urlscan.io logo urlscan.io
SecurityTrails logo

it.tiny-files.com Open in urlscan Pro
172.67.190.120  Public Scan

Go To Rescan Add Verdict Report
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Submission: On September 27 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 9 domains to perform 37 HTTP transactions. The main IP is 172.67.190.120, located in United States and belongs to CLOUDFLARENET, US. The main domain is it.tiny-files.com.
This is the only time it.tiny-files.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 172.67.190.120 13335 (CLOUDFLAR...)
3 18.239.15.151 16509 (AMAZON-02)
4 142.250.185.100 15169 (GOOGLE)
1 2 23.45.238.53 16625 (AKAMAI-AS)
2 172.64.96.14 13335 (CLOUDFLAR...)
3 18.66.122.20 16509 (AMAZON-02)
3 172.67.152.127 13335 (CLOUDFLAR...)
1 157.240.0.35 32934 (FACEBOOK)
4 6 142.250.184.205 15169 (GOOGLE)
1 1 104.21.56.143 13335 (CLOUDFLAR...)
4 216.58.206.35 15169 (GOOGLE)
2 142.250.185.99 15169 (GOOGLE)
37 11
13    172.67.190.120 (United States)

ASN13335 (CLOUDFLARENET, US)
it.tiny-files.com
3    18.239.15.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-15-151.ams58.r.cloudfront.net
d34zwq0l4x27a6.cloudfront.net
4    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
2    23.45.238.53 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-238-53.deploy.static.akamaitechnologies.com
s7.addthis.com
2    172.64.96.14 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
3    18.66.122.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-20.fra60.r.cloudfront.net
emumuendaku.info
3    172.67.152.127 (United States)

ASN13335 (CLOUDFLARENET, US)
atthereandhth.com
1    157.240.0.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
6    142.250.184.205 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f13.1e100.net
accounts.google.com
1    104.21.56.143 (United States)

ASN13335 (CLOUDFLARENET, US)
atthereandhth.com
4    216.58.206.35 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f3.1e100.net
www.gstatic.com
2    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
13 tiny-files.com
it.tiny-files.com
165 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 11
accounts.google.com — Cisco Umbrella Rank: 71
52 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
423 KB
4 atthereandhth.com
atthereandhth.com
2 KB
3 emumuendaku.info
emumuendaku.info
4 KB
3 cloudfront.net
d34zwq0l4x27a6.cloudfront.net
70 KB
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 19033
101 KB
2 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 4286
627 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
37 9
Domain Requested by
13 it.tiny-files.com 1 redirects it.tiny-files.com
6 accounts.google.com 4 redirects it.tiny-files.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 atthereandhth.com 1 redirects it.tiny-files.com
4 www.google.com it.tiny-files.com
www.gstatic.com
www.google.com
3 emumuendaku.info d34zwq0l4x27a6.cloudfront.net
3 d34zwq0l4x27a6.cloudfront.net it.tiny-files.com
emumuendaku.info
2 fonts.gstatic.com www.google.com
2 pogothere.xyz d34zwq0l4x27a6.cloudfront.net
2 s7.addthis.com 1 redirects it.tiny-files.com
1 www.facebook.com it.tiny-files.com
37 11

This site contains links to these domains. Also see Links.

Domain
ebookspy.com
ebook-hunter.com
Subject Issuer Validity Valid
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-28 -
2024-02-27		 a year crt.sh
emumuendaku.info
Amazon RSA 2048 M02		 2023-09-21 -
2024-10-19		 a year crt.sh
atthereandhth.com
GTS CA 1P5		 2023-09-13 -
2023-12-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-07 -
2023-10-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Frame ID: D713FCD518FF86EBA9917C31847C32D0
Requests: 25 HTTP requests in this frame

Frame: http://emumuendaku.info/Nkl3RXlXKxQoRld0FWMMRCVKYEtwbEUDHQV9DTIIBiVDPUsBKEFrGlomAiEfRCYZMVdYLANgS3ArOQBMWxMgDyF/GBABIWMIGQQVXis2diNlHDEcKnwLIg49cxsNCDpBHBUUKA4KDh88UzAEIzhuOj4QLHseIywJVB9HFyB6PhAGIU4ABQY4bC81Eh5+CCYEM1MiNhc8WjobEg5FDSUGDlUKEDEreS4TAT8HHw0GDlkQLxYwfQsyJj51DzkJLF4PTxMSBh8vFjh1Ch8TMVd4JRM9cwsFEz9gHTUCO2EYMQNLV3glEz9geRAQP3ABNTIBch9GDzRTD1oPNGQ+LWBLdAsPECphCgQXOHcLEQ8BfAgiDTMBHyEPNHR6HwEvBwAUDygCGzN0EUQfNB8xdCdDDj13JSUkSGQfNRM8Qg0mNTVzEQ8SO1E5MAwoRQglMiB/H0YXL3EnQgwscDo/IRJeKiIHPw4fHxw9YyBPED1zKjAGP3geIRcJDxwyCCF1EU9jE0UmGTVEYAABHDNsJzM1THszFAo/AQ
Frame ID: 15E205EC8284A905C6180000787FA874
Requests: 2 HTTP requests in this frame

Frame: http://emumuendaku.info/OVRIOHJYNitVTVhpKh4HSzh1HUB/cXp+FgpgMk8DCTh8QEAONX4WEVU7PVwUSzsmTFxXMTwdQH8YKn00dxsdXyJ1PQZeFkEzJ3MjaywfCx4NF3tUOXIufW84USxweSVWPQB5BV0XCgg2fzoZXiJ7DSRbM00hCXszUwwmbjlzFwZZFm9lJnQ0CSUdYCRLAAtUIHUXAnw7aBU8dDBBYgNWIFMXHwkXWgMedztoHSRxGQ1jG2A8AAIyQDhaZ3hxF3weMFkzVh8bYDwAACF9MV1nI1sXQGEjXgVSIx9WJFIcAEgRcBB5cjh4P3pzNEo+CmwkVhc/DShaOmVXKlxlOFMUTjgvegtSYR57IHM3PwwRXDg/TDh/HTxrKndtEFFCaR8hcSNbAn1APlURfnkLTjsAcB1INwBPPWM4ME4XeBZ/bjUAZAsKQ1w3HA0rdTN4Qjh7LH5zHGtxeno2VA4uXEBNGSxuQh8+O1ccSWkEaxhJGRgJJ1YDcQ
Frame ID: AC4DC2C186919C98B534953DE2221529
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaPcAUAAAAAHiktr0CHoQ3G2M51KwK-jcy48HI&co=aHR0cDovL2l0LnRpbnktZmlsZXMuY29tOjgw&hl=it&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=odde82unjqua
Frame ID: 6C5FE7C783CDBA888444DB4D99463BDE
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Scaricare Ritratti by John Berger epub

