urlscan.io logo urlscan.io
SecurityTrails logo

nuvitayou.com Open in urlscan Pro
64.46.118.25  Public Scan

Go To Rescan Add Verdict Report
URL: http://nuvitayou.com/
Submission: On February 11 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 49 HTTP transactions. The main IP is 64.46.118.25, located in United States and belongs to SINGLEHOP-LLC, US. The main domain is nuvitayou.com.
This is the only time nuvitayou.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 31 64.46.118.25 32475 (SINGLEHOP...)
25 211.149.194.151 38283 (CHINANET-...)
6 142.250.180.194 15169 (GOOGLE)
3 66.94.108.216 40021 (CONTABO)
2 142.251.39.2 15169 (GOOGLE)
1 142.250.185.162 15169 (GOOGLE)
2 142.250.186.66 15169 (GOOGLE)
3 172.217.18.1 15169 (GOOGLE)
1 142.250.201.196 15169 (GOOGLE)
49 9
31    64.46.118.25 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: vss-502-ams01.hawkhost.com
nuvitayou.com
25    211.149.194.151 (China)

ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN)
www.mfname.com
6    142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net
pagead2.googlesyndication.com
3    66.94.108.216 (Corpus Christi, United States)

ASN40021 (CONTABO, US)
PTR: vmi729383.contaboserver.net
1.jacie.top
2    142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
partner.googleadservices.com
2    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
adservice.google.pl
adservice.google.com
3    172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.201.196 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
31 nuvitayou.com
nuvitayou.com
29 KB
25 mfname.com
www.mfname.com
108 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
205 KB
3 jacie.top
1.jacie.top
24 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
5 KB
1 google.pl
adservice.google.pl — Cisco Umbrella Rank: 30299
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 842
605 B
49 8
Domain Requested by
31 nuvitayou.com 25 redirects nuvitayou.com
25 www.mfname.com nuvitayou.com
6 pagead2.googlesyndication.com nuvitayou.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 1.jacie.top nuvitayou.com
1.jacie.top
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.pl pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
49 10

This site contains links to these domains. Also see Links.

Domain
beian.miit.gov.cn
www.xxfseo.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.google.pl
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://nuvitayou.com/
Frame ID: FD981866B501A1FEEBAF737DDBAE3893
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
Frame ID: 540AEE7B999B7ED7D23059ADD95C7090
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4034565996942195&output=html&adk=1812271804&adf=3025194257&lmt=1676109779&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=http%3A%2F%2Fnuvitayou.com%2F&ea=0&pra=5&wgl=1&dt=1676109779256&bpp=5&bdt=3721&idt=359&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5850512018738&frm=20&pv=2&ga_vid=899239019.1676109780&ga_sid=1676109780&ga_hid=593155473&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44777877%2C44759875%2C31072259%2C31072288%2C44779793%2C31071269%2C31071662%2C31072229&oid=2&pvsid=4451088700744599&tmod=741429986&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=382
Frame ID: 97711376FB09FB5727A3E92411FD25C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 415A2667C994C6F4796CCB9266214A17
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 44E356A183CDF85AE40D4757F07A80EC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

