urlscan.io logo urlscan.io
SecurityTrails logo

www.torlock2.com Open in urlscan Pro
104.31.16.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Effective URL: https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Submission: On March 02 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 4 countries across 26 domains to perform 74 HTTP transactions. The main IP is 104.31.16.9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.torlock2.com. The Cisco Umbrella rank of the primary domain is 158780.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time www.torlock2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 104.31.16.9 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 23.109.87.67 7979 (SERVERS-COM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 66.254.114.171 29789 (REFLECTED)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.225.73.82 16509 (AMAZON-02)
3 209.197.3.25 20446 (HIGHWINDS3)
3 66.254.122.19 29789 (REFLECTED)
7 45.133.44.25 7018 (ATT-INTER...)
2 45.133.44.24 39572 (ADVANCEDH...)
1 168.119.25.22 24940 (HETZNER-AS)
1 2 2a01:4f8:e0:1... 24940 (HETZNER-AS)
1 88.198.209.36 24940 (HETZNER-AS)
15 2620:1ec:bdf::44 8068 (MICROSOFT...)
1 35.190.41.116 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
3 18.223.141.84 16509 (AMAZON-02)
2 78.47.181.156 24940 (HETZNER-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 2a01:4f8:c0:3... 24940 (HETZNER-AS)
1 1 2a02:128:7:59... 50245 (SERVEREL-AS)
1 1 2a02:128:7:52... 50245 (SERVEREL-AS)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:128:7:47... ()
1 2a00:1450:400... ()
5 2a00:1450:400... ()
1 2a00:1450:400... ()
74 27
4    104.31.16.9 (United States)

ASN13335 (CLOUDFLARENET, US)
www.torlock2.com
6    2606:4700:3037::ac43:c883 (United States)

ASN13335 (CLOUDFLARENET, US)
l.0cdn.xyz
1    23.109.87.67 (Netherlands)

ASN7979 (SERVERS-COM, US)
tenthsfrumpy.com
1    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    66.254.114.171 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net
a.adtng.com
2    2606:4700::6811:970c (United States)

ASN13335 (CLOUDFLARENET, US)
befirstcdn.com
1    13.225.73.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-82.fra2.r.cloudfront.net
arc.io
3    209.197.3.25 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x019.map2.ssl.hwcdn.net
hw-cdn2.adtng.com
3    66.254.122.19 (United States)

ASN29789 (REFLECTED, US)
ht-cdn2.adtng.com
7    45.133.44.25 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
78103830d6.5206a9500e.com
js.wpadmngr.com
dd610896b5.5206a9500e.com
js.cabnnr.com
2    45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
js.wpshsdk.com
1    168.119.25.22 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.22.25.119.168.clients.your-server.de
nereserv.com
2    2a01:4f8:e0:19cb::1 (Germany)

ASN24940 (HETZNER-AS, DE)
ntvpforever.com
1    88.198.209.36 (Schrobenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-209-36.clients.your-server.de
notification.tubecup.net
15    2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
static.arc.io
core.arc.io
1    35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com
youradexchange.com
1    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
3    18.223.141.84 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-141-84.us-east-2.compute.amazonaws.com
sentry.arc.io
warden.arc.io
2    78.47.181.156 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.156.181.47.78.clients.your-server.de
static.bookmsg.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a01:4f8:c0:33d8::1 (Germany)

ASN24940 (HETZNER-AS, DE)
rtbbnr.com
1    2a02:128:7:5917::2 (Czech Republic)

ASN50245 (SERVEREL-AS, NL)
tcimp.zog.link
1    2a02:128:7:5241::2 (Czech Republic)

ASN50245 (SERVEREL-AS, NL)
tb.baimgfroggd.site
3    2606:4700:3032::6815:131d (United States)

ASN13335 (CLOUDFLARENET, US)
stream.bantgoau.com
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    2a02:128:7:4777::1 (None, )

ASN- ()
vs.bantgoau.com
1    2a00:1450:4001:82f::2004 (None, )

ASN- ()
www.google.com
5    2a00:1450:4001:82b::200e (None, )

ASN- ()
www.youtube.com
1    2a00:1450:4001:808::2003 (None, )

ASN- ()
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
19 arc.io
arc.io — Cisco Umbrella Rank: 25278
static.arc.io — Cisco Umbrella Rank: 43398
core.arc.io — Cisco Umbrella Rank: 61745
sentry.arc.io — Cisco Umbrella Rank: 188726
tracker.arc.io Failed
warden.arc.io — Cisco Umbrella Rank: 39515
233 KB
8 adtng.com
a.adtng.com — Cisco Umbrella Rank: 20662
hw-cdn2.adtng.com — Cisco Umbrella Rank: 15531
ht-cdn2.adtng.com — Cisco Umbrella Rank: 17143
1 MB
6 0cdn.xyz
l.0cdn.xyz
62 KB
5 youtube.com
www.youtube.com
702 KB
5 5206a9500e.com
78103830d6.5206a9500e.com
dd610896b5.5206a9500e.com
69 KB
4 bantgoau.com
stream.bantgoau.com — Cisco Umbrella Rank: 54409
vs.bantgoau.com
716 KB
4 torlock2.com
www.torlock2.com — Cisco Umbrella Rank: 158780
15 KB
2 rtbbnr.com
rtbbnr.com — Cisco Umbrella Rank: 37356
2 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
2 KB
2 bookmsg.com
static.bookmsg.com — Cisco Umbrella Rank: 61642
1 KB
2 ntvpforever.com
ntvpforever.com — Cisco Umbrella Rank: 44705
3 KB
2 wpshsdk.com
js.wpshsdk.com — Cisco Umbrella Rank: 14567
21 KB
2 befirstcdn.com
befirstcdn.com
13 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 google.com
www.google.com
1 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 49
39 KB
1 baimgfroggd.site
tb.baimgfroggd.site — Cisco Umbrella Rank: 45329
687 B
1 zog.link
tcimp.zog.link — Cisco Umbrella Rank: 47467
320 B
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 3744
20 KB
1 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 54625
911 B
1 tubecup.net
notification.tubecup.net — Cisco Umbrella Rank: 9837
193 B
1 nereserv.com
nereserv.com — Cisco Umbrella Rank: 45663
193 B
1 cabnnr.com
js.cabnnr.com — Cisco Umbrella Rank: 47255
11 KB
1 wpadmngr.com
js.wpadmngr.com — Cisco Umbrella Rank: 30985
238 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1207
5 KB
1 tenthsfrumpy.com
tenthsfrumpy.com — Cisco Umbrella Rank: 583491
1 KB
74 26
Domain Requested by
14 static.arc.io arc.io
core.arc.io
static.arc.io
6 l.0cdn.xyz www.torlock2.com
l.0cdn.xyz
5 www.youtube.com www.google.com
www.youtube.com
4 78103830d6.5206a9500e.com www.torlock2.com
78103830d6.5206a9500e.com
4 www.torlock2.com www.torlock2.com
static.cloudflareinsights.com
3 stream.bantgoau.com js.cabnnr.com
stream.bantgoau.com
3 ht-cdn2.adtng.com a.adtng.com
3 hw-cdn2.adtng.com a.adtng.com
2 rtbbnr.com 2 redirects
2 warden.arc.io browser.sentry-cdn.com
2 cdnjs.cloudflare.com static.arc.io
2 static.bookmsg.com
2 ntvpforever.com 1 redirects 78103830d6.5206a9500e.com
2 js.wpshsdk.com 78103830d6.5206a9500e.com
js.wpshsdk.com
2 befirstcdn.com www.torlock2.com
befirstcdn.com
2 a.adtng.com www.torlock2.com
1 fonts.gstatic.com www.youtube.com
1 www.google.com stream.bantgoau.com
1 vs.bantgoau.com stream.bantgoau.com
1 lh3.googleusercontent.com stream.bantgoau.com
1 tb.baimgfroggd.site 1 redirects
1 tcimp.zog.link 1 redirects
1 sentry.arc.io browser.sentry-cdn.com
1 browser.sentry-cdn.com arc.io
1 youradexchange.com befirstcdn.com
1 core.arc.io arc.io
1 notification.tubecup.net www.torlock2.com
1 nereserv.com 78103830d6.5206a9500e.com
1 js.cabnnr.com 78103830d6.5206a9500e.com
1 dd610896b5.5206a9500e.com 78103830d6.5206a9500e.com
1 js.wpadmngr.com 78103830d6.5206a9500e.com
1 arc.io www.torlock2.com
1 static.cloudflareinsights.com www.torlock2.com
1 tenthsfrumpy.com www.torlock2.com
0 tracker.arc.io Failed browser.sentry-cdn.com
74 35
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
tenthsfrumpy.com
R3		 2021-12-26 -
2022-03-26		 3 months crt.sh
*.adtng.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-08-16 -
2022-09-02		 a year crt.sh
arc.io
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
78103830d6.5206a9500e.com
R3		 2022-01-31 -
2022-05-01		 3 months crt.sh
js.wpadmngr.com
R3		 2022-01-16 -
2022-04-16		 3 months crt.sh
dd610896b5.5206a9500e.com
R3		 2022-01-31 -
2022-05-01		 3 months crt.sh
js.wpshsdk.com
R3		 2022-01-28 -
2022-04-28		 3 months crt.sh
js.cabnnr.com
R3		 2022-02-25 -
2022-05-26		 3 months crt.sh
notification.tubecup.net
R3		 2022-01-28 -
2022-04-28		 3 months crt.sh
static.arc.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-09-14		 a year crt.sh
core.arc.io
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-09-14		 a year crt.sh
youradexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-16 -
2022-07-01		 2 years crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-11-26 -
2022-12-28		 a year crt.sh
bookmsg.com
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
vs.bantgoau.com
R3		 2022-02-15 -
2022-05-16		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Frame ID: A218D3A501B6597FC936EE6833571622
Requests: 43 HTTP requests in this frame

