tpi.li Open in urlscan Pro
2606:4700:3033::6815:50a3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://is.gd/oeWD0O
Effective URL:
https://tpi.li/ar1ch
Submission: On November 13 via manual (November 13th 2024, 10:45:49 am UTC) from CR — Scanned from DE

Summary HTTP 39 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 19 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3033::6815:50a3, located in United States and belongs to CLOUDFLARENET, US. The main domain is tpi.li. The Cisco Umbrella rank of the primary domain is 521574.
TLS certificate: Issued by WE1 on October 21st 2024. Valid for: 3 months.

This is the only time tpi.li was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:5384	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:50a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:223... 2600:9000:223e:2c00:13:cb0a:63c0:21	16509 (AMAZON-02) (AMAZON-02)
7	172.67.151.143 172.67.151.143	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	139.45.197.245 139.45.197.245	9002 (RETN-AS) (RETN-AS)
1	104.21.17.211 104.21.17.211	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	172.67.193.52 172.67.193.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
2 2	88.214.195.99 88.214.195.99	46636 (NATCOWEB) (NATCOWEB)
2	88.214.195.115 88.214.195.115	46636 (NATCOWEB) (NATCOWEB)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	() ()
2	142.250.186.99 142.250.186.99	() ()
39	19

1 2606:4700:20::ac43:5384 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

is.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:50a3 (United States)

ASN13335 (CLOUDFLARENET, US)

tpi.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223e:2c00:13:cb0a:63c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1iy4wgzi9qdu7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.151.143 (United States)

ASN13335 (CLOUDFLARENET, US)

tpi.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

ukankingwithea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

sionscormation.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)

pedangaishons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.17.211 (None, )

ASN13335 (CLOUDFLARENET, US)

bytogeticr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.193.52 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.214.195.99 (United Kingdom) 2 redirects

ASN46636 (NATCOWEB, US)

track-us.rwtks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.214.195.115 (United Kingdom)

ASN46636 (NATCOWEB, US)

ads-us.rwtks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.99 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	tpi.li tpi.li — Cisco Umbrella Rank: 521574	406 KB
4	rwtks.com 2 redirects track-us.rwtks.com — Cisco Umbrella Rank: 578013 ads-us.rwtks.com — Cisco Umbrella Rank: 511283	31 KB
4	pedangaishons.com pedangaishons.com — Cisco Umbrella Rank: 220964	41 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	254 KB
3	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1398	2 KB
3	cloudfront.net d1iy4wgzi9qdu7.cloudfront.net	108 KB
2	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 15184	892 B
2	sionscormation.org sionscormation.org	1 KB
2	ukankingwithea.com ukankingwithea.com — Cisco Umbrella Rank: 23288	101 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2944
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 16007	9 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127	52 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 8258	906 B
1	bytogeticr.com bytogeticr.com — Cisco Umbrella Rank: 22155
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	108 KB
1	is.gd 1 redirects is.gd — Cisco Umbrella Rank: 166645	333 B
0	google.com Failed accounts.google.com — Cisco Umbrella Rank: 26 Failed
0	facebook.com Failed www.facebook.com Failed
39	19

	Domain	Requested by
8	tpi.li	tpi.li
4	pedangaishons.com	tpi.li pedangaishons.com
3	www.recaptcha.net	tpi.li www.gstatic.com
3	d1iy4wgzi9qdu7.cloudfront.net	tpi.li d1iy4wgzi9qdu7.cloudfront.net
2	fonts.gstatic.com	fonts.googleapis.com
2	ads-us.rwtks.com	tpi.li
2	track-us.rwtks.com	2 redirects
2	fleraprt.com	tzegilo.com
2	sionscormation.org	tpi.li
2	ukankingwithea.com	d1iy4wgzi9qdu7.cloudfront.net
1	fonts.googleapis.com	pedangaishons.com
1	www.gstatic.com	www.recaptcha.net
1	region1.google-analytics.com	www.googletagmanager.com
1	tzegilo.com	pedangaishons.com
1	pagead2.googlesyndication.com	tpi.li
1	my.rtmark.net	pedangaishons.com
1	bytogeticr.com	pedangaishons.com
1	www.googletagmanager.com	tpi.li
1	is.gd	1 redirects
0	accounts.google.com Failed	tpi.li
0	www.facebook.com Failed	tpi.li
39	21

This site contains links to these domains. Also see Links.

Domain
tii.la
etextpad.com
www.reviewfoxy.com
www.hostingfoxy.com
ak.naiwoalooca.net

Subject Issuer	Validity	Valid
tpi.li WE1	`2024-10-21` - `2025-01-19`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ukankingwithea.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
sionscormation.org WE1	`2024-11-07` - `2025-02-05`	3 months	crt.sh
pedangaishons.com R11	`2024-10-08` - `2025-01-06`	3 months	crt.sh
bytogeticr.com WE1	`2024-10-01` - `2024-12-30`	3 months	crt.sh
my.rtmark.net WE1	`2024-11-06` - `2025-02-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
misc.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
tzegilo.com WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-09` - `2025-01-13`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://tpi.li/ar1ch
Frame ID: E015342D5B15BE667C65BFC3F4383A8D
Requests: 32 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcbegwkAAAAAMOUf_S039akOVHQpFdhB-pJfrNJ&co=aHR0cHM6Ly90cGkubGk6NDQz&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=b1s8k9j0tcbm
Frame ID: C639572DF245F3B4FCFE68DEBB288D4F
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LcbegwkAAAAAMOUf_S039akOVHQpFdhB-pJfrNJ
Frame ID: 6BC4E69420051AFC6F3C9EDE606A332B
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Frame ID: 75DCB16F5A7454E62CC4A0E1C17671F4
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Health Shield

Page URL History Show full URLs

https://is.gd/oeWD0O HTTP 301
https://tpi.li/ar1ch Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

39
Requests

87 %
HTTPS

35 %
IPv6

19
Domains

21
Subdomains

19
IPs

6
Countries

1116 kB
Transfer

3272 kB
Size

8
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://tii.la/
Title: Home

Search URL Search Domain Scan URL

URL: https://etextpad.com/
Title: Online Notepad

Search URL Search Domain Scan URL

URL: https://tii.la/blog/category/health-fitness/
Title: Fitness & Health

Search URL Search Domain Scan URL

URL: https://www.reviewfoxy.com/
Title: Online Review site

Search URL Search Domain Scan URL

URL: https://tii.la/blog/category/law-attorney/
Title: Attorney

Search URL Search Domain Scan URL

URL: https://www.hostingfoxy.com/category/free-hosting

Search URL Search Domain Scan URL

URL: https://ak.naiwoalooca.net/4/5016961

Search URL Search Domain Scan URL

URL: https://www.reviewfoxy.com/browse-category/review-sites
Title: 10 Best Online Review Sites for business