寶寶在線起名,寶寶起100分的名字,滿分名字起名網

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

49
Requests

31 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

9
IPs

2
Countries

364 kB
Transfer

855 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://nuvitayou.com/?main.js HTTP 302
  • http://www.mfname.com/main.js
Request Chain 2
  • http://nuvitayou.com/?unvip.gif HTTP 302
  • http://www.mfname.com/unvip.gif
Request Chain 3
  • http://nuvitayou.com/?boy.gif HTTP 302
  • http://www.mfname.com/boy.gif
Request Chain 4
  • http://nuvitayou.com/?yes2.gif HTTP 302
  • http://www.mfname.com/yes2.gif
Request Chain 5
  • http://nuvitayou.com/?no3.gif HTTP 302
  • http://www.mfname.com/no3.gif
Request Chain 6
  • http://nuvitayou.com/?no4.gif HTTP 302
  • http://www.mfname.com/no4.gif
Request Chain 7
  • http://nuvitayou.com/?m/html/upload/s/s_f3655.jpg HTTP 302
  • http://www.mfname.com/m/html/upload/s/s_f3655.jpg
Request Chain 8
  • http://nuvitayou.com/?m/html/upload/s/s_f3654.jpg HTTP 302
  • http://www.mfname.com/m/html/upload/s/s_f3654.jpg
Request Chain 9
  • http://nuvitayou.com/?m/html/upload/s/s_f3653.jpg HTTP 302
  • http://www.mfname.com/m/html/upload/s/s_f3653.jpg
Request Chain 10
  • http://nuvitayou.com/?m/html/upload/s/s_f3652.jpg HTTP 302
  • http://www.mfname.com/m/html/upload/s/s_f3652.jpg
Request Chain 11
  • http://nuvitayou.com/?m/html/upload/s/s_f3651.jpg HTTP 302
  • http://www.mfname.com/m/html/upload/s/s_f3651.jpg
Request Chain 12
  • http://nuvitayou.com/?m/html/upload/s/s_f3650.jpg HTTP 302
  • http://www.mfname.com/m/html/upload/s/s_f3650.jpg
Request Chain 13
  • http://nuvitayou.com/?m/html/upload/s/s_f3649.jpg HTTP 302
  • http://www.mfname.com/m/html/upload/s/s_f3649.jpg
Request Chain 14
  • http://nuvitayou.com/?m/html/upload/s/s_f3648.jpg HTTP 302
  • http://www.mfname.com/m/html/upload/s/s_f3648.jpg
Request Chain 15
  • http://nuvitayou.com/?m/html/upload/s/s_f3647.jpg HTTP 302
  • http://www.mfname.com/m/html/upload/s/s_f3647.jpg
Request Chain 16
  • http://nuvitayou.com/?m/html/upload/s/s_f3646.jpg HTTP 302
  • http://www.mfname.com/m/html/upload/s/s_f3646.jpg
Request Chain 19
  • http://nuvitayou.com/?maintop.gif HTTP 302
  • http://www.mfname.com/maintop.gif
Request Chain 20
  • http://nuvitayou.com/?images/04.gif HTTP 302
  • http://www.mfname.com/images/04.gif
Request Chain 21
  • http://nuvitayou.com/?img1.gif HTTP 302
  • http://www.mfname.com/img1.gif
Request Chain 22
  • http://nuvitayou.com/?img2.gif HTTP 302
  • http://www.mfname.com/img2.gif
Request Chain 23
  • http://nuvitayou.com/?input1.gif HTTP 302
  • http://www.mfname.com/input1.gif
Request Chain 24
  • http://nuvitayou.com/?longback.gif HTTP 302
  • http://www.mfname.com/longback.gif
Request Chain 25
  • http://nuvitayou.com/?start.gif HTTP 302
  • http://www.mfname.com/start.gif
Request Chain 26
  • http://nuvitayou.com/?img3.gif HTTP 302
  • http://www.mfname.com/img3.gif
Request Chain 27
  • http://nuvitayou.com/?zhishibanner.gif HTTP 302
  • http://www.mfname.com/zhishibanner.gif

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nuvitayou.com/ 		86 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://nuvitayou.com/
Protocol
HTTP/1.1
Server
64.46.118.25 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
vss-502-ams01.hawkhost.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
ced909f2dcda0beddd9680d96562fa92167754a162e8cf3daf92648720736a57

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-encoding
gzip
content-length
15814
content-type
text/html;charset=gb2312
date
Sat, 11 Feb 2023 10:02:55 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
/
nuvitayou.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://nuvitayou.com/?main.css
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
64.46.118.25 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
vss-502-ams01.hawkhost.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
4297aeb0bbab7f99eb5278c01fa19844c116a92aefc7c72c62e98534f0c126da

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:02:56 GMT
content-encoding
gzip
server
LiteSpeed
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
content-type
text/css;charset=from
cache-control
public, max-age=604800
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
936
expires
Sat, 18 Feb 2023 10:02:56 GMT
main.js
www.mfname.com/
Redirect Chain
  • http://nuvitayou.com/?main.js
  • http://www.mfname.com/main.js
22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mfname.com/main.js
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
911d4b6a60fed1893fe55f5ebc8fbade6215ff8a4b8b28c1697691bc3fdc1696

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:57 GMT
Last-Modified
Thu, 07 Nov 2019 17:36:26 GMT
Server
Microsoft-IIS/6.0
ETag
"26fde2e19195d51:1de7d"
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
22322

Redirect headers

date
Sat, 11 Feb 2023 10:02:55 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
text/javascript;charset=UTF-8
location
http://www.mfname.com/main.js
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
unvip.gif
www.mfname.com/
Redirect Chain
  • http://nuvitayou.com/?unvip.gif
  • http://www.mfname.com/unvip.gif
765 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/unvip.gif
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
73f0138279bc187e1412d4b1cad33823f33e5e32f3109fd2d8ae59ac1520471f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:57 GMT
Last-Modified
Sun, 15 Dec 2013 07:34:21 GMT
Server
Microsoft-IIS/6.0
ETag
"882bef1168f9ce1:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
765

Redirect headers

date
Sat, 11 Feb 2023 10:02:56 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/unvip.gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:02:56 GMT
boy.gif
www.mfname.com/
Redirect Chain
  • http://nuvitayou.com/?boy.gif
  • http://www.mfname.com/boy.gif
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/boy.gif
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
be7fe5f88e39de0431291ebef2233705d9943055f955fabe8290020b94ec6342

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:57 GMT
Last-Modified
Sun, 01 Dec 2013 15:47:14 GMT
Server
Microsoft-IIS/6.0
ETag
"86bb489baceece1:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1361

Redirect headers

date
Sat, 11 Feb 2023 10:02:58 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/boy.gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:02:58 GMT
yes2.gif
www.mfname.com/
Redirect Chain
  • http://nuvitayou.com/?yes2.gif
  • http://www.mfname.com/yes2.gif
836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/yes2.gif
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
cfba85e3c3821a4770cc1e6ca8ca9408aa3f06f83bdb024ed30acb1a3ec25009

