touch-here.press Open in urlscan Pro
2606:4700:3037::681c:bf8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://toca-aqui.us/n/?f=Yennid
Effective URL:
http://touch-here.press/t/?f=Yennid
Submission: On July 03 via manual (July 3rd 2020, 4:47:32 am UTC) from CO

Summary HTTP 51 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 14 domains to perform 51 HTTP transactions. The main IP is 2606:4700:3037::681c:bf8, located in United States and belongs to CLOUDFLARENET, US. The main domain is touch-here.press.

This is the only time touch-here.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9 21	2606:4700:303... 2606:4700:3031::ac43:cd9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e0:... 2606:4700:e0::ac40:6e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
9	2606:4700:303... 2606:4700:3037::681c:bf8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
6	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	185.225.208.133 185.225.208.133	13213 (UK2NET-AS) (UK2NET-AS)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
1	67.202.94.86 67.202.94.86	32748 (STEADFAST) (STEADFAST)
51	14

21 2606:4700:3031::ac43:cd9b (United States) 9 redirects

ASN13335 (CLOUDFLARENET, US)

toca-aqui.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e0::ac40:6e05 (United States)

ASN13335 (CLOUDFLARENET, US)

ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3037::681c:bf8 (United States)

ASN13335 (CLOUDFLARENET, US)

touch-here.press	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.225.208.133 (Germany)

ASN13213 (UK2NET-AS, GB)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	toca-aqui.us 9 redirects toca-aqui.us	70 KB
9	touch-here.press touch-here.press	194 KB
7	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
6	fontawesome.com use.fontawesome.com	158 KB
4	google-analytics.com 1 redirects www.google-analytics.com	36 KB
4	ezodn.com ezodn.com	5 KB
2	gstatic.com fonts.gstatic.com	61 KB
2	googletagmanager.com www.googletagmanager.com	66 KB
1	amung.us whos.amung.us	213 B
1	waust.at waust.at	7 KB
1	google.com adservice.google.com	829 B
1	google.de adservice.google.de	829 B
1	doubleclick.net stats.g.doubleclick.net	99 B
1	googlesyndication.com pagead2.googlesyndication.com	41 KB
51	14

	Domain	Requested by
21	toca-aqui.us	9 redirects toca-aqui.us
9	touch-here.press	toca-aqui.us touch-here.press
6	fonts.googleapis.com	touch-here.press
6	use.fontawesome.com	touch-here.press use.fontawesome.com www.google-analytics.com
4	www.google-analytics.com	1 redirects www.googletagmanager.com touch-here.press
4	ezodn.com	toca-aqui.us
2	fonts.gstatic.com	touch-here.press
2	www.googletagmanager.com	toca-aqui.us touch-here.press
1	whos.amung.us	waust.at
1	ajax.googleapis.com	touch-here.press
1	waust.at	touch-here.press
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	toca-aqui.us
1	pagead2.googlesyndication.com	toca-aqui.us
51	15

This site contains links to these domains. Also see Links.

Domain
whos.amung.us

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-08-19` - `2020-08-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://touch-here.press/t/?f=Yennid
Frame ID: D60FC73B5BD38A0CF9BCDAE4EEE2CC79
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://toca-aqui.us/n/?f=Yennid Page URL
http://touch-here.press/t/?f=Yennid Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

51
Requests

63 %
HTTPS

77 %
IPv6

14
Domains

15
Subdomains

14
IPs

3
Countries

667 kB
Transfer

1255 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://whos.amung.us/stats/excelente0/
Title: 88

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://toca-aqui.us/n/?f=Yennid Page URL
http://touch-here.press/t/?f=Yennid Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://toca-aqui.us/detroitchicago/rochester.js?cb=188-0&v=9 HTTP 301
https://toca-aqui.us/detroitchicago/rochester.js?cb=188-0&v=9

Request Chain 11

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=762914858&t=pageview&_s=1&dl=http%3A%2F%2Ftoca-aqui.us%2Fn%2F%3Ff%3DYennid&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=751835555&gjid=263676188&cid=1655237991.1593751626&tid=UA-88674355-2&_gid=1526462555.1593751626&_r=1&gtm=2ou6o0&z=1868751258 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-88674355-2&cid=1655237991.1593751626&jid=751835555&_gid=1526462555.1593751626&gjid=263676188&_v=j83&z=1868751258

Request Chain 12

http://toca-aqui.us/detroitchicago/edmonton.webp?a=a&cb=0&shcb=33 HTTP 301
https://toca-aqui.us/detroitchicago/edmonton.webp?a=a&cb=0&shcb=33

Request Chain 13

http://toca-aqui.us/porpoiseant/jellyfish.webp?a=a&cb=0&shcb=33 HTTP 301
https://toca-aqui.us/porpoiseant/jellyfish.webp?a=a&cb=0&shcb=33

Request Chain 14

http://toca-aqui.us/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22city%22%3A%22Ketsch%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A183336%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22forensiq_score%22%3A-1%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%227354bd21-0e63-494c-41e2-24fa1af61137%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%2268775%22%2C%22pv_event_count%22%3A0%2C%22response_time_orig%22%3A252%2C%22serverid%22%3A%2235.158.210.15%3A16526%22%2C%22state%22%3A%22BW%22%2C%22t_epoch%22%3A1593751625%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22http%3A%2F%2Ftoca-aqui.us%2Fn%2F%3Ff%3DYennid%22%2C%22user_id%22%3A0%2C%22word_count%22%3A0%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1 HTTP 301
https://toca-aqui.us/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22city%22%3A%22Ketsch%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A183336%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22forensiq_score%22%3A-1%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%227354bd21-0e63-494c-41e2-24fa1af61137%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%2268775%22%2C%22pv_event_count%22%3A0%2C%22response_time_orig%22%3A252%2C%22serverid%22%3A%2235.158.210.15%3A16526%22%2C%22state%22%3A%22BW%22%2C%22t_epoch%22%3A1593751625%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22http%3A%2F%2Ftoca-aqui.us%2Fn%2F%3Ff%3DYennid%22%2C%22user_id%22%3A0%2C%22word_count%22%3A0%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1

