aii.sh Open in urlscan Pro
2606:4700:3033::ac43:8fae Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/nXuuo0quVl?amp=1
Effective URL:
https://aii.sh/uR8zJ8Q
Submission: On November 19 via manual (November 19th 2021, 9:56:14 am UTC) — Scanned from DE

Summary HTTP 44 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 20 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3033::ac43:8fae, located in United States and belongs to CLOUDFLARENET, US. The main domain is aii.sh.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 28th 2021. Valid for: a year.

This is the only time aii.sh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
9	2606:4700:303... 2606:4700:3033::ac43:8fae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::ac43:d89c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.255.6.149 172.255.6.149	7979 (SERVERS-COM) (SERVERS-COM)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	44.195.137.121 44.195.137.121	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:20:... 2606:4700:20::681a:c76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
1	2600:9000:215... 2600:9000:2156:3e00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
1	139.45.197.132 139.45.197.132	9002 (RETN-AS) (RETN-AS)
1	13.32.121.41 13.32.121.41	16509 (AMAZON-02) (AMAZON-02)
1	139.45.197.156 139.45.197.156	9002 (RETN-AS) (RETN-AS)
1	107.22.28.167 107.22.28.167	14618 (AMAZON-AES) (AMAZON-AES)
44	22

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3033::ac43:8fae (United States)

ASN13335 (CLOUDFLARENET, US)

aii.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:d89c (United States)

ASN13335 (CLOUDFLARENET, US)

shrink.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.149 (Netherlands)

ASN7979 (SERVERS-COM, US)

backjawtanoa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.137.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-137-121.compute-1.amazonaws.com

greenrecru.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c76 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

forfrogadiertor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3e00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.132 (United Kingdom)

ASN9002 (RETN-AS, GB)

vianidorinotor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-41.fra60.r.cloudfront.net

ethousealc.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.156 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.28.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-28-167.compute-1.amazonaws.com

xceededo.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	gstatic.com fonts.gstatic.com www.gstatic.com	539 KB
9	aii.sh aii.sh	309 KB
4	recaptcha.net www.recaptcha.net	23 KB
3	forfrogadiertor.com forfrogadiertor.com	26 KB
2	rtmark.net my.rtmark.net	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	xceededo.xyz xceededo.xyz	37 B
1	cdnativepush.com static.cdnativepush.com	3 KB
1	ethousealc.xyz ethousealc.xyz	408 B
1	vianidorinotor.com vianidorinotor.com
1	onmarshtompor.com onmarshtompor.com	2 KB
1	bedrapiona.com bedrapiona.com	2 KB
1	consensu.org quantcast.mgr.consensu.org	6 KB
1	iclickcdn.com iclickcdn.com	23 KB
1	greenrecru.biz greenrecru.biz	23 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	backjawtanoa.com backjawtanoa.com
1	shrink.pe shrink.pe	4 KB
1	googleapis.com fonts.googleapis.com	933 B
1	t.co t.co	611 B
44	20

	Domain	Requested by
9	aii.sh	t.co aii.sh
6	www.gstatic.com	www.recaptcha.net www.gstatic.com
4	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
4	www.recaptcha.net	aii.sh www.gstatic.com
3	forfrogadiertor.com	aii.sh forfrogadiertor.com
2	my.rtmark.net	iclickcdn.com forfrogadiertor.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	xceededo.xyz	greenrecru.biz
1	static.cdnativepush.com
1	ethousealc.xyz	greenrecru.biz
1	vianidorinotor.com	iclickcdn.com
1	onmarshtompor.com	iclickcdn.com
1	bedrapiona.com	iclickcdn.com
1	quantcast.mgr.consensu.org	aii.sh
1	iclickcdn.com	aii.sh
1	greenrecru.biz	aii.sh
1	www.googletagmanager.com	aii.sh
1	backjawtanoa.com	aii.sh
1	shrink.pe	aii.sh
1	fonts.googleapis.com	aii.sh
1	t.co
44	21

This site contains links to these domains. Also see Links.