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:57 GMT
Last-Modified
Sun, 01 Dec 2013 15:47:50 GMT
Server
Microsoft-IIS/6.0
ETag
"40229ab0aceece1:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
836

Redirect headers

date
Sat, 11 Feb 2023 10:02:58 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/yes2.gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:02:58 GMT
no3.gif
www.mfname.com/
Redirect Chain
  • http://nuvitayou.com/?no3.gif
  • http://www.mfname.com/no3.gif
524 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/no3.gif
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
7a8bec2c4dff06ad3797568bd490f9759bac29b1b3e83c116482b4c86e32d34d

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:59 GMT
Last-Modified
Sun, 01 Dec 2013 15:47:37 GMT
Server
Microsoft-IIS/6.0
ETag
"f2a11fa9aceece1:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
524

Redirect headers

date
Sat, 11 Feb 2023 10:02:58 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/no3.gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:02:58 GMT
no4.gif
www.mfname.com/
Redirect Chain
  • http://nuvitayou.com/?no4.gif
  • http://www.mfname.com/no4.gif
568 B
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/no4.gif
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
d77762fe00492470c7af9cb23690cbf65e5bb92cb9709972577b5cb2d5979294

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:59 GMT
Last-Modified
Sun, 01 Dec 2013 15:47:38 GMT
Server
Microsoft-IIS/6.0
ETag
"169f5da9aceece1:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
568

Redirect headers

date
Sat, 11 Feb 2023 10:02:59 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/no4.gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:02:59 GMT
s_f3655.jpg
www.mfname.com/m/html/upload/s/
Redirect Chain
  • http://nuvitayou.com/?m/html/upload/s/s_f3655.jpg
  • http://www.mfname.com/m/html/upload/s/s_f3655.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/m/html/upload/s/s_f3655.jpg
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
3a544da406c30b826d35089df690600fba606c6bf7a058cad481a673238cb501

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:59 GMT
Last-Modified
Mon, 30 Jan 2023 00:14:02 GMT
Server
Microsoft-IIS/6.0
ETag
"32e5e1c13f34d91:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
3949

Redirect headers

date
Sat, 11 Feb 2023 10:02:59 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/m/html/upload/s/s_f3655.jpg
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:02:59 GMT
s_f3654.jpg
www.mfname.com/m/html/upload/s/
Redirect Chain
  • http://nuvitayou.com/?m/html/upload/s/s_f3654.jpg
  • http://www.mfname.com/m/html/upload/s/s_f3654.jpg
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/m/html/upload/s/s_f3654.jpg
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
b904058a539d84b3f9e1f9b8273c167282b283def36f0a90f2e11e678457f28f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:59 GMT
Last-Modified
Wed, 25 Jan 2023 15:24:47 GMT
Server
Microsoft-IIS/6.0
ETag
"8c82929d130d91:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
3573

Redirect headers

date
Sat, 11 Feb 2023 10:02:59 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/m/html/upload/s/s_f3654.jpg
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:02:59 GMT
s_f3653.jpg
www.mfname.com/m/html/upload/s/
Redirect Chain
  • http://nuvitayou.com/?m/html/upload/s/s_f3653.jpg
  • http://www.mfname.com/m/html/upload/s/s_f3653.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/m/html/upload/s/s_f3653.jpg
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
1b39f9eff9a4c00616317b914b7df7cea92e9e14139e27c7993060cf2eb8a828

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:59 GMT
Last-Modified
Wed, 25 Jan 2023 15:24:47 GMT
Server
Microsoft-IIS/6.0
ETag
"f2d4ba28d130d91:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
3649

Redirect headers

date
Sat, 11 Feb 2023 10:02:59 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/m/html/upload/s/s_f3653.jpg
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:02:59 GMT
s_f3652.jpg
www.mfname.com/m/html/upload/s/
Redirect Chain
  • http://nuvitayou.com/?m/html/upload/s/s_f3652.jpg
  • http://www.mfname.com/m/html/upload/s/s_f3652.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/m/html/upload/s/s_f3652.jpg
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
9b7c61ed5e56735194b3593de804345526894eb8a2b7d840daa713af671a408e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:59 GMT
Last-Modified
Wed, 25 Jan 2023 15:24:46 GMT
Server
Microsoft-IIS/6.0
ETag
"c0b07528d130d91:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
3968

Redirect headers

date
Sat, 11 Feb 2023 10:02:59 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/m/html/upload/s/s_f3652.jpg
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:02:59 GMT
s_f3651.jpg
www.mfname.com/m/html/upload/s/
Redirect Chain
  • http://nuvitayou.com/?m/html/upload/s/s_f3651.jpg
  • http://www.mfname.com/m/html/upload/s/s_f3651.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/m/html/upload/s/s_f3651.jpg
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
3e74b96587a8699d5e14f36cd6ede031763fa968e3e3b80cb0027f1e9fdb9226