Request Chain 17

http://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNzM1NGJkMjEtMGU2My00OTRjLTQxZTItMjRmYTFhZjYxMTM3IiwiZG9tYWluX2lkIjoiMTgzMzM2IiwidF9lcG9jaCI6MTU5Mzc1MTYyNSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMDctMDMifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI2In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfV0= HTTP 301
https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNzM1NGJkMjEtMGU2My00OTRjLTQxZTItMjRmYTFhZjYxMTM3IiwiZG9tYWluX2lkIjoiMTgzMzM2IiwidF9lcG9jaCI6MTU5Mzc1MTYyNSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMDctMDMifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI2In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfV0=

Request Chain 18

http://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjMyIn0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIzMjgifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjEifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiNDY5In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiNDY5In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjYxNyJ9XX1d HTTP 301
https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjMyIn0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIzMjgifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjEifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiNDY5In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiNDY5In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjYxNyJ9XX1d

Request Chain 19

http://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiI3OTkifV19XQ== HTTP 301
https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiI3OTkifV19XQ==

Request Chain 20

http://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNzM1NGJkMjEtMGU2My00OTRjLTQxZTItMjRmYTFhZjYxMTM3IiwiZG9tYWluX2lkIjoiMTgzMzM2IiwidF9lcG9jaCI6MTU5Mzc1MTYyNSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19XQ== HTTP 301
https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNzM1NGJkMjEtMGU2My00OTRjLTQxZTItMjRmYTFhZjYxMTM3IiwiZG9tYWluX2lkIjoiMTgzMzM2IiwidF9lcG9jaCI6MTU5Mzc1MTYyNSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19XQ==

Request Chain 21

http://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNTkzNzUxNjI3MTQ3In1dfV0= HTTP 301
https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNTkzNzUxNjI3MTQ3In1dfV0=

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set / Show response
toca-aqui.us/n/ 26 KB
10 KB 328ms
296ms Document
text/html 2606:4700:3031::ac43:cd9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://toca-aqui.us/n/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:cd9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4581555fc2dfcad859f0fd99393f46fc4d0971151ad8009e4399484d41d2a77

Request headers

Host: toca-aqui.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 03 Jul 2020 04:47:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=da835c6dffcb828751b5be796153bd5e21593751625; expires=Sun, 02-Aug-20 04:47:05 GMT; path=/; domain=.toca-aqui.us; HttpOnly; SameSite=Lax ezoadgid_183336=-1; Path=/; Domain=toca-aqui.us; Expires=Fri, 03 Jul 2020 05:17:05 UTC ezoref_183336=; Path=/; Domain=toca-aqui.us; Expires=Fri, 03 Jul 2020 06:47:05 UTC ezoab_183336=mod66-c; Path=/; Domain=toca-aqui.us; Expires=Fri, 03 Jul 2020 06:47:05 UTC lp_183336=http://toca-aqui.us/n/?f=Yennid; Path=/; Domain=toca-aqui.us; Expires=Fri, 03 Jul 2020 06:47:05 UTC ezovuuidtime_183336=1593751625; Path=/; Domain=toca-aqui.us; Expires=Sun, 05 Jul 2020 04:47:05 UTC ezovuuid_183336=002e045f-db88-42a7-7bac-c3596321c543; Path=/; Domain=toca-aqui.us; Expires=Fri, 03 Jul 2020 05:17:05 UTC ezopvc_183336=1; Path=/; Domain=toca-aqui.us; Expires=Fri, 03 Jul 2020 05:17:05 UTC ezCMPCCS=true; Path=/; Domain=toca-aqui.us; Expires=Sat, 03 Jul 2021 04:47:05 GMT
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Display: orig_site_sol
Expires: Thu, 02 Jul 2020 04:47:05 GMT
Last-Modified: Thu, 02 Jul 2020 22:27:19 GMT
Pagespeed: off
Response: 200
Vary: Accept-Encoding Accept-Encoding,X-APP-JSON
X-Middleton-Display: orig_site_sol
X-Middleton-Response: 200
X-Sol: orig
X-Turbo-Charged-By: LiteSpeed
CF-Cache-Status: DYNAMIC
cf-request-id: 03b498f6a40000dfbb0b8c3200000001
Server: cloudflare
CF-RAY: 5acdf76aaa27dfbb-FRA
Content-Encoding: gzip

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-88674355-2

Requested by

Host: toca-aqui.us
URL: http://toca-aqui.us/n/?f=Yennid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c47bceb7c72e7124b46db3cbec801db0229614c93504fa73ff810bd5e4b283fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 04:47:05 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33687
x-xss-protection: 0
last-modified: Fri, 03 Jul 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Jul 2020 04:47:05 GMT

GET
H/1.1 200
OK style-f=23.css
toca-aqui.us/n/css/ 18 KB
5 KB 278ms
277ms Stylesheet
text/css 2606:4700:3031::ac43:cd9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://toca-aqui.us/n/css/style-f=23.css
Requested by: Host: toca-aqui.us
URL: http://toca-aqui.us/n/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:cd9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8db3f3010a6124259c4eb9c96ffc0f165141f4be52c4f31b3b225556c19a21

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 03 Jul 2020 04:47:05 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-Sol: orig
Display: staticcontent_sol, orig_site_sol
Transfer-Encoding: chunked
X-Middleton-Display: staticcontent_sol, orig_site_sol
Connection: keep-alive
cf-request-id: 03b498f7d10000dfbb0b8d4200000001
Response: 200
Last-Modified: Fri, 03 Jul 2020 04:03:14 GMT
Server: cloudflare
Vary: Accept-Encoding, Accept-Encoding,Origin,X-APP-JSON
Content-Type: text/css
X-Middleton-Response: 200
Cache-Control: public, max-age=604800
X-Turbo-Charged-By: LiteSpeed
CF-RAY: 5acdf76c8d22dfbb-FRA
Expires: Fri, 10 Jul 2020 04:47:03 GMT