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://is.gd/oeWD0O HTTP 301
https://tpi.li/ar1ch Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AcMMx-ePsDvv7prKngjONwU0GGepYuGR6AXgpeeIdmrXjJupUgPgSqfDrbAzP08cjGhZPHKeKsjpcw HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-daaNjtzBTbpS19gDiNW2l7ssy7Np_W_2WGcLXuBZPW1v0frcrzqNtwZ11iQv1-KkWng3ec9w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-702410812%3A1731494742465781&ddm=1

Request Chain 13

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AcMMx-eAxPjU2qd88MQDRy53RrXpepte7zRWNv3F-IOILrZ_xHKXrGEbiXMnjdMr4GUzRPwpyrU1_Q HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-cUmZyq0p9NNU6mSsYPY8HvHkDvWjk0IHr4a5Uhpq6SMJiJLpyQpO5qQmkQ5N6TcHdXQXlq_Q&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-114431002%3A1731494742458525&ddm=1

Request Chain 28

https://track-us.rwtks.com/push/ic?auth=zy5bg9&c=_COg9hBLj4NHf5Iiz2zrhDuahpnC1Bkl0Izr2-mcn-9DEY1LG3XpneNG2kCq6SGJ7itLz6nVX5N_yUDSn5O_v9JXEHHPAg8wWFNreHNp4AexQ7UXGo79s4ZMimv1lvPaUIznvIin3zinlJdb_lVt_KykP4FfIcjyCL7l7RkIFgXyWCnuTwZa37DMxKDOeS3GMdgUCE2_kH_ug7XmD9_Cbovn9wEqqvXogUcDDgsooL_fjWTmBQWCgjKjCxg0BjPxIEjE_Joev0UKt3xrnckPXiYHt7ECZIQjeh2gKOfAl9rAr7Lg_o8eSI681PV3sW--FLpuvxwDkernH2kztdwJZN7HW6qiCwP60OFQQtNsGENLYlHbzv0Wtvq63WxTSIUu3hEEKARR3_KlZPD5WwxyTfrgH7USe68TdoAkPRz3NmZKskuhkE5gtgQu1nfj8_CsJU1_2cmFtiUTEFpp2YwJqDLQHgbB0o3uZrlzAYTFFsX_3vK9bAn7Wmwww3uCl8g2AYmNHw HTTP 302
https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1730964920189-RFG48XxwM38y.png

Request Chain 35

https://track-us.rwtks.com/push/ic?auth=zy5bg9&c=_COg9hBLj4NHf5Iiz2zrhDuahpnC1Bkl0Izr2-mcn-9DEY1LG3XpneNG2kCq6SGJ7itLz6nVX5N_yUDSn5O_v9JXEHHPAg8wWFNreHNp4AexQ7UXGo79s4ZMimv1lvPaUIznvIin3zinlJdb_lVt_KykP4FfIcjyCL7l7RkIFgXyWCnuTwZa37DMxKDOeS3GMdgUCE2_kH_ug7XmD9_Cbovn9wEqqvXogUcDDgsooL_fjWTmBQWCgjKjCxg0BjPxIEjE_Joev0UKt3xrnckPXiYHt7ECZIQjeh2gKOfAl9rAr7Lg_o8eSI681PV3sW--FLpuvxwDkernH2kztdwJZN7HW6qiCwP60OFQQtNsGENLYlHbzv0Wtvq63WxTSIUu3hEEKARR3_KlZPD5WwxyTfrgH7USe68TdoAkPRz3NmZKskuhkE5gtgQu1nfj8_CsJU1_2cmFtiUTEFpp2YwJqDLQHgbB0o3uZrlzAYTFFsX_3vK9bAn7Wmwww3uCl8g2AYmNHw HTTP 302
https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1730964920189-RFG48XxwM38y.png

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ar1ch Show response
tpi.li/
Redirect Chain

https://is.gd/oeWD0O
https://tpi.li/ar1ch

865 KB
140 KB

634ms
536ms

Document
text/html

2606:4700:3033::6815:50a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tpi.li/ar1ch

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:50a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d76f2d1a5c588482db981f91510e84c280ab272440323ad427dffa30ef3538db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e1e2c72c806025f-CDG
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Wed, 13 Nov 2024 10:45:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BeOnuN7l2g6XpDQIBS3y7Pxnu8f8UekOCwwWKsCDxZCerm7khokg7zb95fx%2BJCnsMcaeP17CIXZq6qHM7ppM1UIGX9Laa4K6VCBOjsf2O73pY2Q7qs7lSF6n%2BHNffrww%2F4DIoz8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=33369&sent=10&recv=12&lost=0&retrans=1&sent_bytes=4410&recv_bytes=2288&delivery_rate=98568&cwnd=255&unsent_bytes=0&cid=8bb7bc21aa88f382&ts=551&x=0"
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8e1e2c703944dbde-FRA
content-type: text/html; charset=UTF-8
date: Wed, 13 Nov 2024 10:45:40 GMT
location: https://tpi.li/ar1ch
server: cloudflare

GET
H2 200 / Show response
d1iy4wgzi9qdu7.cloudfront.net/ 164 KB
54 KB 227ms
174ms Script
text/plain 2600:9000:223e:2c00:13:cb0a:63c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1iy4wgzi9qdu7.cloudfront.net/?gwyid=1118076
Requested by: Host: tpi.li
URL: https://tpi.li/ar1ch
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2c00:13:cb0a:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 18b0ddfd6b467f7c788e231d8cff2e1c20b03b877864e03b4adbd597653c94e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 54537
x-amz-cf-id: KpbUGGpNCgCts5A_Y9_IESO0vRTxzRyebT4xG2aeCz4EtD8ky4wvmQ==
date: Wed, 13 Nov 2024 10:45:41 GMT
x-amz-cf-pop: FRA56-P4