Page URL History Show full URLs

  1. http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub HTTP 301
    http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

37
Requests

43 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

11
IPs

1
Countries

812 kB
Transfer

1825 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub HTTP 301
    http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
  • https://s7.addthis.com/js/300/addthis_widget.js
Request Chain 17
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhefkeNszcKhvjG_szea_pzaoHtEf_BkKnxB9ErYYTgskFhmEfQkmzhcd6fTVKro0YvRV-tyKQ HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhe7VwV5GPUsVoiHYiS9UlVDnaAp2-bS-CEtcr6pPmBc-39NR_uyunMDctdwvBONwavrk-1vUQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940340527%3A1695828449412230&theme=glif
Request Chain 18
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhfz-w6D1QBykpM1yKdbh4kTGS0agoMxcr-wiU5RxUJsxTNnSapbyID8vUTQiCEqELLoQbthYA HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcugiUQC_mh78IA7sCWsl7bSXtqIiQu7Tmw09hW-iJn_SdVXT2W4YBjIafy5ZAoBrneUCMlkw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S738569927%3A1695828449368644&theme=glif
Request Chain 19
  • http://atthereandhth.com/popunder.gif HTTP 301
  • https://atthereandhth.com/popunder.gif

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Redirect Chain
  • http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub
  • http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
HTTP/1.1
Server
172.67.190.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d5ae6ac8e99df29926a5bef94a97b191736347d69d225cfdad02c9f24933638

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
80d4c4fb7acec265-VIE
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 27 Sep 2023 15:27:13 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2kSmQJ0p4OK2U0v5kkF1wFaohPXbvp9EXjUtfgL776bNgSPpqg2g%2Fr%2B4flkghA2yRAK5pbtjDbyOuAbyyTxt9nukidiYwhm0gDSwyATM%2BX2%2BejsrcxKp0%2BL%2FQmE6mTHR7HHHw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Cookie
alt-svc
h3=":443"; ma=86400

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
80d4c4f95e41c265-VIE
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Wed, 27 Sep 2023 15:27:13 GMT
Location
http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnIMcqk9KooxaKkwsMcvBdH3pGlQahQJ42IMoyb04R3Mwd%2BpvgxpOuHxBuKuWpryI8Hl5F7J6DPRIluxQKBMOJfH5Nj3gJRr07ZEQ9%2BgZ9izD%2Fbyc0UGFUipDnpn70QHY377dg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
main.css
it.tiny-files.com/static/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://it.tiny-files.com/static/main.css
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
HTTP/1.1
Server
172.67.190.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce87b77d978a92fd100ff07ffc957cf5047751f96d54044d62b356741aeb4ef8

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 15:27:13 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Sat, 19 Aug 2017 09:18:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"5998025a-44df"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBUED6uEQiKmHFX3Y%2B6HBtTGXoeewL1QllwBYhC4fay0WYI9i8t4CPD58yHuInJSakeXvZX8j%2Fl0tz5et1s%2BmFKKDG2YpkpKbUSUc4M9zg1blKM2Ml4iehUaigTaVl6tIaw8SA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Connection
keep-alive
CF-RAY
80d4c4fd8ef3c265-VIE
alt-svc
h3=":443"; ma=86400
jquery-1.4.2.min.js
it.tiny-files.com/static/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://it.tiny-files.com/static/jquery-1.4.2.min.js
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
HTTP/1.1
Server
172.67.190.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6779927a414cbf0fe75402465415087eb51e26f9a5f466bd8c59ed2df157d9b2

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 15:27:29 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Sat, 19 Aug 2017 09:18:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"5998025a-11a88"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNQYD8WpXqBh8RCys7602xkkhnuBu8bEqcYQp1TIvGKuzed4Aqr4%2BkNFpl0uB3uv8N%2BKUR4oyfM5HcMiJozsBATgK8R7ys3x30BDbQCNRTG1qFZ3m%2BWFwtQ53qxQXfES4BLg0w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Connection
keep-alive
CF-RAY
80d4c4fd9db14c6c-MXP
alt-svc
h3=":443"; ma=86400
xupload.js
it.tiny-files.com/static/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://it.tiny-files.com/static/xupload.js
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
HTTP/1.1
Server
172.67.190.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4935646e95f19455e4345c88041b01ba7198675556fc380afac975a7ad83a945

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 15:27:13 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Sat, 19 Aug 2017 09:18:17 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"59980259-3950"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPzpSMTC20Ea83kelAJORUZup9mEpQW74IBT7anEDftmNJ7uNllMjomc%2BqelBv3Q2xmuJpKniTZ3uSX1pui2Wkh8MUakFDdFWal%2FgJUO%2FZPCjzgYgRJ2Bg8Iw2eabgfMLKLVMg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Connection
keep-alive
CF-RAY
80d4c4fdbb9c3ce1-CDG
alt-svc
h3=":443"; ma=86400
jquery.min.js
it.tiny-files.com/static/Plugin/js/libs/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://it.tiny-files.com/static/Plugin/js/libs/jquery.min.js
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
HTTP/1.1
Server
172.67.190.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 15:27:13 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Sun, 28 Jan 2018 12:41:52 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"5a6dc510-1727b"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHoTPYtJS3yqNRsilOsgqrBR%2FdglrCk1pXTAfj4qQozoJ%2FIsJ7hKt%2FfuWGfIEknXmBpM%2BE6dK5pvnWnLZiiEUo93ThXCaB6%2Bgonaw8ddkFMlPvWnSlkMKqDSq7Zm29XKlqWeMg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Connection
keep-alive
CF-RAY
80d4c4fd8bc00d57-MXP
alt-svc
h3=":443"; ma=86400
jquery.ui.highlight.min.js
it.tiny-files.com/static/Plugin/js/libs/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://it.tiny-files.com/static/Plugin/js/libs/jquery.ui.highlight.min.js
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
HTTP/1.1
Server
172.67.190.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62051b02e7552ba6065a3d28969e6d4bba9eb15547c8fc323f31e6e984dc6ee3