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:03:00 GMT
Last-Modified
Wed, 25 Jan 2023 15:24:46 GMT
Server
Microsoft-IIS/6.0
ETag
"e8ee3228d130d91:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
4020

Redirect headers

date
Sat, 11 Feb 2023 10:03:00 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/m/html/upload/s/s_f3651.jpg
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:03:00 GMT
s_f3650.jpg
www.mfname.com/m/html/upload/s/
Redirect Chain
  • http://nuvitayou.com/?m/html/upload/s/s_f3650.jpg
  • http://www.mfname.com/m/html/upload/s/s_f3650.jpg
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/m/html/upload/s/s_f3650.jpg
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
c28187812e04cd8c8840ba38aa890e8133a68f5db665f257897a2388b9ce2af1

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:03:00 GMT
Last-Modified
Wed, 25 Jan 2023 15:24:45 GMT
Server
Microsoft-IIS/6.0
ETag
"24ccce27d130d91:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
3565

Redirect headers

date
Sat, 11 Feb 2023 10:03:00 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/m/html/upload/s/s_f3650.jpg
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:03:00 GMT
s_f3649.jpg
www.mfname.com/m/html/upload/s/
Redirect Chain
  • http://nuvitayou.com/?m/html/upload/s/s_f3649.jpg
  • http://www.mfname.com/m/html/upload/s/s_f3649.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/m/html/upload/s/s_f3649.jpg
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
d07614c98a7424ebcd622db30673fcd30a8581446ef40059722d8c9ce7ebeb84

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:03:00 GMT
Last-Modified
Wed, 25 Jan 2023 15:24:45 GMT
Server
Microsoft-IIS/6.0
ETag
"e4808227d130d91:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
3321

Redirect headers

date
Sat, 11 Feb 2023 10:03:00 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/m/html/upload/s/s_f3649.jpg
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:03:00 GMT
s_f3648.jpg
www.mfname.com/m/html/upload/s/
Redirect Chain
  • http://nuvitayou.com/?m/html/upload/s/s_f3648.jpg
  • http://www.mfname.com/m/html/upload/s/s_f3648.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/m/html/upload/s/s_f3648.jpg
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
3179a845209b4bb16863d009c8fa89a1fa961d99745b23dacd0b0e91b27c5293

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:03:01 GMT
Last-Modified
Wed, 25 Jan 2023 15:24:44 GMT
Server
Microsoft-IIS/6.0
ETag
"a4353627d130d91:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
2688

Redirect headers

date
Sat, 11 Feb 2023 10:03:00 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/m/html/upload/s/s_f3648.jpg
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:03:00 GMT
s_f3647.jpg
www.mfname.com/m/html/upload/s/
Redirect Chain
  • http://nuvitayou.com/?m/html/upload/s/s_f3647.jpg
  • http://www.mfname.com/m/html/upload/s/s_f3647.jpg
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/m/html/upload/s/s_f3647.jpg
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
46d27e1cd42b8bcde83de67e0f102f82e6eea242a85982ce754fe4a51d6a0571

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:03:00 GMT
Last-Modified
Wed, 25 Jan 2023 15:24:44 GMT
Server
Microsoft-IIS/6.0
ETag
"f6e8827d130d91:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
3558

Redirect headers

date
Sat, 11 Feb 2023 10:03:00 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/m/html/upload/s/s_f3647.jpg
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:03:00 GMT
s_f3646.jpg
www.mfname.com/m/html/upload/s/
Redirect Chain
  • http://nuvitayou.com/?m/html/upload/s/s_f3646.jpg
  • http://www.mfname.com/m/html/upload/s/s_f3646.jpg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/m/html/upload/s/s_f3646.jpg
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
05d4faf081e0342b4fad26b5792908dbb4e8e9ad51bdfd2a1b2cd4d3c7c225a0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:03:00 GMT
Last-Modified
Mon, 30 Jan 2023 00:14:01 GMT
Server
Microsoft-IIS/6.0
ETag
"3ed590c13f34d91:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
3756

Redirect headers

date
Sat, 11 Feb 2023 10:03:00 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/m/html/upload/s/s_f3646.jpg
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:03:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4034565996942195
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
145c7e330f84e8d01cbd4162b45869763a1435a42bd9a36b5e04d8765131816e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://nuvitayou.com/
Origin
http://nuvitayou.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:02:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49601
x-xss-protection
0
server
cafe
etag
8420529601915990179
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 11 Feb 2023 10:02:59 GMT
matomo.js
1.jacie.top/matomo/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://1.jacie.top/matomo/matomo.js
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
66.94.108.216 Corpus Christi, United States, ASN40021 (CONTABO, US),
Reverse DNS
vmi729383.contaboserver.net
Software
nginx /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:59 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 23:45:13 GMT
Server
nginx
ETag
W/"63912589-10132"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 11 Feb 2023 22:02:59 GMT
maintop.gif
www.mfname.com/
Redirect Chain
  • http://nuvitayou.com/?maintop.gif
  • http://www.mfname.com/maintop.gif
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/maintop.gif
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/?main.css
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
17f0dc94e2dc7e0b145ea8f57c6ce53793e1d72b4c40e1daa2bf95527ed76cff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:59 GMT
Last-Modified
Tue, 02 May 2017 14:41:15 GMT
Server
Microsoft-IIS/6.0
ETag
"808aa82652c3d21:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2596

