesome.min.css?ver=4.7.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path
/wp-content/themes/hitmag/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
origin
https://devil1.tk
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
devil1.tk
referer
https://devil1.tk/wp-content/themes/hitmag/css/font-awesome.min.css?ver=4.7.0
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://devil1.tk
Referer
https://devil1.tk/wp-content/themes/hitmag/css/font-awesome.min.css?ver=4.7.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
last-modified
Wed, 02 Jun 2021 02:14:25 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
77160
expires
Thu, 09 Sep 2021 15:01:31 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://devil1.tk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 19:24:37 GMT
x-content-type-options
nosniff
age
70614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34260
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Sep 2022 19:24:37 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://devil1.tk
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 07:04:09 GMT
x-content-type-options
nosniff
age
460642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Aug 2022 07:04:09 GMT
Spider-Man-Venom-Sony-Marvel-Movies-Plan-Spumc-348x215.jpg
devil1.tk/wp-content/uploads/2021/07/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://devil1.tk/wp-content/uploads/2021/07/Spider-Man-Venom-Sony-Marvel-Movies-Plan-Spumc-348x215.jpg
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
6aacfe2f454c2afca448fcc5967cb0589f31452e1150ff774ae3eebdf36b60c0

Request headers

:path
/wp-content/uploads/2021/07/Spider-Man-Venom-Sony-Marvel-Movies-Plan-Spumc-348x215.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
last-modified
Mon, 26 Jul 2021 16:17:05 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
24886
expires
Thu, 09 Sep 2021 15:01:31 GMT
Fast-Furious-Biggest-Franchise-Box-Office-History-348x215.jpg
devil1.tk/wp-content/uploads/2021/07/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://devil1.tk/wp-content/uploads/2021/07/Fast-Furious-Biggest-Franchise-Box-Office-History-348x215.jpg
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
9a03331261eb3e1242caaee7dddc6aa7720d2359ca3ed3f4e15d879d0dedb198

Request headers

:path
/wp-content/uploads/2021/07/Fast-Furious-Biggest-Franchise-Box-Office-History-348x215.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
last-modified
Mon, 26 Jul 2021 15:57:45 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
23235
expires
Thu, 09 Sep 2021 15:01:31 GMT
Hobbs-Shaw-Return-Fast-Furious-10-348x215.jpg
devil1.tk/wp-content/uploads/2021/07/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://devil1.tk/wp-content/uploads/2021/07/Hobbs-Shaw-Return-Fast-Furious-10-348x215.jpg
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
ec5007b6af25df31a15328a773e07138685fee63a0536c938ec1cd3bf42da14d

Request headers

:path
/wp-content/uploads/2021/07/Hobbs-Shaw-Return-Fast-Furious-10-348x215.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
last-modified
Mon, 26 Jul 2021 13:49:25 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
17006
expires
Thu, 09 Sep 2021 15:01:31 GMT
sunil-shetty-348x215.jpg
devil1.tk/wp-content/uploads/2021/07/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://devil1.tk/wp-content/uploads/2021/07/sunil-shetty-348x215.jpg
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
981ff00d1a31174c7adc80baf6996caf0982080285f202a1d6370715afd09bee

Request headers

:path
/wp-content/uploads/2021/07/sunil-shetty-348x215.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
last-modified
Tue, 20 Jul 2021 05:47:18 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
14308
expires
Thu, 09 Sep 2021 15:01:31 GMT
A-Quiet-Place-3-Spinoff-Release-Date-Director-348x215.jpg
devil1.tk/wp-content/uploads/2021/06/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://devil1.tk/wp-content/uploads/2021/06/A-Quiet-Place-3-Spinoff-Release-Date-Director-348x215.jpg
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
1ba5924f915fdf51127250f875a47089f8f050f20aab2f47bd6ae761b433f189

Request headers

:path
/wp-content/uploads/2021/06/A-Quiet-Place-3-Spinoff-Release-Date-Director-348x215.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
last-modified
Mon, 07 Jun 2021 05:42:56 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
15245
expires
Thu, 09 Sep 2021 15:01:31 GMT
j6YQaiA-348x215.jpg
devil1.tk/wp-content/uploads/2021/06/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://devil1.tk/wp-content/uploads/2021/06/j6YQaiA-348x215.jpg
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
db98efc1409518145aafa0a336cb724866e04450b1844e44fed106ac70117b87

Request headers

:path
/wp-content/uploads/2021/06/j6YQaiA-348x215.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
last-modified
Mon, 07 Jun 2021 05:35:33 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13117
expires
Thu, 09 Sep 2021 15:01:31 GMT
reminiscence-poster-296x215.jpg
devil1.tk/wp-content/uploads/2021/06/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://devil1.tk/wp-content/uploads/2021/06/reminiscence-poster-296x215.jpg
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
c8857237c16452dfa079f30c9864f8ebff271993ec3d38c2076a108da5024a1b

Request headers

:path
/wp-content/uploads/2021/06/reminiscence-poster-296x215.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
last-modified
Sat, 05 Jun 2021 11:05:08 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
15300
expires
Thu, 09 Sep 2021 15:01:31 GMT
donnie-yen-348x215.jpg
devil1.tk/wp-content/uploads/2021/06/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://devil1.tk/wp-content/uploads/2021/06/donnie-yen-348x215.jpg
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
c98db98e18040227f56401648713d2ba16d2caedc11d1d85133bba18c81ba313

Request headers

:path
/wp-content/uploads/2021/06/donnie-yen-348x215.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
last-modified
Sat, 05 Jun 2021 10:31:29 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
14879
expires
Thu, 09 Sep 2021 15:01:31 GMT
Kurokos-Basketball-2-348x215.jpg
devil1.tk/wp-content/uploads/2021/06/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://devil1.tk/wp-content/uploads/2021/06/Kurokos-Basketball-2-348x215.jpg
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
168.119.143.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
pro.fastest-server.com
Software
LiteSpeed /
Resource Hash
0c212a8eb56787836a0b4d93aff1a1f0086b815e1007677a55ce18514097ea87

Request headers

:path
/wp-content/uploads/2021/06/Kurokos-Basketball-2-348x215.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
devil1.tk
referer
https://devil1.tk/?link=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://devil1.tk/?link=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
last-modified
Wed, 02 Jun 2021 06:12:23 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
28202
expires
Thu, 09 Sep 2021 15:01:31 GMT
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.3/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-brands-400.woff2
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ccf1652fc1d765e8baae449dfe64d9a4c826da326c03085eb8603a17a7e175d

Request headers

Origin
https://devil1.tk
Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
via
1.1 0341da327f4c4c49034aa07ebeeab1f1.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
76732
last-modified
Wed, 17 Mar 2021 02:28:17 GMT
server
cloudflare
etag
"f226ebb9ea1cc388279081a65b6a7bb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtJpc9G%2F9N%2Bq%2F6SV9aRuddA%2Bcqy%2F0GrEp%2Bf%2FGTMaPj6Q7Gdadx0ecY7X2wYEM7Vh%2F9oLS1NxdlqRD6fmKkrMKHVRa46I0bVRKk9DU2soosT%2FfYZ4eJ4p7MeGwHPTEygwI37LrZ93xwflKdUSCUASGYk8VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
68879d3748bf5bdd-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
lnwsqsP9oiU5wjjiqr6efif9gZkp_FFM8cvTp-oBwYNPCh2s7B0QMw==
icons.29.svg.js
static.addtoany.com/menu/svg/ 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons.29.svg.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
via
e3s
x-content-type-options
nosniff
cf-cache-status
HIT
age
826111
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 31 Dec 2018 23:29:11 GMT
server
cloudflare
etag
W/"13937-57e59c7b88bd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
cf-ray
68879d376ffb1772-FRA
cf-bgj
minify
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-199645029-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5352
date
Thu, 02 Sep 2021 13:32:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 02 Sep 2021 15:32:19 GMT
js
www.googletagmanager.com/gtag/ 		129 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KHCBSQ6P2T&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-199645029-1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1398bc24c57a160011df88a16f9314914f69ccc752561416170c9eaaff711d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51751
x-xss-protection
0
expires
Thu, 02 Sep 2021 15:01:31 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-KHCBSQ6P2T&gtm=2oe8u0&_p=829698696&sr=1600x1200&ul=en-us&cid=1209158761.1630594891&_s=1&dl=https%3A%2F%2Fdevil1.tk%2F%3Flink%3D&dt=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&sid=1630594891&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHCBSQ6P2T
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://devil1.tk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.php
adsrv.adcryp.to/display/ Frame 2AAC 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=2030&pid=384&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=345&page_data=05eeddbbbd9eaeda04512934a026412f&time=1630594891&deliver=devil1.tk&search_keywords=&page_referrer=aHR0cHM6Ly9kZXZpbDEudGsvP2xpbms9&page_title=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&meta_description=World%20Best%20website%20for%20Movies
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/items.php?2030&384&300&250&4&0&0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
5265022b500e12fce2fb8bb9822031ea4bd9fdc3996e19326840967f60ab12e1

Request headers

Host
adsrv.adcryp.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://devil1.tk/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://devil1.tk/

Response headers

Server
nginx
Date
Thu, 02 Sep 2021 15:01:31 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=829698696&t=pageview&_s=1&dl=https%3A%2F%2Fdevil1.tk%2F%3Flink%3D&ul=en-us&de=UTF-8&dt=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAAC~&jid=671011628&gjid=1549208054&cid=1209158761.1630594891&tid=UA-199645029-1&_gid=248431438.1630594891&_r=1&gtm=2ou8u0&did=dZTNiMT&z=330754557
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://devil1.tk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.3/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-solid-900.woff2
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065eb3954b9ea8584f535ede5b5c563383c3b40e4e0344f75a02c4bf3200314b

Request headers

Origin
https://devil1.tk
Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
via
1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
78212
last-modified
Wed, 17 Mar 2021 02:28:18 GMT
server
cloudflare
etag
"4e463cfb29c596ba3bb8b0c2469914e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0xR3FP2v%2BeWIHlyXz9WBkOf6YsKevkQrnqGUciyq39GmuwLTzpiWdCDJe6GI2MbEQaeHAX1wJtB6jTho33%2BIEUWyTLG8%2Fj9Am4YabSu%2B%2Faeo9rav8Ff5D2O%2F7wZp2mSqZNsEJK9gGeVrRrTh73%2BuDj3eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
68879d3799425bdd-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
vZfeuc_cvNK6EFEKJZjCuifdeL2difHEkb2pb3pIsA0ldo0aAzzALg==
devil1.tk.1146671.es6.js
jsc.mgid.com/d/e/ 		230 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/d/e/devil1.tk.1146671.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/e/devil1.tk.1146671.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6fe2fcad644db10f26aeb0dc14b04b3cf64cc7ce65faa61ff84bb0cc0234aef