GET
H/1.1 200
OK jquery.min.js Show response
toca-aqui.us/n/js/ 84 KB
30 KB 440ms
434ms Script
application/javascript 2606:4700:3031::ac43:cd9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://toca-aqui.us/n/js/jquery.min.js
Requested by: Host: toca-aqui.us
URL: http://toca-aqui.us/n/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:cd9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 03 Jul 2020 04:47:06 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Display: staticcontent_sol, staticcontent_sol
Transfer-Encoding: chunked
X-Middleton-Display: staticcontent_sol, staticcontent_sol
Connection: keep-alive
cf-request-id: 03b498f7d70000d7054d820200000001
Response: 200
Last-Modified: Thu, 02 Jul 2020 22:27:23 GMT
Server: cloudflare
Vary: Accept-Encoding, Accept-Encoding,Origin,X-APP-JSON
Content-Type: application/javascript
X-Middleton-Response: 200
Cache-Control: public, max-age=604800
X-Turbo-Charged-By: LiteSpeed
CF-RAY: 5acdf76c8d83d705-FRA
Expires: Fri, 10 Jul 2020 04:47:03 GMT

GET
H2

200

rochester.js Show response
toca-aqui.us/detroitchicago/
Redirect Chain

http://toca-aqui.us/detroitchicago/rochester.js?cb=188-0&v=9
https://toca-aqui.us/detroitchicago/rochester.js?cb=188-0&v=9

2 KB
1 KB

34ms
16ms

Script
application/javascript

2606:4700:3031::ac43:cd9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://toca-aqui.us/detroitchicago/rochester.js?cb=188-0&v=9
Requested by: Host: toca-aqui.us
URL: http://toca-aqui.us/n/?f=Yennid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:cd9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 777cc56d4fcbc36f7a94abab1b63d6c20cf73def1bc63f02aa2313b0aa609ada

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 04:47:05 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 4227
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
x-middleton-display: sol-js
cache-control: max-age:31536000, public
cf-ray: 5acdf76e68e01f35-FRA
cf-request-id: 03b498f90300001f35f7b19200000001

Redirect headers

Date: Fri, 03 Jul 2020 04:47:05 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://toca-aqui.us/detroitchicago/rochester.js?cb=188-0&v=9
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5acdf76e4fbadfbb-FRA
cf-request-id: 03b498f8e80000dfbb0b8e1200000001
Expires: Fri, 03 Jul 2020 05:47:05 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 113 KB
41 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: toca-aqui.us
URL: http://toca-aqui.us/n/?f=Yennid

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c6109a06b9f3d756c9b8cb88c996c581c26522dcb96b91062c55100ad803d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 03 Jul 2020 04:47:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 4975968547677784669
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 41316
X-XSS-Protection: 0
Expires: Fri, 03 Jul 2020 04:47:06 GMT

GET
H/1.1 200
OK boise.js Show response
ezodn.com/detroitchicago/ 983 B
1 KB 24ms
11ms Script
application/javascript 2606:4700:e0::ac40:6e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ezodn.com/detroitchicago/boise.js?gcb=188-0&cb=1
Requested by: Host: toca-aqui.us
URL: http://toca-aqui.us/n/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 03 Jul 2020 04:47:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
Age: 5506
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-Middleton-Display: sol-js
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5acdf76edabd2484-FRA
cf-request-id: 03b498f94800002484bc817200000001

GET
H/1.1 200
OK memphis.js Show response
ezodn.com/detroitchicago/ 5 KB
2 KB 11ms
11ms Script
application/javascript 2606:4700:e0::ac40:6e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ezodn.com/detroitchicago/memphis.js?gcb=188-0&cb=1
Requested by: Host: toca-aqui.us
URL: http://toca-aqui.us/n/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ca10f8a06498f5c3104fbf34cf163e62be492b1a214470ec765215b20a166aa

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 03 Jul 2020 04:47:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
Age: 5505
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-Middleton-Display: sol-js
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5acdf76eead42484-FRA
Content-Length: 1526
cf-request-id: 03b498f95400002484bc818200000001

GET
H/1.1 200
OK minneapolis.js Show response
ezodn.com/detroitchicago/ 737 B
998 B 11ms
11ms Script
application/javascript 2606:4700:e0::ac40:6e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ezodn.com/detroitchicago/minneapolis.js?gcb=188-0&cb=1
Requested by: Host: toca-aqui.us
URL: http://toca-aqui.us/n/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e4bd0a1dbd75110206f95d0efc6d32899d5b53ae679f8d161dee97c84fabd0

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 03 Jul 2020 04:47:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
Age: 5506
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-Middleton-Display: sol-js
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5acdf76f0aef2484-FRA
cf-request-id: 03b498f96000002484bc819200000001

GET
H/1.1 200
OK raleigh.js Show response
ezodn.com/detroitchicago/ 2 KB
1 KB 15ms
15ms Script
application/javascript 2606:4700:e0::ac40:6e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ezodn.com/detroitchicago/raleigh.js?gcb=188-0&cb=1
Requested by: Host: toca-aqui.us
URL: http://toca-aqui.us/n/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee541c89a51f877c0909b4c8136a399e5ed8413b604d7c3bc82a6313d07e013c

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 03 Jul 2020 04:47:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
Age: 5506
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
X-Middleton-Display: sol-js
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5acdf76f1b0d2484-FRA
Content-Length: 738
cf-request-id: 03b498f96e00002484bc81a200000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-88674355-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 1888
date: Fri, 03 Jul 2020 04:15:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Fri, 03 Jul 2020 06:15:38 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=762914858&t=pageview&_s=1&dl=http%3A%2F%2Ftoca-aqui.us%2Fn%2F%3Ff%3DYennid&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBA...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-88674355-2&cid=1655237991.1593751626&jid=751835555&_gid=1526462555.1593751626&gjid=263676188&_v=j83&z=1868751258

35 B
99 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-88674355-2&cid=1655237991.1593751626&jid=751835555&_gid=1526462555.1593751626&gjid=263676188&_v=j83&z=1868751258

Requested by

Host: toca-aqui.us
URL: http://toca-aqui.us/n/?f=Yennid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 03 Jul 2020 04:47:06 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Jul 2020 04:47:06 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-88674355-2&cid=1655237991.1593751626&jid=751835555&_gid=1526462555.1593751626&gjid=263676188&_v=j83&z=1868751258
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

edmonton.webp Show response
toca-aqui.us/detroitchicago/
Redirect Chain

http://toca-aqui.us/detroitchicago/edmonton.webp?a=a&cb=0&shcb=33
https://toca-aqui.us/detroitchicago/edmonton.webp?a=a&cb=0&shcb=33