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 15:27:13 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Sun, 28 Jan 2018 12:41:49 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"5a6dc50d-349f"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TfxJ9MXV%2FwsVd23tt6H2ziysjQ0W6i%2Bqk9ohtq7PyWhqYxnh%2FIwiwUJOw%2F%2BGTcCNDn0e9QuEBrtZBZk4rjxsI42G13YLbVZOmDAJCOfKdnfQGh4G7ZvWiH4AcMEqB%2FS5Ls3iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Connection
keep-alive
CF-RAY
80d4c4fd8b060e1d-MXP
alt-svc
h3=":443"; ma=86400
pandalocker.2.3.1.min.js
it.tiny-files.com/static/Plugin/js/ 		119 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://it.tiny-files.com/static/Plugin/js/pandalocker.2.3.1.min.js
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
HTTP/1.1
Server
172.67.190.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0175c6b6b33312ca074b4bd0cf58e998463c49313df0aac794b2b9fba11504cb

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 15:27:13 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Sun, 28 Jan 2018 12:41:48 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"5a6dc50c-1dced"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xCinc0GyRZ9JJRV7XbWqR9DHB9s1tk1YKvB0UtDzrmUicNcrZHVOUvUkJDdn%2F3bulbLJFPPdvc2bNJuqxwIEu%2FKSgxIRAr%2F69k5NnMVE5%2BO9VV6WWAFNRht7f0KGYBAiWzHpw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Connection
keep-alive
CF-RAY
80d4c4fe38d7c265-VIE
alt-svc
h3=":443"; ma=86400
pandalocker.2.3.1.min.css
it.tiny-files.com/static/Plugin/css/ 		48 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://it.tiny-files.com/static/Plugin/css/pandalocker.2.3.1.min.css
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
HTTP/1.1
Server
172.67.190.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba122c46a70045749e59a3ed1a2fbbf2bcc60a5070d3626ac94f2ef57490fda6

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 15:27:13 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Sun, 28 Jan 2018 12:41:45 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"5a6dc509-befc"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQNpZibpMweo09f3iNidHT%2Fve3iRNeFb7Ndc%2BxB7eTQxfezwHilSklxmOdy241RAwOovyKPUSQDxYZ24%2FOdHjxNEjHOPy10N8Lp9NrCwD7n0L1SvcnhD34dgS2NLLVlzZz3m%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Connection
keep-alive
CF-RAY
80d4c4fd8d7f0e65-MXP
alt-svc
h3=":443"; ma=86400
/
d34zwq0l4x27a6.cloudfront.net/ 		205 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d34zwq0l4x27a6.cloudfront.net/?lqwzd=978454
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
HTTP/1.1
Server
18.239.15.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-15-151.ams58.r.cloudfront.net
Software
/
Resource Hash
5d71c0e1b9a8facdacbcd3da0cd7ca66cb784eb8e70eeed4b5b771aea989a8ba

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Sep 2023 15:27:13 GMT
Content-Encoding
gzip
Via
1.1 a2bbc9a5f1a7ffcf013479d79f036bbc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P6
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
69451
X-Amz-Cf-Id
OO8h_PN8ugGIT0u_s8hUYkrWpYcHyK80-XFuJg0c8m5B7g8-iiJJ2g==
logo.png
it.tiny-files.com/static/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://it.tiny-files.com/static/logo.png
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
HTTP/1.1
Server
172.67.190.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
086d620dd864e617d0b27ee9bcf2443336a650499790a34cd4e6945ddc937906

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 15:27:14 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Sat, 19 Aug 2017 11:11:23 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"59981cdb-594"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYQPsb0%2F5eAWgWqw1RQFYE3PUZTOWI%2F4YebGQTby8XlWe2BZM502453Xx6z7B5l6%2FZdv3PVIo3RYrSEfdku3nMawu46UI5V36tj7oHMt8UnkB820BSMNn%2Fghpej9wCrgqxQTBg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
80d4c502a842c265-VIE
alt-svc
h3=":443"; ma=86400
Content-Length
1428
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfaPcAUAAAAAHiktr0CHoQ3G2M51KwK-jcy48HI
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
GSE /
Resource Hash
d43c0e34ba6820981230dcbb9b77c319949a66b68684ce05a58c82c6867165fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 15:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 27 Sep 2023 15:27:13 GMT
addthis_widget.js
s7.addthis.com/js/300/
Redirect Chain
  • http://s7.addthis.com/js/300/addthis_widget.js
  • https://s7.addthis.com/js/300/addthis_widget.js
56 B
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
H2
Server
23.45.238.53 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-238-53.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 27 Sep 2023 15:27:14 GMT
server
Oracle API Gateway
opc-request-id
/E4A775978A51C96589AE67D2FE0C5D7B/AF0157A600BBB860125AE76E011B3940
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block

Redirect headers

Date
Wed, 27 Sep 2023 15:27:14 GMT
Server
nginx/1.15.8
X-Distribution
99
Content-Type
text/html
Location
https://s7.addthis.com/js/300/addthis_widget.js
X-Host
s7.addthis.com
Connection
keep-alive
Content-Length
171
tabber.js
it.tiny-files.com/static/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://it.tiny-files.com/static/tabber.js
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
HTTP/1.1
Server
172.67.190.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac6bf852bca18388c96034f79df97d36c49431eeca883e52dc26f43250b9dc9

