nagourijio.nio.pw Open in urlscan Pro
45.87.41.89 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nagourijio.nio.pw/
Submission: On November 22 via api (November 22nd 2023, 7:03:49 pm UTC) from US — Scanned from US

Summary HTTP 69 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 22 domains to perform 69 HTTP transactions. The main IP is 45.87.41.89, located in Groningen, Netherlands and belongs to SPECTRAIP SpectraIP B.V., NL. The main domain is nagourijio.nio.pw.
TLS certificate: Issued by R3 on August 30th 2023. Valid for: 3 months.

This is the only time nagourijio.nio.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 4	45.87.41.89 45.87.41.89	62068 (SPECTRAIP...) (SPECTRAIP SpectraIP B.V.)
9	2607:f8b0:400... 2607:f8b0:4004:c07::9d	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
6	2606:4700:303... 2606:4700:3036::ac43:a54e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	146.75.36.193 146.75.36.193	54113 (FASTLY) (FASTLY)
7	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::9c	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3038::6815:ea44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4004:c08::66	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3034::6815:584e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3036::ac43:a093	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::68	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::71	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e0:... 2606:4700:e0::ac40:610f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3032::6815:1a12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	136.243.61.83 136.243.61.83	24940 (HETZNER-AS) (HETZNER-AS)
2	2a02:b4a:1:7:... 2a02:b4a:1:7::9166:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::5647:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::9168:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	45.133.44.33 45.133.44.33	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2607:f8b0:400... 2607:f8b0:4004:c07::84	15169 (GOOGLE) (GOOGLE)
1	109.206.168.17 109.206.168.17	() ()
69	25

4 45.87.41.89 (Groningen, Netherlands) 3 redirects

ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: 45-87-41-89.static.pwxs.net

nagourijio.nio.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3036::ac43:a54e (United States)

ASN13335 (CLOUDFLARENET, US)

fastcdn.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
counter.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgcdn1.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.36.193 (Reston, United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c09::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::9c (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:ea44 (United States)

ASN13335 (CLOUDFLARENET, US)

dl7.wapkizfile.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dl8.wapkizfile.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c08::66 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:584e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fasty11.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::ac43:a093 (United States)

ASN13335 (CLOUDFLARENET, US)

www1.btc747.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::68 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::71 (Ashburn, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e0::ac40:610f (United States)

ASN13335 (CLOUDFLARENET, US)

nwwais.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::6815:1a12 (United States)

ASN13335 (CLOUDFLARENET, US)

1337x1.wb4.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.61.83 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.83.61.243.136.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:b4a:1:7::9166:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

tdmrfw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::5647:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

wivyiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::9168:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ptxhzp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.33 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.wmgtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.168.17 (None, )

ASN- ()

jswww.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	225 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	62 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	541 KB
6	jdi5.com fastcdn.jdi5.com counter.jdi5.com imgcdn1.jdi5.com	14 KB
4	wb4.xyz 1337x1.wb4.xyz	30 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	5 KB
4	nio.pw 3 redirects nagourijio.nio.pw	28 KB
3	nwwais.com nwwais.com — Cisco Umbrella Rank: 99841	29 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 157	2 KB
3	btc747.xyz www1.btc747.xyz	3 KB
3	wapkizfile.info dl7.wapkizfile.info dl8.wapkizfile.info	325 KB
2	wmgtr.com i.wmgtr.com — Cisco Umbrella Rank: 20420	199 KB
2	tdmrfw.com tdmrfw.com — Cisco Umbrella Rank: 96098	504 B
2	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 34375 static.a-ads.com — Cisco Umbrella Rank: 45230	52 KB
2	imgur.com i.imgur.com — Cisco Umbrella Rank: 7022	265 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	82 KB
1	jswww.net jswww.net	19 KB
1	ptxhzp.com ptxhzp.com — Cisco Umbrella Rank: 110531
1	wivyiz.com wivyiz.com — Cisco Umbrella Rank: 100799
1	fasty11.site 1 redirects fasty11.site	582 B
1	gstatic.com fonts.gstatic.com	18 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	880 B
69	22

	Domain	Requested by
8	www.google-analytics.com	counter.jdi5.com www.googletagmanager.com www.google-analytics.com nagourijio.nio.pw
8	pagead2.googlesyndication.com	nagourijio.nio.pw pagead2.googlesyndication.com nwwais.com tpc.googlesyndication.com
7	www.googletagmanager.com	nagourijio.nio.pw www.googletagmanager.com www.google-analytics.com www1.btc747.xyz 1337x1.wb4.xyz
4	1337x1.wb4.xyz	www1.btc747.xyz 1337x1.wb4.xyz
4	nagourijio.nio.pw	3 redirects
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	nwwais.com	www1.btc747.xyz nwwais.com
3	www1.btc747.xyz	nagourijio.nio.pw
3	fastcdn.jdi5.com	nagourijio.nio.pw
2	i.wmgtr.com	www1.btc747.xyz
2	tdmrfw.com	nwwais.com
2	www.google.com	nagourijio.nio.pw tpc.googlesyndication.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	dl7.wapkizfile.info	nagourijio.nio.pw
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	counter.jdi5.com	nagourijio.nio.pw counter.jdi5.com
2	i.imgur.com	nagourijio.nio.pw
2	cdnjs.cloudflare.com	nagourijio.nio.pw cdnjs.cloudflare.com
1	jswww.net	1337x1.wb4.xyz
1	ptxhzp.com	nwwais.com
1	static.a-ads.com	ad.a-ads.com
1	wivyiz.com	nwwais.com
1	ad.a-ads.com	www1.btc747.xyz
1	analytics.google.com	www.googletagmanager.com
1	imgcdn1.jdi5.com	nagourijio.nio.pw
1	fasty11.site	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	dl8.wapkizfile.info	nagourijio.nio.pw
1	fonts.googleapis.com	nagourijio.nio.pw
69	29

This site contains links to these domains. Also see Links.

Domain
wa.me

Subject Issuer	Validity	Valid
*.wapkiz.com R3	`2023-08-30` - `2023-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
btc747.xyz E1	`2023-09-30` - `2023-12-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
nwwais.com GTS CA 1P5	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-21` - `2024-01-21`	a year	crt.sh
tdmrfw.com R3	`2023-09-20` - `2023-12-19`	3 months	crt.sh
wivyiz.com R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
ptxhzp.com R3	`2023-09-20` - `2023-12-19`	3 months	crt.sh
i.wmgtr.com R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
jswww.net R3	`2023-10-08` - `2024-01-06`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://nagourijio.nio.pw/
Frame ID: DC9931F89918FF73E872A415144190D6
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 2AD261CF06EA737E885885E40ED7EC5A
Requests: 1 HTTP requests in this frame

Frame: https://www1.btc747.xyz/2023/11/brittney-griner-remains-in-russia.html
Frame ID: F0D9AFC04F3B9E1A94F1CB692BB9853B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720731893246155&output=html&adk=1812271804&adf=3025194257&lmt=1700679822&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnagourijio.nio.pw%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700679822349&bpp=5&bdt=291&idt=325&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1367257363029&frm=20&pv=2&ga_vid=1987895779.1700679823&ga_sid=1700679823&ga_hid=1481067921&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809315%2C31078301%2C31079699%2C44800658%2C44807763%2C44808148%2C44808284%2C44809057&oid=2&pvsid=2764994134857538&tmod=348906396&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=346
Frame ID: 3FC89C5709105466F6B49B7EDBA0B03E
Requests: 1 HTTP requests in this frame

Frame: https://1337x1.wb4.xyz/2019/06/degee-biryani.html
Frame ID: 621890639A42BCEB03BA389E0B31E553
Requests: 8 HTTP requests in this frame