14 KB
4 KB

12ms
12ms

Script
application/javascript

2606:4700:3031::ac43:cd9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://toca-aqui.us/detroitchicago/edmonton.webp?a=a&cb=0&shcb=33
Requested by: Host: toca-aqui.us
URL: http://toca-aqui.us/n/?f=Yennid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:cd9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d1a6167cc94d4477a0b025016664e3b9e4c3df1cbe6476044ca7492e5706595

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 04:47:06 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 37122
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
cf-ray: 5acdf76f8a3d1f35-FRA
cf-request-id: 03b498f9b200001f35f7b1e200000001

Redirect headers

Date: Fri, 03 Jul 2020 04:47:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://toca-aqui.us/detroitchicago/edmonton.webp?a=a&cb=0&shcb=33
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5acdf76f696ed705-FRA
cf-request-id: 03b498f9a20000d7054d82b200000001
Expires: Fri, 03 Jul 2020 05:47:06 GMT

GET
H2

200

jellyfish.webp Show response
toca-aqui.us/porpoiseant/
Redirect Chain

http://toca-aqui.us/porpoiseant/jellyfish.webp?a=a&cb=0&shcb=33
https://toca-aqui.us/porpoiseant/jellyfish.webp?a=a&cb=0&shcb=33

58 KB
11 KB

15ms
15ms

Script
application/javascript

2606:4700:3031::ac43:cd9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://toca-aqui.us/porpoiseant/jellyfish.webp?a=a&cb=0&shcb=33
Requested by: Host: toca-aqui.us
URL: http://toca-aqui.us/n/?f=Yennid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:cd9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f42302a9f56fe1452781f1b9dd6426dea2461dc936acc8c312ba18c7b093a8dd

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 04:47:06 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 37296
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
cf-ray: 5acdf76f8a3c1f35-FRA
cf-request-id: 03b498f9b200001f35f7b1d200000001

Redirect headers

Date: Fri, 03 Jul 2020 04:47:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://toca-aqui.us/porpoiseant/jellyfish.webp?a=a&cb=0&shcb=33
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5acdf76f6964dfbb-FRA
cf-request-id: 03b498f9a20000dfbb0b8e7200000001
Expires: Fri, 03 Jul 2020 05:47:06 GMT

GET
H2

200

imp.gif
toca-aqui.us/detroitchicago/
Redirect Chain

http://toca-aqui.us/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22city%22%3A%22Ketsch%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C...
https://toca-aqui.us/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22city%22%3A%22Ketsch%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2...

43 B
167 B

126ms
125ms

Image
image/gif

2606:4700:3031::ac43:cd9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toca-aqui.us/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22city%22%3A%22Ketsch%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A183336%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22forensiq_score%22%3A-1%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%227354bd21-0e63-494c-41e2-24fa1af61137%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%2268775%22%2C%22pv_event_count%22%3A0%2C%22response_time_orig%22%3A252%2C%22serverid%22%3A%2235.158.210.15%3A16526%22%2C%22state%22%3A%22BW%22%2C%22t_epoch%22%3A1593751625%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22http%3A%2F%2Ftoca-aqui.us%2Fn%2F%3Ff%3DYennid%22%2C%22user_id%22%3A0%2C%22word_count%22%3A0%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
Requested by: Host: toca-aqui.us
URL: http://toca-aqui.us/n/?f=Yennid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:cd9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 04:47:06 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 5acdf76f8a4a1f35-FRA
content-length: 43
cf-request-id: 03b498f9b800001f35f7b1f200000001

Redirect headers

Date: Fri, 03 Jul 2020 04:47:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://toca-aqui.us/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22city%22%3A%22Ketsch%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A183336%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22forensiq_score%22%3A-1%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%227354bd21-0e63-494c-41e2-24fa1af61137%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%2268775%22%2C%22pv_event_count%22%3A0%2C%22response_time_orig%22%3A252%2C%22serverid%22%3A%2235.158.210.15%3A16526%22%2C%22state%22%3A%22BW%22%2C%22t_epoch%22%3A1593751625%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22http%3A%2F%2Ftoca-aqui.us%2Fn%2F%3Ff%3DYennid%22%2C%22user_id%22%3A0%2C%22word_count%22%3A0%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5acdf76f7fdc05e9-FRA
cf-request-id: 03b498f9aa000005e98514e200000001
Expires: Fri, 03 Jul 2020 05:47:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
829 B 27ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=toca-aqui.us

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Jul 2020 04:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
829 B 27ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=toca-aqui.us

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Jul 2020 04:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2

200

greenoaks.gif
toca-aqui.us/detroitchicago/
Redirect Chain

http://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIj...
https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoI...

43 B
213 B

38ms
38ms

Image
image/gif

2606:4700:3031::ac43:cd9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNzM1NGJkMjEtMGU2My00OTRjLTQxZTItMjRmYTFhZjYxMTM3IiwiZG9tYWluX2lkIjoiMTgzMzM2IiwidF9lcG9jaCI6MTU5Mzc1MTYyNSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMDctMDMifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI2In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfV0=
Requested by: Host: toca-aqui.us
URL: http://toca-aqui.us/n/?f=Yennid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:cd9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 04:47:06 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5acdf76fba901f35-FRA
content-length: 43
cf-request-id: 03b498f9cf00001f35f7b22200000001
expires: Thu, 02 Jul 2020 04:47:06 UTC

Redirect headers

Date: Fri, 03 Jul 2020 04:47:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNzM1NGJkMjEtMGU2My00OTRjLTQxZTItMjRmYTFhZjYxMTM3IiwiZG9tYWluX2lkIjoiMTgzMzM2IiwidF9lcG9jaCI6MTU5Mzc1MTYyNSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMDctMDMifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI2In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfV0=
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5acdf76fa81605e9-FRA
cf-request-id: 03b498f9c5000005e985151200000001
Expires: Fri, 03 Jul 2020 05:47:06 GMT

GET
H2

200

greenoaks.gif
toca-aqui.us/detroitchicago/
Redirect Chain

http://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIj...
https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoI...