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 15:27:14 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Sat, 19 Aug 2017 09:18:17 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"59980259-17e2"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIkzS%2BiO3joG%2BU%2BQS8rSxWGvIeDqxbOKbnBQ1gn2KBFM8OH1onHZ2zYD0RFm1k0JjWg5sGgCEJIVtxCvmFb%2BgwssDkBa1j8ph%2FvTx0NS06W5B%2BS4MZ0rm3HT5i7agC2yajw3YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Connection
keep-alive
CF-RAY
80d4c5021f6dc265-VIE
alt-svc
h3=":443"; ma=86400
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d34zwq0l4x27a6.cloudfront.net
URL: http://d34zwq0l4x27a6.cloudfront.net/?lqwzd=978454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.96.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 15:27:29 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 26 Sep 2023 15:18:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
http://it.tiny-files.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJVuUpXc1efD92X%2Br2XlaA%2FDa91EEl%2BQVvFM3WkD1Ig0HtTH1v%2Fflxk8ZAAqxj1V%2FJcD72d0STuGHAu5axRxqWwp%2BgdeOiJUpY%2BnDyw0vwN%2Bv9BDIT26Gj8Mpr3Xgly9"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
80d4c55ffa19383c-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
/
pogothere.xyz/ 		27 B
616 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d34zwq0l4x27a6.cloudfront.net
URL: http://d34zwq0l4x27a6.cloudfront.net/?lqwzd=978454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.96.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fe7b6ef153ee8711389b8e135edb59b75d3fb876703e168a3d05dec6daa7021

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 15:27:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGS%2FQEhZIst6eYEayaBT7GqqjtwGzuT2ERV7tDbGhepvRhupevKII4zuvaq2b7NWYrSTBmKA%2FsOan44UvCiXNUfEY5uuS6zrTNBX9wKGrejjPIH8ELNe%2BjE57LzcEwg2"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
http://it.tiny-files.com
content-type
text/plain
access-control-allow-credentials
true
cf-ray
80d4c55ffa1a383c-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
emumuendaku.info/ 		0
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://emumuendaku.info/utx?cb=Nj1KjegwfqWa&top=it.tiny-files.com&tid=978454
Requested by
Host: d34zwq0l4x27a6.cloudfront.net
URL: http://d34zwq0l4x27a6.cloudfront.net/?lqwzd=978454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-20.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Sep 2023 15:27:29 GMT
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://it.tiny-files.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
1GZQ6EO9h-m0uE62WmKTC3PWdSUWgBZ1XN2G0vA-YPd22SP9W4BGbQ==
U01zSkV8chA5eAEnFH8WBSFDCxQVeRIkHAMOHTItNToACyAUdVU+LDdwSn19Z3hHbDU6KU57YyA5Ej4wIHBCbCw9Kxx3YyVwQmR2Z2NAfmtjawZ3dHU5AysibnxVOjEnIU57c2p4S3h9Z3lKe3xh
atthereandhth.com/ 		0
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atthereandhth.com/U01zSkV8chA5eAEnFH8WBSFDCxQVeRIkHAMOHTItNToACyAUdVU+LDdwSn19Z3hHbDU6KU57YyA5Ej4wIHBCbCw9Kxx3YyVwQmR2Z2NAfmtjawZ3dHU5AysibnxVOjEnIU57c2p4S3h9Z3lKe3xh
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.152.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 15:27:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ef3jlL3R7JClpFtJ94SHY3wQLEKMrlAaWFzWw88kNkR3XmKxA7KKv1UUL%2BR3eGmWaVYUtgj1LoRdzuda8Yul%2FDL5KpsnvgO%2BJOJ5HuJDWOm4DMZd3uCmsch2Zi5TLQNvbrWfMw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
80d4c55fddc45a07-MXP
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhefkeNszcKhvjG_szea_pzaoHtEf_BkKnxB9ErYYTgskFhmEfQkmzhcd6f...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhe7VwV5GPUsVoiHYiS9UlVDnaAp2-bS-CEtcr6pPmBc-39NR_uyunMDctdwvBONwavrk-1vUQ&passiv...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhe7VwV5GPUsVoiHYiS9UlVDnaAp2-bS-CEtcr6pPmBc-39NR_uyunMDctdwvBONwavrk-1vUQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940340527%3A1695828449412230&theme=glif
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
H3
Server
142.250.184.205 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f13.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 27 Sep 2023 15:27:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-dtWoQsVc0KcGuIFjwSvoFQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
402
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhe7VwV5GPUsVoiHYiS9UlVDnaAp2-bS-CEtcr6pPmBc-39NR_uyunMDctdwvBONwavrk-1vUQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940340527%3A1695828449412230&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhfz-w6D1QBykpM1yKdbh4kTGS0agoMxcr-wiU5RxUJsxTNnSapbyID...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcugiUQC_mh78IA7sCWsl7bSXtqIiQu7Tmw09hW-iJn_SdVXT2W4YBjIafy5ZAoBrneUCMlkw&passi...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcugiUQC_mh78IA7sCWsl7bSXtqIiQu7Tmw09hW-iJn_SdVXT2W4YBjIafy5ZAoBrneUCMlkw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S738569927%3A1695828449368644&theme=glif
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
H3
Server
142.250.184.205 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f13.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 27 Sep 2023 15:27:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-EHgCGFA5rCXNVc2aKd_yJA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
406
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcugiUQC_mh78IA7sCWsl7bSXtqIiQu7Tmw09hW-iJn_SdVXT2W4YBjIafy5ZAoBrneUCMlkw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S738569927%3A1695828449368644&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
popunder.gif
atthereandhth.com/
Redirect Chain
  • http://atthereandhth.com/popunder.gif
  • https://atthereandhth.com/popunder.gif
35 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atthereandhth.com/popunder.gif
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
H2
Server
172.67.152.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
public
date
Wed, 27 Sep 2023 15:27:29 GMT
cf-cache-status
HIT
last-modified
Tue, 26 Sep 2023 16:28:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
82766
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7awIn0t5KmU%2BJN5%2Fx7AY8ZMWghBfgfWCip4dyIhTIoQd3QvnJu6hQhUWxsnxziVv0JLhk0L%2BeFdRa5L3NtILozRpxhDXYeOTd0HHylcr0lbsBa1HhbVc9fe6uNtM%2FDi6RYLrBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
80d4c55ffde35a07-MXP
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Wed, 27 Sep 2023 15:27:29 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=862b78nt3X9lsu9v9p%2FhDhVRrc2GTqPrGJAipL%2BIYdZKEEyVmM%2BdnPMhpphX4UWM3diOnrnOk3XGn0iz5YxD27qve68MVm7MNH%2FB788Eq3D39cl4Mu5Q4sK%2B8FIiyVSyo7fRpA%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://atthereandhth.com/popunder.gif
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
80d4c55fbdd64c4e-MXP
alt-svc
h3=":443"; ma=86400
Expires
Wed, 27 Sep 2023 16:27:29 GMT
cmpZGWVkMVYGdzY0ClBsc2IbQyUueVoBaHd8WQ9ldn1ZB2E
atthereandhth.com/QkRrN1FtewhEbCcpWkAHLAYlYRQuKjliHxQWBgISESgbdAgXAU1DOCZ5UgBpd3ZaESErIFYGaWQ3H1YlNzdWBncrKg1YbGQyVgZ/ 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atthereandhth.com/QkRrN1FtewhEbCcpWkAHLAYlYRQuKjliHxQWBgISESgbdAgXAU1DOCZ5UgBpd3ZaESErIFYGaWQ3H1YlNzdWBncrKg1YbGQyVgZ/cmpZGWVkMVYGdzY0ClBsc2IbQyUueVoBaHd8WQ9ldn1ZB2E
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/5e6a7d5724968d1983644094/17163994/Ritratti%20by%20John%20Berger.epub/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.152.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://it.tiny-files.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 15:27:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GileWsraC4z49TxoMmh4%2Bf6N0C8btMtsC3QCHu5ahlDf0ttvyCoziuhKgCQdPPuZ%2FaWO5RFg1OXc7AhdjOl5oB8ko7roxcByxAZJIAZZM%2FYIH%2FKBV2dNyRalD3HiZm15oRBq4A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
80d4c55fddc55a07-MXP
alt-svc
h3=":443"; ma=86400
recaptcha__it.js
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ 		455 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfaPcAUAAAAAHiktr0CHoQ3G2M51KwK-jcy48HI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.35 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
c72ae7f7ef77e771049d6371fdf1f5db8a95c6c2e185af10564a78d7e5a5a011
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://it.tiny-files.com/
Origin
http://it.tiny-files.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 17:47:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186943
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 04:01:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Sep 2024 17:47:35 GMT
gotham-light-webfont.woff
it.tiny-files.com/static/font/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://it.tiny-files.com/static/font/gotham-light-webfont.woff
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/static/main.css
Protocol
HTTP/1.1
Server
172.67.190.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cfad333158e1b1233b18c8a20702d0d904f6e2be0ea770eeba7c46872d5922d