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
A1Y103W2A2MPMHX7
last-modified
Mon, 30 Aug 2021 10:36:51 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2
UoFj8y3J1kIrCF0TTJ5H7sGbvAPBYrAuJwChaeTPhJemftijWl9sAdiK3o2v4Q/o/AlvFJg6+3Q=
cf-bgj
minify
server
cloudflare
etag
W/"3691d6ef61516209d3ecf57aedc0d151"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
68879d37eb133a53-CDG
expires
Thu, 02 Sep 2021 18:01:31 GMT
devil1.tk.1130710.es6.js
jsc.adskeeper.com/d/e/ 		225 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.adskeeper.com/d/e/devil1.tk.1130710.es6.js
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/d/e/devil1.tk.1130710.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
069272f8c901041fb62d15c1634e38289a8efb54468d5b5a6269d1d90a814bea

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
289FSQA7T7T1GZT6
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
66511
x-amz-id-2
6EDuvJIwFvOjBJzMKZPLvc+X/Y+qwcPS1niM/IPHoxTZ37ISh6T6i3Hw8EvpRJI0tzRl7xZ7GkM=
last-modified
Mon, 30 Aug 2021 10:45:17 GMT
server
cloudflare
etag
"9ec3e44269bec0660f57dcb74076c343"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68879d399fa33fea-CDG
expires
Thu, 02 Sep 2021 19:01:31 GMT
devil1.tk.1146656.es6.js
jsc.mgid.com/d/e/ 		230 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/d/e/devil1.tk.1146656.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/e/devil1.tk.1146656.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
907c9954f0a31bc44416cc713564fd620c2e1c8cbc814d09980d0fc0ee6d1cb2

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
A1Y2KVDCAREY845G
last-modified
Mon, 30 Aug 2021 10:35:32 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2
LBQWnNSbQFXhyJxFvJdX7T0C/RWSyJOH9G710YuxU+PRHMNJw6W7e262GgaZi12/KHfLUHr/IZ8=
cf-bgj
minify
server
cloudflare
etag
W/"eb08cf30422b06f3f10964a80a19f4d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
68879d399df23a53-CDG
expires
Thu, 02 Sep 2021 18:01:31 GMT
items.php
ayelads.xyz/display/ Frame 7568 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ayelads.xyz/display/items.php?ad=daw1kJm&s=1
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed / PHP/7.2.34
Resource Hash
c473152fa04af4333519ef15e316b48bc46843c5b17a6bce3332b73f2bd8f9d3

Request headers

:method
GET
:authority
ayelads.xyz
:scheme
https
:path
/display/items.php?ad=daw1kJm&s=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://devil1.tk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://devil1.tk/

Response headers

x-powered-by
PHP/7.2.34
set-cookie
PHPSESSID=f0036d60a6a309edc6b29449dfd65a40; path=/; secure AYID=%7B%22sec_to_refresh%22%3A3%2C%22time_ads%22%3A1630594892%2C%22ads_viewed%22%3A%5B%5D%7D; expires=Thu, 02-Sep-2021 16:01:32 GMT; Max-Age=3600; path=/; SameSite=None; Secure daw1kJm=%7B%22dataTag%22%3A%7B%22username%22%3A%22djenjoy30%22%2C%22site%22%3A%221693%22%2C%22domain%22%3A%22devil1.tk%22%2C%22startG%22%3A%220%22%2C%22tag%22%3A%22daw1kJm%22%2C%22status%22%3A%22Active%22%2C%22country%22%3A%22GB%22%2C%22device%22%3A%22Desktop%22%2C%22category%22%3A%2237%22%2C%22size%22%3A%22728x90%22%2C%22banners%22%3A%7B%22rt%22%3A%5B1%2C2%2C3%5D%2C%22id%22%3A%5B%222278%22%2C%222198%22%2C%221858%22%5D%7D%2C%22tRotate%22%3A3%7D%7D; expires=Thu, 02-Sep-2021 16:01:32 GMT; Max-Age=3600; path=/; SameSite=None; Secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
content-length
602
content-encoding
br
vary
Accept-Encoding
date
Thu, 02 Sep 2021 15:01:32 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
roundtrip.js
s.adroll.com/j/FGSYSKTLJNHG3MJYOTGNVJ/ 		42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/FGSYSKTLJNHG3MJYOTGNVJ/roundtrip.js
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64eae82b36b98c619e9fcac8dd70e9be77aeb7c21dc8f7a2e8eb14a8464e9582

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 02 Sep 2021 15:01:33 GMT
Via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P5
X-Amz-Server-Side-Encryption
AES256
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
43303
Last-Modified
Wed, 01 Sep 2021 14:04:31 GMT
Server
AmazonS3
Etag
"a75c0db2f65a30ebeb56240712677f8f"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
X-Amz-Version-Id
zIIlUjFaQaaBHoIrRTfxjmCEeXRXV8Gz
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
rI_jueH3mPTkFVNyk0wnettEeV4TRIpd89a8N4dJTpK28QaKiNr5fQ==
2764.svg
s.w.org/images/core/emoji/13.1.0/svg/ 		368 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/13.1.0/svg/2764.svg
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Thu, 02 Sep 2021 15:01:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 07 Jun 2021 18:54:48 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=315360000
accept-ranges
bytes
content-length
368
expires
Thu, 31 Dec 2037 23:55:55 GMT
w40uw5cQw4_CpcKyw5kzwoPCk8KXdDPCtsOl.html
api.lunagyja.xyz/register/_fa7cdd4c68507744/XXv-Qee_kbby8v9wRh7LynLmJd49Ng/ Frame FD8D
Redirect Chain
  • https://lunagyja.xyz/supply/register?iid=w40uw5cQw4_CpcKyw5kzwoPCk8KXdDPCtsOl
  • https://api.lunagyja.xyz/register/_fa7cdd4c68507744/XXv-Qee_kbby8v9wRh7LynLmJd49Ng/w40uw5cQw4_CpcKyw5kzwoPCk8KXdDPCtsOl.html
401 B
500 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.lunagyja.xyz/register/_fa7cdd4c68507744/XXv-Qee_kbby8v9wRh7LynLmJd49Ng/w40uw5cQw4_CpcKyw5kzwoPCk8KXdDPCtsOl.html
Requested by
Host: lunagyja.xyz
URL: https://lunagyja.xyz/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:e43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04fbaf3db6fc7fed38bb7a0b3a790800d8f9c2f3e0c34bcce1db44376ce65fa

Request headers

:method
GET
:authority
api.lunagyja.xyz
:scheme
https
:path
/register/_fa7cdd4c68507744/XXv-Qee_kbby8v9wRh7LynLmJd49Ng/w40uw5cQw4_CpcKyw5kzwoPCk8KXdDPCtsOl.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://devil1.tk/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tid=XXv-Qee_kbby8v9wRh7LynLmJd49Ng
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://devil1.tk/

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=0, private, s-maxage=0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2Fl2MZqCyNji5Yx0i6KlnN6bVJd25maq2BofTahUtRhc4TdTPVf%2BGM7C1u0g09xaY4ofjG9X2hjWKJWLLeCKifEK0cW8yYKgx5z6ir7QtwxxU%2BbfTSraUgwY2rDlrOjJFdUTOi10nyz%2Bl8skotoo"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68879d39c9d15c50-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Thu, 02 Sep 2021 15:01:31 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=0, no-transform, private
p3p
CP="CAO OUR"
etag
"Nj3eJeZyysseRnD_8vK2kb_nQf57XQ"
last-modified
Thu, 02 Sep 2021 15:01:31 GMT
location
https://api.lunagyja.xyz/register/_fa7cdd4c68507744/XXv-Qee_kbby8v9wRh7LynLmJd49Ng/w40uw5cQw4_CpcKyw5kzwoPCk8KXdDPCtsOl.html
set-cookie
tid=XXv-Qee_kbby8v9wRh7LynLmJd49Ng; expires=Sat, 02-Oct-2021 15:01:31 GMT; Max-Age=2592000; path=/; domain=lunagyja.xyz; secure; httponly; samesite=none
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGhbBm9hKSXnuNljlhHivTGYxRyfIXLo0tlD861IlBDi4xowuD%2FLqPbHNl%2F%2B3iztS4NgE907jyISY24DqODueIHwXxxRJE8Qwyn587Wfb%2F0hqrAAqBihIgRTJw9Qoh4eEHpXRj6UuiQ85Ek%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68879d39a96d5c50-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
c.mgid.com/pv/ 		0
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=163059489187914734763&uniqId=172f3&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fdevil1.tk%2F&lu=https%3A%2F%2Fdevil1.tk%2F%3Flink%3D&sessionId=6130e74c-13cf0&pageView=1&pvid=17ba70780689dada800&site=697072&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/e/devil1.tk.1146671.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
68879d3a4cdd3b49-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:31 GMT
cf-cache-status
HIT
age
6918
cf-ray
68879d3abb5d082c-CDG
content-length
2745
x-amz-id-2
fnH2u+hjDLQuuNxvdsSKDL9j1x+86YuLEwfuzDWd7mADhN60ZSpUsEEgI+VeTZDGe/4UJ+Ov5HA=
last-modified
Mon, 04 May 2020 12:16:55 GMT
server
cloudflare
etag
"7e16c555b09abddb8088e5bfca7a1cde"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
PVSZQ8Y7J3AQM4H2
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/png
expires
Thu, 02 Sep 2021 19:01:31 GMT
find
lunagyja.xyz/supply/ 		2 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lunagyja.xyz/supply/find?aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzQwdXc1Y1F3NF9DcGNLeXc1a3p3b1BDazhLWGREUEN0c09sDTEJMA0yCTE2MDANMwkxMjAwDTQJaHR0cHM6Ly9kZXZpbDEudGsvP2xpbms9DTUJDTYJDTcJMAoyCTMwMA0zCTI1MA04CWU5ZTdiYmFmNmFiMDRhODhiNDA5ZTQ1YTFkYmY0N2ZmCjIJMzAwDTMJMjUwDTgJZTllN2JiYWY2YWIwNGE4OGI0MDllNDVhMWRiZjQ3ZmYKMgkzMDANMwkyNTANOAllOWU3YmJhZjZhYjA0YTg4YjQwOWU0NWExZGJmNDdmZg
Requested by
Host: lunagyja.xyz
URL: https://lunagyja.xyz/main.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:e43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqsCvygNCy%2BO90kQq1ycGyIb%2FAjKXl1ULDQhzCzI73cEhpCOmiseTrVHISrGNLCiOuAsn7%2BmonE1llVhWba7L7N%2FlO%2B3oV0TSkzLbWKhLORUxjgmgdzvOpVYZQ226Egcmxf%2BpEeH2sNSUNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://devil1.tk
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
68879d3ac8970610-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
jquery.min.js
adsrv.adcryp.to/display/js/ Frame 2AAC 		243 KB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsrv.adcryp.to/display/js/jquery.min.js
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=2030&pid=384&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=345&page_data=05eeddbbbd9eaeda04512934a026412f&time=1630594891&deliver=devil1.tk&search_keywords=&page_referrer=aHR0cHM6Ly9kZXZpbDEudGsvP2xpbms9&page_title=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&meta_description=World%20Best%20website%20for%20Movies
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=2030&pid=384&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=345&page_data=05eeddbbbd9eaeda04512934a026412f&time=1630594891&deliver=devil1.tk&search_keywords=&page_referrer=aHR0cHM6Ly9kZXZpbDEudGsvP2xpbms9&page_title=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&meta_description=World%20Best%20website%20for%20Movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 02 Sep 2021 15:01:31 GMT
Last-Modified
Mon, 01 Feb 2021 03:21:38 GMT
Server
nginx
ETag
"601773c2-3cd47"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
249159
data.png
adcryp.to/images/ Frame 2AAC 		931 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adcryp.to/images/data.png
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=2030&pid=384&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=345&page_data=05eeddbbbd9eaeda04512934a026412f&time=1630594891&deliver=devil1.tk&search_keywords=&page_referrer=aHR0cHM6Ly9kZXZpbDEudGsvP2xpbms9&page_title=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&meta_description=World%20Best%20website%20for%20Movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14146587
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
931
last-modified
Tue, 08 Dec 2020 05:01:21 GMT
server
cloudflare
etag
"5fcf08a1-3a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFp3BL%2FCVfO1EmkMoeRH3VLighS53iG6TNRsjfUwPxsRQFWJ397nqH7U%2FscNbC2bzZsIXpbfbpQt7EVyp72yOd6Y%2Ba1PXwizhBZ%2BHFaBioi88BsSjFj6qRGGIROV0tDxGeWvvwQpfx4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
68879d3b0c8c5c2c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2-icon-1608319564.png
adcryp.to/upload/credit/ Frame 2AAC 		658 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adcryp.to/upload/credit/2-icon-1608319564.png
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=2030&pid=384&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=345&page_data=05eeddbbbd9eaeda04512934a026412f&time=1630594891&deliver=devil1.tk&search_keywords=&page_referrer=aHR0cHM6Ly9kZXZpbDEudGsvP2xpbms9&page_title=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&meta_description=World%20Best%20website%20for%20Movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56433dd803d523690979ccabb62f994561e71abdef50befdd4158150d7e910de