43 B
127 B

39ms
38ms

Image
image/gif

2606:4700:3031::ac43:cd9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjMyIn0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIzMjgifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjEifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiNDY5In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiNDY5In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjYxNyJ9XX1d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:cd9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 04:47:06 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5acdf7706b4c1f35-FRA
content-length: 43
cf-request-id: 03b498fa4200001f35f7b28200000001
expires: Thu, 02 Jul 2020 04:47:06 UTC

Redirect headers

Date: Fri, 03 Jul 2020 04:47:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjMyIn0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIzMjgifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjEifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiNDY5In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiNDY5In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjYxNyJ9XX1d
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5acdf770597f05e9-FRA
cf-request-id: 03b498fa39000005e98515d200000001
Expires: Fri, 03 Jul 2020 05:47:06 GMT

GET
H2

200

greenoaks.gif
toca-aqui.us/detroitchicago/
Redirect Chain

http://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIj...
https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoI...

43 B
127 B

41ms
40ms

Image
image/gif

2606:4700:3031::ac43:cd9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiI3OTkifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:cd9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 04:47:06 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5acdf7706b4f1f35-FRA
content-length: 43
cf-request-id: 03b498fa4200001f35f7b29200000001
expires: Thu, 02 Jul 2020 04:47:06 UTC

Redirect headers

Date: Fri, 03 Jul 2020 04:47:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiI3OTkifV19XQ==
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5acdf7705aa4d705-FRA
cf-request-id: 03b498fa390000d7054d830200000001
Expires: Fri, 03 Jul 2020 05:47:06 GMT

GET
H2

200

greenoaks.gif
toca-aqui.us/detroitchicago/
Redirect Chain

http://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIj...
https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoI...

43 B
127 B

34ms
34ms

Image
image/gif

2606:4700:3031::ac43:cd9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNzM1NGJkMjEtMGU2My00OTRjLTQxZTItMjRmYTFhZjYxMTM3IiwiZG9tYWluX2lkIjoiMTgzMzM2IiwidF9lcG9jaCI6MTU5Mzc1MTYyNSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19XQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:cd9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 04:47:06 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5acdf7706b511f35-FRA
content-length: 43
cf-request-id: 03b498fa4200001f35f7b2a200000001
expires: Thu, 02 Jul 2020 04:47:06 UTC

Redirect headers

Date: Fri, 03 Jul 2020 04:47:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNzM1NGJkMjEtMGU2My00OTRjLTQxZTItMjRmYTFhZjYxMTM3IiwiZG9tYWluX2lkIjoiMTgzMzM2IiwidF9lcG9jaCI6MTU5Mzc1MTYyNSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjczNTRiZDIxLTBlNjMtNDk0Yy00MWUyLTI0ZmExYWY2MTEzNyIsImRvbWFpbl9pZCI6IjE4MzMzNiIsInRfZXBvY2giOjE1OTM3NTE2MjUsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19XQ==
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5acdf7705a96dfbb-FRA
cf-request-id: 03b498fa390000dfbb0b8ed200000001
Expires: Fri, 03 Jul 2020 05:47:06 GMT

GET
H/1.1 200
OK Primary Request Cookie set / Show response
touch-here.press/t/ 7 KB
3 KB 441ms
269ms Document
text/html 2606:4700:3037::681c:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://touch-here.press/t/?f=Yennid
Requested by: Host: toca-aqui.us
URL: http://toca-aqui.us/n/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:3037::681c:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10ad6c73a34a1c9cdc3ba3e27f49aa2a9e1b78d7f597f914468cb2ce312212e5

Request headers

Host: touch-here.press
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://toca-aqui.us/n/?f=Yennid
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://toca-aqui.us/n/?f=Yennid

Response headers

Date: Fri, 03 Jul 2020 04:47:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d08c3c72d3d35ce0aac087803f86ae5a81593751627; expires=Sun, 02-Aug-20 04:47:07 GMT; path=/; domain=.touch-here.press; HttpOnly; SameSite=Lax
Vary: Accept-Encoding
X-Turbo-Charged-By: LiteSpeed
CF-Cache-Status: DYNAMIC
cf-request-id: 03b498fe390000e007ba196200000001
Server: cloudflare
CF-RAY: 5acdf776cd7de007-FRA
Content-Encoding: gzip

GET
H2

200

greenoaks.gif
toca-aqui.us/detroitchicago/
Redirect Chain

http://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIj...
https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoI...

43 B
150 B

38ms
38ms

Image
image/gif

2606:4700:3031::ac43:cd9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNTkzNzUxNjI3MTQ3In1dfV0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:cd9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://toca-aqui.us/n/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 04:47:07 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
status: 200
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 5acdf775c9f21f35-FRA
content-length: 43
cf-request-id: 03b498fd9800001f35f7b5a200000001
expires: Thu, 02 Jul 2020 04:47:06 UTC

Redirect headers

Date: Fri, 03 Jul 2020 04:47:07 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://toca-aqui.us/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3MzU0YmQyMS0wZTYzLTQ5NGMtNDFlMi0yNGZhMWFmNjExMzciLCJkb21haW5faWQiOiIxODMzMzYiLCJ0X2Vwb2NoIjoxNTkzNzUxNjI1LCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNTkzNzUxNjI3MTQ3In1dfV0=
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5acdf775bb1bdfbb-FRA
cf-request-id: 03b498fd8e0000dfbb0b913200000001
Expires: Fri, 03 Jul 2020 05:47:07 GMT

GET
H2 200 4c3bcb034c.js Show response
use.fontawesome.com/ 9 KB
4 KB 22ms
14ms Script
text/javascript 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/4c3bcb034c.js
Requested by: Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2e0cb71c035167bcf33ec86c6193df5265075ae3a61587d862abb071bbfbd3a4

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 04:47:07 GMT
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 22:31:27 GMT
server: NetDNA-cache/2.2
x-amz-request-id: DD669DB9FEFDF624
etag: W/"e0a04a8850e24126d255fd50ff1b8cc7"
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=0, private, must-revalidate
x-amz-id-2: SYRQ7j4jYOSJuvkUMxFFQX1IG45a5HkiPZG7KcAvuuH7bb8NBBjwy8RbRCosiA1lKf0tsa5gxho=

