urlscan.io logo urlscan.io
SecurityTrails logo

adurly.cc Open in urlscan Pro
198.252.99.130  Public Scan

Go To Rescan Add Verdict Report
URL: https://adurly.cc/SmGjDg
Submission: On March 06 via manual from AT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 26 HTTP transactions. The main IP is 198.252.99.130, located in United States and belongs to HAWKHOST, CA. The main domain is adurly.cc.
TLS certificate: Issued by R3 on February 21st 2022. Valid for: 3 months.
This is the only time adurly.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    198.252.99.130 (United States)

ASN20068 (HAWKHOST, CA)
PTR: 198.252.99.130-static.reverse.arandomserver.com
adurly.cc
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
mediapalmtree.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    188.72.236.136 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 1f2-12-d2456-136.webazilla.com
shar3yourf1le.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
194 KB
6 adurly.cc
adurly.cc
187 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
9 KB
2 gstatic.com
fonts.gstatic.com
61 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 716
644 B
1 shar3yourf1le.com
shar3yourf1le.com
2 KB
1 mediapalmtree.com
mediapalmtree.com — Cisco Umbrella Rank: 711266
18 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
26 10
Domain Requested by
6 pagead2.googlesyndication.com adurly.cc
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 adurly.cc adurly.cc
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 shar3yourf1le.com mediapalmtree.com
1 mediapalmtree.com adurly.cc
1 fonts.googleapis.com adurly.cc
26 12

This site contains no links.

Subject Issuer Validity Valid
*.adurly.cc
R3		 2022-02-21 -
2022-05-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-13 -
2022-07-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
shar3yourf1le.com
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://adurly.cc/SmGjDg
Frame ID: 5BC529B20A38E6A19FAF57AA46CCBCEE
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/zrt_lookup.html
Frame ID: EC084E1944F36B80146F03AB8F45DC71
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6167712395119850&output=html&adk=1812271804&adf=3025194257&lmt=1646596614&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fadurly.cc%2FSmGjDg&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646596613885&bpp=2&bdt=559&idt=208&shv=r20220302&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5070594074282&frm=20&pv=2&ga_vid=1651889940.1646596614&ga_sid=1646596614&ga_hid=860652585&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31065508%2C31060048%2C31062930&oid=2&pvsid=269169202882370&pem=917&tmod=833782111&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=226
Frame ID: C7FD7DB309E3E6764664E1757FE28531
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D1E866D828EF3CDC9060C4D1DB356E5A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 916FA54BD6024B69AC9A5855D68D9127
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Adurly