Redirect headers

date
Sat, 11 Feb 2023 10:02:59 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/maintop.gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:02:59 GMT
04.gif
www.mfname.com/images/
Redirect Chain
  • http://nuvitayou.com/?images/04.gif
  • http://www.mfname.com/images/04.gif
58 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/images/04.gif
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/?main.css
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
d3ff577adda8c9cf723937b08b25fe5afec1a37b6769f7a42ca2bcc4794b3529

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:59 GMT
Last-Modified
Sun, 01 Dec 2013 15:56:44 GMT
Server
Microsoft-IIS/6.0
ETag
"7e25d8eeadeece1:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
58

Redirect headers

date
Sat, 11 Feb 2023 10:02:59 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/images/04.gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:02:59 GMT
img1.gif
www.mfname.com/
Redirect Chain
  • http://nuvitayou.com/?img1.gif
  • http://www.mfname.com/img1.gif
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/img1.gif
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/?main.css
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
cbfb18b3c446489d49e3043a93d61fa1f121140244e3318ab24f8c3823cc03b2

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:59 GMT
Last-Modified
Tue, 02 May 2017 14:33:44 GMT
Server
Microsoft-IIS/6.0
ETag
"b662341a51c3d21:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
15138

Redirect headers

date
Sat, 11 Feb 2023 10:02:59 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/img1.gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:02:59 GMT
img2.gif
www.mfname.com/
Redirect Chain
  • http://nuvitayou.com/?img2.gif
  • http://www.mfname.com/img2.gif
396 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/img2.gif
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/?main.css
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
9a589c7d157a24dbf80c861f352a176b99f7d484e287ccf8a96d0d6faaa05081

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:59 GMT
Last-Modified
Tue, 02 May 2017 14:21:28 GMT
Server
Microsoft-IIS/6.0
ETag
"b47b2b634fc3d21:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
396

Redirect headers

date
Sat, 11 Feb 2023 10:02:59 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/img2.gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:02:59 GMT
input1.gif
www.mfname.com/
Redirect Chain
  • http://nuvitayou.com/?input1.gif
  • http://www.mfname.com/input1.gif
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/input1.gif
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/?main.css
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
a582c7760841a7fad3cbbad7ba66359bd44f6a9755d01f9d3a4ca593587b7ef3

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:59 GMT
Last-Modified
Sun, 01 Dec 2013 15:47:31 GMT
Server
Microsoft-IIS/6.0
ETag
"98b889a5aceece1:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1481

Redirect headers

date
Sat, 11 Feb 2023 10:02:59 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/input1.gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:02:59 GMT
longback.gif
www.mfname.com/
Redirect Chain
  • http://nuvitayou.com/?longback.gif
  • http://www.mfname.com/longback.gif
617 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/longback.gif
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/?main.css
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
4e0fc4d4d701e4cd5622beab9afde8d5d43bf1ad77493dee9f6508905746d219

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:02:59 GMT
Last-Modified
Sun, 01 Dec 2013 15:47:34 GMT
Server
Microsoft-IIS/6.0
ETag
"c49128a7aceece1:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
617

Redirect headers

date
Sat, 11 Feb 2023 10:02:59 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/longback.gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:02:59 GMT
start.gif
www.mfname.com/
Redirect Chain
  • http://nuvitayou.com/?start.gif
  • http://www.mfname.com/start.gif
5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/start.gif
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/?main.css
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
877a1f7a724b58314c10b25de5da1cde0c87819284c992077817a0a5ce1fafa0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:03:01 GMT
Last-Modified
Sun, 01 Dec 2013 15:47:43 GMT
Server
Microsoft-IIS/6.0
ETag
"303da7acaceece1:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
5542

Redirect headers

date
Sat, 11 Feb 2023 10:03:00 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/start.gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:03:00 GMT
img3.gif
www.mfname.com/
Redirect Chain
  • http://nuvitayou.com/?img3.gif
  • http://www.mfname.com/img3.gif
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/img3.gif
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/?main.css
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
fee6b45ac6de9c7769bac27db767e12c984f290e790d601df580fa79cee6766b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:03:00 GMT
Last-Modified
Tue, 02 May 2017 14:21:27 GMT
Server
Microsoft-IIS/6.0
ETag
"4443f2624fc3d21:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1186

Redirect headers

date
Sat, 11 Feb 2023 10:03:00 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/img3.gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:03:00 GMT
zhishibanner.gif
www.mfname.com/
Redirect Chain
  • http://nuvitayou.com/?zhishibanner.gif
  • http://www.mfname.com/zhishibanner.gif
14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.mfname.com/zhishibanner.gif
Requested by
Host: nuvitayou.com
URL: http://nuvitayou.com/
Protocol
HTTP/1.1
Server
211.149.194.151 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
7a4601c67c9dadbc79ae35d0481fd8ad6b6acc1ef71884d7f7db5cfc61b6bcbc