Frame: https://ad.a-ads.com/2278993?size=300x250
Frame ID: 54E55C76E043259A26E124606BF6740B
Requests: 2 HTTP requests in this frame

Frame: https://i.wmgtr.com/cim/8PF4lrmWW6byAqCmRLBL3A4ocizIFBhX.png
Frame ID: C342083778F4CA66D4D95773D767D774
Requests: 1 HTTP requests in this frame

Frame: https://i.wmgtr.com/cim/SYMX0rVhmrA7uKFl08TpnIgj7tzn3hW9.png
Frame ID: 24D1F8A3B7E7E20F1EE06F648965CC06
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1D9A2A0E9196545A3D14A3F8D0B5D5BF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BF85C38EBE5D0513B4DE1BD754697B7E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SadriMix.In New Nagpuri Dj Song 2023 Mp3 Download Songs MP3.New Nagpuri Dj Song Download 2023,SadriMix.In New Nagpuri Dj Song 2023 Mp3 Download Songs MP3.New Nagpuri Dj Song Download 2023,

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

69
Requests

93 %
HTTPS

80 %
IPv6

22
Domains

29
Subdomains

25
IPs

3
Countries

1899 kB
Transfer

3790 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.me/+91%2099907915241
Title: Powered By :- HostingWap.In

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://nagourijio.nio.pw/cover/2729391/cover.jpg HTTP 302
https://dl7.wapkizfile.info/cover/G8cEsvIWZogvF_s_ZJsplyFy6st7XJICl1vY_p_qmMNf4xCMqMJLCFsTaaizZPrK15xybVf5u6TKwffQqJ0HgJOnpHLEF0ydOAiry5DCMUVkdqSQIlOd/cover.jpg

Request Chain 12

https://nagourijio.nio.pw/cover/2734884/cover.jpg HTTP 302
https://dl7.wapkizfile.info/cover/G8cEsvIWN4RzF_s_JGs8tySyn46ubOdn54u42hzsZdtBjfrJ5KCAkTaaizZPrK15xybVf5u6TKwffQqJ0HgJOnpHLEF0ydOAiry5DCMUVkdqSQIlOd/cover.jpg

Request Chain 13

https://nagourijio.nio.pw/cover/2794078/cover.jpg HTTP 302
https://dl8.wapkizfile.info/cover/G8cEsvIWMd9zEfMfsc58Hyuou7WdJ3F17ImoysdZshGMrp4aWFsTaaizZPrK15xybVf5u6TKwffQqJ0HgJOnpHLEF0ydOAiry5DCMUVkdqSQIlOd/cover.jpg

Request Chain 19

https://fasty11.site/red2.php?rand=oCc476d974c526a3dc3054f92b4c9a2a4c&id=27 HTTP 302
https://www1.btc747.xyz/submit.php

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
nagourijio.nio.pw/ 228 KB
26 KB 1284ms
506ms Document
text/html 45.87.41.89
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL: https://nagourijio.nio.pw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.87.41.89 Groningen, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: 45-87-41-89.static.pwxs.net
Software: nginx /
Resource Hash: c5b5b830824f61a26f8a3476e31ba5366844e32705d02c55f1c3286ee9b1b275

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 22 Nov 2023 19:03:41 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 187ms
82ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5720731893246155

Requested by

Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a778f86e7222ba1f15412a96f10ea14eda6580d1183d88191eef1c2ba4c02986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nagourijio.nio.pw/
Origin: https://nagourijio.nio.pw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52735
x-xss-protection: 0
server: cafe
etag: 5143416394860761621
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 19:03:42 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 95ms
40ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 89723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eA6SLZjWHtc0TXCh00XRNSYV3eWuIrbydxIVmpRK68Tfv97vYcf76mEvXtKDfakMimkExUR0Tn5tCe13ZqcIaYlfWlQD83WMrHvJTMvhT2vpd7jfbIoYFmKOc%2Fj88vp8O2j8gqMyG5OzIZNiEKPSC87"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82a36f1849f27482-MIA
expires: Mon, 11 Nov 2024 19:03:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
880 B 164ms
60ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merienda

Requested by

Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43cc10f626704c5884ef680fc0b14bcc5274f7cbdde83fc3e590e798644cbe17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 19:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 19:03:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 19:03:42 GMT

GET
H2 200 1.js Show response
fastcdn.jdi5.com/js/medinipurdj.wapkiz.com/ 9 KB
3 KB 383ms
313ms Script
application/javascript 2606:4700:3036::ac43:a54e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastcdn.jdi5.com/js/medinipurdj.wapkiz.com/1.js
Requested by: Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a54e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d505e93c717b7dd39459620e790c594cce9390c93e6e07caf008825d8948ff8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 19:03:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HylEGkFbxQFzgXr54oKsD9o1G%2Bod%2F3ft5i8nZf2pyBm1rPepbL6Luo2eojYE%2Fvf56%2F96lCXtPRYuuL5rjWR15WAAOadDJ0jC9uMXW52XyzhT2lsQAo2zVON9%2FUSOWrSzzxzh32K%2FpZTdnlzJAtT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82a36f18793b032d-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
fastcdn.jdi5.com/css/nagpurijio.wapjo.xyz/ 40 KB
8 KB 401ms
332ms Stylesheet
text/css 2606:4700:3036::ac43:a54e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastcdn.jdi5.com/css/nagpurijio.wapjo.xyz/style.css
Requested by: Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a54e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9d88cd39de1124eb5be94cd360941d3f39620e3e5429a7b3fea4d5ed065316d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 19:03:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5DKHflTHSSqPjs6OPhWNY1xPzEqnAc7%2FGcndS9ajNJ66DUJMsHjbg0xuSydoWccfJKkMs3WDeLKQpEfHDe77ayz%2BJyWY9d01%2FrwEICQGqilUswQqlP4vyhFNeg%2FMo0tKOINWNnjstO8bsnDR0%2FT"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=14400
cf-ray: 82a36f18793a032d-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 VnUCun2.png
i.imgur.com/ 168 KB
168 KB 173ms
58ms Image
image/png 146.75.36.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/VnUCun2.png

Requested by

Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

c28b26727d3ea785b627766fefd9eadedf86fff4eb78704a0756c4584c3247c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:42 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 2445
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
x-amz-storage-class: STANDARD_IA
content-length: 171874
x-served-by: cache-iad-kcgs7200107-IAD
last-modified: Sun, 30 Apr 2023 11:14:10 GMT
server: cat factory 1.0
x-timer: S1700679822.202598,VS0,VE4
etag: "5ee1335d68579ad235862f1db35764ac"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: PLTIYFd-sRDf4Gbe8nb22nylkTXnitK9ND_r50aQwtuj7PHNviWrLQ==
x-cache-hits: 1