Domain
shrink.pe
xdowl0adxd0wnloadx.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-28` - `2022-05-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
backjawtanoa.com R3	`2021-11-08` - `2022-02-06`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
greenrecru.biz R3	`2021-10-16` - `2022-01-14`	3 months	crt.sh
forfrogadiertor.com R3	`2021-11-04` - `2022-02-02`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
bedrapiona.com R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
onmarshtompor.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-03` - `2022-11-03`	a year	crt.sh
vianidorinotor.com R3	`2021-11-15` - `2022-02-13`	3 months	crt.sh
ethousealc.xyz Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
cdnativepush.com R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh
xceededo.xyz R3	`2021-11-17` - `2022-02-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://aii.sh/uR8zJ8Q
Frame ID: 411F96B938E0F515CF013098CACF707B
Requests: 34 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld1M-kaAAAAAL8mj4-l9pkorhPdnug3TeolUFaY&co=aHR0cHM6Ly9haWkuc2g6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=ofiz039rfd0c
Frame ID: B1D779FC96BB34DA7679ABDA3918E6CE
Requests: 8 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6Ld1M-kaAAAAAL8mj4-l9pkorhPdnug3TeolUFaY
Frame ID: D3D0AA1B3C528AA205FF94B8A16FD539
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ShrinkPe

Page URL History Show full URLs

https://t.co/nXuuo0quVl?amp=1 Page URL
https://aii.sh/uR8zJ8Q Page URL

Page Statistics

44
Requests

100 %
HTTPS

48 %
IPv6

20
Domains

21
Subdomains

22
IPs

4
Countries

1019 kB
Transfer

2322 kB
Size

18
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://shrink.pe/

Search URL Search Domain Scan URL

URL: https://shrink.pe/payout-rates
Title: Publisher Rates

Search URL Search Domain Scan URL

URL: https://shrink.pe/auth/signin
Title: Login

Search URL Search Domain Scan URL

URL: https://shrink.pe/auth/signup
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://shrink.pe/pages/how-it-works
Title: How it works

Search URL Search Domain Scan URL

URL: https://xdowl0adxd0wnloadx.com/qzr0Ic19e8107187388ee2a75b09ba45eb5fcbe7dcee6?q=File_2945_Download

Search URL Search Domain Scan URL

URL: https://shrink.pe/pages/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://shrink.pe/pages/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://shrink.pe/pages/dmca
Title: DMCA

Search URL Search Domain Scan URL

URL: https://shrink.pe/pages/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/nXuuo0quVl?amp=1 Page URL
https://aii.sh/uR8zJ8Q Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 nXuuo0quVl
t.co/ 221 B
611 B 148ms
128ms Document
text/html 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/nXuuo0quVl?amp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 19 Nov 2021 09:56:08 GMT
vary: Origin
server: tsa_o
expires: Fri, 19 Nov 2021 10:01:08 GMT
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 174
content-encoding: gzip
x-xss-protection: 0
strict-transport-security: max-age=0
x-response-time: 121
x-connection-hash: 5b44172fc91959b1c9b370bb7e8fee75193e3f6a8da81664c616504de457beb2

GET
H2 200 Primary Request uR8zJ8Q Show response
aii.sh/ 21 KB
8 KB 505ms
469ms Document
text/html 2606:4700:3033::ac43:8fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aii.sh/uR8zJ8Q

Requested by

Host: t.co
URL: https://t.co/nXuuo0quVl?amp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:8fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cb0cdc17a432d6f70cb5c508011c1ec42d70e948b267dd0d9a4b5d3076f48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://t.co/

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUKDTPTI%2BsR3MZT1N8EGEz9b9WZ%2B5uiu%2FoWfx7tCUbFX0WIWZMzHaGyIR9UTy3aoGjYXhH6%2BWCvHgzfVAAxAxHNSXnGbWQlvM71otiC6yB90fMe%2BbfoFBoJDjcTV17np0ZWzCpk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b089121cf7343b8-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 3 KB
933 B 35ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: aii.sh
URL: https://aii.sh/uR8zJ8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 08:09:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Nov 2021 09:56:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Nov 2021 09:56:09 GMT

GET
H2 200 styles.min.css
aii.sh/cloud_theme/build/css/ 189 KB
34 KB 24ms
23ms Stylesheet
text/css 2606:4700:3033::ac43:8fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aii.sh/cloud_theme/build/css/styles.min.css?ver=6.4.0

Requested by

Host: aii.sh
URL: https://aii.sh/uR8zJ8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:8fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/uR8zJ8Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1845313
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lsfm7iNnJech49RkCoTmA2njQ5d3dyTDisRQ2Y8fJAIuT4Bvku7RlWCd25%2FrUuqMInYcGKiEcVZoJ7ely0Sp7jXz4FW6ChoU4AA2d3bqjjGJecgbb8QBRRWdRqKE9g3J4ilpwNg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 6b089124c90143b8-FRA
expires: Sun, 28 Nov 2021 01:20:53 GMT