Frame: https://a.adtng.com/get/10002516
Frame ID: DB8A60BC629D8338A48BC4E53599DAE6
Requests: 4 HTTP requests in this frame

Frame: https://a.adtng.com/get/10002516
Frame ID: 0E40B8FB7DE317E8B9F57424726155D2
Requests: 4 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?44095ae
Frame ID: 3EA4424EEBA07B6550617350FEB265E2
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 109EF61C80D342EDEFD2429C7440FA58
Requests: 20 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?44095ae
Frame ID: 9B11353C225F284D6AB3FAA8472814F2
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?44095ae
Frame ID: 5470C85E9BC33B90D669A488047B4BB8
Requests: 9 HTTP requests in this frame

Frame: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FjtwvdylhfrA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1514173&sp=0.048000&spp=1000&se=impression&vi=jtwvdylhfrA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1646217102&utm1=tcb&utm2=798347594-1&utm3=195-21720-0&utm4=0-9529915-14
Frame ID: 10BD210FA6CFCA7E78E72AC0FCA6C0AC
Requests: 4 HTTP requests in this frame

Frame: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Frame ID: 87CC5E8CB78E9808E634571E6DA7DEB9
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jtwvdylhfrA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Frame ID: E99022BD892EE2D17B74A2599214685A
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Torlock - 404 Page not Found

Page URL History Show full URLs

  1. http://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML HTTP 307
    https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

74
Requests

95 %
HTTPS

55 %
IPv6

26
Domains

35
Subdomains

27
IPs

4
Countries

3100 kB
Transfer

7356 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML HTTP 307
    https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://ntvpforever.com/in/show/?mid=152700200&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=623447194&sid=1669222177&cid=12543&price=0.0012&is_cpm=0&cpm=0&ecpm=0.031212781682350338&crid=&crtid=8fc5a3949d58ed66158a5da3a7b48b19&tcid=0&out_id=0&ver=5.7.0&ver_c=&refdom=www.torlock2.com&hostname=auc-inpage-hz-6&site_id=311287&spot_id=1287&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-03-02&is_native=2&auction_queue=0&burl=&pop_winurl=&ip=193.27.14.24&testab=0&px_id=531287&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq-pop&url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&skin_id=2&vertical_id=0&real_bid=0.0012&pr=&user_keywords=&auc_type=1&aid=360&format=default-slide-b_r-body&mlf=1&cpa=541d21ca-b62a-429f-b88c-c8e8eba7b2e4 HTTP 302
  • https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
Request Chain 90
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksMjYsNDYsNDcsNTQsNTUsNjEiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIyMDA5MjcwNTUwIiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTA2NjYsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIn0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMTA2NjYiLCJwYWdlIjoiaHR0cHM6Ly93d3cudG9ybG9jazIuY29tL1RPUlJFTlQvMTk2OTExNy9TVEVQLVVQLVJFVk9MVVRJT05bXUJSUklQLkhUTUwifSwiZGV2aWNlIjp7InciOjE2MDAsImgiOjEyMDB9LCJ1c2VyIjp7ImlkIjoiYTQwNzk1MjEzNzk4YTE3MTA5NzlhYzQzNDFiYWM4ZTUifSwiZXh0Ijp7ImR0IjoxNjQ2MjE3MTAyMzgxfX0= HTTP 302
  • https://rtbbnr.com/banner/in/show/?mid=479028779&pid=0&site=10666&sc=DE&usage_type=DCH&subid=2009270550&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.036&ecpm=0.036&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=www.torlock2.com&hostname=auc-banner-hz-1&site_id=0&spot_id=10666&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=2001:ac8:20:302::202e&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&min_cpm=0&ttl=&space_id=1695&banner_width=1&banner_height=1&url=%2F%2Ftcimp.zog.link%2Fin%2Fbanners%3Fkatds_ep%3DXW0X4GW4vlmpLKcvkVB26brQiKJP17Agk0DeQiWpEAtg09wD4zvH1Z1LWRU7DzTJdnXzUUlugD2kXCMRpG46kaSfI0pLSbN4aT8jL0EJqGkm9c7MxswUTB6yCdwW0uStc0ZAp5hv79WBMmmy6EkSQd9fQQnngkTeidPHCTyhu2_IsWBnCJj7VV9nuBiGpU6XD-wkGpXV9m2k2FtGEGpckH_ovTdBDXXFAf-UO-4YO9BeBRFbYAA_7YievIBh7kOV9PJGVgaCD6gwylUiO_gg0Q9AKNojsoe1xAhAiCVYFPdoQ1a5YCI5UOuPrmnbB629iwI7wauiRv9eLmXLnRibuL691Xqs-cG5XAFwQ0mBvrlTLKMUHa2HwQQMzHPTlXEHPKXHjR0PsVU3ui4wEGi4usMgm1cYNk6Qc9ojlXJhzJQ-NHe6G3FF3o0v5X8-3dCfVHQQRBln7CiaVwT274WeCHVdQmdOt3u_164&pr=&bid_crid=&bid_cid=&is_iframe=0 HTTP 302
  • https://tcimp.zog.link/in/banners?katds_ep=XW0X4GW4vlmpLKcvkVB26brQiKJP17Agk0DeQiWpEAtg09wD4zvH1Z1LWRU7DzTJdnXzUUlugD2kXCMRpG46kaSfI0pLSbN4aT8jL0EJqGkm9c7MxswUTB6yCdwW0uStc0ZAp5hv79WBMmmy6EkSQd9fQQnngkTeidPHCTyhu2_IsWBnCJj7VV9nuBiGpU6XD-wkGpXV9m2k2FtGEGpckH_ovTdBDXXFAf-UO-4YO9BeBRFbYAA_7YievIBh7kOV9PJGVgaCD6gwylUiO_gg0Q9AKNojsoe1xAhAiCVYFPdoQ1a5YCI5UOuPrmnbB629iwI7wauiRv9eLmXLnRibuL691Xqs-cG5XAFwQ0mBvrlTLKMUHa2HwQQMzHPTlXEHPKXHjR0PsVU3ui4wEGi4usMgm1cYNk6Qc9ojlXJhzJQ-NHe6G3FF3o0v5X8-3dCfVHQQRBln7CiaVwT274WeCHVdQmdOt3u_164 HTTP 302
  • https://tb.baimgfroggd.site/in/1816/?user_id=7955c2577bda66b6b173b1f579d0fcbef659437f&bid=0.048000&katds_labels=&utm1=tcb&utm2=798347594-1&utm3=195-21720-0&utm4=0-9529915-14&ts=1646217102 HTTP 302
  • https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FjtwvdylhfrA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1514173&sp=0.048000&spp=1000&se=impression&vi=jtwvdylhfrA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1646217102&utm1=tcb&utm2=798347594-1&utm3=195-21720-0&utm4=0-9529915-14