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sat, 11 Feb 2023 10:03:00 GMT
Last-Modified
Wed, 18 Dec 2019 14:46:23 GMT
Server
Microsoft-IIS/6.0
ETag
"d433f1eab1b5d51:1de7d"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
14847

Redirect headers

date
Sat, 11 Feb 2023 10:03:00 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.33
content-type
image/jpeg; charset=UTF-8
location
http://www.mfname.com/zhishibanner.gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
0
expires
Sat, 18 Feb 2023 10:03:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/ 		362 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4034565996942195&plah=nuvitayou.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4034565996942195
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
75a4ebb665d2a113e84d5eb0fd37891f87131729b0fe13a6b6738b555befebbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:02:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121760
x-xss-protection
0
server
cafe
etag
12661750484836140442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 11 Feb 2023 10:02:59 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/ Frame 540A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4034565996942195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://nuvitayou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

age
67186
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Feb 2023 15:23:13 GMT
etag
10353107486223812946
expires
Fri, 24 Feb 2023 15:23:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		393 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=nuvitayou.com&callback=_gfp_s_&client=ca-pub-4034565996942195
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4034565996942195&plah=nuvitayou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
abd1c129bc78c9360dedb7ad5b8b9268fa2d24b934bef2e916611272133e2c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
253
x-xss-protection
0
integrator.js
adservice.google.pl/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=nuvitayou.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4034565996942195&plah=nuvitayou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nuvitayou.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4034565996942195&plah=nuvitayou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9771 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4034565996942195&output=html&adk=1812271804&adf=3025194257&lmt=1676109779&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=http%3A%2F%2Fnuvitayou.com%2F&ea=0&pra=5&wgl=1&dt=1676109779256&bpp=5&bdt=3721&idt=359&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5850512018738&frm=20&pv=2&ga_vid=899239019.1676109780&ga_sid=1676109780&ga_hid=593155473&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44777877%2C44759875%2C31072259%2C31072288%2C44779793%2C31071269%2C31071662%2C31072229&oid=2&pvsid=4451088700744599&tmod=741429986&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=382
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4034565996942195&plah=nuvitayou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://nuvitayou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Feb 2023 10:02:59 GMT
expires
Sat, 11 Feb 2023 10:02:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
matomo.php
1.jacie.top/matomo/ 		0
280 B 		Ping
General
Check archive.org
Download Go to
Full URL
http://1.jacie.top/matomo/matomo.php?action_name=%E5%AF%B6%E5%AF%B6%E5%9C%A8%E7%B7%9A%E8%B5%B7%E5%90%8D%2C%E5%AF%B6%E5%AF%B6%E8%B5%B7100%E5%88%86%E7%9A%84%E5%90%8D%E5%AD%97%2C%E6%BB%BF%E5%88%86%E5%90%8D%E5%AD%97%E8%B5%B7%E5%90%8D%E7%B6%B2&idsite=1&rec=1&r=480500&h=10&m=3&s=0&url=http%3A%2F%2Fnuvitayou.com%2F&_id=8e483cf6cbb82209&_idn=1&cs=GBK&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=x8UDWx&pf_net=321&pf_srv=4648&pf_tfr=48&pf_dm1=3525&uadata=%7B%7D
Requested by
Host: 1.jacie.top
URL: http://1.jacie.top/matomo/matomo.js
Protocol
HTTP/1.1
Server
66.94.108.216 Corpus Christi, United States, ASN40021 (CONTABO, US),
Reverse DNS
vmi729383.contaboserver.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://nuvitayou.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin
http://nuvitayou.com
Date
Sat, 11 Feb 2023 10:03:00 GMT
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
matomo.php
1.jacie.top/matomo/ 		0
280 B 		Ping
General
Check archive.org
Download Go to
Full URL
http://1.jacie.top/matomo/matomo.php?action_name=%E5%AF%B6%E5%AF%B6%E5%9C%A8%E7%B7%9A%E8%B5%B7%E5%90%8D%2C%E5%AF%B6%E5%AF%B6%E8%B5%B7100%E5%88%86%E7%9A%84%E5%90%8D%E5%AD%97%2C%E6%BB%BF%E5%88%86%E5%90%8D%E5%AD%97%E8%B5%B7%E5%90%8D%E7%B6%B2&idsite=1&rec=1&r=993945&h=10&m=3&s=0&url=http%3A%2F%2Fnuvitayou.com%2F&_id=8e483cf6cbb82209&_idn=0&cs=GBK&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=PS1QlK&pf_net=321&pf_srv=4648&pf_tfr=48&pf_dm1=3525&uadata=%7B%7D
Requested by
Host: 1.jacie.top
URL: http://1.jacie.top/matomo/matomo.js
Protocol
HTTP/1.1
Server
66.94.108.216 Corpus Christi, United States, ASN40021 (CONTABO, US),
Reverse DNS
vmi729383.contaboserver.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://nuvitayou.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin
http://nuvitayou.com
Date
Sat, 11 Feb 2023 10:03:02 GMT
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
boy.gif
nuvitayou.com/ 		708 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nuvitayou.com/boy.gif
Protocol
HTTP/1.1
Server
64.46.118.25 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