GET
H2 200 1.js Show response
fastcdn.jdi5.com/js/dineshdj.wapkiz.com/ 954 B
724 B 369ms
367ms Script
application/javascript 2606:4700:3036::ac43:a54e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastcdn.jdi5.com/js/dineshdj.wapkiz.com/1.js
Requested by: Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a54e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bb287a819ea07573faeea32b6d33d8931f87a7ccdf859bdaf3ddcb5d36ef6b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 19:03:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXpI9%2Fuy4kj4T3FZJ1IOOyrgkVpCq0oofP2dP4O9iaEchuRtNJ0Dakovqy2xrS2aSSLck9k5C3Wn32CPhYp%2FDVJt6sFIXXFflX0bkHIAp%2BU8Ht%2BR21soO%2Bi0esRgXmsN5smCU4oiF%2BVwQaGgjh29"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82a36f18793e032d-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 online.js Show response
counter.jdi5.com/ 3 KB
2 KB 54ms
35ms Script
application/javascript 2606:4700:3036::ac43:a54e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.jdi5.com/online.js
Requested by: Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a54e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 024567767cf06d1279bc0c4fa98581bf8ece442aef4700cd19e8eb3b4a9d522a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12116
cf-polished: origSize=4470
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 07 Oct 2022 16:12:30 GMT
server: cloudflare
etag: W/"63404fee-1176"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhRYgAl2hyvBjsLRWpijlW5NmV0CvizGGFKGvTil9aDseJnNChHooJuYEN3XSHL%2F3KPMTI32aVr7BkiwkrA71MLp6A%2FPsqsFFVxyq5FySx%2BNE01eum%2BviLoqQ0zbX7OsoHBAWjObT0jiFu6o3kbc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82a36f188949032d-MIA
expires: Thu, 23 Nov 2023 03:41:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 178ms
73ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL

Requested by

Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0514087c779ebd196bfce43a33d3d75a5d65f72812048dd3a344cff96a618bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93781
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 19:03:42 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/ 397 KB
134 KB 201ms
98ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5720731893246155

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a72722f9bae14a6e8da1a432156e6ef95ab19532b0b9660884ae358637636f54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137254
x-xss-protection: 0
server: cafe
etag: 6204265958336103218
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 19:03:42 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 2AD2 9 KB
4 KB 157ms
51ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5720731893246155

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nagourijio.nio.pw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 10450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:09:32 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 16:09:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

cover.jpg
dl7.wapkizfile.info/cover/G8cEsvIWZogvF_s_ZJsplyFy6st7XJICl1vY_p_qmMNf4xCMqMJLCFsTaaizZPrK15xybVf5u6TKwffQqJ0HgJOnpHLEF0ydOAiry5DCMUVkdqSQIlOd/
Redirect Chain

https://nagourijio.nio.pw/cover/2729391/cover.jpg
https://dl7.wapkizfile.info/cover/G8cEsvIWZogvF_s_ZJsplyFy6st7XJICl1vY_p_qmMNf4xCMqMJLCFsTaaizZPrK15xybVf5u6TKwffQqJ0HgJOnpHLEF0ydOAiry5DCMUVkdqSQIlOd/cover.jpg

12 KB
12 KB

1329ms
275ms

Image
image/jpg

2606:4700:3038::6815:ea44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7.wapkizfile.info/cover/G8cEsvIWZogvF_s_ZJsplyFy6st7XJICl1vY_p_qmMNf4xCMqMJLCFsTaaizZPrK15xybVf5u6TKwffQqJ0HgJOnpHLEF0ydOAiry5DCMUVkdqSQIlOd/cover.jpg
Requested by: Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/
Protocol: H2
Server: 2606:4700:3038::6815:ea44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: e7f9951426a68132d298172f4e8aefa6eb47459370334932220fcb0c4b903d91

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:44 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 19:03:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E67Q4xoNtQW%2FuenNKOGvEMEszgH5bMXHOd7WLDUlgeZO32JrnjEH9hWf4A%2FM6rl6TYvHlcUVCsYh6h4MxAvPTUryYBZHf7RLqkurYrfGgRgD27D6zsnpCVNv8uhoUKwpt8WywEbyo7z2S26%2Bo9yCt3iW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 82a36f234a8eda2f-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 19:03:42 GMT
Server: nginx
Content-Type: text/html; charset=UTF-8
location: https://dl7.wapkizfile.info/cover/G8cEsvIWZogvF_s_ZJsplyFy6st7XJICl1vY_p_qmMNf4xCMqMJLCFsTaaizZPrK15xybVf5u6TKwffQqJ0HgJOnpHLEF0ydOAiry5DCMUVkdqSQIlOd/cover.jpg
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

cover.jpg
dl7.wapkizfile.info/cover/G8cEsvIWN4RzF_s_JGs8tySyn46ubOdn54u42hzsZdtBjfrJ5KCAkTaaizZPrK15xybVf5u6TKwffQqJ0HgJOnpHLEF0ydOAiry5DCMUVkdqSQIlOd/
Redirect Chain

https://nagourijio.nio.pw/cover/2734884/cover.jpg
https://dl7.wapkizfile.info/cover/G8cEsvIWN4RzF_s_JGs8tySyn46ubOdn54u42hzsZdtBjfrJ5KCAkTaaizZPrK15xybVf5u6TKwffQqJ0HgJOnpHLEF0ydOAiry5DCMUVkdqSQIlOd/cover.jpg

12 KB
12 KB

1069ms
254ms

Image
image/jpg

2606:4700:3038::6815:ea44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7.wapkizfile.info/cover/G8cEsvIWN4RzF_s_JGs8tySyn46ubOdn54u42hzsZdtBjfrJ5KCAkTaaizZPrK15xybVf5u6TKwffQqJ0HgJOnpHLEF0ydOAiry5DCMUVkdqSQIlOd/cover.jpg
Requested by: Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/
Protocol: H2
Server: 2606:4700:3038::6815:ea44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: e7f9951426a68132d298172f4e8aefa6eb47459370334932220fcb0c4b903d91

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:44 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 19:03:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xJ4oZm%2BB7A7acbQpGlEKQ%2FcQhlotDmg%2BLJBdmW%2ByuWSBbwuYmW462P2yD1G%2BqK3WFO807xOK0HBMTg0O%2BD1eUiKaIoU1fNF46TjgnHvtfb8eyblxvogR9qHRcA8lUkW4qGcAcfjvTIeDhBMMVE54dut"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 82a36f234a8fda2f-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 19:03:42 GMT
Server: nginx
Content-Type: text/html; charset=UTF-8
location: https://dl7.wapkizfile.info/cover/G8cEsvIWN4RzF_s_JGs8tySyn46ubOdn54u42hzsZdtBjfrJ5KCAkTaaizZPrK15xybVf5u6TKwffQqJ0HgJOnpHLEF0ydOAiry5DCMUVkdqSQIlOd/cover.jpg
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

cover.jpg
dl8.wapkizfile.info/cover/G8cEsvIWMd9zEfMfsc58Hyuou7WdJ3F17ImoysdZshGMrp4aWFsTaaizZPrK15xybVf5u6TKwffQqJ0HgJOnpHLEF0ydOAiry5DCMUVkdqSQIlOd/
Redirect Chain

https://nagourijio.nio.pw/cover/2794078/cover.jpg
https://dl8.wapkizfile.info/cover/G8cEsvIWMd9zEfMfsc58Hyuou7WdJ3F17ImoysdZshGMrp4aWFsTaaizZPrK15xybVf5u6TKwffQqJ0HgJOnpHLEF0ydOAiry5DCMUVkdqSQIlOd/cover.jpg

300 KB
301 KB

1992ms
1178ms

Image
image/jpg

2606:4700:3038::6815:ea44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl8.wapkizfile.info/cover/G8cEsvIWMd9zEfMfsc58Hyuou7WdJ3F17ImoysdZshGMrp4aWFsTaaizZPrK15xybVf5u6TKwffQqJ0HgJOnpHLEF0ydOAiry5DCMUVkdqSQIlOd/cover.jpg
Requested by: Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/
Protocol: H2
Server: 2606:4700:3038::6815:ea44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: b9bde9719a2faf000ca7f2c072eb34bb4b033e00bc18847423951e035fb0735b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:45 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 19:03:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKEq9eIk3OuylPoldR3fXCZNOsgRDjQIjjUNDK4W7elc509SOKfabAbC4405WSSH%2FdcEfEhb6voR2Anp0JhburjE%2B9gtuJiQlAjPy3g3SgYmlL2kVKOur39iqY0QV2cdkZysi69BMOBjJO82qd2Uyu1E"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 82a36f2348ca742a-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