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request STEP-UP-REVOLUTION[]BRRIP.HTML
www.torlock2.com/TORRENT/1969117/
Redirect Chain
  • http://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
  • https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
21 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc681269a3666550c117af977e2344e33ca7f131acfeb800c0d3f7a35b8d51c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 02 Mar 2022 10:31:38 GMT
content-type
text/html; charset=UTF-8
cf-ray
6e5976c3aec69b98-FRA
cache-control
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuSpbvoVhTh6U9T%2BdEGC4mm4mgfgzYoJ96mEPFzTKaYaFHQ7UnYdJ%2B07fqJe%2Bdf7FO7lmWbI6HKihQy10hXalQ5IUf3AgbjagPkaN7lxY12sTpT90VKZBPBU2DME4TLRdzFo"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Location
https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Cross-Origin-Resource-Policy
Cross-Origin
Non-Authoritative-Reason
HSTS
style.css
l.0cdn.xyz/ 		76 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l.0cdn.xyz/style.css
Requested by
Host: www.torlock2.com
URL: https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8f8deafae2e699c5369b612da4b5d43b187446bae2e92eb59b079dbc8089c79
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
530512
cf-polished
origSize=77792
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Sun, 23 Jan 2022 09:53:23 GMT
server
cloudflare
etag
W/"61ed2593-12fe0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnZH6L8YO6J8HJn0miBiu4UkexHnczXSTizOCMJf%2FKkUko0VjFg50hhPjyu57oOdGkLfkFzkUd6DF0GEZNtKHMVtF0PDEdHV0yyDSASkX7pksiJXAfXWIA4ZOVSKOB4BcLwsKRJ6q39e"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Thu, 24 Mar 2022 15:06:06 GMT
cache-control
public, max-age=2592000
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
cf-ray
6e5976c4bc129b71-FRA
cf-bgj
minify
torlock.webp
l.0cdn.xyz/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.0cdn.xyz/torlock.webp
Requested by
Host: www.torlock2.com
URL: https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90e33e454dd362ec6e01ad6afeed51d0ccf095d68ca27cadc6e3404e0bad2d14
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:38 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
444321
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2750
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Sat, 13 Jun 2020 23:35:00 GMT
server
cloudflare
etag
"5ee562a4-abe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5KZ%2BvN6an3oTKYknCYhkSlYlbRLpNIL94BQNPSvp1Pv8wSlNtJI%2Fa%2BDHRODfjG2J1442J6d4%2BklP49OBM8oHVCam32AvGCCCED7HF50%2F4jCpBwW2xp%2Be1SooVgBs77DCWTUTA%2FJ%2FHCZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
accept-ranges
bytes
cf-ray
6e5976c4bc139b71-FRA
expires
Fri, 25 Mar 2022 19:13:39 GMT
11013
tenthsfrumpy.com/rViXXakb0PC/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tenthsfrumpy.com/rViXXakb0PC/11013
Requested by
Host: www.torlock2.com
URL: https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.87.67 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 10:31:39 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=1
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://www.torlock2.com
Access-Control-Max-Age
600
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
rocket-loader.min.js
www.torlock2.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.torlock2.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.torlock2.com
URL: https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.16.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
last-modified
Wed, 23 Feb 2022 21:08:07 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6216a237-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThPueoH0SBiZXLWrOcWuyV2eOsY96ssn9noQzTsnJNqwA%2FKw1wzJnB6lHekRY5X1Z6AvfjPXWHSscc6e4opg1A36EwMie9BtHdYKwaL7emZ4DSG15sOBNAa7Nt8QrsutOlbI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6e5976c4c9769b98-FRA
expires
Fri, 04 Mar 2022 10:31:39 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: www.torlock2.com
URL: https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://www.torlock2.com/
Origin
https://www.torlock2.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6e5976c528eef91b-MXP
10002516
a.adtng.com/get/ Frame DB8A 		20 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.adtng.com/get/10002516
Requested by
Host: www.torlock2.com
URL: https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.114.171 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
openresty /
Resource Hash
4b7fdbeb531715826ebf2618f069646619aa0d9241f939587befbc2c1701bea7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/

Response headers

server
openresty
date
Wed, 02 Mar 2022 10:31:39 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding
gzip
x-request-id
621F478B-42FE72AB01BBD7D8-7E1CC40
10002516
a.adtng.com/get/ Frame 0E40 		20 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.adtng.com/get/10002516
Requested by
Host: www.torlock2.com
URL: https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.114.171 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
openresty /
Resource Hash
dff43e1b1eb8a3b878a02c0d8c6870b42a2347fd7744ff488e916d279e1820d7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/