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
11 KB 20ms
13ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://touch-here.press/t/?f=Yennid
Origin: http://touch-here.press

Response headers

date: Fri, 03 Jul 2020 04:47:07 GMT
content-encoding: gzip
last-modified: Wed, 20 Jun 2018 20:19:16 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H/1.1 404
Not Found fontawesome.css
touch-here.press/your-path-to-fontawesome/css/ 0
0 266ms
260ms Stylesheet
text/html 2606:4700:3037::681c:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://touch-here.press/your-path-to-fontawesome/css/fontawesome.css
Requested by: Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:3037::681c:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Jul 2020 04:47:07 GMT
Content-Encoding: gzip
CF-Cache-Status: BYPASS
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Turbo-Charged-By: LiteSpeed
Connection: keep-alive
CF-RAY: 5acdf778afe8e007-FRA
cf-request-id: 03b498ff650000e007ba1a3200000001

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
606 B 22ms
16ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Vollkorn+SC:wght@700&display=swap

Requested by

Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ace40a2bc56b86f8d29e5c52a0a28d7ef6e879bcc3331fcdae8ef16fbdc19f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Jul 2020 04:47:07 GMT
server: ESF
date: Fri, 03 Jul 2020 04:47:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Jul 2020 04:47:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
758 B 23ms
17ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inknut+Antiqua:wght@300;400;500;600;700;800;900&display=swap

Requested by

Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71b5906ba5c92a9adab58848b23c38860cefb7e3f7dba48f54fed48b100d403d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Jul 2020 04:47:07 GMT
server: ESF
date: Fri, 03 Jul 2020 04:47:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Jul 2020 04:47:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
590 B 21ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Homemade+Apple&family=Marcellus+SC&display=swap

Requested by

Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d479e427909d26df0068bd04dfc690842f7eb39a2ea4b59b2a72c9fc8a45477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Jul 2020 04:47:07 GMT
server: ESF
date: Fri, 03 Jul 2020 04:47:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Jul 2020 04:47:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
594 B 27ms
22ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Niconne&family=Sedgwick+Ave&display=swap

Requested by

Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4abde1f1a241e17e8df1621e2ddd6625172cd7db5545f19a4a0c676f3a1bde30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Jul 2020 04:47:07 GMT
server: ESF
date: Fri, 03 Jul 2020 04:47:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Jul 2020 04:47:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
510 B 28ms
23ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Sedgwick+Ave&c

Requested by

Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5dbc247090c90088154c5f5e2946d7a29e57d5010c3eb39b29675739e4d07f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Jul 2020 04:47:07 GMT
server: ESF
date: Fri, 03 Jul 2020 04:47:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Jul 2020 04:47:07 GMT

GET
H/1.1 200
OK style-f=23.css
touch-here.press/t/css/ 18 KB
5 KB 22ms
14ms Stylesheet
text/css 2606:4700:3037::681c:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://touch-here.press/t/css/style-f=23.css
Requested by: Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:3037::681c:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8db3f3010a6124259c4eb9c96ffc0f165141f4be52c4f31b3b225556c19a21

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 03 Jul 2020 04:47:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4227
Connection: keep-alive
Content-Length: 4291
cf-request-id: 03b498ff690000324c9dbad200000001
Last-Modified: Thu, 02 Jul 2020 17:31:05 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=604800
X-Turbo-Charged-By: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 5acdf778aa92324c-FRA
Expires: Fri, 10 Jul 2020 03:36:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162902356-1

Requested by

Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

672570af1c3383b2fc2b2c32eee0ac248a3dadfafa44c253371ac3e6f977fcbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 04:47:07 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33698
x-xss-protection: 0
last-modified: Fri, 03 Jul 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Jul 2020 04:47:07 GMT

GET
H/1.1 200
OK d.js Show response
waust.at/ 13 KB
7 KB 40ms
28ms Script
application/x-javascript 185.225.208.133
UK2NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://waust.at/d.js
Requested by: Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid
Protocol: HTTP/1.1
Server: 185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software: /
Resource Hash: 21092efadab949c3ad748e1c67c0e5f14eaab93275d2f1ba142464ef02a3735a

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 03 Jul 2020 04:47:07 GMT
Content-Encoding: gzip
Last-Modified: Sun, 14 Jun 2020 19:57:35 GMT
ETag: W/"5ee6812f-32f2"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, private
Connection: keep-alive
Expires: Sat, 04 Jul 2020 04:47:07 GMT

GET
H/1.1 200
OK jquery.min.js Show response
touch-here.press/t/js/ 84 KB
30 KB 28ms
20ms Script
application/javascript 2606:4700:3037::681c:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://touch-here.press/t/js/jquery.min.js
Requested by: Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:3037::681c:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 03 Jul 2020 04:47:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4227
Connection: keep-alive
Content-Length: 30255
cf-request-id: 03b498ff6a000017529eb28200000001
Last-Modified: Thu, 02 Jul 2020 17:31:05 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
X-Turbo-Charged-By: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 5acdf778a93d1752-FRA
Expires: Fri, 10 Jul 2020 03:36:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 851 B
449 B 27ms
23ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Capriola&display=swap

Requested by

Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0007b58e3a39130bccd236f1eeb9a1d2d6df800796d16251ee334411eea5e5ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Jul 2020 04:47:07 GMT
server: ESF
date: Fri, 03 Jul 2020 04:47:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Jul 2020 04:47:07 GMT

GET
H/1.1 200
OK 1.png
touch-here.press/t/images/festival/easter/ 52 KB
53 KB 10ms
9ms Image
image/png 2606:4700:3037::681c:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://touch-here.press/t/images/festival/easter/1.png
Requested by: Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:3037::681c:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 854894064724b01e85ce5ecfd73cea01b5f020faaa316b4b59cbad27dec9ab5b

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 03 Jul 2020 04:47:07 GMT
CF-Cache-Status: HIT
Last-Modified: Thu, 02 Jul 2020 17:31:05 GMT
Server: cloudflare
Age: 4226
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=604800
X-Turbo-Charged-By: LiteSpeed
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5acdf779baf01752-FRA
Content-Length: 53578
cf-request-id: 03b4990014000017529eb40200000001
Expires: Fri, 10 Jul 2020 03:36:39 GMT