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

26
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

476 kB
Transfer

1170 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request SmGjDg
adurly.cc/ 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adurly.cc/SmGjDg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.99.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.99.130-static.reverse.arandomserver.com
Software
LiteSpeed / PHP/5.6.40
Resource Hash
7ff057d25fceb3038672e9f3eabec4e7fcc7b84ee0642878996a402f51367f5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN,SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN,SAMEORIGIN
x-robots-tag
noindex, nofollow
content-encoding
br
vary
Accept-Encoding,User-Agent
date
Sun, 06 Mar 2022 19:56:53 GMT
server
LiteSpeed
x-xss-protection
1; mode=block
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Requested by
Host: adurly.cc
URL: https://adurly.cc/SmGjDg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e667273736cc088e5c45da9d80c956807969e29928a9bff6304e443b19eec9ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 06 Mar 2022 19:04:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 06 Mar 2022 19:56:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 06 Mar 2022 19:56:53 GMT
styles.min.css
adurly.cc/modern_theme/build/css/ 		187 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adurly.cc/modern_theme/build/css/styles.min.css?ver=6.4.0
Requested by
Host: adurly.cc
URL: https://adurly.cc/SmGjDg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.99.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.99.130-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/SmGjDg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 19:56:53 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 02 Sep 2019 23:24:49 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
31785
x-xss-protection
1; mode=block
expires
Tue, 05 Apr 2022 19:56:53 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6167712395119850
Requested by
Host: adurly.cc
URL: https://adurly.cc/SmGjDg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
153ecd0702db3bfd2b015a4f01c8be7c01fade7f7fb8c69ba9997f044df3e11e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adurly.cc/
Origin
https://adurly.cc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 19:56:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54012
x-xss-protection
0
server
cafe
etag
10518462161669644699
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 19:56:53 GMT
pu-script.js
mediapalmtree.com/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediapalmtree.com/pu-script.js?t=1621431300
Requested by
Host: adurly.cc
URL: https://adurly.cc/SmGjDg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db2e03b427a7701ef28d9f4a80bb305f8b484ddce01dfbd47a08f0a21d6adf13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 19:56:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
124
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 19 Aug 2021 13:08:31 GMT
server
cloudflare
etag
W/"611e57cf-f8ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkuOPtNwK3%2BKNix1CO0EsdVKc%2FI1ehRiTLq1xdZHyZKhnwK6YZXx3JbLWd2ZQuyQhWF2nFyF6DpOKObF8uELNUcLoCvC7WjSGiGylWq2X8ZqSIkbsFYFaF7WIxO%2By3bgQQiyZgZqy7VV0iBcZ2mnRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
6e7da841beaf911f-FRA
ads.js
adurly.cc/js/ 		191 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adurly.cc/js/ads.js
Requested by
Host: adurly.cc
URL: https://adurly.cc/SmGjDg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.99.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.99.130-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/SmGjDg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 19:56:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Sep 2019 23:24:49 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
User-Agent
content-length
191
x-xss-protection
1; mode=block
expires
Tue, 05 Apr 2022 19:56:53 GMT
script.min.js
adurly.cc/modern_theme/build/js/ 		202 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adurly.cc/modern_theme/build/js/script.min.js?ver=6.4.0
Requested by
Host: adurly.cc
URL: https://adurly.cc/SmGjDg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.99.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.99.130-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/SmGjDg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 19:56:53 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 02 Sep 2019 23:24:50 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-length
58897
x-xss-protection
1; mode=block
expires
Tue, 05 Apr 2022 19:56:53 GMT
header.jpg
adurly.cc/modern_theme/build/img/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adurly.cc/modern_theme/build/img/header.jpg
Requested by
Host: adurly.cc
URL: https://adurly.cc/modern_theme/build/css/styles.min.css?ver=6.4.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
198.252.99.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.99.130-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
6c8b1a83b2e623562fa3691de48714809313208b7a25b3940524a2e8bc4dfadc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/modern_theme/build/css/styles.min.css?ver=6.4.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 19:56:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Sep 2019 23:24:50 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/jpeg
vary
User-Agent
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
81736
x-xss-protection
1; mode=block
expires
Mon, 06 Mar 2023 19:56:53 GMT
footer.jpg
adurly.cc/modern_theme/build/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adurly.cc/modern_theme/build/img/footer.jpg
Requested by
Host: adurly.cc
URL: https://adurly.cc/modern_theme/build/css/styles.min.css?ver=6.4.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
198.252.99.130 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.99.130-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
80c8b789ae1e5ea87c4c39c56405da83433fe91c902932801dfad54e3ecebc3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/modern_theme/build/css/styles.min.css?ver=6.4.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 19:56:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Sep 2019 23:24:50 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
vary
User-Agent
content-length
13309
x-xss-protection
1; mode=block
expires
Mon, 06 Mar 2023 19:56:53 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v26/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v26/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://adurly.cc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 09:53:10 GMT
x-content-type-options
nosniff
age
209023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31248
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:37:29 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 04 Mar 2023 09:53:10 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://adurly.cc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 11:55:47 GMT
x-content-type-options
nosniff
age
460866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Mar 2023 11:55:47 GMT
/
shar3yourf1le.com/rtb/r/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shar3yourf1le.com/rtb/r/?token=b0094ff19df4a1d1828373c0c2a5bb5d5f7e9419&q=Adurly&cb=cbb0094ff19df4a1d1828373c0c2a5bb5d5f7e9419&ref=https%3A%2F%2Fadurly.cc%2FSmGjDg&fp=&_uniq=929076067419413&version=20210311132811&instance=upd1_mYpwBEuXhL63HYKUH6oDLFbtkra
Requested by
Host: mediapalmtree.com
URL: https://mediapalmtree.com/pu-script.js?t=1621431300
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.72.236.136 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
1f2-12-d2456-136.webazilla.com
Software
nginx /
Resource Hash
4b9d43f2e924f07761a05b60abcfe3c5d9d5096fb7b3caf11de4f7a8f75f2246