GET
H2 200 hmepgelgo.png
shrink.pe/webroot/ 3 KB
4 KB 76ms
14ms Image
image/png 2606:4700:3030::ac43:d89c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shrink.pe/webroot/hmepgelgo.png

Requested by

Host: aii.sh
URL: https://aii.sh/uR8zJ8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:d89c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea43e04e36176882a5ab95f2b5900220e61cb0f9d3e5f00ec574db56bba66c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4778682
cf-polished: origSize=4165, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3490
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Nov 2019 15:31:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2F3DgngjpZPkCWC%2F86xTBDDOwcRX6FoluKZOFj395H7vVvbbEHBtiViTpQYUR7S2bBdQFN3UJ5ZjdWDj%2F6IDkkMmZIqqtyVnW4GEMBW8JtvmIQwhnWObEeYFtq2YSexoLo2gczmf4oU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
expires: Sun, 25 Sep 2022 02:31:25 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b0891256f4f4d8a-FRA
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK 14506 Show response
backjawtanoa.com/tK8nm7iy47fT/ 0
0 161ms
29ms Script
text/html 172.255.6.149
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://backjawtanoa.com/tK8nm7iy47fT/14506
Requested by: Host: aii.sh
URL: https://aii.sh/uR8zJ8Q
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 172.255.6.149 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 sw.js Show response
aii.sh/ 100 KB
38 KB 17ms
17ms Script
application/javascript 2606:4700:3033::ac43:8fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aii.sh/sw.js

Requested by

Host: aii.sh
URL: https://aii.sh/uR8zJ8Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05bb735e69070b2f58146842e0aafb85e61c6a63b741b514ce47797e2db2e4de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/uR8zJ8Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1217607
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Jun 2021 08:11:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFaxtgdJ8MkEPEs2mZ%2BdbexNcgPqA%2B16rAH%2Bu9qECm1S3%2Fhx7fQwcwpI3n1L9KxW584hAx7OGGf9eaPNhGXJyq7xWxc%2FVjJ10RWD%2BwZatgRheC6ZwG2Gu0NirSmp%2B9vrpVRFAKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 6b089125092a6951-FRA
expires: Sun, 05 Dec 2021 07:42:41 GMT

GET
H3 200 dwndbnr1.png
aii.sh/webroot/modern_theme/img/ 47 KB
47 KB 24ms
23ms Image
image/png 2606:4700:3033::ac43:8fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aii.sh/webroot/modern_theme/img/dwndbnr1.png

Requested by

Host: aii.sh
URL: https://aii.sh/uR8zJ8Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/uR8zJ8Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10293652
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47787
x-xss-protection: 1; mode=block
last-modified: Thu, 14 Nov 2019 14:41:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYTaPJS2ZMpuBbV1XTBD8DMyLAe%2FF5Prf9juM%2Fs036Wck8Noa7T14UIB3iynNp3XZ3mGoEbthHViAk69VCG3fi9Lupn%2F9Q7CWT1b6uGKGosBuJMDgWCck%2FDa9mNegXLkexK9QmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b08912509376951-FRA
expires: Sat, 23 Jul 2022 06:35:16 GMT

GET
H3 200 email-decode.min.js Show response
aii.sh/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
10ms Script
application/javascript 2606:4700:3033::ac43:8fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aii.sh/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: aii.sh
URL: https://aii.sh/uR8zJ8Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/uR8zJ8Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Nov 2021 16:17:34 GMT
server: cloudflare
etag: W/"6192881e-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o43CPysb4MIylbZse9XJ3jmp3BiB%2BLye9bKkwSlf2dkSBDjolucKSFryY75amZxtH14Qz49eJS8%2Bwm1mzmv7sekeA%2FKhSGhDYu3jhzzX0MQJwqrUtJNHtVAfN2xMZm2vHTZildw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b089125092e6951-FRA
vary: Accept-Encoding
expires: Sun, 21 Nov 2021 09:56:09 GMT

GET
H3 200 ads.js Show response
aii.sh/js/ 191 B
758 B 16ms
15ms Script
application/javascript 2606:4700:3033::ac43:8fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aii.sh/js/ads.js