Request headers

Referer
http://it.tiny-files.com/static/main.css
Origin
http://it.tiny-files.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 15:27:29 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Sat, 19 Aug 2017 09:18:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"5998025a-538c"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ti8oesdzgDyglUHMivpettHcrOfNqc00mO0BhPKu%2BdI8herMWXHALhrQZx0if6KY9pemR5C6A4d7Aq7J9C3g1bDOPkzGfXB%2Bxef9L%2FkHTZ5Jm1Sqh4MNELDRKySv4mRCN1Qknw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/font-woff
Connection
keep-alive
CF-RAY
80d4c55fab914c6c-MXP
alt-svc
h3=":443"; ma=86400
gotham-book-webfont.woff
it.tiny-files.com/static/font/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://it.tiny-files.com/static/font/gotham-book-webfont.woff
Requested by
Host: it.tiny-files.com
URL: http://it.tiny-files.com/static/main.css
Protocol
HTTP/1.1
Server
172.67.190.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0159fa2af78a66a4adf0fc6d4adf2dbcc053f6c583baf358c076647dbea47fc

Request headers

Referer
http://it.tiny-files.com/static/main.css
Origin
http://it.tiny-files.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 15:27:29 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Sat, 19 Aug 2017 09:18:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"5998025a-542c"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBSsOZyyeNE8JKyGGU4jAmSfOoteJaBq4pFCPUBal25M95V0%2Bu%2B%2B7rEBNiSXF9DJOkiCPUT%2BJ9JDLKQ%2Bzm29aWePSQWOr2bRxW1zPyL19XvVBOvw3IKJQr0qBTIKKk0EnvXJYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/font-woff
Connection
keep-alive
CF-RAY
80d4c55fbe34c265-VIE
alt-svc
h3=":443"; ma=86400
AQ
emumuendaku.info/Nkl3RXlXKxQoRld0FWMMRCVKYEtwbEUDHQV9DTIIBiVDPUsBKEFrGlomAiEfRCYZMVdYLANgS3ArOQBMWxMgDyF/GBABIWMIGQQVXis2diNlHDEcKnwLIg49cxsNCDpBHBUUKA4KDh88UzAEIzhuOj4QLHseIywJVB9HFyB6PhAGIU4ABQY4... Frame 15E2 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://emumuendaku.info/Nkl3RXlXKxQoRld0FWMMRCVKYEtwbEUDHQV9DTIIBiVDPUsBKEFrGlomAiEfRCYZMVdYLANgS3ArOQBMWxMgDyF/GBABIWMIGQQVXis2diNlHDEcKnwLIg49cxsNCDpBHBUUKA4KDh88UzAEIzhuOj4QLHseIywJVB9HFyB6PhAGIU4ABQY4bC81Eh5+CCYEM1MiNhc8WjobEg5FDSUGDlUKEDEreS4TAT8HHw0GDlkQLxYwfQsyJj51DzkJLF4PTxMSBh8vFjh1Ch8TMVd4JRM9cwsFEz9gHTUCO2EYMQNLV3glEz9geRAQP3ABNTIBch9GDzRTD1oPNGQ+LWBLdAsPECphCgQXOHcLEQ8BfAgiDTMBHyEPNHR6HwEvBwAUDygCGzN0EUQfNB8xdCdDDj13JSUkSGQfNRM8Qg0mNTVzEQ8SO1E5MAwoRQglMiB/H0YXL3EnQgwscDo/IRJeKiIHPw4fHxw9YyBPED1zKjAGP3geIRcJDxwyCCF1EU9jE0UmGTVEYAABHDNsJzM1THszFAo/AQ
Requested by
Host: d34zwq0l4x27a6.cloudfront.net
URL: http://d34zwq0l4x27a6.cloudfront.net/?lqwzd=978454
Protocol
HTTP/1.1
Server
18.66.122.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-20.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e8e20a6b3d57c89fe944b6ebcf8be0c18fece51b7b4d77af6681f812a006c063