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 19:56:53 GMT
server
nginx
content-length
1171
content-type
application/javascript; charset=utf-8
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ 		292 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6167712395119850&plah=adurly.cc&bust=31065508
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6167712395119850
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
303d32ff1fca8ea374f2d31c0dfc52486b99fba2d40b7b565bd81a8e3dd6f6c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 19:56:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107535
x-xss-protection
0
server
cafe
etag
5850271543216629383
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 06 Mar 2022 19:56:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/ Frame EC08 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6167712395119850
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Sun, 06 Mar 2022 04:18:02 GMT
expires
Sun, 20 Mar 2022 04:18:02 GMT
cache-control
public, max-age=1209600
age
56331
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		213 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=adurly.cc&callback=_gfp_s_&client=ca-pub-6167712395119850
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6167712395119850&plah=adurly.cc&bust=31065508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6753a0a9b9e4b0f29ecb4eb0ea0c18a38f35c7fa15576e950c7924806821336c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 19:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=adurly.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6167712395119850&plah=adurly.cc&bust=31065508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 06 Mar 2022 19:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adurly.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6167712395119850&plah=adurly.cc&bust=31065508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 06 Mar 2022 19:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C7FD 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6167712395119850&output=html&adk=1812271804&adf=3025194257&lmt=1646596614&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fadurly.cc%2FSmGjDg&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646596613885&bpp=2&bdt=559&idt=208&shv=r20220302&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5070594074282&frm=20&pv=2&ga_vid=1651889940.1646596614&ga_sid=1646596614&ga_hid=860652585&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31065508%2C31060048%2C31062930&oid=2&pvsid=269169202882370&pem=917&tmod=833782111&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=226
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6167712395119850&plah=adurly.cc&bust=31065508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60770504f57cb6b5da913247d888f25bba130f60b373eaa223ebf123ae48bc9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 06 Mar 2022 19:56:54 GMT
server
cafe
content-length
4670
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 06 Mar 2022 19:56:54 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220302&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6167712395119850&plah=adurly.cc&bust=31065508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9866efa7257934d76fcfeca3f2125003baad657aad46304392277382fa116000
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 06 Mar 2022 19:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10787
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6167712395119850&plah=adurly.cc&bust=31065508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 19:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 06 Mar 2022 19:56:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D1E8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 06 Mar 2022 19:47:19 GMT
expires
Mon, 06 Mar 2023 19:47:19 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
575
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 916F 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01141a5ab3238890b6800cb839620ab8ce59a1e3d149a3ade651fab50a577b84
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-40tDJPek88QphViP5TqwZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 06 Mar 2022 19:56:54 GMT
date
Sun, 06 Mar 2022 19:56:54 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-40tDJPek88QphViP5TqwZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js
pagead2.googlesyndication.com/bg/ Frame D1E8 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 12:35:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
26484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13820