Requested by

Host: aii.sh
URL: https://aii.sh/uR8zJ8Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/uR8zJ8Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1215547
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5xAZ3Bt0KbynDkNky35IDjGKuQD4i%2FONtCKk%2BcU2bhBlyGGmVJdqyZ2SNhGBdCR0bgELtqokIb%2BG1uK4BbLNKSC2fBq%2BNUbVCUx1a8cE43VQ0CwRIf%2BOFdufrLzM8q6yGaJQXU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 6b08912509316951-FRA
expires: Sun, 05 Dec 2021 08:17:02 GMT

GET
H3 200 script.min.js Show response
aii.sh/cloud_theme/build/js/ 202 KB
62 KB 31ms
30ms Script
application/javascript 2606:4700:3033::ac43:8fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aii.sh/cloud_theme/build/js/script.min.js?ver=6.4.0

Requested by

Host: aii.sh
URL: https://aii.sh/uR8zJ8Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/uR8zJ8Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1215547
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yshBJSxlRskn1QavUfjPq%2BF3wog9wNe4LicdeTc3kuS59YQKln6Ezf6f3rr5bortoIfGWTBicGhybmNjN1Z9t6EjDQ7KEvDwneJetSEN8v3LWqW875Iar4RBvr5YLRhkuAlQvwc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 6b08912509346951-FRA
expires: Sun, 05 Dec 2021 08:17:02 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 921 B
998 B 51ms
16ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: aii.sh
URL: https://aii.sh/uR8zJ8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55940508a6647fb29f2e1c080d5e0c811191f54b73548751fe425ba0c6984489

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Fri, 19 Nov 2021 09:56:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 42ms
17ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113561579-3

Requested by

Host: aii.sh
URL: https://aii.sh/uR8zJ8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd66a2881ad7232e9a5d23b5205a62d7b7a126b7a781521085a90402c36bf3b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36139
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Nov 2021 09:56:09 GMT

GET
H3 200 header.jpg
aii.sh/cloud_theme/build/img/ 110 KB
111 KB 35ms
34ms Image
image/jpeg 2606:4700:3033::ac43:8fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aii.sh/cloud_theme/build/img/header.jpg

Requested by

Host: aii.sh
URL: https://aii.sh/cloud_theme/build/css/styles.min.css?ver=6.4.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de64b3a393f109bb7d59b836c7cb1b690b031e1da1bf442181cef25487296629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7546042
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 113002
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTH6kUmIUYXnHHBUfprCvjR6UM1MdlPVuSxtXMLCMH8Eg8wSOBtOPrqez5UtQqHk9p6bRvMGvEbF1oeEO1H5RdGVBSa03ufacoOz8gGyzkg%2FF8HMcYW928RZHSmsrUWYOrW1Tt0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b08912509416951-FRA
expires: Wed, 24 Aug 2022 01:48:44 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aii.sh
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:27:49 GMT
x-content-type-options: nosniff
age: 19700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 04:27:49 GMT

GET
H2 200 bnJObjUVUD0ZahsAIkwPTBo6GkUdSGFBVAcbYB1dQQE5QF8dUGJMRgMUbFQEQlA9A0NMSGxaG15QYkxBDxURB1FMSGxWBVtKdlcXQlA9G1cxGypcF1RQeFdWWhR6D1FDSnxbA0NGK1wNQ0t7DA1DF3ldU1gUfV0GWBd6TEg Show response
greenrecru.biz/ 56 KB
23 KB 366ms
135ms Script
application/javascript 44.195.137.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://greenrecru.biz/bnJObjUVUD0ZahsAIkwPTBo6GkUdSGFBVAcbYB1dQQE5QF8dUGJMRgMUbFQEQlA9A0NMSGxaG15QYkxBDxURB1FMSGxWBVtKdlcXQlA9G1cxGypcF1RQeFdWWhR6D1FDSnxbA0NGK1wNQ0t7DA1DF3ldU1gUfV0GWBd6TEg
Requested by: Host: aii.sh
URL: https://aii.sh/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-137-121.compute-1.amazonaws.com
Software: / Express
Resource Hash: 1e93137f08c7b51734dda06cb51b6e9827231de6adcc6cf765e5cd97bb31c050