Request headers

Referer
http://it.tiny-files.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Accept-CH
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
Connection
keep-alive
Content-Length
1240
Content-Type
text/html
Date
Wed, 27 Sep 2023 15:27:29 GMT
P3P
CP="NID DSP ALL COR"
Pragma
no-cache
Server
openresty/1.17.8.2
Via
1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
X-Amz-Cf-Id
TdPK3Lvo_sUaTBJgPAGQ_CC5UuZYxuhaAwtFCofKCRbHFF-KLsQqgw==
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
bjUAZAsKQ1w3HA0rdTN4Qjh7LH5zHGtxeno2VA4uXEBNGSxuQh8+O1ccSWkEaxhJGRgJJ1YDcQ
emumuendaku.info/OVRIOHJYNitVTVhpKh4HSzh1HUB/cXp+FgpgMk8DCTh8QEAONX4WEVU7PVwUSzsmTFxXMTwdQH8YKn00dxsdXyJ1PQZeFkEzJ3MjaywfCx4NF3tUOXIufW84USxweSVWPQB5BV0XCgg2fzoZXiJ7DSRbM00hCXszUwwmbjlzFwZZFm9lJnQ0... Frame AC4D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://emumuendaku.info/OVRIOHJYNitVTVhpKh4HSzh1HUB/cXp+FgpgMk8DCTh8QEAONX4WEVU7PVwUSzsmTFxXMTwdQH8YKn00dxsdXyJ1PQZeFkEzJ3MjaywfCx4NF3tUOXIufW84USxweSVWPQB5BV0XCgg2fzoZXiJ7DSRbM00hCXszUwwmbjlzFwZZFm9lJnQ0CSUdYCRLAAtUIHUXAnw7aBU8dDBBYgNWIFMXHwkXWgMedztoHSRxGQ1jG2A8AAIyQDhaZ3hxF3weMFkzVh8bYDwAACF9MV1nI1sXQGEjXgVSIx9WJFIcAEgRcBB5cjh4P3pzNEo+CmwkVhc/DShaOmVXKlxlOFMUTjgvegtSYR57IHM3PwwRXDg/TDh/HTxrKndtEFFCaR8hcSNbAn1APlURfnkLTjsAcB1INwBPPWM4ME4XeBZ/bjUAZAsKQ1w3HA0rdTN4Qjh7LH5zHGtxeno2VA4uXEBNGSxuQh8+O1ccSWkEaxhJGRgJJ1YDcQ
Requested by
Host: d34zwq0l4x27a6.cloudfront.net
URL: http://d34zwq0l4x27a6.cloudfront.net/?lqwzd=978454
Protocol
HTTP/1.1
Server
18.66.122.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-20.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
66c43ad523214294e3d4a23764c68b4be966870eac570721e2aeb2ec65eea450

Request headers

Referer
http://it.tiny-files.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Accept-CH
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
Connection
keep-alive
Content-Length
1215
Content-Type
text/html
Date
Wed, 27 Sep 2023 15:27:29 GMT
P3P
CP="NID DSP ALL COR"
Pragma
no-cache
Server
openresty/1.17.8.2
Via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
X-Amz-Cf-Id
BuwxW2Z996TvDEZT6-IyM94PobBN8bvKIUzpZp9PK5lrgszhk4-mpg==
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
anchor
www.google.com/recaptcha/api2/ Frame 6C5F 		52 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaPcAUAAAAAHiktr0CHoQ3G2M51KwK-jcy48HI&co=aHR0cDovL2l0LnRpbnktZmlsZXMuY29tOjgw&hl=it&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=odde82unjqua
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__it.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
GSE /
Resource Hash
5e87a7395beb7b4e98cf74c7bb84652e1be3d2143a77f39a9fdda61a235652cc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XyL6Zk991SBo0vp8RSBLDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://it.tiny-files.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-XyL6Zk991SBo0vp8RSBLDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 27 Sep 2023 15:27:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bNE5mZWJXIQgDXUAnAlhbA3ZSUFYSJBUKDERzMCwUbQQ8CyZEeysfAXsIUUMWTipbV0RYLwgCXxIrCAZfBWgHAQAJekARElslWwsDRCwcCgtROgdDF1VzCwoYXSIKBEcGCFNLUhF8Vk0VXSACChVHa1RVDEBrVFVTBGBWQFF2a1RVFV0gUFFHBwxDV1JMeF-JMRwZ...
d34zwq0l4x27a6.cloudfront.net/ Frame 15E2 		724 B
910 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d34zwq0l4x27a6.cloudfront.net/bNE5mZWJXIQgDXUAnAlhbA3ZSUFYSJBUKDERzMCwUbQQ8CyZEeysfAXsIUUMWTipbV0RYLwgCXxIrCAZfBWgHAQAJekARElslWwsDRCwcCgtROgdDF1VzCwoYXSIKBEcGCFNLUhF8Vk0VXSACChVHa1RVDEBrVFVTBGBWQFF2a1RVFV0gUFFHBwxDV1JMeF-JMRwZ+BxUSWCsRAABfJxJAUHJ7VVJMB3hDV1IcJQ4RD1hrVCZHBn4KDAlRa1RVBVEtDQpLEXxWBgpGIQsARwYIV1RVGn5IUFsHdkhcUBF8VhYDUi8UDEcGCFNWVRp9UEMXCX8
Requested by
Host: emumuendaku.info
URL: http://emumuendaku.info/Nkl3RXlXKxQoRld0FWMMRCVKYEtwbEUDHQV9DTIIBiVDPUsBKEFrGlomAiEfRCYZMVdYLANgS3ArOQBMWxMgDyF/GBABIWMIGQQVXis2diNlHDEcKnwLIg49cxsNCDpBHBUUKA4KDh88UzAEIzhuOj4QLHseIywJVB9HFyB6PhAGIU4ABQY4bC81Eh5+CCYEM1MiNhc8WjobEg5FDSUGDlUKEDEreS4TAT8HHw0GDlkQLxYwfQsyJj51DzkJLF4PTxMSBh8vFjh1Ch8TMVd4JRM9cwsFEz9gHTUCO2EYMQNLV3glEz9geRAQP3ABNTIBch9GDzRTD1oPNGQ+LWBLdAsPECphCgQXOHcLEQ8BfAgiDTMBHyEPNHR6HwEvBwAUDygCGzN0EUQfNB8xdCdDDj13JSUkSGQfNRM8Qg0mNTVzEQ8SO1E5MAwoRQglMiB/H0YXL3EnQgwscDo/IRJeKiIHPw4fHxw9YyBPED1zKjAGP3geIRcJDxwyCCF1EU9jE0UmGTVEYAABHDNsJzM1THszFAo/AQ
Protocol
HTTP/1.1
Server
18.239.15.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-15-151.ams58.r.cloudfront.net
Software
/
Resource Hash
d37000bdd445fd21c962f5754b0ac5e926629f2f00261be9e9d2a08e2b506b75