GET
H3 200 styles.min.css
tpi.li/cloud_theme/build/css/ 197 KB
38 KB 180ms
179ms Stylesheet
text/css 172.67.151.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tpi.li/cloud_theme/build/css/styles.min.css?ver=6.6.1

Requested by

Host: tpi.li
URL: https://tpi.li/ar1ch

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.151.143 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0319a0b75558303ee14a9d90af0769cd778b155206a96f14aad796c9454a454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/ar1ch

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 695863
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SMot93EEgOmWcz%2FUrRj%2FuxPiMKK9RX%2FUG4%2F4%2FBIDLc02YcigdTVVVOZS%2F%2Bi6ZhfZ32R1T%2BvZpGKIQbrLFvO4wGLeFQTKa8c%2FS%2BXKx5HU9dXV3jgvz1%2B0vNM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 09:27:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=191071&sent=22&recv=12&lost=0&retrans=0&sent_bytes=14045&recv_bytes=5455&delivery_rate=147&cwnd=12000&unsent_bytes=0&cid=8e75b8d1096fed55&ts=868&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 10:45:41 GMT
content-type: text/css
last-modified: Wed, 04 Jan 2023 11:44:18 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e1e2c7808e4cf69-SJC
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 healthshield.png
tpi.li/ 9 KB
9 KB 180ms
179ms Image
image/png 172.67.151.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpi.li/healthshield.png

Requested by

Host: tpi.li
URL: https://tpi.li/ar1ch

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.151.143 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b18170608406eb5c809f296c41045bb45e6519004eecd76ec39ae39bc440738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/ar1ch

Response headers

cf-cache-status: HIT
age: 695863
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mp52KjaylXyzWSQFHLf7NV82jkBKT1A3k0dkjSgMcRGRAKuMv3atNANoPIvXQzWoGO%2B5L807SWzPA7eSE1GsjR1U3CrQbY4k5vJ%2BQ%2FsNZbOUTJ%2FOBcHwk3o%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 05 Nov 2025 09:27:58 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=191071&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4168&recv_bytes=5455&delivery_rate=147&cwnd=12000&unsent_bytes=0&cid=8e75b8d1096fed55&ts=866&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 10:45:41 GMT
content-type: image/png
last-modified: Thu, 25 Apr 2024 07:40:42 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e1e2c7808e5cf69-SJC
accept-ranges: bytes
content-length: 8960
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 freeHostinglist.jpg
tpi.li/webroot/modern_theme/img/ 47 KB
48 KB 533ms
533ms Image
image/jpeg 172.67.151.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpi.li/webroot/modern_theme/img/freeHostinglist.jpg

Requested by

Host: tpi.li
URL: https://tpi.li/ar1ch

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.151.143 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64b31571aa31997dbf09478f11e0a4122cc02c268f1e4f851a4771222828316f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/ar1ch

Response headers

cf-cache-status: HIT
age: 89445
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2FhFcA4iHromt0q2BprsLpeuYT%2BCNFxg70r4J5vE5GItzgJkDESbb0MUIs6a%2Bm4TzylDvlz%2F8Aqb89H4znHb7FQQHfiF2WebSVyIV%2F8v1LDSkhjU%2BcbKW%2Bc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 12 Nov 2025 09:54:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=191071&sent=24&recv=12&lost=0&retrans=0&sent_bytes=16168&recv_bytes=5455&delivery_rate=147&cwnd=12000&unsent_bytes=0&cid=8e75b8d1096fed55&ts=868&x=1", cfHdrFlush;dur=175
date: Wed, 13 Nov 2024 10:45:41 GMT
content-type: image/jpeg
last-modified: Wed, 14 Jun 2023 16:03:55 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e1e2c7808e7cf69-SJC
accept-ranges: bytes
content-length: 48487
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 dwndbnr1.png
tpi.li/webroot/modern_theme/img/ 47 KB
47 KB 526ms
511ms Image
image/png 172.67.151.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpi.li/webroot/modern_theme/img/dwndbnr1.png

Requested by

Host: tpi.li
URL: https://tpi.li/ar1ch

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.151.143 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/ar1ch

Response headers

cf-cache-status: HIT
age: 766757
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RpV0H%2BOokuNLmKk0ezQXLhMdCJEYK5%2BIFHi0R0wDNgxVIQ2%2FKkOewWr5SNNSEscRVl2%2FuUlTm%2FOe80JkyOKz1Jhqer%2FQIhbp6tZSClCuxD%2Fb5CImRuDEhLk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 13:46:23 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=190763&sent=45&recv=18&lost=0&retrans=0&sent_bytes=40168&recv_bytes=6144&delivery_rate=64260&cwnd=24000&unsent_bytes=0&cid=8e75b8d1096fed55&ts=1077&x=1", cfHdrFlush;dur=145
date: Wed, 13 Nov 2024 10:45:41 GMT
content-type: image/png
last-modified: Fri, 20 Jan 2023 16:42:51 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e1e2c796a56cf69-SJC
accept-ranges: bytes
content-length: 47787
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 tagdiv_theme.min.js Show response
tpi.li/main/wp-content/themes/Newspaper/js/ 204 KB
52 KB 326ms
321ms Script
application/javascript 172.67.151.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tpi.li/main/wp-content/themes/Newspaper/js/tagdiv_theme.min.js

Requested by

Host: tpi.li
URL: https://tpi.li/ar1ch

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.151.143 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c19c9186e84024b69f2b855f6c24fd9f44f68618dd00839a2da55e1dd614fb42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/ar1ch

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 542555
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iok01LUR9ab02kokR05LTn4HJKrJaEKEd2oyZAIskI0axUxwa1i7jLV3Ui7K5LMESg%2FT%2FGDXQ1z4VqowWq2Vt7nlZs1%2BVwfPivNk2lvHcVA4MqS0Z%2Btiw2U%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 07 Dec 2024 04:03:04 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=182911&sent=134&recv=46&lost=0&retrans=0&sent_bytes=141268&recv_bytes=8114&delivery_rate=195327&cwnd=67200&unsent_bytes=0&cid=8e75b8d1096fed55&ts=1436&x=1", cfHdrFlush;dur=14
date: Wed, 13 Nov 2024 10:45:42 GMT
content-type: application/javascript
last-modified: Fri, 20 Jan 2023 16:25:11 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e1e2c7b9c02cf69-SJC
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 script.min.js Show response
tpi.li/cloud_theme/build/js/ 220 KB
68 KB 344ms
339ms Script
application/javascript 172.67.151.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tpi.li/cloud_theme/build/js/script.min.js?ver=0x6.6.1