Pragma: no-cache
Date: Wed, 22 Nov 2023 19:03:42 GMT
Server: nginx
Content-Type: text/html; charset=UTF-8
location: https://dl8.wapkizfile.info/cover/G8cEsvIWMd9zEfMfsc58Hyuou7WdJ3F17ImoysdZshGMrp4aWFsTaaizZPrK15xybVf5u6TKwffQqJ0HgJOnpHLEF0ydOAiry5DCMUVkdqSQIlOd/cover.jpg
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 Z4NnppC.png
i.imgur.com/ 96 KB
96 KB 57ms
57ms Image
image/png 146.75.36.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Z4NnppC.png

Requested by

Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2d4a8845a14652fc9eb7d759ed57b1a4954e8ad3927d3708d683c8d82a31208d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:42 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 2444
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 98417
x-served-by: cache-iad-kcgs7200107-IAD
last-modified: Wed, 27 Sep 2023 16:37:34 GMT
server: cat factory 1.0
x-timer: S1700679823.505360,VS0,VE2
etag: "d14d2403c00adbbfd7782a7517cda89f"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: O5XIVKbAQFscL2oQx4BjRfop3YueC9oHoUrRh_5cWN7rmT706MP6bQ==
x-cache-hits: 1

GET
H2 200 gNMaW3x8Qoy5_mf8uUkJGHtiYXjmKFy5enhYTkT9.woff2
fonts.gstatic.com/s/merienda/v19/ 17 KB
18 KB 172ms
51ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merienda/v19/gNMaW3x8Qoy5_mf8uUkJGHtiYXjmKFy5enhYTkT9.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merienda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32965d76e5d14899db062d3175d6a23af8a89690667d4c12d733b1937a64ae77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nagourijio.nio.pw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:57:26 GMT
x-content-type-options: nosniff
age: 353176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17576
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:23:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 16:57:26 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 62ms
32ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://nagourijio.nio.pw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:42 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1260919
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIOY%2BYZNRfjr1xxquRl40ikGFxRmLhCoQr%2BqMozCmdgDPo26ndc9mQG%2Ff9FTR%2FuddLhRNm6zIz4x2Lf7DzU1tB2Joo%2Bq3ZboHFM5LvajdMsvyNtai0DBGKTwbBQc9MfonJHMoMDNGxmWhfGjNYmFC6NX"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82a36f1aca429af2-MIA
expires: Mon, 11 Nov 2024 19:03:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 1406ms
51ms Script
text/javascript 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 17:31:13 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5550
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 22 Nov 2023 19:31:13 GMT

GET
H2 200 fc.php Show response
counter.jdi5.com/ 49 B
428 B 271ms
271ms Script
application/x-javascript 2606:4700:3036::ac43:a54e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.jdi5.com/fc.php?id=95ebbebcf204062b4b562a957474d755&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&ref=&pn=https%3A%2F%2Fnagourijio.nio.pw%2F&wh=1600x1200&rand=66
Requested by: Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a54e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 132172bb8cfbe6577fbab786d922d8e134e2226e55b393a142e0d36825469f56

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUCVDOOFyvycFzntrgISuVbZjmm6dcrEI1Pj2%2F5nQaiEl1Y2dq5oR8GEfiR1GwKp7t2qiFTGfxIl37HQPMgo7Sv7LYGAF%2F8Ixyi1abtTfOs7nb41Uj6e9WT0uagosge6iNATV255MrPdJ3rsbmo%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cf-ray: 82a36f1acc3c032d-MIA
alt-svc: h3=":443"; ma=86400

GET
H2

200

submit.php Show response
www1.btc747.xyz/ Frame F0D9
Redirect Chain

https://fasty11.site/red2.php?rand=oCc476d974c526a3dc3054f92b4c9a2a4c&id=27
https://www1.btc747.xyz/submit.php

357 B
638 B

793ms
716ms

Document
text/html

2606:4700:3036::ac43:a093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.btc747.xyz/submit.php
Requested by: Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: a59f77de9d6f3dcc5d4a34af8ecd2bb11fd4e9fe5894944c5fedcad838be2cc7

Request headers

Referer: https://nagourijio.nio.pw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a36f23b9cbb3ef-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 19:03:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnGh8y9rkoHUInREMLVFVzODYfd90PEdosX2BMMTg6nB3fVR8t9HXxXv536rcxUlLsGvylPyzXfWy%2BfunNe5Qth4bjA1i%2FO6aLn3p0yeTV%2FrOz%2BpqhkwczHcj5zqVcfQsszcLdvAJkGncy%2FQytA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82a36f1b59c36de3-MIA
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 19:03:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://www1.btc747.xyz/submit.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTOa7rI5yDMTiEoA9%2FXCbpUo6mAN3xI%2BemJ3U6FF5%2FZ2HEZRJwRzVWe%2F8vKeb4OiYhEKFwMr91jFkCUn3%2FX%2FVRC%2FRspHJ%2F4XF7L%2Fq8%2FmeUMKHTWRcb2%2F%2BEqCd7PFxsJ68jSA7Amuvj5YTfY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 70ms
69ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-60&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffec28e4ff0ece79cf5f2dc08e3b399e01fe96396efa4c91eaad4983f0160466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64660
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Nov 2023 19:03:42 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
172 B 1418ms
99ms Ping
text/plain 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-P0LJR3FHEL&gtm=45je3b81v867598820&_p=1700679822512&gcd=11l1l1l1l1&dma=0&cid=1987895779.1700679823&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700679822&sct=1&seg=0&dl=https%3A%2F%2Fnagourijio.nio.pw%2F&dt=SadriMix.In%20New%20Nagpuri%20Dj%20Song%202023%20Mp3%20Download%20Songs%20MP3.New%20Nagpuri%20Dj%20Song%20Download%202023%2C&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1777
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 19:03:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nagourijio.nio.pw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3FC8 603 B
68 B 85ms
84ms Document
text/html 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720731893246155&output=html&adk=1812271804&adf=3025194257&lmt=1700679822&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnagourijio.nio.pw%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700679822349&bpp=5&bdt=291&idt=325&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1367257363029&frm=20&pv=2&ga_vid=1987895779.1700679823&ga_sid=1700679823&ga_hid=1481067921&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44809315%2C31078301%2C31079699%2C44800658%2C44807763%2C44808148%2C44808284%2C44809057&oid=2&pvsid=2764994134857538&tmod=348906396&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=346

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nagourijio.nio.pw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 19:03:43 GMT
expires: Wed, 22 Nov 2023 19:03:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 EF0808.png
imgcdn1.jdi5.com/img/ 133 B
518 B 46ms
35ms Image
image/png 2606:4700:3036::ac43:a54e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgcdn1.jdi5.com/img/EF0808.png
Requested by: Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a54e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 94f541dbfdef1a8128c164c852a4d6e5e28c1802806c015d2039f1380cae9ce1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 888352
x-powered-by: PHP/5.6.40
alt-svc: h3=":443"; ma=86400
content-length: 133
last-modified: Sun, 12 Nov 2023 12:17:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjegYcAp04jIshu%2FGe3Qb6kp2zyTTa3JFn2njIaTJoD%2FpH%2FDnBZjQDscwqYwld53iziyMOPn30%2FRjEvWnKrg8YKGkiUhRvxn3SW1v4bafsHDK%2BakIYa2eb29fQAIYDwMBR1bj9KYNn1Aj2qxsJgj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82a36f1c8e91032d-MIA
expires: Mon, 11 Nov 2024 12:17:49 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
84 B 61ms
60ms XHR
text/plain 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1481067921&t=pageview&_s=1&dl=https%3A%2F%2Fnagourijio.nio.pw%2F&ul=en-us&de=UTF-8&dt=SadriMix.In%20New%20Nagpuri%20Dj%20Song%202023%20Mp3%20Download%20Songs%20MP3.New%20Nagpuri%20Dj%20Song%20Download%202023%2C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=297311629&gjid=24096735&cid=1987895779.1700679823&tid=UA-46789381-10&_gid=2007256466.1700679824&_r=1&_slc=1&z=1524659746