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://emumuendaku.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 15:27:29 GMT
Content-Encoding
gzip
Via
1.1 a2bbc9a5f1a7ffcf013479d79f036bbc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P6
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
max-age=31556926
Connection
keep-alive
Content-Length
523
X-Amz-Cf-Id
gU20XXa24swduOcfb_LY5CtTpk8eY_Z7no43PcSEzFKYliHrP-QKYw==
LbEFNOUgPLiNfdxgoKQRxW3l4C3lKKz5WJhx8AWoiHAwdCB0DFnQfPBYlcAtuACAjXnVKJCNadV1nLF0qUXVrTClRLCJDIQAtLBx6KnRjCW1ecWVOIQIlIk47SXN9VzxJc30IeEJxaAoKSXN9TiECd3kcey5kfwkwWnVkHHpcID1JJAk2KFsjBTVoCw5Zcn-oXe1p...
d34zwq0l4x27a6.cloudfront.net/ Frame AC4D 		191 B
573 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d34zwq0l4x27a6.cloudfront.net/LbEFNOUgPLiNfdxgoKQRxW3l4C3lKKz5WJhx8AWoiHAwdCB0DFnQfPBYlcAtuACAjXnVKJCNadV1nLF0qUXVrTClRLCJDIQAtLBx6KnRjCW1ecWVOIQIlIk47SXN9VzxJc30IeEJxaAoKSXN9TiECd3kcey5kfwkwWnVkHHpcID1JJAk2KFsjBTVoCw5Zcn-oXe1pkfwlgByk5VCRJcw4celwtJFItSXN9Xi0PKiIQbV5xLlE6AywoHHoqcHwOZlxveAB7VG90C21ecT5YLg0zJBx6KnR+DmZfd2tMdV0
Requested by
Host: emumuendaku.info
URL: http://emumuendaku.info/OVRIOHJYNitVTVhpKh4HSzh1HUB/cXp+FgpgMk8DCTh8QEAONX4WEVU7PVwUSzsmTFxXMTwdQH8YKn00dxsdXyJ1PQZeFkEzJ3MjaywfCx4NF3tUOXIufW84USxweSVWPQB5BV0XCgg2fzoZXiJ7DSRbM00hCXszUwwmbjlzFwZZFm9lJnQ0CSUdYCRLAAtUIHUXAnw7aBU8dDBBYgNWIFMXHwkXWgMedztoHSRxGQ1jG2A8AAIyQDhaZ3hxF3weMFkzVh8bYDwAACF9MV1nI1sXQGEjXgVSIx9WJFIcAEgRcBB5cjh4P3pzNEo+CmwkVhc/DShaOmVXKlxlOFMUTjgvegtSYR57IHM3PwwRXDg/TDh/HTxrKndtEFFCaR8hcSNbAn1APlURfnkLTjsAcB1INwBPPWM4ME4XeBZ/bjUAZAsKQ1w3HA0rdTN4Qjh7LH5zHGtxeno2VA4uXEBNGSxuQh8+O1ccSWkEaxhJGRgJJ1YDcQ
Protocol
HTTP/1.1
Server
18.239.15.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-15-151.ams58.r.cloudfront.net
Software
/
Resource Hash
c042a5d7074b96df8f9acba1ea507a9821f621c72078c87a21774d9f4d02e31c