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12107124
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
658
last-modified
Fri, 18 Dec 2020 19:26:04 GMT
server
cloudflare
etag
"5fdd024c-292"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEJp7L7WqA17%2Fweln69GBb7ov6ZwZ33KXUH6OktEnTya6NuC3Y6ZDo3GVvRiXVvWRP2Jz6OLoAE5S1E%2FzSK2wIYCGxhDVDMVw%2FRn5E836ccVUA%2BggFMvTx3krNmxmmC2Fy5xUGsg9d0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
68879d3b1cb75c2c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2-1608315204.jpg
adcryp.to/upload/credit/ Frame 2AAC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adcryp.to/upload/credit/2-1608315204.jpg
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=2030&pid=384&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=345&page_data=05eeddbbbd9eaeda04512934a026412f&time=1630594891&deliver=devil1.tk&search_keywords=&page_referrer=aHR0cHM6Ly9kZXZpbDEudGsvP2xpbms9&page_title=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&meta_description=World%20Best%20website%20for%20Movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a50a51f56ae3a8194fd3e1d8b86d8a5d0efdf921296bffeaac46fbe240c529ec

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
825996
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1805
last-modified
Fri, 18 Dec 2020 18:13:24 GMT
server
cloudflare
etag
"5fdcf144-70d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7z4JeAk%2BX0pIRfufrWi5fFckZmZCo7VI8%2BeO%2FNw7dL7gnmCBBD2zmMP%2BgZnZlzus1W0ZR%2F3bLcE2QvrKjWo0ean32PYgcFEgy%2BvIJ7cP7binebA9MT7ESUSLcqC2CuaGc1NvAQmoE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
68879d3d197a5c2c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
adcryp.to/ Frame CB74 		1 KB
990 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=2030&pid=384&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=345&page_data=05eeddbbbd9eaeda04512934a026412f&time=1630594891&deliver=devil1.tk&search_keywords=&page_referrer=aHR0cHM6Ly9kZXZpbDEudGsvP2xpbms9&page_title=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&meta_description=World%20Best%20website%20for%20Movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
6a28994527f98623c184fad7aa64175760ac26bf6efef79a40c75f946264f5df

Request headers

:method
GET
:authority
adcryp.to
:scheme
https
:path
/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsrv.adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://adsrv.adcryp.to/

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.25
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQGaiP6alxTsOVJiJZOWWyzzrrGObJQYVJHlp7nzIzIBCHnWERcskO0N%2BuQ15RqVyI0SL3W1yNzo4P7lMfpX2z1TfN7k%2BnpOBnszf0qFjbDacER1S3%2BdumpREflzw5U9WVAB2zWzN04%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68879d3d197b5c2c-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1
servicer.mgid.com/1146671/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1146671/1?pv=5&cbuster=1630594892154629609934&uniqId=172f3&niet=4g&nisd=false&jsv=es6&w=344&h=166&p1_w=344&p1_h=150&maxw_1=300&maxh_1=250&cols=1&ref=&cxurl=https%3A%2F%2Fdevil1.tk%2F&lu=https%3A%2F%2Fdevil1.tk%2F%3Flink%3D&sessionId=6130e74c-13cf0&pageView=1&pvid=17ba70780689dada800&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/e/devil1.tk.1146671.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcc4c9d7aff54a519ca75682a7b12bcdd1a626d211dc9ddd0891fbb0fcaec1ec

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
68879d3c0f7c3b49-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
mgWidget_1.11.43.js
cdn.steepto.com/js/wglibs/ 		333 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.steepto.com/js/wglibs/mgWidget_1.11.43.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/e/devil1.tk.1146671.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d6d7c6672496b8581727ace0d23415516ad3740609573cb30138dad68dcc72

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
cf-cache-status
HIT
age
1419
last-modified
Tue, 31 Aug 2021 10:29:39 GMT
x-amz-request-id
QC44FQHV5Y6YSCPN
x-amz-id-2
8oZ0oJ1BZ+Hcz+mI7+fRvFect9hkRV7Cc2fJIKCzoANloF/zbpYjaV/1h8hK9nk3YvDW9dEOPTQ=
cf-bgj
minify
server
cloudflare
etag
W/"d1681da9425370f72d261009b7f67248"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
68879d3cae3e082c-CDG
expires
Thu, 02 Sep 2021 19:01:32 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp
s-img.steepto.com/g/8164911/492x277/32x5x928x618/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8164911/492x277/32x5x928x618/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp?v=1630594892-h0R97I6ViZdPLG0kR8gnwd7diAK4Z4ExV4bZJuOr2uU
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.139.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be634f677ccb5ec45c00ec648b8b47529b36779c1888da92e8a6876f5a8decc7

Request headers

Origin
https://devil1.tk
Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
MISS
last-modified
Tue, 11 May 2021 10:29:43 GMT
x-mg-request-uuid
ace2dc98-1ff6-4d1e-9e4e-446e7c7a8bf6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
68879d3cdb973a29-CDG
content-length
5990
server
cloudflare
i.js
cm.steepto.com/ 		130 B
270 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.steepto.com/i.js?&cbuster=1630594892300984748067
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/e/devil1.tk.1146671.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
cf-cache-status
MISS
x-mg-request-uuid
a7db12b1-da84-44d9-822c-23c5612bd827
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
68879d3ceea3082c-CDG
server
cloudflare
i-noref.js
cm.steepto.com/ Frame B58A 		19 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.steepto.com/i-noref.js?cbuster=1630594892327991586877
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/e/devil1.tk.1146671.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
MISS
x-mg-request-uuid
0498a36d-bd5d-4554-8242-ec2f2de00521
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
68879d3d1ee9082c-CDG
content-length
19
server
cloudflare
outstream.css
video-native.steepto.com/mgPlayer/css/1.11/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.steepto.com/mgPlayer/css/1.11/outstream.css
Requested by
Host: cdn.steepto.com
URL: https://cdn.steepto.com/js/wglibs/mgWidget_1.11.43.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d2f589c367232cf6c419f82020168f2b9b2fb839783ef91f17d60dc4a75ebeb9

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
gzip
last-modified
Mon, 29 Mar 2021 10:44:50 GMT
server
nginx
etag
"4a15-5beaa923f66ec-gzip"
vary
Accept-Encoding
x-cached-since
2021-07-30T05:57:52+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
2730
expires
Sat, 30 Jul 2022 05:57:52 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/e/devil1.tk.1146671.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 13:22:43 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
91554
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
Icw-oR8-SQ8OhEY3yHZu-QszUvvT4xbn1ROY9GLzbik6uSN4uMyUhA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame CB74 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
474e859980c8fcd0f6fc886baa8da167a5010840e0a76009bc2380ea924bae5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"975 / 18 of 1000 / last-modified: 1630580995"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25703
x-xss-protection
0
expires
Thu, 02 Sep 2021 15:01:32 GMT
invisible.js
adcryp.to/cdn-cgi/challenge-platform/h/g/scripts/ Frame CB74 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adcryp.to/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1865b9843b0b9c7a5d6942506209a3b62014b283f6e929f0f0cd241d51aa6db

Request headers

Referer
https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hn4BzXfbhkaO6QVNKR8%2BKzdUiSnRke3UOZEmCxxr33ju5WLIs2vmGRwGqccfOJWxQvgMa7cllf%2FFNDKGOzNEjozg5%2FiSoUlYJKP%2F8yyYU8BdDllnME2SbOCF2S8DALdSqJS41hWqitE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
68879d3f8ff45c2c-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
c.adskeeper.com/pv/ 		0
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adskeeper.com/pv/?pv=5&cbuster=1630594892423650686228&uniqId=0420f&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fdevil1.tk%2F&lu=https%3A%2F%2Fdevil1.tk%2F%3Flink%3D&sessionId=6130e74c-13cf0&pageView=1&pvid=17ba70780689dada800&site=697068&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/d/e/devil1.tk.1130710.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
68879d3dbed13fea-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
bootstrap.min.css
ayelads.xyz/ads/blogs/page/assets/css/plugins/ Frame 86F7 		156 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/plugins/bootstrap.min.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=daLVZT3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=daLVZT3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
last-modified
Sun, 03 May 2020 10:45:06 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
21341
expires
Thu, 09 Sep 2021 15:01:32 GMT
animate.min.css
ayelads.xyz/ads/blogs/page/assets/css/plugins/ Frame 86F7 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/plugins/animate.min.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=daLVZT3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
04fda2ef451c89e4f7e2dcd0eb500f6d53ab1b4be3dd2dc33481ae8e09ff5582