Requested by

Host: tpi.li
URL: https://tpi.li/ar1ch

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.151.143 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c30afe3f924533fb26dce1fb285af7eee9faf186c4814b7662a7d0a8a826c87a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/ar1ch

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 947295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5TWMcPsOo3junpn3ymWjdsVOvHFTMoq11Yx3fyJcAmNKTguAojs05oq1z9CHDmW5NPePHedq4jM2tCwkzx6MByPRBF6fXDyW2yEJac%2FbySrIW85K%2BDdGvdw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 11:37:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=182911&sent=134&recv=46&lost=0&retrans=0&sent_bytes=141268&recv_bytes=8114&delivery_rate=195327&cwnd=67200&unsent_bytes=0&cid=8e75b8d1096fed55&ts=1449&x=1", cfHdrFlush;dur=123
date: Wed, 13 Nov 2024 10:45:42 GMT
content-type: application/javascript
last-modified: Tue, 01 Aug 2023 07:46:37 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e1e2c7b9c07cf69-SJC
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 322 KB
108 KB 135ms
58ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TS7QVKGQQ6

Requested by

Host: tpi.li
URL: https://tpi.li/ar1ch

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e18508a435ec57e94a670138a1e98986dfad518b31d2d16d585ecd0f99bfd4c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 13 Nov 2024 10:45:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 10:45:42 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109522
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 asd100.bin Show response
ukankingwithea.com/ 100 KB
101 KB 134ms
45ms Fetch
binary/octet-stream 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ukankingwithea.com/asd100.bin
Requested by: Host: d1iy4wgzi9qdu7.cloudfront.net
URL: https://d1iy4wgzi9qdu7.cloudfront.net/?gwyid=1118076
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

cf-cache-status: HIT
age: 3577
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lyVA8RsDW5VysQggMJL8pf71Pmk5rVjWQn2BBdCAe0u15AZIETL4IqSLKwwe1eQV9MxwVWuc3BLXCWJs9BUiLAm2N7Md7241bsGseHyLbMEOEv0R6FvMIiiIJs3J0%2Fql5CAIRgg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30127&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4228&recv_bytes=4646&delivery_rate=16352&cwnd=12000&unsent_bytes=0&cid=b1d0e79c5b057595&ts=87&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 10:45:42 GMT
content-type: binary/octet-stream
last-modified: Wed, 13 Nov 2024 09:46:05 GMT
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e1e2c799c199b70-FRA
access-control-allow-origin: https://tpi.li
server: cloudflare

GET
H3 200 / Show response
ukankingwithea.com/ 27 B
716 B 206ms
147ms Fetch
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ukankingwithea.com/
Requested by: Host: d1iy4wgzi9qdu7.cloudfront.net
URL: https://d1iy4wgzi9qdu7.cloudfront.net/?gwyid=1118076
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff48b32b9c99cb92f74c8a9bf4ee6246862630c0b3a5b73c7b8fee0822977bb2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1zP%2Fo4L36BGdEO9lOBSCKBi6re2pn%2B6zFUpueKR4KW3b86mh3w%2BzL3MRFIU16skaVkcW82daucydTlRBSs%2B14%2FBOUBU7gGFnhndjBd%2FTYzkI9ATU0PA5laZ%2FrqsgJcIaAU9B1vs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-methods: GET
cf-ray: 8e1e2c796bf49b70-FRA
access-control-allow-origin: https://tpi.li
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35546&sent=42&recv=15&lost=0&retrans=0&sent_bytes=37800&recv_bytes=4861&delivery_rate=264249&cwnd=22800&unsent_bytes=0&cid=b1d0e79c5b057595&ts=146&x=1", cfHdrFlush;dur=8
date: Wed, 13 Nov 2024 10:45:42 GMT
content-type: text/plain
server: cloudflare
access-control-allow-headers: X-Requested-With, content-type

GET
H3 204 RmJ8AXJAZWtJKxNufB8xAzI5TDFKYmtQLBE8cB80SmJjCnZZYHsXdlEmcAhkAyMsXn9GdT1NNhtufA5xRmd0DXVDYnQLdA
sionscormation.org/OUJ3U00WfRQgcHcFQjwCbA86CxteEhMSF24VEGY6eBQfNQlhC1EnJF1/ 0
544 B 267ms
220ms Image
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sionscormation.org/OUJ3U00WfRQgcHcFQjwCbA86CxteEhMSF24VEGY6eBQfNQlhC1EnJF1/RmJ8AXJAZWtJKxNufB8xAzI5TDFKYmtQLBE8cB80SmJjCnZZYHsXdlEmcAhkAyMsXn9GdT1NNhtufA5xRmd0DXVDYnQLdA
Requested by: Host: tpi.li
URL: https://tpi.li/ar1ch
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5sTd2IY37oP3BVmm6aGSLs2t8TqjfjWIEnW9eq6klWzgyHggBhWh2FvHMtaGmWyVdCNEjS8IAIhV1mW4LDY0UPKT2jvNtxoiB9VqxLIFiFsnU6XA5jZ1qmCQkN9QrayEwC3r2OU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1e2c7bcb81926b-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29458&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4929&recv_bytes=4842&delivery_rate=9363&cwnd=12000&unsent_bytes=0&cid=90c509e66875df18&ts=198&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 10:45:42 GMT
server: cloudflare

GET login.php
www.facebook.com/ 0
0

GET

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AcMMx-ePsDvv7prKngjONwU0GGepYuGR6AXgpeeIdmrXjJupUgPgSqfDrbAzP08...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-daaNjtzBTbpS19gDiNW2l7ssy7Np_W_2WGcLXuBZPW1v0frcrzqNtwZ11iQv1-KkWng3ec9w&passiv...

0
0

GET

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AcMMx-eAxPjU2qd88MQDRy53RrXpepte7zRWNv3F-IOILrZ_xHKXrGEbiXM...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-cUmZyq0p9NNU6mSsYPY8HvHkDvWjk0IHr4a5Uhpq6SMJiJLpyQpO5qQmkQ5N6TcHdXQXlq_Q&passi...