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

549f8289905f59c82a3d55643d6f2868f3589a4ff2b067ad9f8c830daff502cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nagourijio.nio.pw/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 19:03:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nagourijio.nio.pw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 63ms
63ms XHR
text/plain 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1481067921&t=pageview&_s=1&dl=https%3A%2F%2Fnagourijio.nio.pw%2F&ul=en-us&de=UTF-8&dt=SadriMix.In%20New%20Nagpuri%20Dj%20Song%202023%20Mp3%20Download%20Songs%20MP3.New%20Nagpuri%20Dj%20Song%20Download%202023%2C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1485331948&gjid=934242808&cid=1987895779.1700679823&tid=UA-46789381-60&_gid=2007256466.1700679824&_r=1&gtm=457e3b81z8867598820&gcd=11l1l1l1l1&dma=0&jsscut=1&z=129619414

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nagourijio.nio.pw/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 19:03:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nagourijio.nio.pw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
155 B 52ms
52ms Image
image/gif 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1481067921&t=event&_s=2&dl=https%3A%2F%2Fnagourijio.nio.pw%2F&ul=en-us&de=UTF-8&dt=SadriMix.In%20New%20Nagpuri%20Dj%20Song%202023%20Mp3%20Download%20Songs%20MP3.New%20Nagpuri%20Dj%20Song%20Download%202023%2C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=nagourijio.nio.pw&ea=nagourijio.nio.pw&el=nagourijio.nio.pw&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1987895779.1700679823&tid=UA-46789381-60&_gid=2007256466.1700679824&gtm=457e3b81&gcd=11l1l1l1l1&dma=0&jsscut=1&cg1=nagourijio.nio.pw&z=1300511547

Requested by

Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 19:59:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83039
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
348 B 168ms
59ms XHR
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-46789381-10&cid=1987895779.1700679823&jid=297311629&gjid=24096735&_gid=2007256466.1700679824&_u=IADAAEAAAAAAACAAI~&z=1032749914

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nagourijio.nio.pw/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 22 Nov 2023 19:03:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nagourijio.nio.pw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
93 KB 72ms
72ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HYY21FHH92&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

019df11eece95ad91b2725c3e421cdf5a2de43bc26639f64a8ce7e69f83ddedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95114
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 19:03:44 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 175ms
69ms Image
image/gif 2607:f8b0:4004:c09::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-46789381-10&cid=1987895779.1700679823&jid=297311629&_u=IADAAEAAAAAAACAAI~&z=325776479

Requested by

Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::68 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 19:03:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
255 B 310ms
59ms Ping
text/plain 2607:f8b0:4004:c08::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HYY21FHH92&gtm=45je3b81v9128476500&_p=1700679822512&_gaz=1&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1987895779.1700679823&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fnagourijio.nio.pw%2F&dt=SadriMix.In%20New%20Nagpuri%20Dj%20Song%202023%20Mp3%20Download%20Songs%20MP3.New%20Nagpuri%20Dj%20Song%20Download%202023%2C&sid=1700679824&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3477
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HYY21FHH92&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::71 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 19:03:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nagourijio.nio.pw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 60ms
59ms Ping
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HYY21FHH92&cid=1987895779.1700679823&gtm=45je3b81v9128476500&aip=1&dma=0&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HYY21FHH92&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 19:03:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nagourijio.nio.pw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www1.btc747.xyz/ Frame F0D9 385 B
557 B 149ms
148ms Document
text/html 2606:4700:3036::ac43:a093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.btc747.xyz/
Requested by: Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 8ffeb0af6fe8439e8de970598aa7bca26cb69db11d6fc101fa5d36e8e55d3a7a

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www1.btc747.xyz
Referer: https://www1.btc747.xyz/submit.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a36f284a1eb3ef-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 19:03:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UfVhqtw%2F4uPFl4hI9qC1P9V5K%2F8uD1VSQm%2BKCFhfC%2FklfyZJMXwZkSb9E6t2TcMuHM0iAw44fiFuefYfbXktNEmC2LuFqnwYRBRiuw5Bpxd5tRGZRJeFzIqb0rLPt7Ncvy0V5gwqOcDa9EVTBg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST
H3 200 brittney-griner-remains-in-russia.html Show response
www1.btc747.xyz/2023/11/ Frame F0D9 4 KB
2 KB 279ms
278ms Document
text/html 2606:4700:3036::ac43:a093
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.btc747.xyz/2023/11/brittney-griner-remains-in-russia.html
Requested by: Host: nagourijio.nio.pw
URL: https://nagourijio.nio.pw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:a093 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: bb45c9ebd657bdada53a26b6a084e0fed0902c93188040492cb60925ddaad3fe

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www1.btc747.xyz
Referer: https://www1.btc747.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a36f294f027471-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 19:03:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5NLP%2F9tqikBghlQ8tdsPR1uX4alJqcupVw7pRZleQ%2BQ4qHr06jhp4xAHmqclltXIQsxnxHnSCi77UpQtkIRCPY1wXu2zpk8hcgvBYTjHb6qTd2z6rzPGzW7JoJiJK2HLUWjdNt%2FT2lvl%2BlWm%2FY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame F0D9 186 KB
67 KB 78ms
67ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Requested by

Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/11/brittney-griner-remains-in-russia.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd81d31504affaa646ea54f8fe6bd3b867ee3f4e03598ec6c56b05260e092de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68688
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Nov 2023 19:03:45 GMT

GET
H2 200 waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js Show response
nwwais.com/pw/ Frame F0D9 66 KB
25 KB 113ms
37ms Script
application/javascript 2606:4700:e0::ac40:610f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/11/brittney-griner-remains-in-russia.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:610f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fad6529fd7e281b4b879253aa8ed252f6f846ee9ec3ba639303824ce980debb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Nov 2023 17:42:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: 50d813d71a8e5384e8457c5478aea355
age: 4846
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95%2FLtRhM%2FRdU8ii5ogezuI7e3BPb1fqHutAbj0FjIk2Xz%2Fs2RBcL8SDyjM6GxIMvtFCoX35CGVDyO%2BZoYXZh%2BtVQxqseqck6YdalKtpsxGKOvFON43wRdevNtRA3Rg0HI1SK6kWSkTcE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://www1.btc747.xyz
cache-control: max-age=14400
cf-ray: 82a36f2b9b0f4972-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 submit.php Show response
1337x1.wb4.xyz/ Frame 6218 1 KB
934 B 366ms
276ms Document
text/html 2606:4700:3032::6815:1a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.wb4.xyz/submit.php
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/11/brittney-griner-remains-in-russia.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1a12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56

Request headers

Referer: https://www1.btc747.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a36f2bb9919ab9-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 19:03:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwa9WLfqdAmNP6m5kirMe8ynZ0U3P99n5aJL3V%2F21j47oepnTzoMJMIPDlU4DeOMY4jdqTELIHrh2cpAViWzes2PfwQsIqNBbO4HZ6fQRvTrODEpqINxWQdKRugqpTiCxhWd1L4ff5Onn3mfSg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 2278993 Show response
ad.a-ads.com/ Frame 54E5 14 KB
5 KB 578ms
166ms Document
text/html 136.243.61.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2278993?size=300x250