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=daLVZT3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
last-modified
Tue, 24 Mar 2020 10:24:04 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
2503
expires
Thu, 09 Sep 2021 15:01:32 GMT
fontawesome.css
ayelads.xyz/ads/blogs/page/assets/css/plugins/ Frame 86F7 		97 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/plugins/fontawesome.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=daLVZT3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
d96061cedb4ea4c0910f9399fc43c897e5e64609c531ddb6e06aa852476e0abf

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=daLVZT3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
last-modified
Sun, 15 Mar 2020 11:49:06 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
16241
expires
Thu, 09 Sep 2021 15:01:32 GMT
modal-video.min.css
ayelads.xyz/ads/blogs/page/assets/css/plugins/ Frame 86F7 		2 KB
737 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/plugins/modal-video.min.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=daLVZT3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
a6bb15a4ba4beb9df438b7a9d80fabb63b8133c414b993b355cab1a2d22c933b

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=daLVZT3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
last-modified
Thu, 05 Jul 2018 18:08:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
508
expires
Thu, 09 Sep 2021 15:01:32 GMT
owl.carousel.css
ayelads.xyz/ads/blogs/page/assets/css/plugins/ Frame 86F7 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/plugins/owl.carousel.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=daLVZT3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
87b34f2c1c4c30f70478efc10c6c026f9311019f028157314717e6ddfa4c1f4b

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=daLVZT3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
last-modified
Wed, 01 Mar 2017 03:43:12 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1005
expires
Thu, 09 Sep 2021 15:01:32 GMT
slick.css
ayelads.xyz/ads/blogs/page/assets/css/plugins/ Frame 86F7 		2 KB
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/plugins/slick.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=daLVZT3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=daLVZT3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
last-modified
Tue, 26 Nov 2019 15:55:18 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
483
expires
Thu, 09 Sep 2021 15:01:32 GMT
stellarnav.css
ayelads.xyz/ads/blogs/page/assets/css/plugins/ Frame 86F7 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/plugins/stellarnav.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=daLVZT3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
c016b1105987478ad49e8706100461eb859767769103bce14584e781512c83fe

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=daLVZT3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
last-modified
Mon, 15 Jun 2020 07:45:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
3053
expires
Thu, 09 Sep 2021 15:01:32 GMT
theme.css
ayelads.xyz/ads/blogs/page/assets/css/ Frame 86F7 		278 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ayelads.xyz/ads/blogs/page/assets/css/theme.css
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=daLVZT3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium160-1.web-hosting.com
Software
LiteSpeed /
Resource Hash
a00f405459223ccbe7cbd89727a81da3c7e0c2a416799065f32d957e225103d8

Request headers

Referer
https://ayelads.xyz/ads/display.php?ad=daLVZT3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
last-modified
Fri, 26 Jun 2020 19:25:16 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
27625
expires
Thu, 09 Sep 2021 15:01:32 GMT
kisspng-free-bitcoin-miner-earn-btc-maker-free-bitcoin-m-5af870345bfde7.7572209215262310923768.jpg
icon2.cleanpng.com/20180513/scq/ Frame 86F7 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icon2.cleanpng.com/20180513/scq/kisspng-free-bitcoin-miner-earn-btc-maker-free-bitcoin-m-5af870345bfde7.7572209215262310923768.jpg
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/display.php?ad=daLVZT3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:2613 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72cd6f7f43a4c30fbdc0c43f61a659796e73d2aa33b768bcab2c38c019a4e0c0

Request headers

Referer
https://ayelads.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
281649
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
11287
last-modified
Sun, 13 May 2018 17:04:52 GMT
server
cloudflare
etag
"5af87034-2c17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjIm6ClNnoCl1hG4RQi3R%2FRNqFh47Kn0OlpIw%2FAem7Rd2l0HCIJDceHq7bwSC3OSFO5rFkZ%2BVuB%2FCpBgoGqbwBPAS5nNmD56sPLzRHVrOOpyid6OA%2BC5nb87%2BgvMY5gCQx3YMNHYuszTLB0EvgInyKA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
68879d3ddb645c8c-FRA
expires
Thu, 09 Sep 2021 08:47:23 GMT
adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
cf-cache-status
HIT
age
6988
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
TDFPK96NXRT58XZ2
x-amz-id-2
wTo3X/MdxfmF73uhKCe6wR8X+ODEzfsnVtAfm+WhdxF2jei+cvIsb6mLldSiP66koaRPX+KiyDw=
last-modified
Tue, 08 Dec 2020 08:34:59 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag
W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
68879d3e09c932a7-CDG
expires
Thu, 02 Sep 2021 19:01:32 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=120&ns__t=1630594892450&ns_c=UTF-8&cv=3.5&c8=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&c7=https%3A%2F%2Fdevil1.tk%2F%3Flink%3...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=120&ns__t=1630594892450&ns_c=UTF-8&cv=3.5&c8=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&c7=https%3A%2F%2Fdevil1.tk%2F%3Flink%...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=120&ns__t=1630594892450&ns_c=UTF-8&cv=3.5&c8=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&c7=https%3A%2F%2Fdevil1.tk%2F%3Flink%3D&c9=
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
HnKbGFBPM8WRiPgpvUh_LpbmtjtLg18F1EzAo8Z-eJ-Tje0VWwpf5Q==

Redirect headers

date
Thu, 02 Sep 2021 15:01:32 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=120&ns__t=1630594892450&ns_c=UTF-8&cv=3.5&c8=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&c7=https%3A%2F%2Fdevil1.tk%2F%3Flink%3D&c9=
content-length
225
x-amz-cf-id
yC9rM178Y5nDkLS3NfGS-QuLCIanSGdTO11pHtagLLY0-8b5cfNCsA==
1
servicer.mgid.com/1146656/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1146656/1?w=1120&h=269&p3_w=268&p3_h=232&maxw_3=268&maxh_3=232&cols=4&pv=5&cbuster=1630594892470594788957&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fdevil1.tk%2F&lu=https%3A%2F%2Fdevil1.tk%2F%3Flink%3D&sessionId=6130e74c-13cf0&pageView=0&pvid=17ba70780689dada800&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/d/e/devil1.tk.1146656.es6.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a32293450d9ff5cf4cd843b091cac6d02c78a75ed9f629bd147fb7debe46cde1

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
68879d3dfbb33a53-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1146671
servicer.mgid.com/vpaid/ 		849 B
923 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/vpaid/1146671
Requested by
Host: cdn.steepto.com
URL: https://cdn.steepto.com/js/wglibs/mgWidget_1.11.43.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18fb43085bb97839abd02d377fbbd118197d6a7e01a26ac6fea27e319348591a

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-type
text/xml; charset=utf-8
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://devil1.tk
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
68879d3e8c603a53-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=4542317b-e924-4479-938c-67d3b456f7eb&ttl=1633186894
43 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=4542317b-e924-4479-938c-67d3b456f7eb&ttl=1633186894
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:34 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
752276df-b0f1-4575-b4ae-0d77ca1875cf
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
68879d4ad8293b49-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare

Redirect headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:34 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=4542317b-e924-4479-938c-67d3b456f7eb&ttl=1633186894
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.steepto.com/g/8164883/492x328/0x0x492x328/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8164883/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1630594892-nucWBzOFyWdJZKrBVIC1Pi8SxWgbFUi7IksprPKleQw
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.139.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63c2e07501d472fb7b360f00b8eae5dc9908378b75f54a1169916801e09cf45

Request headers

Origin
https://devil1.tk
Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
MISS
last-modified
Tue, 11 May 2021 10:44:01 GMT
x-mg-request-uuid
43753bd0-a792-4495-aa19-aabfd95253e7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
68879d3e9e6f3a29-CDG
content-length
12446
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.steepto.com/g/8193525/492x328/0x311x684x456/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8193525/492x328/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1630594892-SqrBidM7qV3sbQC9_ei0ZJ86KtfbmTYfG-2PewMPsQI
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.139.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed6f53bbe2887a04797000ea4fb50051fd5d302ef46a27c369bce51f7f4a159

Request headers

Origin
https://devil1.tk
Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
MISS
last-modified
Tue, 11 May 2021 10:43:31 GMT
x-mg-request-uuid
5025df76-d544-4d0e-b381-bf2cb20e8031
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
68879d3e9e723a29-CDG
content-length
16586
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp
s-img.steepto.com/g/8164889/492x328/0x124x565x376/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8164889/492x328/0x124x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1630594892-hwtVAfy9OEUFzsiXF_tc7jAkykV1tN-y2Vl-iHDOK-4
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.139.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db84011ba1ac25770ed500dadf860e1d7165f0a398a565acd32ca8bc174db7b6

Request headers

Origin
https://devil1.tk
Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
MISS
last-modified
Tue, 11 May 2021 10:43:54 GMT
x-mg-request-uuid
e2648fd0-908d-453d-8f14-a1ca056d45b6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
68879d3e9e753a29-CDG
content-length
18240
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp
s-img.steepto.com/g/8164868/492x328/0x183x565x376/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8164868/492x328/0x183x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp?v=1630594892-oxZAAPiXSHVnEbWigwBxDvsek4nhwcakJgmc-K0D2L0
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.139.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e492ce66701389be1427ccf0c669df569ea89a86db96f09319d656dad10d7e7

Request headers

Origin
https://devil1.tk
Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
MISS
last-modified
Tue, 11 May 2021 10:53:40 GMT
x-mg-request-uuid
cd741a6c-2de0-4406-b383-f4eb6fcd8c83
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
68879d3e9e763a29-CDG
content-length
21824
server
cloudflare
js
www.googletagmanager.com/gtag/ Frame 7568 		129 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-16QSGVS5Y8
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/display/items.php?ad=daw1kJm&s=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d8a67d3d7e68e8ede8a013c09259ea0012d809061c046cb0e5ed2f6c96d83445
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ayelads.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51777
x-xss-protection
0
expires
Thu, 02 Sep 2021 15:01:32 GMT
logo_ad1.png
ayelads.com/page/image/ Frame 7568 		503 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ayelads.com/page/image/logo_ad1.png
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/display/items.php?ad=daw1kJm&s=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.235.250 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium161-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d