0
0

GET
H3 200 popunder.gif
sionscormation.org/ 35 B
732 B 157ms
113ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sionscormation.org/popunder.gif
Requested by: Host: tpi.li
URL: https://tpi.li/ar1ch
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 106807
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZJyKLNc29wYc%2FcVISXd5HuCqr3JRW4Vtqc3p%2FwV43X3gRaBg7OrlkwIV6yDSPAHh78KBTL4RyTgyW7OcUD4Geym8rDvN0d6XVJUxVYwtwjerYrHcpJUAt%2B1sBw9GuR6yJpoGCyk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25719&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4174&recv_bytes=4798&delivery_rate=858&cwnd=12000&unsent_bytes=0&cid=90c509e66875df18&ts=111&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 10:45:42 GMT
content-type: image/gif
last-modified: Tue, 12 Nov 2024 05:05:35 GMT
vary: Accept-Encoding
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
cf-ray: 8e1e2c7bcb84926b-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 58
server: cloudflare

GET
H2 200 / Show response
d1iy4wgzi9qdu7.cloudfront.net/ 164 KB
54 KB 330ms
161ms Fetch 2600:9000:223e:2c00:13:cb0a:63c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1iy4wgzi9qdu7.cloudfront.net/?gwyid=1118076
Requested by: Host: tpi.li
URL: https://tpi.li/ar1ch
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2c00:13:cb0a:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5f0af32fdda5d6f23a8d78fc2062fc125fe6a8b4ffc226f12ca6de1e003487bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
access-control-allow-origin: https://tpi.li
x-cache: Miss from cloudfront
content-length: 54536
x-amz-cf-id: 3RTUbQs5adHf8oYUjVL9Vt9y165yDGNrHlgrCpwHTow6E1cv2u_DPA==
date: Wed, 13 Nov 2024 10:45:42 GMT
x-amz-cf-pop: FRA56-P4

GET
H2 200 8227169 Show response
pedangaishons.com/401/ 97 KB
38 KB 169ms
75ms Script
application/javascript 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pedangaishons.com/401/8227169

Requested by

Host: tpi.li
URL: https://tpi.li/ar1ch

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0f3c02ccf3b12a06c3e5ef266b0d2bb231720f4ff961ab25662b6f125dcf96ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

access-control-expose-headers: Link
content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Wed, 13 Nov 2024 10:45:42 GMT
content-type: application/javascript
vary: Origin
strict-transport-security: max-age=1
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin: *, *
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
x-trace-id: 2e39772646feb374cb417661339eebcd
access-control-allow-origin: *
server: nginx

GET
H3 200 split_track
bytogeticr.com/ 0
0 255ms
60ms Fetch
application/octet-stream 104.21.17.211
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bytogeticr.com/split_track?dt=0&r=false&timeout=1000errm=
Requested by: Host: pedangaishons.com
URL: https://pedangaishons.com/401/8227169
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.17.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i3NlOYjmDpdO3ZvvcmISs6R07JzX2UeXk%2FYIMALxdyRxZ8UCrJ0EAdLSuhNGHcdql83gPgSh8oilTNs%2BRRuA5QlC9WcxMpM6QLCvRdaBba1b3qnZPprDbRaxVBgtV70FmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, HEAD
cf-ray: 8e1e2c7e19b9049c-CDG
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=43412&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4175&recv_bytes=4334&delivery_rate=69657&cwnd=12000&unsent_bytes=0&cid=e10d80222cd05fce&ts=190&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 10:45:42 GMT
content-type: application/octet-stream
server: cloudflare
priority: u=1,i
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3 200 gid.js Show response
my.rtmark.net/ 65 B
906 B 267ms
73ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: pedangaishons.com
URL: https://pedangaishons.com/401/8227169

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a62b9e6e1bb8fe072d03d022be34518f45e64a3ac9abba58d7d617b4624dcbbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

access-control-expose-headers: Authorization
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VksT%2FBPkE2Fmfu8gPXI1ZyjgvIr8ZZBK2QfB0f5gPhz1vNBQEslS%2BYXKqrphEudAj%2BT8AzTwjH5BjBVLX8dm8cWPg1VfJjE8O6aiu5GgAq1FNxt1g9LrEKfbyHsp18eu"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=42407&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4188&recv_bytes=4312&delivery_rate=77042&cwnd=12000&unsent_bytes=0&cid=5d66e205b6c721a4&ts=201&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 10:45:42 GMT
content-type: application/json; charset=utf-8
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8e1e2c7e1cfc99f1-CDG
access-control-allow-origin: https://tpi.li
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 125ms
39ms XHR
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tpi.li
URL: https://tpi.li/cloud_theme/build/js/script.min.js?ver=0x6.6.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

d971624a6be7d7fecae366683c0a1fb2f89ce13643a786feef909092f9d61306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

content-encoding: br
etag: 17570484208189080992
x-content-type-options: nosniff
expires: Wed, 13 Nov 2024 10:45:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 13 Nov 2024 10:45:42 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53364
x-xss-protection: 0
server: cafe

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 2 KB
2 KB 142ms
26ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: tpi.li
URL: https://tpi.li/cloud_theme/build/js/script.min.js?ver=0x6.6.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02260647c1d7535388d95e16bd2a1749e17a56fcd73f3465c97afafbc65dad3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Wed, 13 Nov 2024 10:45:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Wed, 13 Nov 2024 10:45:42 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 NQIFOjM2QlUXb3FQSWJsZ1VXeTEqEwo9f3AkQmNqLg4MNH9wVwA0OSkITnRocgQPIzUvAkJjHHNUV39qbFdJYX9wVxQwPCMVDnRoBFJUZnRxUUEkZ3NXU2Zpcl9QaGh2UFRna3c Show response
d1iy4wgzi9qdu7.cloudfront.net/IZ2dRWkIECD88fRMONWdzVlZpanVRQSEoJwFaJSorSQs4fCgUCD8qfyAfFjcGUVIrFSteQSUgJlpWdzYjCQBsfCcJBGxrZAYDM2dyQRMhNSlaEDA5NRAAMiMzBEEkO38KCCszLgsGdGgEUklhf3BXTylrc0JUE39wVws4ND... 747 B
821 B 187ms
170ms Script
text/plain 2600:9000:223e:2c00:13:cb0a:63c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1iy4wgzi9qdu7.cloudfront.net/IZ2dRWkIECD88fRMONWdzVlZpanVRQSEoJwFaJSorSQs4fCgUCD8qfyAfFjcGUVIrFSteQSUgJlpWdzYjCQBsfCcJBGxrZAYDM2dyQRMhNSlaEDA5NRAAMiMzBEEkO38KCCszLgsGdGgEUklhf3BXTylrc0JUE39wVws4NDcfQmNqOl9RDmx2TkJjaiMXFz-0/NQIFOjM2QlUXb3FQSWJsZ1VXeTEqEwo9f3AkQmNqLg4MNH9wVwA0OSkITnRocgQPIzUvAkJjHHNUV39qbFdJYX9wVxQwPCMVDnRoBFJUZnRxUUEkZ3NXU2Zpcl9QaGh2UFRna3c
Requested by: Host: d1iy4wgzi9qdu7.cloudfront.net
URL: https://d1iy4wgzi9qdu7.cloudfront.net/?gwyid=1118076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2c00:13:cb0a:63c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a4a7ff66fcb0a1a10bc8f6ff23b2415a60ffd100fda6b0d06fd849f730c7d022