vss-502-ams01.hawkhost.com
Software
LiteSpeed /
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Feb 2023 10:03:01 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
708
no2.gif
nuvitayou.com/ 		708 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nuvitayou.com/no2.gif
Protocol
HTTP/1.1
Server
64.46.118.25 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
vss-502-ams01.hawkhost.com
Software
LiteSpeed /
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Feb 2023 10:03:01 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
708
yes3.gif
nuvitayou.com/ 		708 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nuvitayou.com/yes3.gif
Protocol
HTTP/1.1
Server
64.46.118.25 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
vss-502-ams01.hawkhost.com
Software
LiteSpeed /
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Feb 2023 10:03:01 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
708
no4.gif
nuvitayou.com/ 		708 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nuvitayou.com/no4.gif
Protocol
HTTP/1.1
Server
64.46.118.25 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
vss-502-ams01.hawkhost.com
Software
LiteSpeed /
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Feb 2023 10:03:01 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
708
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4034565996942195&plah=nuvitayou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
2e8c91980adc375689084441b5ed2ca14cdc4d0215a0899cad987a91577dff72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:03:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11213
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4034565996942195&plah=nuvitayou.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:03:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 11 Feb 2023 10:03:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 415A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://nuvitayou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
age
5668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Feb 2023 08:28:34 GMT
expires
Sun, 11 Feb 2024 08:28:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 44E3 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.201.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f4.1e100.net
Software
GSE /
Resource Hash
1a8c28441435b056e212608021594e2251bc885626d45470e61d00ff46e26d6b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-n3KXa7jG1q7pM0X6J_FNlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://nuvitayou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-n3KXa7jG1q7pM0X6J_FNlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 11 Feb 2023 10:03:02 GMT
expires
Sat, 11 Feb 2023 10:03:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
pagead2.googlesyndication.com/bg/ Frame 415A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
sffe /
Resource Hash
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 12:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
79320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14413
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 10 Feb 2024 12:01:02 GMT
generate_204
tpc.googlesyndication.com/ Frame 415A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?CiGrVA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:03:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 44E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230207&jk=4451088700744599&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230207&jk=4451088700744599&bg=!yMuly5_NAAaq5O5FiuQ7ADkAdvg8WhSuupwzKCw2f4kqjhKD0kDlpEh4AviBtbckSJgBRqwQ4oFwmT-UsJCF4xUmGPshhE3U-1oCAAAATFIAAAAKaAEHmQKg-N8LyotlBcOsJuWCcWpO5NCd2qazPKnKyV4Cu3J2V6-LCyumJbhb6M8Y1cnB30DkzBjpBDWcDWdHSGVsMHAIG5UQUtSLtFIVuzPPexYJRPL0U8jlOaTnYoHQluK0yrsuga5hJJ9h4AgVbcN0HcmWLgIOQIyInFC-nSkj_rvRYO4Xgqj5ZB8V6gd6WXsVv8ulOGSOg5g_cCpXMK-GjtxEh55LtHn9j6lZsi5WYFyGL7YGlnGRYoAknn8Wyvkiyysjy5-Se1LfjPr-d9H-Ds29EU0vnFxoJvw29gWIQ0PUhDdaG9TFd4uqZ8aZ2PWhxeivrUmT7wDyEkUjcrc_6Swr5bjDK-g_EOtzyce_87zZSb7sLONJBydP4sGf5L5LFAwylIwg1JxElN7pN8zS3c_lvZn6Gh-bJyRibKaKtAcVzkIuTGohXk2LEVc4GEamClnRfujNsut3y-UWGirx2ZiBmg0HCGiKVpF3ztfFnB3VM1YPFJNCj65vBfxyWbzUr9JV184fmHqSTHXdo55QuGFMpQi9LF4MmpcLaQquQYIjTiq5VNjYbF8i1aw0QLlJwTtehQvzkPmbnaBCgXO1SkrxTk1iA9nmc01fiAfIriRRzEmb_fLPpaUUCJkm991JYY2zyGomsgkjqXVeuEl6aIL2q8p8wGn2Eq5RpdtNKFUcM3TdnEj-ENvnuHzJ-GuqBP9lXlAPJEJWsfCKIbR-0kYi_Mr6BVqBJ2TrYjh4Ai03qBhR8j93ZlbTuK0ogvH4LcqmLJzMlJXuqTE0UdesB-o5RvpNZsYpZgzYykEBJ7VY43c8zUewfIjQuuAmQXY-xahebczWQV7T9kYq97H4OEA_dhl1Uc2BBy2yNX32-lTAdajZfHWCXNwwQw-ix8LE_dBD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://nuvitayou.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| oncontentvisibilityautostatechange number| imgid number| errorN function| chimg function| chimg1b number| imgid2 function| chimg2 function| showNoImg2 function| CheckForm function| isCharsInBag function| isChinese number| isload number| globaldivTop function| locking function| closeSelf function| onclick1 function| loadcity function| loadxing object| _paq object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.nuvitayou.com/ Name: __gads
Value: ID=372aa5eec618adcc-22a3277ee0db00c2:T=1676109779:RT=1676109779:S=ALNI_MYzJLH8BKp5uhIT0vKQnBybHYJWSA
.nuvitayou.com/ Name: __gpi
Value: UID=00000bb3a878718b:T=1676109779:RT=1676109779:S=ALNI_MYBoXMBryrD4hT_tkvjBLN8rvEQHA
nuvitayou.com/ Name: _pk_id.1.9762
Value: 8e483cf6cbb82209.1676109780.
nuvitayou.com/ Name: _pk_ses.1.9762
Value: 1