Request headers

Referer
https://ayelads.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
last-modified
Fri, 27 Nov 2020 10:25:31 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
503
expires
Thu, 09 Sep 2021 15:01:32 GMT
banners.php
nex-url.cyou/page/ Frame A0DA 		1014 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nex-url.cyou/page/banners.php?size=728x90_adlane
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/display/items.php?ad=daw1kJm&s=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.141.47 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium212-3.web-hosting.com
Software
LiteSpeed / PHP/7.2.34
Resource Hash
cdd3fa9c01abbfc301f745c703f9ba01281f0063153bea0f311a8933d24e8426

Request headers

:method
GET
:authority
nex-url.cyou
:scheme
https
:path
/page/banners.php?size=728x90_adlane
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ayelads.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://ayelads.xyz/

Response headers

x-powered-by
PHP/7.2.34
content-type
text/html; charset=UTF-8
content-length
383
content-encoding
br
vary
Accept-Encoding
date
Thu, 02 Sep 2021 15:01:33 GMT
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
mgvpaid.umd.js
video-native.mgid.com/scripts/ 		132 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/scripts/mgvpaid.umd.js
Requested by
Host: cdn.steepto.com
URL: https://cdn.steepto.com/js/wglibs/mgWidget_1.11.43.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
358397cc830a4098def1c47def116498dacbb8711c1e7e4f68bb204fca577498

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 13:49:49 GMT
server
nginx
etag
"21165-5bdcfdf7e6872-gzip"
vary
Accept-Encoding
x-cached-since
2021-09-02T08:59:13+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
30661
expires
Fri, 02 Sep 2022 08:59:13 GMT
b
sb.scorecardresearch.com/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=120&ns__t=1630594892675&ns_c=UTF-8&cv=3.5&c8=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&c7=https%3A%2F%2Fdevil1.tk%2F%3Flink%3D&c9=
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
a7-G5OpIAAMVBuzcRdeVEapBDWT-8MQVDITbo8tSmwteHXqPzkZ7Pg==
x-cache
Miss from cloudfront
mgvpaid.css
video-native.mgid.com/mgPlayer/css/ 		945 B
521 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/mgvpaid.css
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f8fd19e664526e5667d00bed3e089e60559219501c1fcf5cea88feed079db74c

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
gzip
last-modified
Mon, 12 Oct 2020 11:17:31 GMT
server
nginx
etag
"3b1-5b17771cc0f4c-gzip"
vary
Accept-Encoding
x-cached-since
2021-07-26T21:35:07+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
389
expires
Tue, 26 Jul 2022 21:35:07 GMT
/
c.mgid.com/vs/ 		43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1146671&e=initad&c=49097&o=%7B%22uuid%22%3A%22a8f6c88b-0bfe-11ec-bdfe-d0946675f626%22%7D
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
68879d3f6d6c3a53-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
servicer.mgid.com/1146671/ 		0
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1146671/?vast=1&w=640&h=480&pl=1&page=https://devil1.tk/?link=
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
x-mg-204-reason
video_ssp=0
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://devil1.tk
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
68879d3f7d8c3a53-CDG
content-type
text/html
1146671
servicer.mgid.com/vast/ 		27 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/vast/1146671
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-mg-reason
empty list of teasers
date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://devil1.tk
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
68879d3f7d903a53-CDG
content-type
text/xml
pragma
no-cache
/
c.mgid.com/vs/ 		43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1146671&e=requestad&cin=0&c=69531&o=%7B%22uuid%22%3A%22a8f6c88b-0bfe-11ec-bdfe-d0946675f626%22%2C%22index%22%3A0%7D
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
68879d3f8d963a53-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1
servicer.adskeeper.com/1130710/ 		1 KB
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.adskeeper.com/1130710/1?pv=5&cbuster=1630594892718706941015&uniqId=0420f&niet=4g&nisd=false&jsv=es6&w=344&h=385&cols=1&ref=&cxurl=https%3A%2F%2Fdevil1.tk%2F&lu=https%3A%2F%2Fdevil1.tk%2F%3Flink%3D&sessionId=6130e74c-13cf0&pageView=1&pvid=17ba70780689dada800&implVersion=11&dpr=1
Requested by
Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/d/e/devil1.tk.1130710.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13fc5588c195d09f087331b39553db89046a81e0fe482fb2c19c8ce77354cd20

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
68879d3f9a7f3fea-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/FGSYSKTLJNHG3MJYOTGNVJ/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 15:02:44 GMT
Via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P5
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Mon, 19 Jul 2021 22:23:14 GMT
Server
AmazonS3
Etag
"5816cced8568d223aa09d889f300692b"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
X-Amz-Version-Id
negMAsSEs.M1Zq1srV8VMS7DU8lxhds7
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
pRi9dECynhEjdB2OvYua-3VUKmlGiCgo_-G1u4qldGbQ-efG6_NvCw==

Redirect headers

Date
Thu, 02 Sep 2021 15:01:32 GMT
Via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P5
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Cache
Error from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
X-Amz-Cf-Id
rQbeOQ2zOv12noOJ-GxlKXkHLFmiuR2vaxUIkkvWPoaC-e6G-7Z-3w==
/
servicer.mgid.com/1146671/ 		0
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1146671/?vast=1&w=640&h=480&pl=1&page=https://devil1.tk/?link=
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
x-mg-204-reason
video_ssp=0
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://devil1.tk
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
68879d401efa3ba3-CDG
content-type
text/html
/
c.mgid.com/vs/ 		43 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1146671&e=requestad&cin=1&c=45253&o=%7B%22uuid%22%3A%22a8f6c88b-0bfe-11ec-bdfe-d0946675f626%22%2C%22index%22%3A1%7D
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
68879d400e2b3b49-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1146671&e=adbidempty&cin=1&c=56144&o=%7B%22uuid%22%3A%22a8f6c88b-0bfe-11ec-bdfe-d0946675f626%22%2C%22index%22%3A1%2C%22rHash%22%3A%222227557176690718%22%7D
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
68879d400e2d3b49-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1146671&e=aderror&cin=1&c=31640&o=%7B%22uuid%22%3A%22a8f6c88b-0bfe-11ec-bdfe-d0946675f626%22%2C%22index%22%3A1%2C%22rHash%22%3A%222227557176690718%22%2C%22errMsg%22%3A%22VPAID%20ERROR%3A%20adbidempty.%20%5Bhttps%3A%2F%2Fservicer.mgid.com%2Fvast%2F1146671%5D%22%7D
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
68879d400e303b49-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
pubads_impl_2021082701.js
securepubads.g.doubleclick.net/gpt/ Frame CB74 		333 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 27 Aug 2021 15:07:02 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119397
x-xss-protection
0
expires
Thu, 02 Sep 2021 15:01:32 GMT
pica.js
adcryp.to/cdn-cgi/challenge-platform/h/g/scripts/ Frame CB74 		20 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://adcryp.to/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a32d77b4ba0610a5058300d2059f59d2cad784c341ae2eaad7ed2f9005fc5925

Request headers

Referer
https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:33 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=917qf98wbG%2FLkmBYW4FgNz4TxInMMvxQFm4uqV3nWRjgbR8JdNUpG7Fgq0fhJKWFkb38wRaSUZGNwIIgMTkL3HqXUg1%2Br0gbvIRbjJXqdR2QqhE9OHmo9eL0bUsaeOW%2Fr%2F0uArvG5XI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
68879d420e3d5c2c-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc_dD0xNTMwNzIwODE4MzE5.webp
s-img.adskeeper.com/g/8193534/492x328/0x124x788x525/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.com/g/8193534/492x328/0x124x788x525/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc_dD0xNTMwNzIwODE4MzE5.webp?v=1630594892-YKB3vtalYNX5uV7Q5d20Lc4InWouMmxQcKLTgzZMVQE
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30d86cce2f4998c9a06c57a581b7e1133faf0ec8f5c4008fc25daa122bb03a69

Request headers

Origin
https://devil1.tk
Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:33 GMT
cf-cache-status
MISS
last-modified
Tue, 11 May 2021 10:49:31 GMT
x-mg-request-uuid
6091342a-e977-4983-99eb-105e3796edd8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
68879d407e6c3b97-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10486
server
cloudflare
FGSYSKTLJNHG3MJYOTGNVJ
d.adroll.com/consent/check/ 		395 B
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/FGSYSKTLJNHG3MJYOTGNVJ?arrfrr=https%3A%2F%2Fdevil1.tk%2F%3Flink%3D&_s=ad799527a1a9a559e9c1adbc2f877b19&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/FGSYSKTLJNHG3MJYOTGNVJ/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.68.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-68-56.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e6c10fa255f3b4415cea477aad4b6e126979e55c8ff74561c89cfa1a1c120b2a