GET
H/1.1 200
OK whatsapp_icon.svg
touch-here.press/t/images/common/ 2 KB
1 KB 10ms
9ms Image
image/svg+xml 2606:4700:3037::681c:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://touch-here.press/t/images/common/whatsapp_icon.svg
Requested by: Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:3037::681c:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a67447e6312a72ef219633eaa8f11ef4ffde0b9ad0eadb459fd1f85499d58b8

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 03 Jul 2020 04:47:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4226
Connection: keep-alive
Content-Length: 825
cf-request-id: 03b499001f000017529eb41200000001
Last-Modified: Thu, 02 Jul 2020 17:31:05 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=604800
X-Turbo-Charged-By: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 5acdf779caff1752-FRA
Expires: Fri, 10 Jul 2020 03:36:39 GMT

GET
H/1.1 200
OK gaevent-v=2.js Show response
touch-here.press/t/js/ 4 KB
2 KB 14ms
13ms Script
application/javascript 2606:4700:3037::681c:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://touch-here.press/t/js/gaevent-v=2.js
Requested by: Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:3037::681c:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65141be8483e3bdda9a4ccf0aa66be81ba59859e4ed6ecf91f2498c7d845ee7d

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 03 Jul 2020 04:47:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4227
Connection: keep-alive
Content-Length: 1401
cf-request-id: 03b498ff91000017529eb2c200000001
Last-Modified: Thu, 02 Jul 2020 17:31:05 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
X-Turbo-Charged-By: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 5acdf778e9bb1752-FRA
Expires: Fri, 10 Jul 2020 03:36:38 GMT

GET
H/1.1 200
OK script-f=19.js Show response
touch-here.press/t/js/ 13 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700:3037::681c:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://touch-here.press/t/js/script-f=19.js
Requested by: Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:3037::681c:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 828d6b3731ec256cc0efce76496bd44e17477394e8de25b4342d5ecae38281ae

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 03 Jul 2020 04:47:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 4227
Connection: keep-alive
Content-Length: 3766
cf-request-id: 03b498ffa0000017529eb2f200000001
Last-Modified: Thu, 02 Jul 2020 17:32:00 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
X-Turbo-Charged-By: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 5acdf77909e51752-FRA
Expires: Fri, 10 Jul 2020 03:36:38 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 16:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1857403
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 16:50:24 GMT

GET
H2 200 4c3bcb034c.css
use.fontawesome.com/ 1 KB
684 B 13ms
13ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/4c3bcb034c.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/4c3bcb034c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 32beec0f5df297132843843da6b764946617905408ca750f3425f37c6a363ff5

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 04:47:07 GMT
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 22:31:27 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 347D718879FFED97
etag: W/"b0599fd39f99309803020ed923e7079d"
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=0, private, must-revalidate
x-amz-id-2: eCLZToZzgznQRgTFS0rNszGqosx5JnZibIwBknbJ6V/v9B3qF9MeEY3M1ZRqLAcqSDFuol8UC8Q=

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
8 KB 15ms
15ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 04:47:07 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2016 17:21:58 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 14ms
14ms Font
application/font-woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/4c3bcb034c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://use.fontawesome.com/4c3bcb034c.css
Origin: http://touch-here.press

Response headers

date: Fri, 03 Jul 2020 04:47:07 GMT
last-modified: Mon, 17 Jul 2017 16:24:59 GMT
server: NetDNA-cache/2.2
status: 200
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 77160

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162902356-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 1889
date: Fri, 03 Jul 2020 04:15:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Fri, 03 Jul 2020 06:15:38 GMT

GET
H/1.1 200
OK bg40.jpg
touch-here.press/t/images/festival/easter/ 96 KB
96 KB 15ms
14ms Image
image/jpeg 2606:4700:3037::681c:bf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://touch-here.press/t/images/festival/easter/bg40.jpg
Requested by: Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid
Protocol: HTTP/1.1
Server: 2606:4700:3037::681c:bf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2cf2fa95fc128fe1bc6046af9ad31ccf184568fdd49ba718fecd6ee14294b8

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 03 Jul 2020 04:47:07 GMT
CF-Cache-Status: HIT
Last-Modified: Thu, 02 Jul 2020 17:31:05 GMT
Server: cloudflare
Age: 4226
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
X-Turbo-Charged-By: LiteSpeed
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5acdf77a9a42e007-FRA
Content-Length: 97854
cf-request-id: 03b499009d0000e007ba1ad200000001
Expires: Fri, 10 Jul 2020 03:36:39 GMT

GET
H2 200 Y4GSYax7VC4ot_qNB4nYpBdaKUUE4J3TRBYA.woff2
fonts.gstatic.com/s/inknutantiqua/v5/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inknutantiqua/v5/Y4GSYax7VC4ot_qNB4nYpBdaKUUE4J3TRBYA.woff2

Requested by

Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccaa15178348e836fff50d3ac2b6250f9f1e248608a01e0cc22a4dc7d7af0aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css2?family=Inknut+Antiqua:wght@300;400;500;600;700;800;900&display=swap
Origin: http://touch-here.press

Response headers

date: Wed, 10 Jun 2020 18:07:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:24:16 GMT
server: sffe
age: 1939160
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13784
x-xss-protection: 0
expires: Thu, 10 Jun 2021 18:07:47 GMT

GET
H2 200 Qw3EZQFXECDrI2q789EKQZJob0x6XHgOiJM6.woff2
fonts.gstatic.com/s/homemadeapple/v10/ 47 KB
47 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/homemadeapple/v10/Qw3EZQFXECDrI2q789EKQZJob0x6XHgOiJM6.woff2

Requested by

Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03d343f0ef09373b5a7f3c8f593df553b0fc7478cca6c79f9ade24767a93e90a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css2?family=Homemade+Apple&family=Marcellus+SC&display=swap
Origin: http://touch-here.press

Response headers

date: Mon, 08 Jun 2020 21:29:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:04:00 GMT
server: sffe
age: 2099882
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48092
x-xss-protection: 0
expires: Tue, 08 Jun 2021 21:29:05 GMT