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"e0e6-d04953iI8z0dIlULaURdb6ZEFQw"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 64 KB
23 KB 129ms
19ms Script
text/javascript 2606:4700:20::681a:c76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: aii.sh
URL: https://aii.sh/uR8zJ8Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f78c05ad26c81a3df4ad25135c0b53a603cd9defbb6fbd20cf18be7f8e7f77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
age: 68673
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-trace-id: 1de66a0739e75e36797cd6f122ef9992
pragma: no-cache
last-modified: Thu, 18 Nov 2021 10:03:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5u9TjuNRLBnsrzX%2Fv3FE2arR6AjmYeOjw9xYj%2F6glyDwGLGe2ZEOehnoNj0BbygkSvHoPVy4NqmqEFtP1SHCMIesg7yBDQKwh%2FEKj7dEq7%2Fe2wG0OZx9AJSXM1PfxZpCiItfhjU9Z596rE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 6b089126ba4442f1-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Fri, 19 Nov 2021 14:51:36 GMT

GET
H2 200 3487732 Show response
forfrogadiertor.com/400/ 66 KB
25 KB 129ms
21ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://forfrogadiertor.com/400/3487732

Requested by

Host: aii.sh
URL: https://aii.sh/uR8zJ8Q

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

1f0a7f4c08c9d9cd41ad26afa729824a3ece80c9ebb7a513eb98529901fc7109

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id: 2af15a9da47bb83fb6b762e19180c824
pragma: no-cache
date: Fri, 19 Nov 2021 09:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H3 200 footer.jpg
aii.sh/cloud_theme/build/img/ 6 KB
7 KB 14ms
13ms Image
image/jpeg 2606:4700:3033::ac43:8fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aii.sh/cloud_theme/build/img/footer.jpg

Requested by

Host: aii.sh
URL: https://aii.sh/cloud_theme/build/css/styles.min.css?ver=6.4.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:8fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1845306
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6152
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BF1M0aKBUsEn7up%2Ftfasnm7NOhfc3pteWq%2BIYXHMeSgqRHL8OhGqMmehv9%2FmDrk3rtrLIriVP1FewkWXUGnM8Ic8JBLGPZ92xscmIsOTGrCEzkNO1CYOHQ%2BtTHeEtVsqnD1AuN8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b0891260bad6951-FRA
expires: Sat, 29 Oct 2022 01:21:00 GMT

GET
H3 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 24ms
10ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aii.sh
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 08:02:57 GMT
x-content-type-options: nosniff
age: 265992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 08:02:57 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aii.sh
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 21:26:28 GMT
x-content-type-options: nosniff
age: 304181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Nov 2022 21:26:28 GMT

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 16 KB
6 KB 39ms
7ms Script
application/javascript 2600:9000:2156:3e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: aii.sh
URL: https://aii.sh/uR8zJ8Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:52:42 GMT
content-encoding: br
etag: W/"51870ee6d5cb32ca5311356b296af21f"
last-modified: Tue, 09 Mar 2021 20:17:06 GMT
server: AmazonS3
age: 296
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: DKrVlvNM59v36PH14IdtTxH8wOuAvoCLPNYhJlrSXDaZ4jKVh6DFRQ==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 347 KB
136 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aii.sh/
Origin: https://aii.sh
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 19 Nov 2022 09:04:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3302
date: Fri, 19 Nov 2021 09:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 19 Nov 2021 11:01:07 GMT

GET
H2 200 / Show response
bedrapiona.com/5/3491150/ 3 KB
2 KB 46ms
14ms XHR
application/json 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3491150/?oo=1&js_build=2
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1f26d74519c75774e620e819bbb5dc5694ae054d682306e101adefc7c0f7d4a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id: c72945663cc0f85d02059d28d73463a5
pragma: no-cache, no-cache
date: Fri, 19 Nov 2021 09:56:09 GMT
content-encoding: gzip
server: nginx
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://aii.sh
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2146842790&t=pageview&_s=1&dl=https%3A%2F%2Faii.sh%2FuR8zJ8Q&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=ShrinkPe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1496542197&gjid=1667125642&cid=2021656635.1637315769&tid=UA-113561579-3&_gid=1410009482.1637315769&_r=1&gtm=2ouba1&z=222316320

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aii.sh/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 09:56:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aii.sh
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame B1D7 40 KB
20 KB 40ms
24ms Document
text/html 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld1M-kaAAAAAL8mj4-l9pkorhPdnug3TeolUFaY&co=aHR0cHM6Ly9haWkuc2g6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=ofiz039rfd0c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5a3b692c32ce95f5731aa904b3255bb9c3edfd1b1a6b1f2bd181004ce8ec4703

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CH+eXmaiWcEolYcqzGNbhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Nov 2021 09:56:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-CH+eXmaiWcEolYcqzGNbhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20895
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
537 B 53ms
14ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=210d4b24b31546bb980560ba0a520718