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:32 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-type
application/javascript
content-length
395
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
integrator.js
adservice.google.de/adsid/ Frame CB74 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=adcryp.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CB74 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adcryp.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Sep 2021 15:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame CB74 		48 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1500060402981898&correlator=2365014963229075&output=ldjh&impl=fifs&eid=31062297%2C31062094&vrg=2021082701&ptt=17&sc=1&sfv=1-0-38&ecs=20210902&iu_parts=360613911%2Cadcryp&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cdm=adcryp.to&bc=31&abxe=1&lmt=1630594892&dt=1630594892897&dlt=1630594892415&idt=454&ea=0&frm=8&biw=-12245933&bih=-12245933&isw=300&ish=250&oid=3&adxs=0&adys=0&adks=3874784279&ucis=6sswv790nou&ifi=1&ifk=2996537241&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&nhd=2&url=https%3A%2F%2Fadcryp.to%2F%3Futm_medium%3Dcpc_83680fcb93d0eb939642c5bbb47ffc54&ref=https%3A%2F%2Fadsrv.adcryp.to%2F&top=https%3A%2F%2Fadsrv.adcryp.to%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=300x250&msz=300x-1&ga_vid=1796837091.1630594893&ga_sid=1630594893&ga_hid=372317227&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
d02fcb8bf791a29d91029da0637bf04dbfd05efabdf2d1da8273416d2ace5d42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11216
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adcryp.to
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ec76967b9fc19a8ac93530f209c4595d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 463D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ec76967b9fc19a8ac93530f209c4595d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ec76967b9fc19a8ac93530f209c4595d.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://adcryp.to/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 02 Sep 2021 15:01:32 GMT
expires
Fri, 02 Sep 2022 15:01:32 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
c.mgid.com/vs/ 		43 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1146671&e=adbidempty&cin=0&c=74857&o=%7B%22uuid%22%3A%22a8f6c88b-0bfe-11ec-bdfe-d0946675f626%22%2C%22index%22%3A0%7D
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
68879d40cf683a53-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1146671&e=aderror&cin=0&c=87394&o=%7B%22uuid%22%3A%22a8f6c88b-0bfe-11ec-bdfe-d0946675f626%22%2C%22index%22%3A0%2C%22errMsg%22%3A%22VPAID%20ERROR%3A%20adbidempty.%20%5Bhttps%3A%2F%2Fservicer.mgid.com%2F1146671%2F%3Fvast%3D1%26w%3D640%26h%3D480%26pl%3D1%26page%3Dhttps%3A%2F%2Fdevil1.tk%2F%3Flink%3D%5D%22%7D
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
68879d40cf6c3a53-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/FGSYSKTLJNHG3MJYOTGNVJ/roundtrip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
A94tq7HMyIAF0Ftxd46TFhN2WzQ7CC9eI17x909Sz8NdqllfYnasnz3ACMbZ4FLL8Nt9eLxFhqRsEcd3aojl2Q==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 02 Sep 2021 15:01:32 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
HDI3VY5PLZHPJEK3H4KGKV
d.adroll.com/segment/FGSYSKTLJNHG3MJYOTGNVJ/ 		42 B
900 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/segment/FGSYSKTLJNHG3MJYOTGNVJ/HDI3VY5PLZHPJEK3H4KGKV?adroll_fpc=fbd0054cdf310fc74e940c790db9a362-1630594892928&arrfrr=https%3A%2F%2Fdevil1.tk%2F%3Flink%3D&xid_ch=f&pv=94208830067.31488&cookie=&adroll_s_ref=&keyw=&adroll_external_data=&adroll_version=2.0
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/FGSYSKTLJNHG3MJYOTGNVJ/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.68.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-68-56.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-pixel-eid
HDI3VY5PLZHPJEK3H4KGKV
date
Thu, 02 Sep 2021 15:01:32 GMT
x-advertisable-eid
FGSYSKTLJNHG3MJYOTGNVJ
x-segment-display-name
Visitors to Unsegmented Pages
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
42
pragma
no-cache
x-conversion-value
0.0
server
nginx/1.20.0
x-rule
*
x-segment-eid
T3TARHQ2TFEK3J3JJXOL4E
content-type
image/gif
access-control-allow-origin
https://devil1.tk
access-control-expose-headers
X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Pixel-Eid
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-request-methods
GET
x-segment-name
*
access-control-allow-headers
*
x-conversion-currency
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=0&iid=1146671&e=error&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22a8b9bcbe-0bfe-11ec-bdfe-d0946675f626%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%2C%22errorMessage%22%3A%22null%22%7D&t=0&c=25952
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Sep 2021 15:01:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
68879d4168423a53-CDG
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
s.adlane.info/ Frame A0DA 		97 B
365 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adlane.info/?content_page_url=https%3A%2F%2Fnex-url.cyou%2Fpage%2Fbanners.php%3Fsize%3D728x90_adlane&width=728&height=90&cb=1630594893144&aid=663377
Requested by
Host: nex-url.cyou
URL: https://nex-url.cyou/page/banners.php?size=728x90_adlane
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c

Request headers

Referer
https://nex-url.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://nex-url.cyou
Date
Thu, 02 Sep 2021 15:01:36 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
97
Content-Type
application/javascript; charset=UTF-8
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012108170213000/ Frame F66F 		188 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
63988
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55333
x-xss-protection
0
server
sffe
date
Wed, 01 Sep 2021 21:15:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"55ff93a1040e5c38"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Sep 2022 21:15:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012108170213000/v0/ Frame F66F 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
64897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4999
x-xss-protection
0
server
sffe
date
Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6b551ff8c0a78d7e"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Sep 2022 20:59:56 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012108170213000/v0/ Frame F66F 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
64897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28538
x-xss-protection
0
server
sffe
date
Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"523ca413d5eb4bb0"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Sep 2022 20:59:56 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012108170213000/v0/ Frame F66F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
64897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1653
x-xss-protection
0
server
sffe
date
Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a4d9605fb26cf0ce"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Sep 2022 20:59:56 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012108170213000/v0/ Frame F66F 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
64897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12821
x-xss-protection
0
server
sffe
date
Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bd81b3ba02634f28"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Sep 2022 20:59:56 GMT
css
fonts.googleapis.com/ Frame F66F 		3 KB
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 02 Sep 2021 13:01:36 GMT
server
ESF
date
Thu, 02 Sep 2021 15:01:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Sep 2021 15:01:33 GMT
truncated
/ Frame F66F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
498a901cb436e0ee0439d539ae4a0693b80266856be4ea725f444e821fb69203

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F66F 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Sep 2021 11:04:13 GMT
x-content-type-options
nosniff
server
cafe
age
14240
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 03 Sep 2021 11:04:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F66F 		295 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Sep 2021 07:57:47 GMT
x-content-type-options
nosniff
server
cafe
age
25426
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 03 Sep 2021 07:57:47 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F66F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBjHITOcwYbbROeSi7_UPgJK54A6qgND0ZIuK2ZOuDf_1kOPXAhABIIixkR9glfrwgYwHoAGr1bS7AsgBAeACAKgDAcgDCqoEugFP0KsQgfNNDdnQR5ydoBShCviQu8Bys9TRGLBoBLighXmbBcQ--DRHz40t7RXSNqm6FkQbfHTef6UCWbVBBTOxMr_Nuxrt7_QaP_P5sqlWdIzVs7G1BqknyOEFtmEGXxZcZikZGiFvEz5f7OQZ3pxj66YR0QAiCTM2i--bTkHElinu6Y7lpMwbA55vrrGW2L03BqSvbZ6vNWqZdj4akMjjAzVddNJ5ecsg3JuCKPbY4L8_dFpw0N-reYzABO20p5W1A-AEAZIFBAgEGAGSBQQIBRgEgAfFtJPJAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwHyBwQQ2ewI0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi05NjYxNDMyMzYzMDAwMzM3gAoDyAsBogwIKgYKBPiesQLYEwzQFQGAFwGyFx4KHAgAEhRwdWItNzM2MzgwOTIxOTI0NDEyMhi_4h8&sigh=9-xtvt_OSLk
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame CB74 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021082701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4526fac60c4fd03254e8849a8dca5a66f7b2074b74079e658a258e5b6f0162e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Sep 2021 15:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame F66F 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://adcryp.to
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 18:10:03 GMT
x-content-type-options
nosniff
age
75090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Sep 2022 18:10:03 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame F66F 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://adcryp.to
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 18:10:03 GMT
x-content-type-options
nosniff
age
75090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Sep 2022 18:10:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CB74 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Thu, 02 Sep 2021 15:01:33 GMT
css2
fonts.googleapis.com/ Frame 86F7 		4 KB
411 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Heebo:wght@100;300;400;500;700;800;900&display=swap
Requested by
Host: ayelads.xyz
URL: https://ayelads.xyz/ads/blogs/page/assets/css/theme.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
642be19b991546c6f5221252454ea7358e6512a3daaf6df089222bf3ab03d436
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ayelads.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 02 Sep 2021 15:01:33 GMT
server
ESF
date
Thu, 02 Sep 2021 15:01:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Sep 2021 15:01:33 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame F66F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date
Thu, 02 Sep 2021 15:01:33 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v12/ Frame 86F7 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v12/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@100;300;400;500;700;800;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1264ac64e82702e03cd71fbea5dfc8137bbca7ae8c33df94955f3f47add9e61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ayelads.xyz
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 12:05:02 GMT
x-content-type-options
nosniff
age
442591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27116
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 17:13:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Aug 2022 12:05:02 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F66F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Sep 2021 11:04:13 GMT
x-content-type-options
nosniff
server
cafe
age
14240
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 03 Sep 2021 11:04:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F66F 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Sep 2021 07:57:47 GMT
x-content-type-options
nosniff
server
cafe
age
25426
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 03 Sep 2021 07:57:47 GMT
result
adcryp.to/cdn-cgi/challenge-platform/h/g/cv/ Frame CB74 		2 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adcryp.to/cdn-cgi/challenge-platform/h/g/cv/result?req_id=68879d3d197b5c2c
Requested by
Host: adcryp.to
URL: https://adcryp.to/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 02 Sep 2021 15:01:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2B16q2kWImkv6zgI%2Faftkc1TbYC3t9%2FqpI7QudYBuswDxBxs7%2BbWwPyt6t%2FulfV23UzmbQqBJSV8EFXuX7VlorKMOEI7Fixh88qcdrK7JzMQHgnLtymb4%2FxvGHZbIr09tZg16CCX2oQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
68879d4a1a065c2c-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D62A 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://adcryp.to/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Thu, 02 Sep 2021 14:43:18 GMT
expires
Fri, 02 Sep 2022 14:43:18 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1096
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 2503 		783 B
812 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b85645362e7301858c5b294e8106bf4a65b099c798417326069ae30b738d874a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yuPbw3+q96IgwSLOyqp4Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://adcryp.to/