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 Mar 2023 12:35:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 916F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220302&jk=269169202882370&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame D1E8 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?VZvPJg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 06 Mar 2022 19:56:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220302&jk=269169202882370&bg=!h4SlhMDNAAb7UztL-1M7ACkAdvg8WlQ2NydQ46ZxoVSgBQxzPooYooOP7N16-7vMOFm_L5OGq6VcmgIAAABPUgAAAANoAQcKAAfw5Vegk0G5mQKW-h41SrfzoTWWp3nvNR6IH1C_pB8j-mETZ0D31BH6fxMHNKvS4auyWhe9-3w5tZSou1rScxcti9hsg5DBANLpt3qC3vlnxC-A9eYA3ulo1nRM6M9MFLI2H6gzxV3AN7q4y1MAowepmdkxx0yLqFWBcz4b1X67LFo-7n8lPMHBiR2670ulLgNTFY47oGJlzrgOFFyU6nkOlPpLXXS5kdrpy_I5zoACS4VQAgLheJpzYvtMi9E9Jt6beCc52gn9kraLI50ytBUrdnFQnl6I7tAZ1UDGFKOSH-LdySrX6Ru7AVQTmahmq6ZuGzi7ZpAm2rUXDH45OLlAMXgjVgPVbN0z90Heokct9R7ggT1IZlfM8df2usmSh2vM5hfGEiKn0v82kx37L8lCFEuILhRTzJyT9Llall0yFUNtLXGjH90761_sP3h7hWuyWdOaqndL8OwPKA7euv53bCkot4jPdxDWO4HP5JEySQwxY-GkE7mXNI8QGzXYG_ce5D7vNaNcxOdTI1S87cllcVq-XU9pU5UmrsKRgcBJPC_VYvI7zel4mVpMIlB8cLpRju10DU3QNOalGatNN8VgOv9D9EbOD-tsKz0ZzkOTillWtHdPcjopQlBnnZ_GqqkGYPttx_8kIkCn_Tz13ITKvBQHwMKsfqqvONf4EO9FacKecEbEXzC7Jpro15llyGGKz2q6nsStz7A6iDpsNVYJmx1Z889hzEmNEVRXbYbTr0ociv_UeO3UJ2KFFsBoesWFRXUmDjuu3NAjgKsKF0JjDTAx8-FkcqlcO1Q5LyKGvCb-L5acJK514bJMQv8ki-2OgqtMTnjvV8i6M_SYmRNwNeWxCho9DxMSg_FepSFyEvdrkhDm4HJHrXJ6_N6Ekng
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adurly.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Mar 2022 19:56:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| oncontextlost object| oncontextrestored object| __bdExecutedScripts object| app_vars object| e object| wow function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignin undefined| captchaSignup undefined| captchaForgotpassword undefined| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignin undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object object| selectedTab object| clipboard function| setTooltip function| cookie_accept function| $ function| jQuery function| WOW function| ClipboardJS function| cbb0094ff19df4a1d1828373c0c2a5bb5d5f7e9419 object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
adurly.cc/ Name: AppSession
Value: fi2bq6enp31515ou04hik81nf6
adurly.cc/ Name: csrfToken
Value: 0927494fdbfddbab1a628458764b60a7f2c3ca1c73a14cbf0b5e5ef58b1be1e8580bf850fd248a8a0feb1baefec0536bc53d8f6e1256f1ff7d741f90d9e73324
adurly.cc/ Name: app_visitor
Value: Q2FrZQ%3D%3D.NDNlMjI3NTllYTZhNGRiNzM3ZDUwZTExYjRiNWE0YWQ3Y2QzYWFmM2EwYzVhMjIxMjU4Y2RlYzBkOGJjNjM2M3tQAsGVSeEe%2FOj26FbUJy1Za0l5gF76evvuKPZkl5fYZWBMtxqRwR2NgYXy6t71W0Uv6Rva0nCJ4cLniumXivhwSlOjU%2FNOa9%2FVW%2B4UXBsV
adurly.cc/ Name: ab
Value: 2
.adurly.cc/ Name: puFp-20210311132811
Value: 3aac1ad1c2779a1d5fa86df213c34f48ed3ac719
.adurly.cc/ Name: __gads
Value: ID=2d6d4de37d0d3f49-2299e9eb55cd00b0:T=1646596614:RT=1646596614:S=ALNI_MZVINF8uARHKMnKApNzi3I8FKZQgw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN,SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
adurly.cc
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mediapalmtree.com
pagead2.googlesyndication.com
partner.googleadservices.com
shar3yourf1le.com
tpc.googlesyndication.com
www.google.com
142.250.181.226
188.72.236.136
198.252.99.130
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a06:98c1:3121::7
01141a5ab3238890b6800cb839620ab8ce59a1e3d149a3ade651fab50a577b84
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
153ecd0702db3bfd2b015a4f01c8be7c01fade7f7fb8c69ba9997f044df3e11e
303d32ff1fca8ea374f2d31c0dfc52486b99fba2d40b7b565bd81a8e3dd6f6c1
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
4b9d43f2e924f07761a05b60abcfe3c5d9d5096fb7b3caf11de4f7a8f75f2246
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
60770504f57cb6b5da913247d888f25bba130f60b373eaa223ebf123ae48bc9d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6753a0a9b9e4b0f29ecb4eb0ea0c18a38f35c7fa15576e950c7924806821336c
6c8b1a83b2e623562fa3691de48714809313208b7a25b3940524a2e8bc4dfadc
7ff057d25fceb3038672e9f3eabec4e7fcc7b84ee0642878996a402f51367f5f
80c8b789ae1e5ea87c4c39c56405da83433fe91c902932801dfad54e3ecebc3b
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
9866efa7257934d76fcfeca3f2125003baad657aad46304392277382fa116000
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a
b386764e2b714f6fe617daaedd1946a7161fc2ae5f9bd0bf606f76287121ee1d
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
db2e03b427a7701ef28d9f4a80bb305f8b484ddce01dfbd47a08f0a21d6adf13
e14a625deb5e7cb388813d12ff906c39d7140ead453b49a22cc7d11497035790
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e667273736cc088e5c45da9d80c956807969e29928a9bff6304e443b19eec9ac