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3063f998ad8a39b41205cec82b90abeb60762958fa63da07827b88b6eeb86db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://aii.sh
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame B1D7 51 KB
24 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld1M-kaAAAAAL8mj4-l9pkorhPdnug3TeolUFaY&co=aHR0cHM6Ly9haWkuc2g6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=ofiz039rfd0c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 15:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 17 Nov 2022 15:42:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame B1D7 347 KB
135 KB 24ms
11ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 19 Nov 2022 09:04:12 GMT

GET
H2 200 / Show response
onmarshtompor.com/ 2 KB
2 KB 47ms
14ms Fetch
application/json 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/?rb=wI5Z-MKWpJWhZm0FxRlowj9j3619UYa2qxDlvt4-L7aH4KzPTy-4dnFDleZ1X92EkGJptnJuR0jJEIpRnPTUuhlYaqsOSxD77rG1mwWdNxxyzhWNBU7G1CxlXTkT3XB8vHLLtCRwv7rHqr95u5F9BwYDa4nxMPj8SAyP1zqPyyeN0yjXX-BQaDbOLKHGXA2dN9lNkNH5H4ZmkOFmAy2YV6mjPQox7BfgNjWjHkxBCrHZD8fdjdISr-EhPC_xW0uDvdMflGDDs9I%3D&zoneid=3491150&request_ab2=0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Faii.sh%2FuR8zJ8Q&drf=https%3A%2F%2Ft.co%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=2&os=other&os_version=other&bs=32d53bb4-cc11-41ba-a46e-a765742a9e91&userId=210d4b24b31546bb980560ba0a520718&m=link

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

95b67ff43171715ae35de538b9758424409ea804f445a8e3bf8985432fb78f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-max-age: 86400
x-trace-id: 2d1baf1b566d2ac76363e93336c09b51
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://aii.sh
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B1D7 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B1D7 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B1D7 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 07:03:19 GMT
x-content-type-options: nosniff
age: 10370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 26 Nov 2021 07:03:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B1D7 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 233368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 17:06:41 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame B1D7 102 B
134 B 21ms
15ms Other
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP

Requested by

Host: aii.sh
URL: https://aii.sh/uR8zJ8Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ld1M-kaAAAAAL8mj4-l9pkorhPdnug3TeolUFaY&co=aHR0cHM6Ly9haWkuc2g6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=ofiz039rfd0c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 19 Nov 2021 09:56:09 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
536 B 12ms
12ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3487732

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3063f998ad8a39b41205cec82b90abeb60762958fa63da07827b88b6eeb86db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:56:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://aii.sh
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H/1.1 204
No Content favicon.ico
vianidorinotor.com/ 0
0 56ms
12ms Fetch 139.45.197.132
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vianidorinotor.com/favicon.ico

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.132 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 09:56:09 GMT
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
Strict-Transport-Security: max-age=60

GET
H2 200 3487732 Show response
forfrogadiertor.com/500/ 1 KB
1 KB 77ms
77ms XHR
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://forfrogadiertor.com/500/3487732?excludes=&oaid=210d4b24b31546bb980560ba0a520718&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=https%3A%2F%2Faii.sh%2FuR8zJ8Q&drf=https%3A%2F%2Ft.co%2F&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: forfrogadiertor.com
URL: https://forfrogadiertor.com/400/3487732

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

6ca6b03e1e34207322f1e67623f046766292091e7d7191da280046d722185eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://aii.sh/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 4f84842dd824f3d3b5a54149e48acf10
pragma: no-cache
date: Fri, 19 Nov 2021 09:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://aii.sh
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 3487732
forfrogadiertor.com/500/ Frame 0
0 39ms
13ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://aii.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Fri, 19 Nov 2021 09:56:09 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://aii.sh
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3 200 bframe Show response
www.recaptcha.net/recaptcha/api2/ Frame D3D0 7 KB
1 KB 16ms
16ms Document
text/html 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6Ld1M-kaAAAAAL8mj4-l9pkorhPdnug3TeolUFaY

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9672387306a49d2cf3a14adc7e6cf6f3afd1553ceea206cf5e918d8870d6f19