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://emumuendaku.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Wed, 27 Sep 2023 15:27:29 GMT
Content-Encoding
gzip
Via
1.1 428178e04c8c5f5460c3935b1e7203be.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS58-P6
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
max-age=31556926
Connection
keep-alive
Content-Length
186
X-Amz-Cf-Id
udLGHXOx6e_BoUYlcH0EnjHZHQHPWpKx93R5gDT3E2hVrXgp_tysjg==
styles__ltr.css
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 6C5F 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaPcAUAAAAAHiktr0CHoQ3G2M51KwK-jcy48HI&co=aHR0cDovL2l0LnRpbnktZmlsZXMuY29tOjgw&hl=it&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=odde82unjqua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 15:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 04:01:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Sep 2024 15:18:08 GMT
recaptcha__it.js
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 6C5F 		455 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaPcAUAAAAAHiktr0CHoQ3G2M51KwK-jcy48HI&co=aHR0cDovL2l0LnRpbnktZmlsZXMuY29tOjgw&hl=it&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=odde82unjqua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
c72ae7f7ef77e771049d6371fdf1f5db8a95c6c2e185af10564a78d7e5a5a011
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 17:47:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186943
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 04:01:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Sep 2024 17:47:35 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6C5F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 07:44:15 GMT
x-content-type-options
nosniff
age
200594
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 02 Oct 2023 07:44:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6C5F 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaPcAUAAAAAHiktr0CHoQ3G2M51KwK-jcy48HI&co=aHR0cDovL2l0LnRpbnktZmlsZXMuY29tOjgw&hl=it&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=odde82unjqua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 06:47:09 GMT
x-content-type-options
nosniff
age
376820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Sep 2024 06:47:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6C5F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaPcAUAAAAAHiktr0CHoQ3G2M51KwK-jcy48HI&co=aHR0cDovL2l0LnRpbnktZmlsZXMuY29tOjgw&hl=it&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=odde82unjqua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 17:41:40 GMT
x-content-type-options
nosniff
age
78349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Sep 2024 17:41:40 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 6C5F 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=it&v=Ai7lOI0zKMDPHxlv62g7oMoJ
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaPcAUAAAAAHiktr0CHoQ3G2M51KwK-jcy48HI&co=aHR0cDovL2l0LnRpbnktZmlsZXMuY29tOjgw&hl=it&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=odde82unjqua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
GSE /
Resource Hash
59e1396f714d3bde19191b416d31409673a02768d2b4b52a58c3e902b082bb73
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaPcAUAAAAAHiktr0CHoQ3G2M51KwK-jcy48HI&co=aHR0cDovL2l0LnRpbnktZmlsZXMuY29tOjgw&hl=it&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=odde82unjqua
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 15:27:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 27 Sep 2023 15:27:29 GMT
reload
www.google.com/recaptcha/api2/ Frame 6C5F 		33 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LfaPcAUAAAAAHiktr0CHoQ3G2M51KwK-jcy48HI
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__it.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
GSE /
Resource Hash
636338d245d7ecc59f97597a21347c84e907ebbdf85b2ec8b425bad988989a98
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfaPcAUAAAAAHiktr0CHoQ3G2M51KwK-jcy48HI&co=aHR0cDovL2l0LnRpbnktZmlsZXMuY29tOjgw&hl=it&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=odde82unjqua
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Wed, 27 Sep 2023 15:27:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 27 Sep 2023 15:27:30 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery number| show_fname_chars string| upload_type undefined| form_action undefined| x function| $$ function| openStatusWindow function| StartUpload function| StartUploadBox function| checkExt function| checkSize function| getFileSize function| fixLength function| MultiSelector function| getFormAction function| setFormAction function| InitUploadSelector function| findPos function| changeUploadType function| jah function| submitCommentsForm function| scaleImg function| OpenWin function| player_start function| copy function| convertSize number| LAST_CORRECT_EVENT_TIME object| utr_978454 number| userTrackingInterval number| _1347053034 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| countDown function| checkForm string| tab_cookie function| share_facebook function| share_twitter function| share_gplus function| share_vk object| tabberOptions function| setCookie function| getCookie function| deleteCookie function| tabberObj function| tabberAutomatic function| tabberAutomaticOnLoad object| recaptcha object| closure_lm_733684 number| iinf number| num

3 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AFIN4vcr60q0Xls362Sbd_ezG8KWJWGMrIN_-pzcx_0Ki66_rDIncq8GRGoO7pN9o2FSuuKZ0e5_Qc7P_57kjHc
it.tiny-files.com/ Name: csrftoken
Value: JqcHxTtPYEu7NSi4HANvHEctQgFFZNNR
pogothere.xyz/ Name: csu
Value: 1217899295562494@1@1695828449

2 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcugiUQC_mh78IA7sCWsl7bSXtqIiQu7Tmw09hW-iJn_SdVXT2W4YBjIafy5ZAoBrneUCMlkw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S738569927%3A1695828449368644&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhe7VwV5GPUsVoiHYiS9UlVDnaAp2-bS-CEtcr6pPmBc-39NR_uyunMDctdwvBONwavrk-1vUQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940340527%3A1695828449412230&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
atthereandhth.com
d34zwq0l4x27a6.cloudfront.net
emumuendaku.info
fonts.gstatic.com
it.tiny-files.com
pogothere.xyz
s7.addthis.com
www.facebook.com
www.google.com
www.gstatic.com
104.21.56.143
142.250.184.205
142.250.185.100
142.250.185.99
157.240.0.35
172.64.96.14
172.67.152.127
172.67.190.120
18.239.15.151
18.66.122.20
216.58.206.35
23.45.238.53
0175c6b6b33312ca074b4bd0cf58e998463c49313df0aac794b2b9fba11504cb
086d620dd864e617d0b27ee9bcf2443336a650499790a34cd4e6945ddc937906
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cfad333158e1b1233b18c8a20702d0d904f6e2be0ea770eeba7c46872d5922d
1d5ae6ac8e99df29926a5bef94a97b191736347d69d225cfdad02c9f24933638
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fe7b6ef153ee8711389b8e135edb59b75d3fb876703e168a3d05dec6daa7021
4935646e95f19455e4345c88041b01ba7198675556fc380afac975a7ad83a945
59e1396f714d3bde19191b416d31409673a02768d2b4b52a58c3e902b082bb73
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d71c0e1b9a8facdacbcd3da0cd7ca66cb784eb8e70eeed4b5b771aea989a8ba
5e87a7395beb7b4e98cf74c7bb84652e1be3d2143a77f39a9fdda61a235652cc
62051b02e7552ba6065a3d28969e6d4bba9eb15547c8fc323f31e6e984dc6ee3
636338d245d7ecc59f97597a21347c84e907ebbdf85b2ec8b425bad988989a98
66c43ad523214294e3d4a23764c68b4be966870eac570721e2aeb2ec65eea450
6779927a414cbf0fe75402465415087eb51e26f9a5f466bd8c59ed2df157d9b2
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7ac6bf852bca18388c96034f79df97d36c49431eeca883e52dc26f43250b9dc9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
ba122c46a70045749e59a3ed1a2fbbf2bcc60a5070d3626ac94f2ef57490fda6
c042a5d7074b96df8f9acba1ea507a9821f621c72078c87a21774d9f4d02e31c
c72ae7f7ef77e771049d6371fdf1f5db8a95c6c2e185af10564a78d7e5a5a011
ce87b77d978a92fd100ff07ffc957cf5047751f96d54044d62b356741aeb4ef8
d0159fa2af78a66a4adf0fc6d4adf2dbcc053f6c583baf358c076647dbea47fc
d37000bdd445fd21c962f5754b0ac5e926629f2f00261be9e9d2a08e2b506b75
d43c0e34ba6820981230dcbb9b77c319949a66b68684ce05a58c82c6867165fe
d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e20a6b3d57c89fe944b6ebcf8be0c18fece51b7b4d77af6681f812a006c063
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16