Requested by

Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/11/brittney-griner-remains-in-russia.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.61.83 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.83.61.243.136.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

81a31e7dbd861ac10f5d88c17ef005deef1673939dd6f8bdc6820f36eff6b5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www1.btc747.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 22 Nov 2023 19:03:45 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://www1.btc747.xyz/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame F0D9 223 KB
79 KB 70ms
70ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4SD8J57M3L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7a45d54c7c13066a22259e60492063e7abb64d3622e0707a0055cfa31ca6727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80941
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 19:03:45 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame F0D9 52 KB
21 KB 62ms
53ms Script
text/javascript 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 17:31:13 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5552
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 22 Nov 2023 19:31:13 GMT

GET
BLOB 200
OK 3e3c716d-aa26-4179-8be7-79669dc672c5
https://www1.btc747.xyz/ Frame F0D9 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www1.btc747.xyz/3e3c716d-aa26-4179-8be7-79669dc672c5
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/11/brittney-griner-remains-in-russia.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET
H2 200 wnload Show response
tdmrfw.com/ Frame F0D9 559 B
504 B 804ms
240ms Fetch
application/javascript 2a02:b4a:1:7::9166:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tdmrfw.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsImQiOiJ3d3cxLmJ0Yzc0Ny54eXoiLCJsaSI6Mn0=&tz=-10&if=1&u=aHR0cHM6Ly93d3cxLmJ0Yzc0Ny54eXovMjAyMy8xMS9icml0dG5leS1ncmluZXItcmVtYWlucy1pbi1ydXNzaWEuaHRtbA==&inc=0
Requested by: Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: def8e03fcef84d08a9d2a18ff6f3b3b42ec9396d5cafc9be7208dd5642e0f266

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:46 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true

POST
H2 200 / Show response
1337x1.wb4.xyz/ Frame 6218 1 KB
837 B 156ms
155ms Document
text/html 2606:4700:3032::6815:1a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.wb4.xyz/
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/11/brittney-griner-remains-in-russia.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1a12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 488d25714e8fabba9fd2fd52dce068614dc8df8524987b268907744d3a772076

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://1337x1.wb4.xyz
Referer: https://1337x1.wb4.xyz/submit.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a36f2dacaf9ab9-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 19:03:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6U3jrx4pheo3CuBA8j5%2BmUaThSmzaSDf1hSJL3DLoyr5XSPcPOq%2BH7gjWgD6UlzgTjieZuyvkr84tlW%2FDAuRbw2KfwuefcvaE69T1yePGxgRmYnWdkKkYAI2EL8KoLgmgary6cFXSdDwxHfRdw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 admc
wivyiz.com/ Frame F0D9 0
0 509ms
137ms Fetch 2a02:b4a:1:7::5647:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wivyiz.com/admc?a=2&pid=1051205&sid=1224016&wid=465053&fp=ac85d05bbd059bebd2c51e07b640b009&f=8&tz=-10
Requested by: Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::5647:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: https://www1.btc747.xyz
date: Wed, 22 Nov 2023 19:03:46 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
content-length: 0

POST
H3 200 degee-biryani.html Show response
1337x1.wb4.xyz/2019/06/ Frame 6218 3 KB
2 KB 261ms
261ms Document
text/html 2606:4700:3032::6815:1a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.wb4.xyz/2019/06/degee-biryani.html
Requested by: Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/11/brittney-griner-remains-in-russia.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1a12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 67a089939200b30e5c18a9f5ace18624630a6bdd1d4c8076fea5ce5350b15b68

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://1337x1.wb4.xyz
Referer: https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a36f2eb8dcda05-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 19:03:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beZo6yL7KGM8UvjO8ZRoejYEfbE5CMcZn08tgEna3NkSWhyuiACQ%2B8kFpzdD%2BlbNHCTK4TWsdwolUOWnp2my1zqkub%2B5HkI3dnlHRJQUugauX28v%2FdFvijLdmSSrz52vJWoE7LS0meStbJfKBw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/481633/ Frame 54E5 47 KB
47 KB 187ms
149ms Image
image/gif 136.243.61.83
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/481633/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2278993?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.61.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.83.61.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 3adc7aec9f7a15bf05d3eb70624ebc3acb2a7b422defc27e3af462f897ebb7c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:45 GMT
x-amz-version-id: BBrwRarvbdAuE_BFgySirGfw2fP6_dGZ
last-modified: Sat, 30 Sep 2023 19:52:55 GMT
server: nginx
x-amz-request-id: HNY4JYBXSWQ741DZ
etag: "e262fc829fe8a4f2481dc0dbea930492"
x-amz-server-side-encryption: AES256
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 47715
x-amz-id-2: MAR0/kt71pGN1odnca+DFL7Aqda5eoVilwW61prvHgjwF6Lc1cp4zfT0DkWAj9LRQL7tdT6hiDI=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 6218 186 KB
67 KB 68ms
66ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-49

Requested by

Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/2019/06/degee-biryani.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54f51a4951809535a7fd1f3130e11acf88dca22093b25a943beb5aec45f3585d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68685
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Nov 2023 19:03:46 GMT

GET
H3 200 script.js Show response
1337x1.wb4.xyz/ Frame 6218 90 KB
27 KB 497ms
496ms Script
application/javascript 2606:4700:3032::6815:1a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.wb4.xyz/script.js?t=2023102219
Requested by: Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/2019/06/degee-biryani.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1a12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: bb81c521c328cf4dce09e15b0f34795e68d447f46a0c4007084689d10b6f20e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1337x1.wb4.xyz/2019/06/degee-biryani.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Nov 2023 19:03:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtwyWSV5eRmQF86%2FuOWh4Keb7NpmdKkmG7GsxldfyRnMKjsD9dwlqEwRlUFUlx9XiW1wMW1Et0j5opQF2L8oaA5LhgtYNjSpSO4NvgjzUfDvslUK0EGodgdGDM24mgqyisxVo0wNpnxwzCVT1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82a36f306b87da05-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 6218 223 KB
79 KB 70ms
69ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d389a8a41471a546280cbc3162263e3cf1d98ec5a91c9a7f8061b3da0557d242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 19:03:46 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 6218 52 KB
21 KB 51ms
51ms Script
text/javascript 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 17:31:13 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5553
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 22 Nov 2023 19:31:13 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F0D9 0
0 95ms
94ms Fetch
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52670
x-xss-protection: 0
server: cafe
etag: 10734639168600377461
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 19:03:46 GMT