Response headers

server
openresty
date
Wed, 02 Mar 2022 10:31:39 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding
gzip
x-request-id
621F478B-42FE72AB01BBD7D8-7E1CC41
torlock.woff2
l.0cdn.xyz/fonts/ 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://l.0cdn.xyz/fonts/torlock.woff2
Requested by
Host: l.0cdn.xyz
URL: https://l.0cdn.xyz/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b9d9766b5a9ddbaba5a4cafdb4d5eba275e352373babac2a8e139474277ac20
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://l.0cdn.xyz/
Origin
https://www.torlock2.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
137926
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1620
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Tue, 23 Jun 2020 16:32:58 GMT
server
cloudflare
etag
"5ef22eba-654"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6EaEc0qkc1zHHl5QoFaMBiUJvpr4SGd5XIJhHZLa7KjI%2BxCn8pK1VuRfhDd7JDYlEg9%2BL8XDVjg8p8HkKfl%2Bd0kTuii8apJdDWcPd74JlS7vGGbqw2nO6JjkXFcGa0DTXj0GMA%2F6BIF"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
accept-ranges
bytes
cf-ray
6e5976c4fdfc912a-FRA
expires
Sun, 27 Mar 2022 10:58:28 GMT
su.js
befirstcdn.com/script/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://befirstcdn.com/script/su.js
Requested by
Host: www.torlock2.com
URL: https://www.torlock2.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:970c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33ce22ca84a63bc33e85d9bbe4f41538791d496cef1c991933f1914f8e8d5e1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1787
x-guploader-uploadid
ADPycduZCRJf-InVwyVqc1G9r0sOb58L_zDjsSo9PNAhbfoxULFV6PDkQypS4XIEEGLQZDYaOzbEQzrh5nmRzrAx6g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
text/javascript
last-modified
Mon, 07 Feb 2022 13:27:32 GMT
server
cloudflare
etag
W/"52355fb1698469eed7632a46e8a4f23a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=EVjXSA==, md5=UjVfsWmEae7XYypG6KTyOg==
x-goog-generation
1644240452215465
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
25170
cf-ray
6e5976c53a538fee-FRA
expires
Wed, 02 Mar 2022 14:31:39 GMT
widget.min.js
arc.io/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arc.io/widget.min.js
Requested by
Host: www.torlock2.com
URL: https://www.torlock2.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.73.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-82.fra2.r.cloudfront.net
Software
/
Resource Hash
ede777ff1a1db097d4ff59e47bf648597dae763c9c6d058ce52126b9fdc0c7e0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Thu, 27 Jan 2022 23:15:03 GMT
age
1163
etag
"61f32777-b74"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=864000
date
Wed, 02 Mar 2022 10:12:16 GMT
x-amz-cf-pop
FRA2-C2
content-length
2932
via
1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-cf-id
dY0eiFupYk6QG8R4-XFhb_PVDMNnNgBRhvuyw7C86suPGWLRhYfvww==
bootstrap.min.js
l.0cdn.xyz/bs/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.0cdn.xyz/bs/bootstrap.min.js
Requested by
Host: www.torlock2.com
URL: https://www.torlock2.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
018bf2df18045310caf4e39045e316645302e600d44d3d826c1b9ef8224f6052
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
430369
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Mon, 22 Jun 2020 18:42:27 GMT
server
cloudflare
etag
W/"5ef0fb93-a8d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fl39G%2FkeFlfzqvuGZaWfRlaUaDY%2FG57slJDDFFjXOkO%2FT1HS8VXZ5sEaPslUXbXAqB8BcI59UsrNdRNnhAIyLnMPsGpxFtaCXT3BG3HnroBTaDteprY66fcSn4nHfeA8dWcVVndChvU8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
cf-ray
6e5976c53883e8f7-MXP
expires
Thu, 24 Mar 2022 19:12:47 GMT
jquery-3.5.1.s.m.js
l.0cdn.xyz/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.0cdn.xyz/jquery-3.5.1.s.m.js
Requested by
Host: www.torlock2.com
URL: https://www.torlock2.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b30fe38e38d00c23fce64391abfb7fe43a3d0179a64c02ecdf20c235e13103cf
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
647689
cf-polished
origSize=72380
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Sun, 14 Jun 2020 08:17:09 GMT
server
cloudflare
etag
W/"5ee5dd05-11abc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5KrJqqLI6X0CfEuC8hc%2F7IPxuTBwsqowu96C6l14WsjYlVksd5MTlepSPK%2FUzktmWmLVpxA47VtabjnhX3T0kStRP7%2FLTa3NTm73oJ5nEmpK19l2%2F7Yth%2BDZTUWneQQT1f3PaBt7qqR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
expires
Sat, 19 Mar 2022 21:16:58 GMT
cache-control
public, max-age=2592000
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
cf-ray
6e5976c53885e8f7-MXP
cf-bgj
minify
vortex-simple-1.0.0.js
hw-cdn2.adtng.com/delivery/vortex/ Frame DB8A 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10002516
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
209.197.3.25 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x019.map2.ssl.hwcdn.net
Software
/
Resource Hash
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a.adtng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 10:31:39 GMT
Last-Modified
Fri, 02 Nov 2018 14:17:11 GMT
ETag
"1541168231"
X-HW
1646217099.dop143.fr8.t,1646217099.cds232.fr8.shn,1646217099.cds232.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10637001
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5027
1006679_logo.png
hw-cdn2.adtng.com/a7/creatives/1/49/812964/1006679/ Frame DB8A 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hw-cdn2.adtng.com/a7/creatives/1/49/812964/1006679/1006679_logo.png
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10002516
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
209.197.3.25 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x019.map2.ssl.hwcdn.net
Software
/
Resource Hash
ba89161f62c517bdd776996943f3e26ed2b92d749178f1c24da07c8db904e27c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a.adtng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 10:31:39 GMT
Last-Modified
Wed, 01 Sep 2021 16:18:44 GMT
ETag
"1630513124"
X-HW
1646217099.dop143.fr8.t,1646217099.cds232.fr8.shn,1646217099.cds232.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=10616330
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3346
vortex-simple-1.0.0.js
ht-cdn2.adtng.com/delivery/vortex/ Frame 0E40 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10002516
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a.adtng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
last-modified
Fri, 02 Nov 2018 14:17:11 GMT
etag
"246e3e2f0-13a3-579af30f2a7c0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10760514
x-cdn-diag
fra1-11014-2-11202-h-0-0---;11014-6-20247----0-0-0
accept-ranges
bytes
content-length
5027
expires
Sun, 10 Apr 2022 23:31:34 GMT
1006679_logo.png
ht-cdn2.adtng.com/a7/creatives/1/49/812964/1006679/ Frame 0E40 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht-cdn2.adtng.com/a7/creatives/1/49/812964/1006679/1006679_logo.png
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10002516
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
ba89161f62c517bdd776996943f3e26ed2b92d749178f1c24da07c8db904e27c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a.adtng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
last-modified
Wed, 01 Sep 2021 16:18:44 GMT
etag
"2be0cbc59-d12-5caf16b8ec100"
content-type
image/png
cache-control
max-age=10754002
x-cdn-diag
fra1-11014-1-10976-h-0-0---;11014-6-20247----0-0-0
accept-ranges
bytes
content-length
3346
expires
Tue, 04 Jan 2022 05:21:46 GMT
1006679_video.mp4
hw-cdn2.adtng.com/a7/creatives/1/49/812964/1006679/ Frame DB8A 		565 KB
566 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://hw-cdn2.adtng.com/a7/creatives/1/49/812964/1006679/1006679_video.mp4
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10002516
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
209.197.3.25 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x019.map2.ssl.hwcdn.net
Software
/
Resource Hash
9e4ec6c93ef0d7cd64261073f94c17cf1adacebb677fceeede040db1edcb3f51

Request headers

Referer
https://a.adtng.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 02 Mar 2022 10:31:39 GMT
Last-Modified
Wed, 01 Sep 2021 16:22:10 GMT
Access-Control-Allow-Origin
*
ETag
"1630513330"
X-HW
1646217099.dop143.fr8.t,1646217099.cds232.fr8.shn,1646217099.cds232.fr8.c
Content-Type
video/mp4
Content-Range
bytes 0-578987/578988
Cache-Control
max-age=10692510
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
578988
4215fa381ecbfd9dcaee417f1fbf5bf9.js
78103830d6.5206a9500e.com/ 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://78103830d6.5206a9500e.com/4215fa381ecbfd9dcaee417f1fbf5bf9.js
Requested by
Host: www.torlock2.com
URL: https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
063f1a317f86cccf0394f7902b67c83f4796b441b40bff2d7e394357f3f83a60