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 543
x-amz-cf-id: 7-KlXQWBlWjDLHUR4UVbdzQtGNIiNszE4zzy_I4BmocX_xdt7AwWEw==
date: Wed, 13 Nov 2024 10:45:42 GMT
x-amz-cf-pop: FRA56-P4

GET
H3 200 stattag.js Show response
tzegilo.com/ 17 KB
9 KB 114ms
39ms Script
application/javascript 172.67.193.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: pedangaishons.com
URL: https://pedangaishons.com/401/8227169
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"668fb2be-45d7"
age: 1131
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4U2nN2D4D0h5V2JA1qM5j2pJ6XJoEl2hHhZkJuslmvMnV0%2BtMMDOVc0w3MxZ128n8DH4h%2FtfyK1Kgk8kImSKEnKYQ%2F4xVSDIeKKoj2LPQK6z%2F%2Bl2kmhE1ZODQ1POw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12848&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4127&recv_bytes=4223&delivery_rate=191178&cwnd=12000&unsent_bytes=0&cid=b6d5a83366305d99&ts=46&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 10:45:42 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:58 GMT
vary: Accept-Encoding
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e1e2c7f29694d52-FRA
server: cloudflare

GET
H2 200 8227169 Show response
pedangaishons.com/500/ 3 KB
3 KB 125ms
111ms XHR
application/javascript 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pedangaishons.com/500/8227169?excludes=&oaid=0801134ed9fa4193fa4349fd9af9a342&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=100&wy=100&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Ftpi.li%2Far1ch&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=60&btz=Europe%2FBerlin&bto=-60&jsp=1&is_mobile=false&js_build=8&sw_version=v1.443.0

Requested by

Host: pedangaishons.com
URL: https://pedangaishons.com/401/8227169

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

fcd983dc5cb31cfa9ab83f2c554db56f0254423a51d07c18e2a94465afd8acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://tpi.li/

Response headers

access-control-expose-headers: Link
content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Wed, 13 Nov 2024 10:45:43 GMT
content-type: application/javascript
vary: Origin
strict-transport-security: max-age=1
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin: *, *
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
x-trace-id: 55d0e3b2f4a8b990395479e8535df29d
access-control-allow-origin: https://tpi.li
server: nginx

OPTIONS
H2 200 8227169
pedangaishons.com/500/ Frame 0
0 63ms
24ms Preflight 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://tpi.li
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://tpi.li
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Wed, 13 Nov 2024 10:45:42 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 245ms
48ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TS7QVKGQQ6&gtm=45je4b70v9116577004za200&_p=1731494742785&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102077855&cid=837646235.1731494743&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731494742&sct=1&seg=0&dl=https%3A%2F%2Ftpi.li%2Far1ch&dt=Health%20Shield&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2527
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TS7QVKGQQ6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://tpi.li
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 10:45:43 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 547 KB
217 KB 181ms
19ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://tpi.li
Referer: https://tpi.li/

Response headers

content-encoding: gzip
age: 1314
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 10:23:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 10:23:49 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222594
x-xss-protection: 0
server: sffe

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
476 B 96ms
15ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=135ef4ff-3cff-4157-9a6e-1f5e63c52ae5
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://tpi.li/

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://tpi.li
Content-Length: 12
Date: Wed, 13 Nov 2024 10:45:43 GMT
Content-Type: application/json; charset=utf-8
Server: nginx/1.19.10
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H/1.1

200
OK

1730964920189-RFG48XxwM38y.png
ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/
Redirect Chain

https://track-us.rwtks.com/push/ic?auth=zy5bg9&c=_COg9hBLj4NHf5Iiz2zrhDuahpnC1Bkl0Izr2-mcn-9DEY1LG3XpneNG2kCq6SGJ7itLz6nVX5N_yUDSn5O_v9JXEHHPAg8wWFNreHNp4AexQ7UXGo79s4ZMimv1lvPaUIznvIin3zinlJdb_lVt...
https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1730964920189-RFG48XxwM38y.png

31 KB
31 KB

1137ms
389ms

Image
image/png

88.214.195.115
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1730964920189-RFG48XxwM38y.png
Requested by: Host: tpi.li
URL: https://tpi.li/ar1ch
Protocol: HTTP/1.1
Server: 88.214.195.115 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f57f826954e39d5b12a88751131fb5323298d2a3f2cfa7454732d07f0f32bc09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

ETag: "672c6dba-7a0b"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31243
Date: Wed, 13 Nov 2024 10:45:45 GMT
Content-Type: image/png
Last-Modified: Thu, 07 Nov 2024 07:35:22 GMT
Server: nginx/1.18.0 (Ubuntu)

Redirect headers

Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Location: https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1730964920189-RFG48XxwM38y.png
Pragma: no-cache
Connection: keep-alive
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Content-Length: 0
Date: Wed, 13 Nov 2024 10:45:44 GMT
Server: nginx/1.14.0 (Ubuntu)

POST
H/1.1 200
OK add Show response
fleraprt.com/async_log/ 0
416 B 61ms
16ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=135ef4ff-3cff-4157-9a6e-1f5e63c52ae5
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://tpi.li/