GET
H3 200 social.html Show response
nwwais.com/template/ Frame F0D9 4 KB
2 KB 105ms
46ms Fetch
text/html 2606:4700:e0::ac40:610f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nwwais.com/template/social.html
Requested by: Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:610f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4aaa8b864033f10089ecbbc1023817b1968fe72fb17398564429c7f07796c80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Nov 2023 18:39:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1427
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Df4nYpUOzRI%2B0urpOMPwCvzcShqSSlFaqUnj0ZF0WrgCtqoNtVXromAMWstfEm7hkkg3rGsNzk0ne1CQACCvkcktZ4Wnp61cjTcDpE8jQX7dz%2FfAyi7AnO2HkV%2BY5RVqjkJtlAy8zFjd"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www1.btc747.xyz
cache-control: max-age=14400
cf-ray: 82a36f31bdbfdac5-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 social.html Show response
nwwais.com/template/ Frame F0D9 4 KB
2 KB 106ms
48ms Fetch
text/html 2606:4700:e0::ac40:610f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nwwais.com/template/social.html
Requested by: Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:610f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4aaa8b864033f10089ecbbc1023817b1968fe72fb17398564429c7f07796c80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Nov 2023 18:39:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1427
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xv8mhgRwV4wBTXHVQKrCvX6iBsQNncNVmLMe3ttn8l9dFUerlLhBDq5cJcR3vpb7nFrCeRAYxOYz93%2FkzcP6JuM%2BI4%2FQU5VFInn%2F7OQCcBP0RB0wIBPPzDcbowgBMgWyUsKPs6Id3yQq"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www1.btc747.xyz
cache-control: max-age=14400
cf-ray: 82a36f31bdc4dac5-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 abs
ptxhzp.com/ Frame F0D9 0
0 612ms
136ms Fetch 2a02:b4a:1:7::9168:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ptxhzp.com/abs?f=8&wid=465053&di=nwwais.com&dl=tdmrfw.com&d=www1.btc747.xyz&lok=1&abf=0
Requested by: Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9168:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 19:03:46 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
content-length: 0

GET
H2 200 8PF4lrmWW6byAqCmRLBL3A4ocizIFBhX.png
i.wmgtr.com/cim/ Frame C342 94 KB
94 KB 275ms
168ms Image
image/png 45.133.44.33
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cim/8PF4lrmWW6byAqCmRLBL3A4ocizIFBhX.png

Requested by

Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/11/brittney-griner-remains-in-russia.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.33 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

999c22815216b1e5ba968a7153deba27052a599499e8961ad4af941aa0aa47eb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Thu, 23 Nov 2023 18:03:46 GMT
date: Wed, 22 Nov 2023 19:03:46 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 SYMX0rVhmrA7uKFl08TpnIgj7tzn3hW9.png
i.wmgtr.com/cim/ Frame 24D1 104 KB
105 KB 151ms
49ms Image
image/png 45.133.44.33
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cim/SYMX0rVhmrA7uKFl08TpnIgj7tzn3hW9.png

Requested by

Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2023/11/brittney-griner-remains-in-russia.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.33 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

bc3f3b196f7f9774350b05cb4e6a38d488b23deabbc0133a354ba1d1a54d2e60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Thu, 23 Nov 2023 18:03:46 GMT
date: Wed, 22 Nov 2023 19:03:46 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 wnrw
tdmrfw.com/ Frame F0D9 0
0 137ms
137ms Fetch 2a02:b4a:1:7::9166:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tdmrfw.com/wnrw?aid=13209775236427498697&a=1
Requested by: Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www1.btc747.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: https://www1.btc747.xyz
date: Wed, 22 Nov 2023 19:03:46 GMT
server: nginx/1.18.0
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 74ms
73ms XHR
application/json 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe42aa821ed2054dbc2eb54e88bed2f49518286479fdd7ca51e1770846091c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12343
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 163ms
60ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 19:03:46 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1D9A 13 KB
5 KB 59ms
50ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nagourijio.nio.pw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 6097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 17:22:09 GMT
expires: Thu, 21 Nov 2024 17:22:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BF85 829 B
998 B 74ms
71ms Document
text/html 2607:f8b0:4004:c09::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::68 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f1d90517f5826043b6d7ab06375f84633c18595ec8b1af4585a6587477028098

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OodjQCsK0UW6ayt_kzHIPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nagourijio.nio.pw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OodjQCsK0UW6ayt_kzHIPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 19:03:46 GMT
expires: Wed, 22 Nov 2023 19:03:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D9A 39 KB
15 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Nov 2024 17:52:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BF85 0
0 66ms
66ms Image
text/html 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2764994134857538&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1D9A 0
10 B 56ms
55ms Image
text/plain 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?t55DZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK w.js Show response
jswww.net/ Frame 6218 19 KB
19 KB 571ms
254ms Script
text/javascript 109.206.168.17

General

Check archive.org

Show headers Download Go to

Full URL: https://jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=139649&t=2074&sid=1337x1.wb4.xyz&r=0.3978572220853476
Requested by: Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/script.js?t=2023102219
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.168.17 -, , ASN (),
Reverse DNS
Software: binder-v5.8.7 /
Resource Hash: 892c3910ab7011353c881943839f7cd190b8dc232b2bbd8a768723f1432d700f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1337x1.wb4.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:03:47 GMT
x-response-code: 20200
server: binder-v5.8.7
access-control-allow-methods: GET, POST
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
access-control-allow-headers: *
content-length: 19554