Request headers

Referer
https://www.torlock2.com/
Origin
https://www.torlock2.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
gzip
last-modified
Tue, 22 Feb 2022 14:36:00 GMT
server
nginx/1.18.0
etag
W/"6214f4d0-13ed8"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 02 Mar 2022 10:36:39 GMT
cache-control
max-age=300
x-proxy-cache
HIT
s.js
www.torlock2.com/cdn-cgi/zaraz/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.torlock2.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0cmFja3MlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyVG9ybG9jayUyMC0lMjA0MDQlMjBQYWdlJTIwbm90JTIwRm91bmQlMjIlMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy50b3Jsb2NrMi5jb20lMkZUT1JSRU5UJTJGMTk2OTExNyUyRlNURVAtVVAtUkVWT0xVVElPTiU1QiU1REJSUklQLkhUTUwlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlN0Q=
Requested by
Host: www.torlock2.com
URL: https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc0623aafcb711370af9ad89d48a6785f57c3b8cc6b22d793032b5559f9a6d61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD, POST, OPTIONS
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LU4gjZB3Nl26bDXPSzczob8jeMDqZD93oXTX%2B7v8ZCPHcM10w0ds6ovbLDy84gRGBI62We166uKxzW11dcw4OI3oLdkh3iV4Mzbaeasl%2BXbwM880b7FEZYAOimCrNSGPtNx%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
https://www.torlock2.com
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
cf-ray
6e5976c5d818695d-FRA
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
1926
78103830d6.5206a9500e.com/a7379f1fdfcdbd7dc06191b93340874d/ 		2 KB
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://78103830d6.5206a9500e.com/a7379f1fdfcdbd7dc06191b93340874d/1926
Requested by
Host: 78103830d6.5206a9500e.com
URL: https://78103830d6.5206a9500e.com/4215fa381ecbfd9dcaee417f1fbf5bf9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d110d37fdfe0532151ebb863fc482395f03391d47b130e5e211321863ee5cc58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
gzip
server
nginx/1.18.0
content-type
application/json
access-control-allow-origin
*
expires
Wed, 02 Mar 2022 10:36:39 GMT
cache-control
max-age=300
x-proxy-cache
HIT
wp-banners.js
js.wpadmngr.com/npc/sdk/ 		0
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by
Host: 78103830d6.5206a9500e.com
URL: https://78103830d6.5206a9500e.com/4215fa381ecbfd9dcaee417f1fbf5bf9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
last-modified
Fri, 20 Aug 2021 15:14:31 GMT
server
nginx/1.18.0
etag
"611fc6d7-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 02 Mar 2022 10:36:39 GMT
cache-control
max-age=300
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
track
dd610896b5.5206a9500e.com/in/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dd610896b5.5206a9500e.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiI1Mjk2NDMyNDczNjg5ODQyMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMTYuMCIsInRhZ19pZCI6MTkyNiwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV0Yy9Vbmtub3duIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowfQ==
Requested by
Host: 78103830d6.5206a9500e.com
URL: https://78103830d6.5206a9500e.com/4215fa381ecbfd9dcaee417f1fbf5bf9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 10:31:39 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
0
c59715a3beb658512ba6959b850086f9.js
78103830d6.5206a9500e.com/ 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://78103830d6.5206a9500e.com/c59715a3beb658512ba6959b850086f9.js
Requested by
Host: 78103830d6.5206a9500e.com
URL: https://78103830d6.5206a9500e.com/4215fa381ecbfd9dcaee417f1fbf5bf9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
58f8df702bdbb99eab4bb4c1288d70c738619c08efa0bb1ee52cacbd33fdc25a

Request headers

Referer
https://www.torlock2.com/
Origin
https://www.torlock2.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 08:46:25 GMT
server
nginx/1.18.0
etag
W/"62189761-193ff"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 02 Mar 2022 10:36:39 GMT
cache-control
max-age=300
x-proxy-cache
HIT
85ba9dcb4de66e0460d6ecb86f01f450.js
78103830d6.5206a9500e.com/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://78103830d6.5206a9500e.com/85ba9dcb4de66e0460d6ecb86f01f450.js
Requested by
Host: 78103830d6.5206a9500e.com
URL: https://78103830d6.5206a9500e.com/4215fa381ecbfd9dcaee417f1fbf5bf9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e24ee213782f6ed0de472f2a8b9374799b9a79643d466133d7a10a81383aa039

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 07:44:44 GMT
server
nginx/1.18.0
etag
W/"61fa366c-6155"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 02 Mar 2022 10:36:39 GMT
cache-control
max-age=300
x-proxy-cache
HIT
push.m.js
js.wpshsdk.com/npc/sdk/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpshsdk.com/npc/sdk/push.m.js?v=1
Requested by
Host: 78103830d6.5206a9500e.com
URL: https://78103830d6.5206a9500e.com/4215fa381ecbfd9dcaee417f1fbf5bf9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4720daad8daba83ee3b0e5e453f6b9d6d021b2ed5ef662c7dd801998c133b96d

Request headers

Referer
https://www.torlock2.com/
Origin
https://www.torlock2.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
gzip
last-modified
Wed, 01 Sep 2021 08:34:55 GMT
server
nginx/1.18.0
etag
W/"612f3b2f-d82f"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 02 Mar 2022 10:36:39 GMT
cache-control
max-age=300
x-proxy-cache
HIT
build.m.js
js.cabnnr.com/banner-admanager/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cabnnr.com/banner-admanager/build.m.js
Requested by
Host: 78103830d6.5206a9500e.com
URL: https://78103830d6.5206a9500e.com/4215fa381ecbfd9dcaee417f1fbf5bf9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bf2f02ca5526f806f735035723f16f187119b693e592a43b1777a66e915bc81c

Request headers

Referer
https://www.torlock2.com/
Origin
https://www.torlock2.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 10:05:01 GMT
server
nginx/1.18.0
etag
W/"6218a9cd-72f5"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 02 Mar 2022 10:36:39 GMT
cache-control
max-age=300
x-proxy-cache
HIT
dip
nereserv.com/in/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nereserv.com/in/dip?site=native-push&wl=0&event_id=c07c8c4b-2b62-4fc1-ac05-b8e2f313dc5a&subid=623447194&sid=1669222177&spot_id=1287&created_at=2022-03-02&timezone=0&ver=5.7.0&is_native=1
Requested by
Host: 78103830d6.5206a9500e.com
URL: https://78103830d6.5206a9500e.com/c59715a3beb658512ba6959b850086f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.25.22 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.22.25.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 10:31:39 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
0
multy
ntvpforever.com/in/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ntvpforever.com/in/multy?wl=0&event_id=c07c8c4b-2b62-4fc1-ac05-b8e2f313dc5a&subid=623447194&sid=1669222177&spot_id=1287&created_at=2022-03-02&timezone=0&ver=5.7.0&is_native=1&tcid=0&site=native-push&screen_resolution=1600x1200&format=default-slide-b_r-body&adblock=0&testab=0&timezone_olson=Etc%2FUnknown&after_video=0&tu=1&mm=0&default=1
Requested by
Host: 78103830d6.5206a9500e.com
URL: https://78103830d6.5206a9500e.com/c59715a3beb658512ba6959b850086f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:e0:19cb::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ddbc26bd547a35aca44f975aeda2f1bd46e3a9d06d347cca40a66046ce21db6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 10:31:40 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
2614
lJjVnN.js
www.torlock2.com/ps/ Frame 		0
0
styles.css
js.wpshsdk.com/npc/sdk/push/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.wpshsdk.com/npc/sdk/push/styles.css
Requested by
Host: js.wpshsdk.com
URL: https://js.wpshsdk.com/npc/sdk/push.m.js?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1530691d7096753c4a33ff3d11be983fbec896774cffe9a3555c2c81e6f18906