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://tpi.li
Content-Length: 0
Date: Wed, 13 Nov 2024 10:45:43 GMT
Server: nginx/1.19.10
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H2 200 anchor
www.recaptcha.net/recaptcha/api2/ Frame C639 0
0 116ms
34ms Document
text/html 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcbegwkAAAAAMOUf_S039akOVHQpFdhB-pJfrNJ&co=aHR0cHM6Ly90cGkubGk6NDQz&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=b1s8k9j0tcbm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cSlAeZxUav59aw4ecvSDgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpi.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cSlAeZxUav59aw4ecvSDgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Nov 2024 10:45:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bframe
www.recaptcha.net/recaptcha/api2/ Frame 6BC4 0
0 31ms
21ms Document
text/html 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LcbegwkAAAAAMOUf_S039akOVHQpFdhB-pJfrNJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jyVkjoZeuuh91yLsPEcz_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpi.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jyVkjoZeuuh91yLsPEcz_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Nov 2024 10:45:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 healthshieldicon.png
tpi.li/ 2 KB
3 KB 203ms
203ms Other
image/png 172.67.151.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tpi.li/healthshieldicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.151.143 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

debf961699d5fc8b69338ab4382da63afcb2013c1d9de8525a762ae82a5f467b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/ar1ch

Response headers

cf-cache-status: HIT
age: 864954
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EVpk%2FTC3514zIKNTzAixyN8bjp01O7%2F4ikMR5gsnWhZ9239PRfFSUgLu40KFjRvDm8ksOpGz69SxJReh%2F7M3gFYa0rfwnzd9Z9BTDLHHJBhz4awgV%2BZRCdI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Mon, 03 Nov 2025 10:29:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177787&sent=255&recv=79&lost=0&retrans=1&sent_bytes=281185&recv_bytes=10078&delivery_rate=27989&cwnd=134400&unsent_bytes=0&cid=8e75b8d1096fed55&ts=5051&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 10:45:45 GMT
content-type: image/png
last-modified: Thu, 25 Apr 2024 07:40:47 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e1e2c923aaecf69-SJC
accept-ranges: bytes
content-length: 2483
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 Jx5oyW-ztI9celKgWbg_t282AnMeJasD3GjUsJq2wtiN3Rkf17wshZYKZv__FRHH7aBD_hpmfpxna5sFCXGwpssZrogCRxuq5eT0CxiRB9qlaXL_tQ6vGrdLUD1_OJ50aJz8HOmU4o_cm3J2z4UwURGNQADuNgZxGid_ogijotzEpyjxWfJmRtM_MvO3Zwx6wt7dm...
pedangaishons.com/impression/ 43 B
552 B 52ms
33ms Image
image/gif 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pedangaishons.com/impression/Jx5oyW-ztI9celKgWbg_t282AnMeJasD3GjUsJq2wtiN3Rkf17wshZYKZv__FRHH7aBD_hpmfpxna5sFCXGwpssZrogCRxuq5eT0CxiRB9qlaXL_tQ6vGrdLUD1_OJ50aJz8HOmU4o_cm3J2z4UwURGNQADuNgZxGid_ogijotzEpyjxWfJmRtM_MvO3Zwx6wt7dm0CJ_eP7510UjCxaeDQf0tJa-amsVK_Ih2Tb01dqHRAofG-yFKQm1Hh4IftKngZSYReb5Lw5D2nCL6u3bVHMSwgaTYtK1Fx3YoIXiVkRdD1NqgBNEBQNV3nWEr3kYNPTRlv2dfxxj677omOZNVRFAvyDnAlef1e6ZXyZOJuy7rwZ05sFbmpe4V35ulTUhLLTSKYFil2rTLz8sjEohG7or4opCQXckXmJyXxtqXs0XbzMe0KMDp9mrhsOakgXHMVAfAHkkxhAX5KPdE5LUhatSG9WOb7JQHN7XElRPPc8LOAy2QY1m0lvai5uU0BO-AxB17T5KzuQ4ff_psyDpqKVIzg9HvTC?_z=8227169&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=100&wy=100&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=3&pl=https%3A%2F%2Ftpi.li%2Far1ch&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=60&btz=Europe%2FBerlin&bto=-60&jsp=1&is_mobile=false&js_build=8&sw_version=v1.443.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://tpi.li/

Response headers

access-control-expose-headers: Link
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Wed, 13 Nov 2024 10:45:47 GMT
content-type: image/gif
vary: Origin
strict-transport-security: max-age=1
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin: *, *
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
x-trace-id: 256f16870a75b3f04e180e3cd21b204a
access-control-allow-origin: *
content-length: 43
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ Frame 75DC 11 KB
1 KB 535ms
21ms Stylesheet
text/css 2a00:1450:4001:827::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Requested by

Host: pedangaishons.com
URL: https://pedangaishons.com/401/8227169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

6bb88125bf9791b4f1b29ace16454069152663f037096117fe60858053f9176a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 13 Nov 2024 10:45:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 10:45:48 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 13 Nov 2024 09:41:38 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1

200
OK

1730964920189-RFG48XxwM38y.png
ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/ Frame 75DC
Redirect Chain

https://track-us.rwtks.com/push/ic?auth=zy5bg9&c=_COg9hBLj4NHf5Iiz2zrhDuahpnC1Bkl0Izr2-mcn-9DEY1LG3XpneNG2kCq6SGJ7itLz6nVX5N_yUDSn5O_v9JXEHHPAg8wWFNreHNp4AexQ7UXGo79s4ZMimv1lvPaUIznvIin3zinlJdb_lVt...
https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1730964920189-RFG48XxwM38y.png

31 KB
0

0ms
0ms

Image
image/png

88.214.195.115
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1730964920189-RFG48XxwM38y.png
Protocol: HTTP/1.1
Server: 88.214.195.115 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f57f826954e39d5b12a88751131fb5323298d2a3f2cfa7454732d07f0f32bc09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Accept-Ranges: bytes
Content-Length: 31243
Date: Wed, 13 Nov 2024 10:45:45 GMT
ETag: "672c6dba-7a0b"
Content-Type: image/png
Last-Modified: Thu, 07 Nov 2024 07:35:22 GMT
Server: nginx/1.18.0 (Ubuntu)

Redirect headers

Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Location: https://ads-us.rwtks.com/creatives/ep6grk1w8qdxq54yj3nvx52z/1730964920189-RFG48XxwM38y.png
Pragma: no-cache
Connection: keep-alive
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Content-Length: 0
Date: Wed, 13 Nov 2024 10:45:47 GMT
Server: nginx/1.14.0 (Ubuntu)