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
73ms Image
image/gif 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-5720731893246155&su=nagourijio.nio.pw&eid=44759875%2C44759926%2C44809315%2C31078301%2C31079699%2C44800658%2C44807763%2C44808148%2C44808284%2C44809057&doc=complete&pg_h=1839&pg_w=1600&pg_hs=1839&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 19:03:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 120ms
111ms Ping
text/plain 2607:f8b0:4004:c08::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-P0LJR3FHEL&gtm=45je3b81v867598820&_p=1700679822512&gcd=11l1l1l1l1&dma=0&cid=1987895779.1700679823&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700679822&sct=1&seg=0&dl=https%3A%2F%2Fnagourijio.nio.pw%2F&dt=SadriMix.In%20New%20Nagpuri%20Dj%20Song%202023%20Mp3%20Download%20Songs%20MP3.New%20Nagpuri%20Dj%20Song%20Download%202023%2C&en=nagourijio.nio.pw&_ee=1&ep.event_category=nagourijio.nio.pw&ep.event_label=nagourijio.nio.pw&_et=3&tfd=6782
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c08::66 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 19:03:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nagourijio.nio.pw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 114ms
113ms Image
text/html 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2764994134857538&bg=!w8ClwI_NAAZxrfrxUa07ADQBe5WfOM2-KdcVt9xMepce_wOZFgd1I0Oi0mh4jHPBEnkmtmbyYHylXzE17a3e1ttKbOvsAgAAAI5SAAAABGgBB5kCr8gj3PtaPoRRerEd24lXZotNiw1TE6izfNr5WLpOSHUXD1dIg8wOnk8db3oz9nPRyY_o2zYMnVNwPYZG3zL2kVk1A9FQT8Z3OAo_beDVzO-sJgy1gv2bR_jxKqHB81t3pyOrpYSBBep66YmvMTAmfXdX33exVITCnvqXprm-9_m1MnwrTgbmqX-DKXkvMcVZybRzLRMYeNj47hS5xq2fWYIlnQKdiYx7fLMulEHxX3mj3TlQMjPHy1MOrYkptwZkwzLWVcc9MVjTL3FGzdgI5N8zhf9JTcgAUVL9j9hgS2ExORplsafoXJHCX-mK62iRQBMxPJUmAXDHfJavlMjtnDBHl-7oyTdk6NamUH4HvItsgaYOMqqGCeMpilEnHwtSJaDvwO2vmzQOqwVw95S4l5KogFk-jTU8_GYnE-MDMZT6JkqITrWsendj9HUWFbsgW8Z0j0FdV5cnSWBCtiuOO_ldcy-TnQlMo7XLGbA5F0BEc9uHkla3O4xJyeLxpBQrqIe5F0xiHh5NlmjLT_qpWkEGFHAoE0cVioPJkXoIQ-X-CfmN4yACN4gXeYmS-9IWMA9h48jHAZrpnxrO0C9d8-RmuzCJVLi-daZSCX_zUt67l6vrda-0EttBvD51Nj-HSISPR8guXufVdvlrRiDg6ved9gbD_wOH1FWMw2lIR4NlEWCQjurHhUO_ma8HSYbt5UhRdG9ITPxtwed9P6QEglwPqnOW_dTE2tpMMruiG-IZYUypyZzUuVksgB5d9PTyADPmKNRW8WSeaNGD3zKSU0DZz2tYbR7nggDc5qOukqcQ-Y8tQifh51PjPBwvhAiSrPJrElda5YaXX8uP8MfP2Y4O1hkKfT1pwQM_mqdKwqk1cZxuSVM_DotsLdqUuI5DKh0HiGAbmeNryq1yAVcdhg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nagourijio.nio.pw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nagourijio.nio.pw/	1969-12-31 23:59:59	Name: nagourijio_nio_pw Value: 6lv0bce73sc69r3q9rp6tvuaqa
.nio.pw/	1970-01-21 02:00:39	Name: _ga_P0LJR3FHEL Value: GS1.1.1700679822.1.0.1700679822.0.0.0
.doubleclick.net/	1970-01-20 16:24:40	Name: test_cookie Value: CheckForPermission
.nio.pw/	1970-01-21 02:00:39	Name: _ga Value: GA1.2.1987895779.1700679823
.nio.pw/	1970-01-20 16:26:06	Name: _gid Value: GA1.2.2007256466.1700679824
.nio.pw/	1970-01-20 16:24:39	Name: _gat Value: 1
.nio.pw/	1970-01-20 16:24:39	Name: _gat_gtag_UA_46789381_60 Value: 1
.nio.pw/	1970-01-21 02:00:39	Name: _ga_HYY21FHH92 Value: GS1.2.1700679824.1.0.1700679824.60.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1337x1.wb4.xyz
ad.a-ads.com
analytics.google.com
cdnjs.cloudflare.com
counter.jdi5.com
dl7.wapkizfile.info
dl8.wapkizfile.info
fastcdn.jdi5.com
fasty11.site
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
i.wmgtr.com
imgcdn1.jdi5.com
jswww.net
nagourijio.nio.pw
nwwais.com
pagead2.googlesyndication.com
ptxhzp.com
static.a-ads.com
stats.g.doubleclick.net
tdmrfw.com
tpc.googlesyndication.com
wivyiz.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www1.btc747.xyz
109.206.168.17
136.243.61.83
146.75.36.193
2606:4700:3032::6815:1a12
2606:4700:3034::6815:584e
2606:4700:3036::ac43:a093
2606:4700:3036::ac43:a54e
2606:4700:3038::6815:ea44
2606:4700::6811:180e
2606:4700:e0::ac40:610f
2607:f8b0:4004:c07::84
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c07::9d
2607:f8b0:4004:c08::66
2607:f8b0:4004:c08::71
2607:f8b0:4004:c09::61
2607:f8b0:4004:c09::68
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c1b::5f
2a02:b4a:1:7::5647:1
2a02:b4a:1:7::9166:1
2a02:b4a:1:7::9168:1
45.133.44.33
45.87.41.89
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
019df11eece95ad91b2725c3e421cdf5a2de43bc26639f64a8ce7e69f83ddedb
024567767cf06d1279bc0c4fa98581bf8ece442aef4700cd19e8eb3b4a9d522a
0514087c779ebd196bfce43a33d3d75a5d65f72812048dd3a344cff96a618bc7
0d505e93c717b7dd39459620e790c594cce9390c93e6e07caf008825d8948ff8
132172bb8cfbe6577fbab786d922d8e134e2226e55b393a142e0d36825469f56
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
2d4a8845a14652fc9eb7d759ed57b1a4954e8ad3927d3708d683c8d82a31208d
32965d76e5d14899db062d3175d6a23af8a89690667d4c12d733b1937a64ae77
3adc7aec9f7a15bf05d3eb70624ebc3acb2a7b422defc27e3af462f897ebb7c5
43cc10f626704c5884ef680fc0b14bcc5274f7cbdde83fc3e590e798644cbe17
488d25714e8fabba9fd2fd52dce068614dc8df8524987b268907744d3a772076
549f8289905f59c82a3d55643d6f2868f3589a4ff2b067ad9f8c830daff502cb
54f51a4951809535a7fd1f3130e11acf88dca22093b25a943beb5aec45f3585d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
67a089939200b30e5c18a9f5ace18624630a6bdd1d4c8076fea5ce5350b15b68
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81a31e7dbd861ac10f5d88c17ef005deef1673939dd6f8bdc6820f36eff6b5bc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
892c3910ab7011353c881943839f7cd190b8dc232b2bbd8a768723f1432d700f
8ffeb0af6fe8439e8de970598aa7bca26cb69db11d6fc101fa5d36e8e55d3a7a
94f541dbfdef1a8128c164c852a4d6e5e28c1802806c015d2039f1380cae9ce1
99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56
999c22815216b1e5ba968a7153deba27052a599499e8961ad4af941aa0aa47eb
a59f77de9d6f3dcc5d4a34af8ecd2bb11fd4e9fe5894944c5fedcad838be2cc7
a72722f9bae14a6e8da1a432156e6ef95ab19532b0b9660884ae358637636f54
a778f86e7222ba1f15412a96f10ea14eda6580d1183d88191eef1c2ba4c02986
a9d88cd39de1124eb5be94cd360941d3f39620e3e5429a7b3fea4d5ed065316d
b9bde9719a2faf000ca7f2c072eb34bb4b033e00bc18847423951e035fb0735b
bb45c9ebd657bdada53a26b6a084e0fed0902c93188040492cb60925ddaad3fe
bb81c521c328cf4dce09e15b0f34795e68d447f46a0c4007084689d10b6f20e1
bc3f3b196f7f9774350b05cb4e6a38d488b23deabbc0133a354ba1d1a54d2e60
c28b26727d3ea785b627766fefd9eadedf86fff4eb78704a0756c4584c3247c9
c5b5b830824f61a26f8a3476e31ba5366844e32705d02c55f1c3286ee9b1b275
c7a45d54c7c13066a22259e60492063e7abb64d3622e0707a0055cfa31ca6727
d389a8a41471a546280cbc3162263e3cf1d98ec5a91c9a7f8061b3da0557d242
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def8e03fcef84d08a9d2a18ff6f3b3b42ec9396d5cafc9be7208dd5642e0f266
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aaa8b864033f10089ecbbc1023817b1968fe72fb17398564429c7f07796c80
e7f9951426a68132d298172f4e8aefa6eb47459370334932220fcb0c4b903d91
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1bb287a819ea07573faeea32b6d33d8931f87a7ccdf859bdaf3ddcb5d36ef6b
f1d90517f5826043b6d7ab06375f84633c18595ec8b1af4585a6587477028098
fad6529fd7e281b4b879253aa8ed252f6f846ee9ec3ba639303824ce980debb8
fd81d31504affaa646ea54f8fe6bd3b867ee3f4e03598ec6c56b05260e092de9
fe42aa821ed2054dbc2eb54e88bed2f49518286479fdd7ca51e1770846091c61
ffec28e4ff0ece79cf5f2dc08e3b399e01fe96396efa4c91eaad4983f0160466

nagourijio.nio.pw Open in urlscan Pro 45.87.41.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

69 Requests

93 %HTTPS

80 %IPv6

22 Domains

29 Subdomains

25 IPs

3 Countries

1899 kBTransfer

3790 kBSize

8 Cookies

1 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nagourijio.nio.pw Open in urlscan Pro
45.87.41.89 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

93 %
HTTPS

80 %
IPv6

22
Domains

29
Subdomains

25
IPs

3
Countries

1899 kB
Transfer

3790 kB
Size

8
Cookies

69 HTTP transactions
0 data transactions