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 20:33:19 GMT
server
nginx/1.18.0
etag
W/"5f10b98f-843"
content-type
text/css
access-control-allow-origin
*
expires
Wed, 02 Mar 2022 10:36:39 GMT
cache-control
max-age=300
x-proxy-cache
HIT
subscription-offers
notification.tubecup.net/in/ 		0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notification.tubecup.net/in/subscription-offers?href=https%3A%2F%2Fwww.torlock2.com%2FTORRENT%2F1969117%2FSTEP-UP-REVOLUTION%5B%5DBRRIP.HTML&tcid=0&spot_id=714&site=tcpublisher&source_id=0
Requested by
Host: www.torlock2.com
URL: https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.209.36 Schrobenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-209-36.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 10:31:39 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
0
1006679_video.mp4
ht-cdn2.adtng.com/a7/creatives/1/49/812964/1006679/ Frame 0E40 		565 KB
566 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://ht-cdn2.adtng.com/a7/creatives/1/49/812964/1006679/1006679_video.mp4
Requested by
Host: a.adtng.com
URL: https://a.adtng.com/get/10002516
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.19 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
9e4ec6c93ef0d7cd64261073f94c17cf1adacebb677fceeede040db1edcb3f51

Request headers

Referer
https://a.adtng.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
last-modified
Wed, 01 Sep 2021 16:22:10 GMT
etag
"2c1fb7801-8d5ac-5caf177d61080"
content-type
video/mp4
Content-Range
bytes 0-578987/578988
cache-control
max-age=10765325
x-cdn-diag
fra1-11028-3-46971-h-0-0---;11014-6-20247----0-0-0
Content-Length
578988
expires
Sat, 16 Apr 2022 22:37:41 GMT
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/webp
core.js
static.arc.io/widget/js/ 		310 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/core.js?44095ae
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
862c8a19133e887922efcd1878fc67439ea730f72d063522af67dfa18c0a7fd3

Request headers

Referer
Origin
https://www.torlock2.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0+ZgcYgAAAACyVonqke1oTbIvj/1b1ypTQU1TMDRFREdFMTgwNwBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
MR8EA4GNTBPBF9HM
x-cache
TCP_HIT
x-azure-ref
0jEcfYgAAAABTQOMe23gJTaTHM+aFwRiHRlJBRURHRTEwMjIAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
BF0JMZZKFQ2YEV1IbgkfL8rufBxkNB6MRSUVxPb8i0aU5wWaizk4SSnhYj8EiYc2/u09yRjGwC0=
last-modified
Thu, 27 Jan 2022 23:15:28 GMT
server
AmazonS3
etag
"7cd758885e5a2041b7f63fa60c09f157"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
broker.html
core.arc.io/ Frame 3EA4 		2 KB
907 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.arc.io/broker.html?44095ae
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0b0ccab5c33b6a68fdde04836a4c4ea787c32a69915bfe75e906f15cb67f7b39
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/

Response headers

cache-control
public
content-length
512
content-type
text/html
content-encoding
br
expires
Wed, 30 Mar 2022 09:38:42 GMT
last-modified
Wed, 19 Jan 2022 23:32:45 GMT
etag
"61e89f9d-200"
vary
Accept-Encoding
x-cache
TCP_HIT
access-control-allow-origin
*
strict-transport-security
max-age=15724800; includeSubDomains
x-azure-ref-originshield
0+5gcYgAAAADLATy7Xu3rTJ9pOu88UwiaQU1TMDRFREdFMTkwOABhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-azure-ref
0jEcfYgAAAAD46T7JCCAYSqBYFFY64UUARlJBRURHRTEwMTEAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
date
Wed, 02 Mar 2022 10:31:39 GMT
ut.js
befirstcdn.com/script/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://befirstcdn.com/script/ut.js?cb=1646217099947
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/su.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:970c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c082f814dd75ad08dae22b237414d4b789dab5248c6b50953e1a60ad106c814

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1804
x-guploader-uploadid
ADPycdtJs7aA77jb9h2SZtczLdMpBOkBinRizldp_CwZAFLgx2kie-q7VuhxycJ99buurkHhmSuMbBDr3tV6YLEel1H-ng0L0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript
last-modified
Thu, 03 Feb 2022 12:22:51 GMT
server
cloudflare
etag
W/"1e3e1b7d88d8f85d315c97184a256f79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=8Wv/4w==, md5=Hj4bfYjY+F0xXJcYSiVveQ==
x-goog-generation
1643890971548728
access-control-allow-origin
*
cache-control
public, max-age=14400
x-goog-stored-content-length
15378
cf-ray
6e5976cabc468fee-FRA
expires
Wed, 02 Mar 2022 14:31:39 GMT
suurl4.php
youradexchange.com/script/ 		988 B
911 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl4.php?r=2585607&cbur=0.9924807507319586&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Torlock%20-%20404%20Page%20not%20Found&cbpage=https%3A%2F%2Fwww.torlock2.com%2FTORRENT%2F1969117%2FSTEP-UP-REVOLUTION%5B%5DBRRIP.HTML&cbref=&cbdescription=This%20page%20was%20not%20found%20on%20Torlock.&cbkeywords=torrent%2C%20download%20torrent%2C%20torlock%2C%20bittorrent%2C%20torrents&cbcdn=befirstcdn.com&aggr=0
Requested by
Host: befirstcdn.com
URL: https://befirstcdn.com/script/su.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
116.41.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
8636d7f343b1c33fcace18db2835cbcbfecbf1b893304b61bd2e6754221978f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 02 Mar 2022 10:31:40 GMT
content-encoding
gzip
server
openresty
alt-svc
clear
via
1.1 google
content-type
application/json; charset=utf-8
bundle.min.js
browser.sentry-cdn.com/6.2.2/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.torlock2.com/
Origin
https://www.torlock2.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 09:25:54 GMT
server
Fastly
age
4758778
etag
"a948fc086ec14683f3f2270913c7f702"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
20633
expires
Fri, 06 Jan 2023 08:38:42 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/webp
bg.webp
l.0cdn.xyz/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.0cdn.xyz/bg.webp
Requested by
Host: l.0cdn.xyz
URL: https://l.0cdn.xyz/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
173e4d6538ab5a79b417e9922c7cfd78bc2a96a6f0774850dd760a99d2a86bf3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://l.0cdn.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
693141
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1558
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Sat, 13 Jun 2020 23:40:09 GMT
server
cloudflare
etag
"5ee563d9-616"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FxcnQF2BuSu6xom9910CcdFqlegDRL3ABnTl8IJlWj5p67CTgnosI58BN6MU6ErwNVDBwXgNHfjM4B4l0eEhc1ZpAJyOTIAjb13xOl5EwkGvupGtBA2njX4jRqa2f45SK6RH7lcfT90"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
accept-ranges
bytes
cf-ray
6e5976cac988e8f7-MXP
expires
Sat, 19 Mar 2022 21:11:25 GMT
rum
www.torlock2.com/cdn-cgi/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.torlock2.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.31.16.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/json

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.torlock2.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6e5976cab8ae695d-FRA
vary
Origin
/
sentry.arc.io/api/2/store/ 		2 B
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.arc.io/api/2/store/?sentry_key=7e5c2fad7a564ff8bffd4effc2abb26d&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.223.141.84 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-141-84.us-east-2.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.torlock2.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 02 Mar 2022 10:31:40 GMT
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-length
2
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/plain; charset=utf-8
broker.b281d075.js
static.arc.io/broker/js/ Frame 3EA4 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/broker.b281d075.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?44095ae
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
187a5e0bc9badf1f52db4ac8a96a470b7abfc7a57b06b2037039137b281fcf00