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 75DC 18 KB
18 KB 64ms
36ms Font
font/woff2 142.250.186.99

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://tpi.li
Referer: https://fonts.googleapis.com/

Response headers

age: 100008
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 12 Nov 2025 06:59:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 06:59:00 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 75DC 18 KB
18 KB 78ms
51ms Font
font/woff2 142.250.186.99

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://tpi.li
Referer: https://fonts.googleapis.com/

Response headers

age: 588345
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:20:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:20:03 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp

Domain: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-daaNjtzBTbpS19gDiNW2l7ssy7Np_W_2WGcLXuBZPW1v0frcrzqNtwZ11iQv1-KkWng3ec9w&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-702410812%3A1731494742465781&ddm=1

Domain: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-cUmZyq0p9NNU6mSsYPY8HvHkDvWjk0IHr4a5Uhpq6SMJiJLpyQpO5qQmkQ5N6TcHdXQXlq_Q&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-114431002%3A1731494742458525&ddm=1

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.is.gd/	1970-01-21 00:58:16	Name: __cf_bm Value: EPypaDASGRx6ZSpMzKdaUYj2OFzc7vi20dXcWgoFZ_Y-1731494740-1.0.1.1-WhbdAZTbZ0zSzXZ56L7Qhn.uNXmjWdRzqU8W2p6nO7PLoGGZRwa16xG2th990UI29ilELAsR7O4mEqKHI2JVvw
tpi.li/	1970-01-21 00:58:15	Name: refar1ch Value: YmI2ZDNmOTEzNzhmYjZkYTM5MTc1Njc5ZjNiYjI1NWZhZmIxYTVlYjZjMGI1ZWRhMGY3NjZjMTBmNzk1YmRjNvIEpeesQx7kLS4EQPy3osed0QRl2muynDnrNgVRdccJ
ukankingwithea.com/	1970-01-21 09:36:38	Name: csu Value: 1047308792473615@1@1731494742
my.rtmark.net/	1970-01-21 09:43:50	Name: ID Value: 0801134ed9fa4193fa4349fd9af9a342
.tpi.li/	1970-01-21 10:34:14	Name: _ga_TS7QVKGQQ6 Value: GS1.1.1731494742.1.0.1731494742.0.0.0
.tpi.li/	1970-01-21 10:34:14	Name: _ga Value: GA1.1.837646235.1731494743
tpi.li/	1969-12-31 23:59:59	Name: ab Value: 2
pedangaishons.com/	1970-01-21 09:43:50	Name: OAID Value: 0801134ed9fa4193fa4349fd9af9a342

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://tpi.li/ar1ch Message: [GroupMarkerNotSet(crbug.com/242999)!:A0502702B4130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ads-us.rwtks.com
bytogeticr.com
d1iy4wgzi9qdu7.cloudfront.net
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
is.gd
my.rtmark.net
pagead2.googlesyndication.com
pedangaishons.com
region1.google-analytics.com
sionscormation.org
tpi.li
track-us.rwtks.com
tzegilo.com
ukankingwithea.com
www.facebook.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
accounts.google.com
www.facebook.com
104.21.17.211
139.45.195.254
139.45.197.245
142.250.186.131
142.250.186.34
142.250.186.35
142.250.186.99
172.67.151.143
172.67.193.52
188.114.96.3
188.114.97.3
2001:4860:4802:34::36
2600:9000:223e:2c00:13:cb0a:63c0:21
2606:4700:20::ac43:5384
2606:4700:3033::6815:50a3
2a00:1450:4001:810::2008
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
88.214.195.115
88.214.195.99
02260647c1d7535388d95e16bd2a1749e17a56fcd73f3465c97afafbc65dad3b
0b18170608406eb5c809f296c41045bb45e6519004eecd76ec39ae39bc440738
0f3c02ccf3b12a06c3e5ef266b0d2bb231720f4ff961ab25662b6f125dcf96ea
18b0ddfd6b467f7c788e231d8cff2e1c20b03b877864e03b4adbd597653c94e6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
5f0af32fdda5d6f23a8d78fc2062fc125fe6a8b4ffc226f12ca6de1e003487bc
64b31571aa31997dbf09478f11e0a4122cc02c268f1e4f851a4771222828316f
6bb88125bf9791b4f1b29ace16454069152663f037096117fe60858053f9176a
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
a0319a0b75558303ee14a9d90af0769cd778b155206a96f14aad796c9454a454
a4a7ff66fcb0a1a10bc8f6ff23b2415a60ffd100fda6b0d06fd849f730c7d022
a62b9e6e1bb8fe072d03d022be34518f45e64a3ac9abba58d7d617b4624dcbbc
c19c9186e84024b69f2b855f6c24fd9f44f68618dd00839a2da55e1dd614fb42
c30afe3f924533fb26dce1fb285af7eee9faf186c4814b7662a7d0a8a826c87a
d76f2d1a5c588482db981f91510e84c280ab272440323ad427dffa30ef3538db
d971624a6be7d7fecae366683c0a1fb2f89ce13643a786feef909092f9d61306
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
debf961699d5fc8b69338ab4382da63afcb2013c1d9de8525a762ae82a5f467b
e18508a435ec57e94a670138a1e98986dfad518b31d2d16d585ecd0f99bfd4c0
e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f57f826954e39d5b12a88751131fb5323298d2a3f2cfa7454732d07f0f32bc09
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fcd983dc5cb31cfa9ab83f2c554db56f0254423a51d07c18e2a94465afd8acba
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
ff48b32b9c99cb92f74c8a9bf4ee6246862630c0b3a5b73c7b8fee0822977bb2

tpi.li Open in urlscan Pro 2606:4700:3033::6815:50a3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

87 %HTTPS

35 %IPv6

19 Domains

21 Subdomains

19 IPs

6 Countries

1116 kBTransfer

3272 kBSize

8 Cookies

8 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

tpi.li Open in urlscan Pro
2606:4700:3033::6815:50a3 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

87 %
HTTPS

35 %
IPv6

19
Domains

21
Subdomains

19
IPs

6
Countries

1116 kB
Transfer

3272 kB
Size

8
Cookies

39 HTTP transactions
0 data transactions