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pXHRF22RT0kkpNdrcx2MpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Nov 2021 09:56:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-pXHRF22RT0kkpNdrcx2MpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1109
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame D3D0 51 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6Ld1M-kaAAAAAL8mj4-l9pkorhPdnug3TeolUFaY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 15:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 17 Nov 2022 15:42:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame D3D0 347 KB
135 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6Ld1M-kaAAAAAL8mj4-l9pkorhPdnug3TeolUFaY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 09:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 19 Nov 2022 09:04:12 GMT

GET
H2 204 utx Show response
ethousealc.xyz/ 0
408 B 129ms
102ms XHR
text/plain 13.32.121.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ethousealc.xyz/utx?tid=805889&top=aii.sh&cb=9mgZG1mMPL2b
Requested by: Host: greenrecru.biz
URL: https://greenrecru.biz/bnJObjUVUD0ZahsAIkwPTBo6GkUdSGFBVAcbYB1dQQE5QF8dUGJMRgMUbFQEQlA9A0NMSGxaG15QYkxBDxURB1FMSGxWBVtKdlcXQlA9G1cxGypcF1RQeFdWWhR6D1FDSnxbA0NGK1wNQ0t7DA1DF3ldU1gUfV0GWBd6TEg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-41.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 09:56:09 GMT
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f5.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://aii.sh
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: jadtlSapyVPnz2sC7Z9prBKxkznoroFSpoD21TlXuHz0Gq8zcINRKQ==

GET
H/1.1 200
OK 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ 2 KB
3 KB 156ms
14ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aii.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 09:56:09 GMT
Last-Modified: Thu, 01 Jul 2021 09:13:54 GMT
Server: nginx
ETag: "60dd8752-86d"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 2157

POST
H2 200 / Show response
xceededo.xyz/ 0
37 B 319ms
103ms XHR
text/plain 107.22.28.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://xceededo.xyz/
Requested by: Host: greenrecru.biz
URL: https://greenrecru.biz/bnJObjUVUD0ZahsAIkwPTBo6GkUdSGFBVAcbYB1dQQE5QF8dUGJMRgMUbFQEQlA9A0NMSGxaG15QYkxBDxURB1FMSGxWBVtKdlcXQlA9G1cxGypcF1RQeFdWWhR6D1FDSnxbA0NGK1wNQ0t7DA1DF3ldU1gUfV0GWBd6TEg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-28-167.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aii.sh/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
content-length: 0

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 16:19:47	Name: muc Value: dc16b15f-af84-48cd-9423-e86afd762796
.t.co/	1970-01-20 16:19:47	Name: muc-ads Value: dc16b15f-af84-48cd-9423-e86afd762796
aii.sh/	1969-12-31 23:59:59	Name: AppSession Value: c72f133a81378268fe7aecbd4c6f68d7
aii.sh/	1969-12-31 23:59:59	Name: csrfToken Value: 44f695ef77325c58774a505d522d5253f11cbccced3abdc88529766c63b6e9d4f2f9f91b815447355b7e051f245fe91eb11412c9ee6455b5194c1f3168b5bf00
backjawtanoa.com/	1970-01-19 22:50:02	Name: GL_UI4 Value: eJw9jUtugzAYhHnTKAV1JA6QIzgRUFhWPUSXyGCbuAH%2FkXGDevtaldrVfJqHJgiCqCoRPrIY8RdvcBpr1nWK1e2oet68MnXp21qpqWvFpemUwkFvg%2BPjIl2C51kaafU0TCRkgRcf%2FTk3Q7tJkI6WG1EgXX1jKZCPlvZN2ipGYvgqkb1fLXlNV%2F5JFlHfetTGY8gQ0VbF5QH5hzbC78ojojMriyzA8b5wp8iugxZZiHS2XEiEb3iauJMz2W%2FkQm43R3eAFjH8939v4%2F3MkAn50JP%2FJneV9gd3Ukq3
backjawtanoa.com/	1970-01-19 22:50:02	Name: GL_GI10 Value: eJxNzMFKw0AQxvF0o9FgqHzoA%2FQFDFLE9lxb2pOePS3bdBoW3Jllsi2mT281oN6G3%2FD%2Fsiwz92MYH1HN5vXTrJ4%2BzuvpM%2FKWBGa5QtXIgZP2ll0gXK1Jg%2BMehVLrhWEW77gZbtvIjnC5XD38s6FauKNT73DR%2BNSjfD0ohS1pi%2FIbhrA6h3%2BP3HcRdxtKJyadvPGHZ5qsw3aDkinZLhLtUL6IRlGXCONf%2FVkrclz7zkaVz74Y4Tb5QCdhsrLfd5TONDoW5gscaUyo
aii.sh/	1969-12-31 23:59:59	Name: ab Value: 2
.aii.sh/	1970-01-20 16:19:47	Name: _ga Value: GA1.2.2021656635.1637315769
.aii.sh/	1970-01-19 22:50:02	Name: _gid Value: GA1.2.1410009482.1637315769
.aii.sh/	1970-01-19 22:48:35	Name: _gat_gtag_UA_113561579_3 Value: 1
bedrapiona.com/	1970-01-20 07:34:11	Name: OAID Value: 210d4b24b31546bb980560ba0a520718
bedrapiona.com/	1970-01-20 07:34:11	Name: oaidts Value: 1637315769
my.rtmark.net/	1970-01-20 07:34:11	Name: ID Value: 210d4b24b31546bb980560ba0a520718
aii.sh/	1970-01-19 22:48:35	Name: prefetchAd_3491150 Value: true
onmarshtompor.com/	1970-01-20 07:34:11	Name: OAID Value: 210d4b24b31546bb980560ba0a520718
onmarshtompor.com/	1970-01-20 07:34:11	Name: oaidts Value: 1637315769
onmarshtompor.com/	1970-01-19 22:58:40	Name: syncedCookie Value: true
forfrogadiertor.com/	1970-01-20 07:34:11	Name: OAID Value: 210d4b24b31546bb980560ba0a520718