Request headers

Referer
https://core.arc.io/
Origin
https://core.arc.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0+5gcYgAAAAA0F1bC9+XCRKAkPtOJzWwfQU1TMDRFREdFMTkwOABhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
2RS9MMG4BTGW5YTJ
x-cache
TCP_HIT
x-azure-ref
0jEcfYgAAAADeI/5Vk1OgSIzrkpEtce+BRlJBRURHRTEwMjIAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
cz8Oqa0JNOTi3nlTHatyatLitHphVqX/xZ9NG/Ok1snLY8rcg+9OSJbMLcZ2TAdtkw4Nss1ujbg=
last-modified
Wed, 19 Jan 2022 23:33:03 GMT
server
AmazonS3
etag
"8c5f6da1d62d33cc4c32a8ce63be2bf6"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
accept-ranges
bytes
chunk-vendors.5e1d8045.js
static.arc.io/broker/js/ Frame 3EA4 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/chunk-vendors.5e1d8045.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?44095ae
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0

Request headers

Referer
https://core.arc.io/
Origin
https://core.arc.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0XecbYgAAAAByptlJcv7RSLhQsB5+DR4mQU1TMDRFREdFMTkyMQBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
4DEV3FJ21QE1NC3G
x-cache
TCP_HIT
x-azure-ref
0jEcfYgAAAACW33QMDxxoSIo1/pQ+5M/sRlJBRURHRTEwMjIAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
aM57LexF5qjaA7TnSGpYQEY6IfFlil6tndlEU0IgEGaR3iiXQSoj9vml3nDxQZssg9v5i0qMtgE=
last-modified
Wed, 19 Jan 2022 23:33:03 GMT
server
AmazonS3
etag
"7baaa27cb0e1201fe90ecc5efca8fbcf"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
accept-ranges
bytes
lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 3EA4 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?44095ae
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0+5gcYgAAAABSWY6frpF7R71UDwXCe5WfQU1TMDRFREdFMTgxMgBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
2RS36QPTG7HV1769
x-cache
TCP_HIT
x-azure-ref
0jEcfYgAAAAA1P9zyAE1kRbaNjYFZD6+/RlJBRURHRTEwMTcAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
iv2MYZvpDiMqt3jKHYS8qGH8F8oYqv++QfEknfOwNV+/tMN3PCe7f7yIZqgOSMd7V/b5qadf96E=
last-modified
Wed, 19 Jan 2022 23:33:03 GMT
server
AmazonS3
etag
"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
accept-ranges
bytes
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 3EA4 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?44095ae
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
095gcYgAAAAC1cH8l8JvGSKP0gpjuHCJKQU1TMDRFREdFMTkwOABhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
CQ2PPZ4QC9VH5F3C
x-cache
TCP_HIT
x-azure-ref
0jEcfYgAAAAAJaPiiKNjaTLBToSIkaj9ORlJBRURHRTEwMTcAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
byNHDTijzqiPi++ISO2w/vj3eBo9xMYhxK55vtGyM86dKW/17dj1pQmh3b+0M0V2w5ExyueYj8I=
last-modified
Wed, 19 Jan 2022 23:33:03 GMT
server
AmazonS3
etag
"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
accept-ranges
bytes
vendors~widget-ui.js
static.arc.io/widget/js/ 		94 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?44095ae
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84f8061a68058b0dd35d1c7c2bd4b475e6ab38d4374dc9f8394257be457570cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
095gcYgAAAADGd9p7fU0ASKjaV++Jwko9QU1TMDRFREdFMTkwOABhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
EWGCPHXT6HJGSWNB
x-cache
TCP_HIT
x-azure-ref
0jEcfYgAAAABhNU8OOP7sSpwGtH7AVchJRlJBRURHRTEwMTcAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
KODl0km7Ylh0Vx+LCzfGICxOSCN2d39dCFMmDSa3x5OaVQ3oqf7PpaHjLbbfmYm+jsb74Wk72l4=
last-modified
Thu, 27 Jan 2022 23:15:28 GMT
server
AmazonS3
etag
"5f5181a44cab6b9ccdc03f0d9f46e177"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
widget.css
static.arc.io/widget/css/ 		85 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?44095ae
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?44095ae
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
095gcYgAAAABVe9LYEPXLQKy12N0op+BUQU1TMDRFREdFMTgwNwBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
CQ2PX4T44BWW6JX4
x-cache
TCP_HIT
x-azure-ref
0jEcfYgAAAACyItCgpp5rRZNDWulkCtSoRlJBRURHRTEwMTcAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
5HhR1i6VkwiBsrw/SBrRI66cqaewa6i3ddxz7Pk5/60fAL3loq49t1rUiin5Yg/eXSyKdSRY9VI=
last-modified
Thu, 27 Jan 2022 23:15:28 GMT
server
AmazonS3
etag
"ce66dd39d9339eebd65264a9ecc334be"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
widget-ui.js
static.arc.io/widget/js/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/widget-ui.js?ded6a54f
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?44095ae
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2bf26771ea7f60b2ca0d9e62e42349d920abc78fa993c9e7cf7312c0ab231da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
095gcYgAAAAAhkGhRq0SjTozyE/6UJ9TGQU1TMDRFREdFMTkwOABhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
J2YCG37T4TYYT29R
x-cache
TCP_HIT
x-azure-ref
0jEcfYgAAAAAs+O61dPG4QasHPLoMbb3RRlJBRURHRTEwMTcAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
UFHkZe1ZTd9GeHa2isb0fqR8Wx8trZXInT+Oe4ufY5kpwvog7+EYKaU07brhoYUB9uJvhltlXDU=
last-modified
Thu, 27 Jan 2022 23:15:28 GMT
server
AmazonS3
etag
"4b57d2edfcaa736085fa11ae0d4477a7"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60fd85e530eb023e27bd400ed37ac2ed22abee395816e3a05e42e5312dd4a5b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a222ed6fc63d91d555c29e1880905ca4340fa8c23a1f6d2d58c6048b14ee3d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 109E 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bbfdebcfc2568412d851a7de0def80e6e12bbf31716f940d9f5bfcf354344a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
static.bookmsg.com/creatives/US/ Frame 109E 		590 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.47.181.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.156.181.47.78.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:40 GMT
last-modified
Tue, 24 Nov 2020 14:24:12 GMT
server
nginx/1.18.0
etag
"5fbd178c-24e"
content-type
image/webp
cache-control
public, max-age=315360000
accept-ranges
bytes
content-length
590
arc-sw.js
www.torlock2.com/ Frame 		0
0
truncated
/ Frame 109E 		483 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
static.bookmsg.com/creatives/US/ Frame 109E
Redirect Chain
  • https://ntvpforever.com/in/show/?mid=152700200&pid=0&site=native-push-mainstream&sc=DE&usage_type=DCH&subid=623447194&sid=1669222177&cid=12543&price=0.0012&is_cpm=0&cpm=0&ecpm=0.031212781682350338&...
  • https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
590 B
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
Protocol
H2
Server
78.47.181.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.156.181.47.78.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:40 GMT
last-modified
Tue, 24 Nov 2020 14:24:12 GMT
server
nginx/1.18.0
etag
"5fbd178c-24e"
content-type
image/webp
cache-control
public, max-age=315360000
accept-ranges
bytes
content-length
590