Response headers

expires
Thu, 02 Sep 2021 15:01:34 GMT
date
Thu, 02 Sep 2021 15:01:34 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-yuPbw3+q96IgwSLOyqp4Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bAXmr16l8Fcjh6Ak7G9tUyWjpKdXOe8Oma2-jj8o2SE.js
pagead2.googlesyndication.com/bg/ Frame D62A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bAXmr16l8Fcjh6Ak7G9tUyWjpKdXOe8Oma2-jj8o2SE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c05e6af5ea5f0572387a024ec6f6d5325a3a4a75739ef0e99adbe8e3f28d921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 13:59:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
3707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13290
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Sep 2022 13:59:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CB74 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021082701&jk=1500060402981898&bg=!2dql2p7NAAZOkH6FTpA7ACkAdvg8WpBbCeNMNr0nzKsi7fO9haqcQZa2IwuU8_OD6w2CZ_CPGGyNAgIAAAByUgAAAA1oAQeZAprFA4OOhpZAMowtUpnnqOzTb0r9Rw3BCeNIOBqnedQzpixGO11mMEO70xOJ3ojuDb_aqMJWoRms1NeGOfZFE4_CWoQKYHTkzga0sp-uLEHBnA05R09AA040CEcu5wuGtU-cfVk9YFy0gQKQXrYM-xT75Ih9MpzBoJT5DL-AUvCD0zxFGWw31tqWzQoHKnhf9frtvlQ9tk2cbH9GlLZmryHZ6RikwYIaCDW11xp4Yj7RYAhnEGbdck9_NFOLMFLliQg-DZDqOfPQ8Tgn_UE0QGvRgFDlOQymM4uuHCg37ojS6eBWd09DPZqIZ3vRTb46EK1cA4vAvOvv6xP3Nzj-WakBVgYSjHD6QzG67gD_FA2fKbngxAJsc73itkN4q0c2ZJ7rttL8LuN9udW6SoPZfXPDRNV3rCJtiD4XlwhD9MZT_Zy2Wqf50QWX0doXnSmn83ZSio71DBJm8j8WVCj9bBLABpKoxuOfti_aZZ5DGkUFovtTgd16A8qjriUEQk0ltT5-mwyj7RsW2qNPSGq_BpA6e5vBmnH092VoRCTixdtgK0UpURW5XnkpN80w9rtOlHSGPF3g0qoXJy_EI1BdAzM3EZscy1_pMKcGTmmfbufgXsyWjIuYMumb9SofrScg8VKD_vJsPUP7Km4SU0lQDAG6gwtLH6nwShOHzA_LXFefQKjXZEh9wms8ECC84OEQeZIbTJc0CbvQJ1xykaQfk9SsvNiA_VGzNqJ30vG4M9CzHCXKiZpJ6-6HTup61wzXHc5dORDfc0-faGTYGx_3lWR-HNrDL4_A5ocMHiFr1if7H6ITov7pWCcfkK-JnpKjUIIdM4nKw2ms-IFBX8EF9WvK0vOaUeqt95vg9g2WPXOt2CG50CB2-FHom5w
Requested by
Host: devil1.tk
URL: https://devil1.tk/?link=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
devil1.tk
megaadv.com/ads/eyJpdiI6Inc2dE5HeHVpOGdCZE1qVnpKQk9aOHc9PSIsInZhbHVlIjoibmpteVNNMkJzcThrQjd6TXMxQlk5QT09IiwibWFjIjoiYjAzNWJhMWYwOTkwODQzODM0NTI5NWVjZmEwNmJmOGQ4Nzc4NDcwYmU2MDQ2NWI2ZGMxMmNkMGQwYmQwM... 		732 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://megaadv.com/ads/eyJpdiI6Inc2dE5HeHVpOGdCZE1qVnpKQk9aOHc9PSIsInZhbHVlIjoibmpteVNNMkJzcThrQjd6TXMxQlk5QT09IiwibWFjIjoiYjAzNWJhMWYwOTkwODQzODM0NTI5NWVjZmEwNmJmOGQ4Nzc4NDcwYmU2MDQ2NWI2ZGMxMmNkMGQwYmQwMWRmNCJ9/300x250/devil1.tk
Requested by
Host: megaadv.com
URL: https://megaadv.com/assets/ads/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.95.249.167 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-95-249-167.ap-south-1.compute.amazonaws.com
Software
/ PHP/7.4.22
Resource Hash
acf917665b6df16e9c45d2ae49fe0553399784757e78435caeb347bfe0170e8b

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:37 GMT
content-encoding
br
x-powered-by
PHP/7.4.22
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
461
60cf5a6bbb6331624201835.jpg
megaadv.com/assets/images/adImage/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://megaadv.com/assets/images/adImage/60cf5a6bbb6331624201835.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.95.249.167 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-95-249-167.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
d2aeb27fbdbb6c485b105c1e649332bc3b1beef37a425de2651d6a76c8902348

Request headers

Referer
https://devil1.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 15:01:38 GMT
cache-control
public, max-age=604800
last-modified
Sun, 20 Jun 2021 15:10:35 GMT
accept-ranges
bytes
content-type
image/jpeg
content-length
38222
expires
Thu, 09 Sep 2021 15:01:38 GMT
index.php
adsrv.adcryp.to/track/ Frame 2AAC 		139 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adsrv.adcryp.to/track/index.php?page=click/data/0|135|0|384|2030|1|506|2|0|135|0|0|0|0/429dce945f670f0c998430f68647d251/1630594911/GB/
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=2030&pid=384&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=345&page_data=05eeddbbbd9eaeda04512934a026412f&time=1630594891&deliver=devil1.tk&search_keywords=&page_referrer=aHR0cHM6Ly9kZXZpbDEudGsvP2xpbms9&page_title=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&meta_description=World%20Best%20website%20for%20Movies
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
1eaac3e31d61bfec1cc6c86b3c515b5fa339ee5784acfc8cdea14b280f400aa7

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=2030&pid=384&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=345&page_data=05eeddbbbd9eaeda04512934a026412f&time=1630594891&deliver=devil1.tk&search_keywords=&page_referrer=aHR0cHM6Ly9kZXZpbDEudGsvP2xpbms9&page_title=Movies%20Devil%20-%20World%20Best%20website%20for%20Movies&meta_description=World%20Best%20website%20for%20Movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 02 Sep 2021 15:01:42 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript

Verdicts & Comments Add Verdict or Comment

225 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| a2a_config function| next object| FontAwesomeKitConfig undefined| closediv undefined| removeDiv object| removeButton object| iconDiv object| mainDiv number| number object| twemoji object| wp function| _typeof2 boolean| supportBinaryFetch object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init string| min_a2a string| min_1 string| min_2 string| min_3 string| min_4 string| min_5 string| min_6 string| min_7 string| min_8 string| min_9 string| min_10 string| min_11 number| a2apage_init object| icons string| svg_tag_open string| svg_tag_close string| svg_src string| svg_src_default object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal number| adcode_count function| post_sticky_handler function| post_noads_handler function| post_trackdata_handler function| post_skin_handler function| post_expandable_handler function| post_realImpression_handler function| post_pop_handler function| post_interstitial_handler function| post_native_handler function| native_resize_handler function| post_iframe_handler object| ItemDataScript_parameter string| ItemDataScript_parameter_new object| ItemDataScript_parameter_seperate string| aduid string| pid string| width string| height string| displaytype number| responsive number| block_id number| adSectionWidth object| page_meta_data string| page_title string| page_referrer string| meta_description string| meta_keywords string| search_keywords number| currently_rendered number| currently_rendered_flag string| currently_rendered_adunit object| cpc_impression object| cpm_impression object| cpa_impression string| cpd_impression string| cpv_impression object| html_impression string| ret string| iframe_src object| gaplugins object| gaData undefined| color object| _mgIntExchangeNews object| MarketGidInfC1146671 function| MarketGidCContextBlock1146671 function| MarketGidCMainBlock1146671 function| MarketGidCInternalExchangeBlock1146671 function| MarketGidCColorBlock1146671 function| MarketGidCChangeColorBlock1146671 function| MarketGidCHideDescriptionBlock1146671 function| MarketGidCRejectBlock1146671 function| MarketGidCCriteoBlock1146671 function| MarketGidCInternalExchangeLoggerBlock1146671 function| MarketGidCObserverBlock1146671 function| MarketGidCSendDimensionsBlock1146671 function| MarketGidCAntifraudStatisticsBlock1146671 function| MarketGidCRtbBlock1146671 function| MarketGidCDiscountBlock1146671 function| MarketGidCIframeSizeChangerBlock1146671 function| MarketGidCContentPreviewBlock1146671 function| MarketGidCGradientBlock1146671 boolean| mg_loaded_697072_1146671 function| hideAdverTiseMent object| OneSignal string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll function| onYouTubeIframeAPIReady object| onClickExcludes function| mgReject1146671 function| mgLoadAds1146671_172f3 function| MarketGidCReject1146671 function| MarketGidLoadGoods1146671_172f3 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint697072 string| _mgPvid string| urlorigin object| MarketGidInfC1146656 function| MarketGidCContextBlock1146656 function| MarketGidCMainBlock1146656 function| MarketGidCInternalExchangeBlock1146656 function| MarketGidCColorBlock1146656 function| MarketGidCRejectBlock1146656 function| MarketGidCCriteoBlock1146656 function| MarketGidCInternalExchangeLoggerBlock1146656 function| MarketGidCObserverBlock1146656 function| MarketGidCSendDimensionsBlock1146656 function| MarketGidCAntifraudStatisticsBlock1146656 function| MarketGidCRtbBlock1146656 function| MarketGidCIframeSizeChangerBlock1146656 function| MarketGidCContentPreviewBlock1146656 function| MarketGidCGradientBlock1146656 function| MarketGidCResponsiveBlock1146656 boolean| mg_loaded_697072_1146656 object| responsedata number| realImpression-2030 function| mgReject1146656 function| mgLoadAds1146656 function| MarketGidCReject1146656 function| MarketGidLoadGoods1146656 boolean| _mgPageView697072 boolean| MarketGidCSvsdsFlag object| AdskeeperInfC1130710 function| AdskeeperCContextBlock1130710 function| AdskeeperCMainBlock1130710 function| AdskeeperCInternalExchangeBlock1130710 function| AdskeeperCColorBlock1130710 function| AdskeeperCRejectBlock1130710 function| AdskeeperCInternalExchangeLoggerBlock1130710 function| AdskeeperCObserverBlock1130710 function| AdskeeperCSendDimensionsBlock1130710 function| AdskeeperCAntifraudStatisticsBlock1130710 function| AdskeeperCRtbBlock1130710 function| AdskeeperCDiscountBlock1130710 function| AdskeeperCIframeSizeChangerBlock1130710 function| AdskeeperCContentPreviewBlock1130710 function| AdskeeperCGradientBlock1130710 boolean| mg_loaded_697068_1130710 function| LoadCriteoAllPlaces1146671_172f3 boolean| i.js.loaded boolean| i-noref.js.loaded function| _mgLib1_11_43 function| _mgwqp function| mgReject1130710 function| mgLoadAds1130710_0420f function| AdskeeperCReject1130710 function| AdskeeperLoadGoods1130710_0420f object| _comscore boolean| _mgPageViewEndPoint697068 function| udm_ object| ns_p object| COMSCORE function| LoadCriteoAllPlaces1146656 object| Mgvpaid function| getVPAIDAd boolean| _mgPageView697068 function| __adroll__ string| adroll_sid object| __adroll undefined| adroll_tpc_callback object| __adroll_consent_data boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_xavier_called number| __adroll_xid_ch function| fbq function| _fbq object| __adroll_pxl_assistant_track object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| adroll_seg_eid object| adroll_exp_list string| cookie_content_value object| cookie_content_data