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 29 B
213 B 212ms
200ms Script
text/javascript 67.202.94.86
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=excelente0&t=English&c=d&y=http%3A%2F%2Ftoca-aqui.us%2Fn%2F%3Ff%3DYennid&a=0&r=7390
Requested by: Host: waust.at
URL: http://waust.at/d.js
Protocol: HTTP/1.1
Server: 67.202.94.86 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: c7f981516f8337e1afb362c0e8546a29f3aabc427922da22f3074edb77f11447

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 04:47:08 GMT
content-encoding: gzip
transfer-encoding: chunked
content-type: text/javascript;charset=UTF-8

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 13ms
13ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: http://touch-here.press

Response headers

date: Fri, 03 Jul 2020 04:47:08 GMT
last-modified: Wed, 20 Jun 2018 20:19:36 GMT
server: NetDNA-cache/2.2
status: 200
etag: "18d2347ab2a9f40ca2247cdb03303d84"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 59572

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1896728188&t=pageview&_s=1&dl=http%3A%2F%2Ftouch-here.press%2Ft%2F%3Ff%3DYennid&dr=http%3A%2F%2Ftoca-aqui.us%2Fn%2F%3Ff%3DYennid&ul=en-us&de=UTF-8&dt=English&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=45717279&gjid=1343572039&cid=937695061.1593751628&tid=UA-162902356-1&_gid=2020398600.1593751628&_r=1&gtm=2ou6o0&z=1192304211

Requested by

Host: touch-here.press
URL: http://touch-here.press/t/?f=Yennid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 04:47:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Referer: http://touch-here.press/t/?f=Yennid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.touch-here.press/	1970-01-19 10:42:31	Name: _gat_gtag_UA_162902356_1 Value: 1
.touch-here.press/	1970-01-20 04:13:43	Name: _ga Value: GA1.2.937695061.1593751628
.touch-here.press/	1970-01-19 10:43:58	Name: _gid Value: GA1.2.2020398600.1593751628
.touch-here.press/	1970-01-19 11:25:43	Name: __cfduid Value: d08c3c72d3d35ce0aac087803f86ae5a81593751627

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
ezodn.com
fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
stats.g.doubleclick.net
toca-aqui.us
touch-here.press
use.fontawesome.com
waust.at
whos.amung.us
www.google-analytics.com
www.googletagmanager.com
185.225.208.133
23.111.9.35
2606:4700:3031::ac43:cd9b
2606:4700:3037::681c:bf8
2606:4700:e0::ac40:6e05
2a00:1450:4001:801::200a
2a00:1450:4001:816::2003
2a00:1450:4001:81f::2002
2a00:1450:4001:821::200a
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9b
67.202.94.86
0007b58e3a39130bccd236f1eeb9a1d2d6df800796d16251ee334411eea5e5ce
03d343f0ef09373b5a7f3c8f593df553b0fc7478cca6c79f9ade24767a93e90a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c6109a06b9f3d756c9b8cb88c996c581c26522dcb96b91062c55100ad803d51
10ad6c73a34a1c9cdc3ba3e27f49aa2a9e1b78d7f597f914468cb2ce312212e5
1ca10f8a06498f5c3104fbf34cf163e62be492b1a214470ec765215b20a166aa
21092efadab949c3ad748e1c67c0e5f14eaab93275d2f1ba142464ef02a3735a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e0cb71c035167bcf33ec86c6193df5265075ae3a61587d862abb071bbfbd3a4
32beec0f5df297132843843da6b764946617905408ca750f3425f37c6a363ff5
3a67447e6312a72ef219633eaa8f11ef4ffde0b9ad0eadb459fd1f85499d58b8
3d479e427909d26df0068bd04dfc690842f7eb39a2ea4b59b2a72c9fc8a45477
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538
4abde1f1a241e17e8df1621e2ddd6625172cd7db5545f19a4a0c676f3a1bde30
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5dbc247090c90088154c5f5e2946d7a29e57d5010c3eb39b29675739e4d07f49
65141be8483e3bdda9a4ccf0aa66be81ba59859e4ed6ecf91f2498c7d845ee7d
672570af1c3383b2fc2b2c32eee0ac248a3dadfafa44c253371ac3e6f977fcbe
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
71b5906ba5c92a9adab58848b23c38860cefb7e3f7dba48f54fed48b100d403d
777cc56d4fcbc36f7a94abab1b63d6c20cf73def1bc63f02aa2313b0aa609ada
828d6b3731ec256cc0efce76496bd44e17477394e8de25b4342d5ecae38281ae
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854894064724b01e85ce5ecfd73cea01b5f020faaa316b4b59cbad27dec9ab5b
9d1a6167cc94d4477a0b025016664e3b9e4c3df1cbe6476044ca7492e5706595
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
ace40a2bc56b86f8d29e5c52a0a28d7ef6e879bcc3331fcdae8ef16fbdc19f33
c2e4bd0a1dbd75110206f95d0efc6d32899d5b53ae679f8d161dee97c84fabd0
c47bceb7c72e7124b46db3cbec801db0229614c93504fa73ff810bd5e4b283fc
c7f981516f8337e1afb362c0e8546a29f3aabc427922da22f3074edb77f11447
ccaa15178348e836fff50d3ac2b6250f9f1e248608a01e0cc22a4dc7d7af0aaf
ce8db3f3010a6124259c4eb9c96ffc0f165141f4be52c4f31b3b225556c19a21
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
eb2cf2fa95fc128fe1bc6046af9ad31ccf184568fdd49ba718fecd6ee14294b8
ee541c89a51f877c0909b4c8136a399e5ed8413b604d7c3bc82a6313d07e013c
f42302a9f56fe1452781f1b9dd6426dea2461dc936acc8c312ba18c7b093a8dd
f4581555fc2dfcad859f0fd99393f46fc4d0971151ad8009e4399484d41d2a77
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

touch-here.press Open in urlscan Pro 2606:4700:3037::681c:bf8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

63 %HTTPS

77 %IPv6

14 Domains

15 Subdomains

14 IPs

3 Countries

667 kBTransfer

1255 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

touch-here.press Open in urlscan Pro
2606:4700:3037::681c:bf8 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

63 %
HTTPS

77 %
IPv6

14
Domains

15
Subdomains

14
IPs

3
Countries

667 kB
Transfer

1255 kB
Size

4
Cookies

51 HTTP transactions
1 data transactions