4 Console Messages

Source Level URL
Text
network error URL: http://nuvitayou.com/boy.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://nuvitayou.com/no2.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://nuvitayou.com/yes3.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://nuvitayou.com/no4.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.jacie.top
adservice.google.com
adservice.google.pl
googleads.g.doubleclick.net
nuvitayou.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.mfname.com
142.250.180.194
142.250.185.162
142.250.186.66
142.250.201.196
142.251.39.2
172.217.18.1
211.149.194.151
64.46.118.25
66.94.108.216
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
05d4faf081e0342b4fad26b5792908dbb4e8e9ad51bdfd2a1b2cd4d3c7c225a0
145c7e330f84e8d01cbd4162b45869763a1435a42bd9a36b5e04d8765131816e
17f0dc94e2dc7e0b145ea8f57c6ce53793e1d72b4c40e1daa2bf95527ed76cff
1a8c28441435b056e212608021594e2251bc885626d45470e61d00ff46e26d6b
1b39f9eff9a4c00616317b914b7df7cea92e9e14139e27c7993060cf2eb8a828
2e8c91980adc375689084441b5ed2ca14cdc4d0215a0899cad987a91577dff72
3179a845209b4bb16863d009c8fa89a1fa961d99745b23dacd0b0e91b27c5293
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
3a544da406c30b826d35089df690600fba606c6bf7a058cad481a673238cb501
3e74b96587a8699d5e14f36cd6ede031763fa968e3e3b80cb0027f1e9fdb9226
4297aeb0bbab7f99eb5278c01fa19844c116a92aefc7c72c62e98534f0c126da
46d27e1cd42b8bcde83de67e0f102f82e6eea242a85982ce754fe4a51d6a0571
4e0fc4d4d701e4cd5622beab9afde8d5d43bf1ad77493dee9f6508905746d219
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
73f0138279bc187e1412d4b1cad33823f33e5e32f3109fd2d8ae59ac1520471f
75a4ebb665d2a113e84d5eb0fd37891f87131729b0fe13a6b6738b555befebbc
7a4601c67c9dadbc79ae35d0481fd8ad6b6acc1ef71884d7f7db5cfc61b6bcbc
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
7a8bec2c4dff06ad3797568bd490f9759bac29b1b3e83c116482b4c86e32d34d
877a1f7a724b58314c10b25de5da1cde0c87819284c992077817a0a5ce1fafa0
911d4b6a60fed1893fe55f5ebc8fbade6215ff8a4b8b28c1697691bc3fdc1696
9a589c7d157a24dbf80c861f352a176b99f7d484e287ccf8a96d0d6faaa05081
9b7c61ed5e56735194b3593de804345526894eb8a2b7d840daa713af671a408e
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a582c7760841a7fad3cbbad7ba66359bd44f6a9755d01f9d3a4ca593587b7ef3
abd1c129bc78c9360dedb7ad5b8b9268fa2d24b934bef2e916611272133e2c20
b904058a539d84b3f9e1f9b8273c167282b283def36f0a90f2e11e678457f28f
be7fe5f88e39de0431291ebef2233705d9943055f955fabe8290020b94ec6342
c28187812e04cd8c8840ba38aa890e8133a68f5db665f257897a2388b9ce2af1
cbfb18b3c446489d49e3043a93d61fa1f121140244e3318ab24f8c3823cc03b2
ced909f2dcda0beddd9680d96562fa92167754a162e8cf3daf92648720736a57
cfba85e3c3821a4770cc1e6ca8ca9408aa3f06f83bdb024ed30acb1a3ec25009
d07614c98a7424ebcd622db30673fcd30a8581446ef40059722d8c9ce7ebeb84
d3ff577adda8c9cf723937b08b25fe5afec1a37b6769f7a42ca2bcc4794b3529
d77762fe00492470c7af9cb23690cbf65e5bb92cb9709972577b5cb2d5979294
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fee6b45ac6de9c7769bac27db767e12c984f290e790d601df580fa79cee6766b