0 Cookies

9 Console Messages

Source Level URL
Text
console-api log URL: https://devil1.tk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://devil1.tk/interclicks.js(Line 1)
Message:
1
console-api log URL: https://devil1.tk/interclicks.js(Line 1)
Message:
undefined
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api debug URL: https://jsc.mgid.com/d/e/devil1.tk.1146671.es6.js(Line 1)
Message:
[object HTMLImageElement]
console-api debug URL: https://jsc.mgid.com/d/e/devil1.tk.1146656.es6.js(Line 1)
Message:
[object HTMLImageElement]
console-api debug URL: https://jsc.adskeeper.com/d/e/devil1.tk.1130710.es6.js(Line 1)
Message:
[object HTMLImageElement]
console-api info URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2108170213000 https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
console-api log URL: https://s.adlane.info/?content_page_url=https%3A%2F%2Fnex-url.cyou%2Fpage%2Fbanners.php%3Fsize%3D728x90_adlane&width=728&height=90&cb=1630594893144&aid=663377(Line 1)
Message:
[object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
adcryp.to
adservice.google.com
adservice.google.de
adsrv.adcryp.to
api.lunagyja.xyz
ayelads.com
ayelads.xyz
c.adskeeper.com
c.mgid.com
cdn.adskeeper.co.uk
cdn.ampproject.org
cdn.onesignal.com
cdn.steepto.com
cm.mgid.com
cm.steepto.com
connect.facebook.net
d.adroll.com
devil1.tk
ec76967b9fc19a8ac93530f209c4595d.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
icon2.cleanpng.com
jsc.adskeeper.com
jsc.mgid.com
ka-f.fontawesome.com
kit.fontawesome.com
lunagyja.xyz
match.adsrvr.org
megaadv.com
nex-url.cyou
pagead2.googlesyndication.com
s-img.adskeeper.com
s-img.steepto.com
s.adlane.info
s.adroll.com
s.w.org
sb.scorecardresearch.com
securepubads.g.doubleclick.net
servicer.adskeeper.com
servicer.mgid.com
static.addtoany.com
tpc.googlesyndication.com
video-native.mgid.com
video-native.steepto.com
www.go.earn4money.cf
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.18.16.65
104.19.130.80
104.19.133.78
104.19.136.78
104.19.136.80
104.19.139.80
13.32.121.21
142.250.185.130
162.0.235.241
162.0.235.250
168.119.143.69
188.34.181.16
192.0.77.48
2600:9000:223f:8400:6:9280:1080:93a1
2606:4700:10::6816:46c5
2606:4700:3032::6815:2613
2606:4700:3036::6815:e43
2606:4700:3037::ac43:a12f
2606:4700::6812:1634
2606:4700::6812:e234
2606:4700:e0::ac40:6a1c
2a00:1450:4001:801::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2001
2a03:2880:f01c:216:face:b00c:0:3
2a03:90c0:41:2801::254
2a0c:5c81:5095:0:225:90ff:fefa:245d
52.213.68.56
52.95.249.167
66.29.141.47
76.223.111.131
88.99.0.156
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
0146c024c298254bb1c605e5586a6283890403a3c650f9bf38b720854ea4fbd5
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
04fda2ef451c89e4f7e2dcd0eb500f6d53ab1b4be3dd2dc33481ae8e09ff5582
065eb3954b9ea8584f535ede5b5c563383c3b40e4e0344f75a02c4bf3200314b
069272f8c901041fb62d15c1634e38289a8efb54468d5b5a6269d1d90a814bea
07199e76bcaa4ee3c2958d29c5b7c47571164ac63b645cb5109f28577b38a94e
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
0c212a8eb56787836a0b4d93aff1a1f0086b815e1007677a55ce18514097ea87
0f334da460abbd2499d5f315918eddc40a343949f7f041a1a56b8aff122974ee
1264ac64e82702e03cd71fbea5dfc8137bbca7ae8c33df94955f3f47add9e61f
13fc5588c195d09f087331b39553db89046a81e0fe482fb2c19c8ce77354cd20
18fb43085bb97839abd02d377fbbd118197d6a7e01a26ac6fea27e319348591a
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1ba5924f915fdf51127250f875a47089f8f050f20aab2f47bd6ae761b433f189
1ccf1652fc1d765e8baae449dfe64d9a4c826da326c03085eb8603a17a7e175d
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1eaac3e31d61bfec1cc6c86b3c515b5fa339ee5784acfc8cdea14b280f400aa7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
30d86cce2f4998c9a06c57a581b7e1133faf0ec8f5c4008fc25daa122bb03a69
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
358397cc830a4098def1c47def116498dacbb8711c1e7e4f68bb204fca577498
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3c588a05216fdbf5766ea1c9286bb0a0ffd47550821b2a04a1df5ba37530174a
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
46bcff3d9d443579078650ce5de19fd497212d54f481ca65b98b60978f3a5478
474e859980c8fcd0f6fc886baa8da167a5010840e0a76009bc2380ea924bae5d
48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e
498a901cb436e0ee0439d539ae4a0693b80266856be4ea725f444e821fb69203
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
5265022b500e12fce2fb8bb9822031ea4bd9fdc3996e19326840967f60ab12e1
52db182ccc9de3f83db429d2180241038f48d81cce854d1ba9f1377e634fe6fe
55fc896cba0f3d0a634bd0b580f72ad2445ca0e1545099b516a66c02e1a15109
56433dd803d523690979ccabb62f994561e71abdef50befdd4158150d7e910de
582124e39d4c294baddee533250bdde975284a65c16baf46e0f9a1bf4e6e5e77
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e492ce66701389be1427ccf0c669df569ea89a86db96f09319d656dad10d7e7
6159b4451df11eca389f5436e6f7b8a03ce7a46c24260e20c2df9efaf257abe4
642be19b991546c6f5221252454ea7358e6512a3daaf6df089222bf3ab03d436
64eae82b36b98c619e9fcac8dd70e9be77aeb7c21dc8f7a2e8eb14a8464e9582
6a28994527f98623c184fad7aa64175760ac26bf6efef79a40c75f946264f5df
6aacfe2f454c2afca448fcc5967cb0589f31452e1150ff774ae3eebdf36b60c0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c05e6af5ea5f0572387a024ec6f6d5325a3a4a75739ef0e99adbe8e3f28d921
719f1d8a1d984f7ec868ac9e36e0aac7162c9f8295aebb5b6575c52df60649d9
72cd6f7f43a4c30fbdc0c43f61a659796e73d2aa33b768bcab2c38c019a4e0c0
77e5334e1e6ea0df8ed81d8a8425d7e6613826e1ad8f8195f405ab5f42ae1b5c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84f76ac52e65b502c5436e6ac186554753443f4564ccec2f619305860f85c1e4
87b34f2c1c4c30f70478efc10c6c026f9311019f028157314717e6ddfa4c1f4b
8a965ef392842a2b19ccaf9454ef114560791badb2ee2161764361e38602e389
8b2c3d7393c0c588c830ba08b65816fd313fc7e0095948423aaa45205196f6bf
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
907c9954f0a31bc44416cc713564fd620c2e1c8cbc814d09980d0fc0ee6d1cb2
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad
981ff00d1a31174c7adc80baf6996caf0982080285f202a1d6370715afd09bee
997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d
9a03331261eb3e1242caaee7dddc6aa7720d2359ca3ed3f4e15d879d0dedb198
a00f405459223ccbe7cbd89727a81da3c7e0c2a416799065f32d957e225103d8
a04fbaf3db6fc7fed38bb7a0b3a790800d8f9c2f3e0c34bcce1db44376ce65fa
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745
a32293450d9ff5cf4cd843b091cac6d02c78a75ed9f629bd147fb7debe46cde1
a32d77b4ba0610a5058300d2059f59d2cad784c341ae2eaad7ed2f9005fc5925
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50a51f56ae3a8194fd3e1d8b86d8a5d0efdf921296bffeaac46fbe240c529ec
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a63c2e07501d472fb7b360f00b8eae5dc9908378b75f54a1169916801e09cf45
a6bb15a4ba4beb9df438b7a9d80fabb63b8133c414b993b355cab1a2d22c933b
a6fe2fcad644db10f26aeb0dc14b04b3cf64cc7ce65faa61ff84bb0cc0234aef
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acf917665b6df16e9c45d2ae49fe0553399784757e78435caeb347bfe0170e8b
aed6f53bbe2887a04797000ea4fb50051fd5d302ef46a27c369bce51f7f4a159
af94e0eaf997f74e8c2e07939881ace2500a1de4cf47353a4a7629b6cd1eb6ff
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c
b70aa192cf670ffbccd24885ff71e159e03c809b890abe15e74cce9f497dd8e5
b797cdac21728e43925df934e893935801626514419c847dd6ba1298867f829f
b85645362e7301858c5b294e8106bf4a65b099c798417326069ae30b738d874a
b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68
bc151b4badf02c641a4b27235f476a854c3db0a5371203731a58b3b181974f69
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be634f677ccb5ec45c00ec648b8b47529b36779c1888da92e8a6876f5a8decc7
c016b1105987478ad49e8706100461eb859767769103bce14584e781512c83fe
c0478561c96152444cd2a7e3e682fb56164e262e05222831be194bb32a91806f
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4526fac60c4fd03254e8849a8dca5a66f7b2074b74079e658a258e5b6f0162e
c473152fa04af4333519ef15e316b48bc46843c5b17a6bce3332b73f2bd8f9d3
c4d6d7c6672496b8581727ace0d23415516ad3740609573cb30138dad68dcc72
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f
c8857237c16452dfa079f30c9864f8ebff271993ec3d38c2076a108da5024a1b
c98db98e18040227f56401648713d2ba16d2caedc11d1d85133bba18c81ba313
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
ccabeb2cb5391e2956a1866ea45523a82f4117cbfc70e46b2aac5aaa6d3d359a
cdd3fa9c01abbfc301f745c703f9ba01281f0063153bea0f311a8933d24e8426
d02fcb8bf791a29d91029da0637bf04dbfd05efabdf2d1da8273416d2ace5d42
d1865b9843b0b9c7a5d6942506209a3b62014b283f6e929f0f0cd241d51aa6db
d2aeb27fbdbb6c485b105c1e649332bc3b1beef37a425de2651d6a76c8902348
d2f589c367232cf6c419f82020168f2b9b2fb839783ef91f17d60dc4a75ebeb9
d8a67d3d7e68e8ede8a013c09259ea0012d809061c046cb0e5ed2f6c96d83445
d96061cedb4ea4c0910f9399fc43c897e5e64609c531ddb6e06aa852476e0abf
db84011ba1ac25770ed500dadf860e1d7165f0a398a565acd32ca8bc174db7b6
db98efc1409518145aafa0a336cb724866e04450b1844e44fed106ac70117b87
de1259dfb3c623631997df5eb7cf3ab25e0119bee52f3731e2ea4d7d3a6040d3
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c10fa255f3b4415cea477aad4b6e126979e55c8ff74561c89cfa1a1c120b2a
ec5007b6af25df31a15328a773e07138685fee63a0536c938ec1cd3bf42da14d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1398bc24c57a160011df88a16f9314914f69ccc752561416170c9eaaff711d9
f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f
f8fd19e664526e5667d00bed3e089e60559219501c1fcf5cea88feed079db74c
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61
fcc4c9d7aff54a519ca75682a7b12bcdd1a626d211dc9ddd0891fbb0fcaec1ec
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737