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aii.sh
backjawtanoa.com
bedrapiona.com
ethousealc.xyz
fonts.googleapis.com
fonts.gstatic.com
forfrogadiertor.com
greenrecru.biz
iclickcdn.com
my.rtmark.net
onmarshtompor.com
quantcast.mgr.consensu.org
shrink.pe
static.cdnativepush.com
t.co
vianidorinotor.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
xceededo.xyz
104.244.42.69
107.22.28.167
13.32.121.41
139.45.195.8
139.45.197.132
139.45.197.156
139.45.197.234
139.45.197.239
139.45.197.243
172.255.6.149
2600:9000:2156:3e00:9:46dc:4700:93a1
2606:4700:20::681a:c76
2606:4700:3030::ac43:d89c
2606:4700:3033::ac43:8fae
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:831::200e
44.195.137.121
05bb735e69070b2f58146842e0aafb85e61c6a63b741b514ce47797e2db2e4de
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
13f78c05ad26c81a3df4ad25135c0b53a603cd9defbb6fbd20cf18be7f8e7f77
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e93137f08c7b51734dda06cb51b6e9827231de6adcc6cf765e5cd97bb31c050
1f0a7f4c08c9d9cd41ad26afa729824a3ece80c9ebb7a513eb98529901fc7109
1f26d74519c75774e620e819bbb5dc5694ae054d682306e101adefc7c0f7d4a0
23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3063f998ad8a39b41205cec82b90abeb60762958fa63da07827b88b6eeb86db1
30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
55940508a6647fb29f2e1c080d5e0c811191f54b73548751fe425ba0c6984489
5a3b692c32ce95f5731aa904b3255bb9c3edfd1b1a6b1f2bd181004ce8ec4703
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca6b03e1e34207322f1e67623f046766292091e7d7191da280046d722185eda
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
95b67ff43171715ae35de538b9758424409ea804f445a8e3bf8985432fb78f20
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
de64b3a393f109bb7d59b836c7cb1b690b031e1da1bf442181cef25487296629
e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea43e04e36176882a5ab95f2b5900220e61cb0f9d3e5f00ec574db56bba66c14
f7cb0cdc17a432d6f70cb5c508011c1ec42d70e948b267dd0d9a4b5d3076f48e
f9672387306a49d2cf3a14adc7e6cf6f3afd1553ceea206cf5e918d8870d6f19
fd66a2881ad7232e9a5d23b5205a62d7b7a126b7a781521085a90402c36bf3b9

aii.sh Open in urlscan Pro 2606:4700:3033::ac43:8fae Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

44 Requests

100 %HTTPS

48 %IPv6

20 Domains

21 Subdomains

22 IPs

4 Countries

1019 kBTransfer

2322 kBSize

18 Cookies

10 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

aii.sh Open in urlscan Pro
2606:4700:3033::ac43:8fae Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

48 %
IPv6

20
Domains

21
Subdomains

22
IPs

4
Countries

1019 kB
Transfer

2322 kB
Size

18
Cookies

44 HTTP transactions
2 data transactions