Redirect headers

pragma
no-cache
date
Wed, 02 Mar 2022 10:31:40 GMT
server
nginx/1.18.0
access-control-allow-origin
*
vary
Origin
access-control-allow-methods
*
location
https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
0
widget.css
static.arc.io/widget/css/ Frame 9B11 		85 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?44095ae
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?ded6a54f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
095gcYgAAAABVe9LYEPXLQKy12N0op+BUQU1TMDRFREdFMTgwNwBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
CQ2PX4T44BWW6JX4
x-cache
TCP_HIT
x-azure-ref
0jEcfYgAAAAAhXS0kq+pkQZZ3X5mT+3IGRlJBRURHRTEwMTcAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
5HhR1i6VkwiBsrw/SBrRI66cqaewa6i3ddxz7Pk5/60fAL3loq49t1rUiin5Yg/eXSyKdSRY9VI=
last-modified
Thu, 27 Jan 2022 23:15:28 GMT
server
AmazonS3
etag
"ce66dd39d9339eebd65264a9ecc334be"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 9B11 		2 KB
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?ded6a54f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
152025
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SjIgI8848qqy8K1zPEE845fY2A%2FhrUtXjWunO0zwUiZ1taNjWjJ%2F7jH3a3C4Hbc8E3t4igG4U%2BD5xTSeAEoEE4sKvxrWEaPuhGSoYVnpjXl25XfsXgMB2ar5x57gqm4vIS%2FaVwYgbmT055Q9PU4xHEE"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e5976cc9f0e9ba4-FRA
expires
Mon, 20 Feb 2023 10:31:40 GMT
widget.css
static.arc.io/widget/css/ Frame 5470 		85 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/css/widget.css?44095ae
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?ded6a54f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
095gcYgAAAABVe9LYEPXLQKy12N0op+BUQU1TMDRFREdFMTgwNwBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
CQ2PX4T44BWW6JX4
x-cache
TCP_HIT
x-azure-ref
0jEcfYgAAAADJaq2AACuURYqJGGNuQFXZRlJBRURHRTEwMTcAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
5HhR1i6VkwiBsrw/SBrRI66cqaewa6i3ddxz7Pk5/60fAL3loq49t1rUiin5Yg/eXSyKdSRY9VI=
last-modified
Thu, 27 Jan 2022 23:15:28 GMT
server
AmazonS3
etag
"ce66dd39d9339eebd65264a9ecc334be"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 5470 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?ded6a54f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
152025
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bPsHU0mSWie82ekI932jiFCUwifKa%2BufwrKKBp2ehGnmku3Zjf3fYtdd2PXYQlYqesB8A%2BeTLaalBJw4eVYqjFgpsQWrctNjfUGr3cWM1uE35x6Q3Z72mrDMO0ixkuGeJi55nUH938D5HeCiw2O5Klz"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e5976cc9f119ba4-FRA
expires
Mon, 20 Feb 2023 10:31:40 GMT
truncated
/ Frame 9B11 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5470 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5470 		277 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5470 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5470 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5470 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5470 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5470 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 3EA4 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.b281d075.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
095gcYgAAAAC1cH8l8JvGSKP0gpjuHCJKQU1TMDRFREdFMTkwOABhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
CQ2PPZ4QC9VH5F3C
x-cache
TCP_HIT
x-azure-ref
0jEcfYgAAAACHWq7dOgXZS4xOPUWNVxpvRlJBRURHRTEwMTcAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
byNHDTijzqiPi++ISO2w/vj3eBo9xMYhxK55vtGyM86dKW/17dj1pQmh3b+0M0V2w5ExyueYj8I=
last-modified
Wed, 19 Jan 2022 23:33:03 GMT
server
AmazonS3
etag
"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
accept-ranges
bytes
/
tracker.arc.io/ 		0
0
lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 3EA4 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by
Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.b281d075.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2a7e5ade77d712f4303757e9c0c3185f72f24cfa5f5da33bcabc63abd376a1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0+5gcYgAAAABSWY6frpF7R71UDwXCe5WfQU1TMDRFREdFMTgxMgBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
2RS36QPTG7HV1769
x-cache
TCP_HIT
x-azure-ref
0jEcfYgAAAAARsA5hGjc1TINLwtuw41kURlJBRURHRTEwMTcAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
iv2MYZvpDiMqt3jKHYS8qGH8F8oYqv++QfEknfOwNV+/tMN3PCe7f7yIZqgOSMd7V/b5qadf96E=
last-modified
Wed, 19 Jan 2022 23:33:03 GMT
server
AmazonS3
etag
"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
accept-ranges
bytes
T6MJL7L3nTxSqQdgMHELBG
warden.arc.io/mailbox/nodes/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://warden.arc.io/mailbox/nodes/T6MJL7L3nTxSqQdgMHELBG
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.223.141.84 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-141-84.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.torlock2.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 02 Mar 2022 10:31:40 GMT
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
strict-transport-security
max-age=15724800; includeSubDomains
vendors~widget-sc-client.js
static.arc.io/widget/js/ 		60 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?44095ae
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7659ffb0d3df377c1234d14b4070c72e387079e938702120b7c4dd2be608f8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0AJkcYgAAAACnajiwwiypTKpkPVZB2r/XQU1TMDRFREdFMTgxMgBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
E6EW0NK6WETB3SW3
x-cache
TCP_HIT
x-azure-ref
0jEcfYgAAAAC/YN2/FkbZSYbbSlV6ynzzRlJBRURHRTEwMTcAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
gNJTdCaKZ+ls6Op/daOJVDHIeVZz2yLuXjxpWVzTxcAHergtfVwr2QU8GgyqO2rheQE6dlbRPJA=
last-modified
Thu, 27 Jan 2022 23:15:28 GMT
server
AmazonS3
etag
"fa12476f8ee3c92b8369e0c9d3b915f9"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
widget-sc-client.js
static.arc.io/widget/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/widget-sc-client.js?197dbd2e
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?44095ae
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9daa48a3c618bb638706d320e646320b4123ffdd3c5a4a8a9a8df505de6fac7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:39 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-azure-ref-originshield
0AJkcYgAAAAD0vHIzIaKIQ7NxRufW7gcqQU1TMDRFREdFMTgxMgBhNWMxYjA1Mi04YjNkLTRjOWUtOWFkMi0wODc4MjVkM2E4NDg=
x-amz-request-id
ZW3MHCRN364TRZAP
x-cache
TCP_HIT
x-azure-ref
0jEcfYgAAAAC85ja8LHK8R5QIcm40vmZ0RlJBRURHRTEwMTcAYTVjMWIwNTItOGIzZC00YzllLTlhZDItMDg3ODI1ZDNhODQ4
x-amz-id-2
IBYrYBHi0AWVBYNkw8yrfJ3VbGHDBJTzjyl2316Nfe6wT5wIpnia4e+Aw4sRoY24uHR8GwDzCmM=
last-modified
Thu, 27 Jan 2022 23:15:28 GMT
server
AmazonS3
etag
"14884d9e881791d580471ec30f89f22a"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
accept-ranges
bytes
ls
stream.bantgoau.com/yt/ Frame 10BD
Redirect Chain
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiNCw1LDYsNyw4LDksMjYsNDYsNDc...
  • https://rtbbnr.com/banner/in/show/?mid=479028779&pid=0&site=10666&sc=DE&usage_type=DCH&subid=2009270550&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.036&ecpm=0.036&crid=&crtid=d41d8cd98f00b204e9800998ecf...
  • https://tcimp.zog.link/in/banners?katds_ep=XW0X4GW4vlmpLKcvkVB26brQiKJP17Agk0DeQiWpEAtg09wD4zvH1Z1LWRU7DzTJdnXzUUlugD2kXCMRpG46kaSfI0pLSbN4aT8jL0EJqGkm9c7MxswUTB6yCdwW0uStc0ZAp5hv79WBMmmy6EkSQd9fQQ...
  • https://tb.baimgfroggd.site/in/1816/?user_id=7955c2577bda66b6b173b1f579d0fcbef659437f&bid=0.048000&katds_labels=&utm1=tcb&utm2=798347594-1&utm3=195-21720-0&utm4=0-9529915-14&ts=1646217102
  • https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FjtwvdylhfrA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%2...
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FjtwvdylhfrA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1514173&sp=0.048000&spp=1000&se=impression&vi=jtwvdylhfrA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1646217102&utm1=tcb&utm2=798347594-1&utm3=195-21720-0&utm4=0-9529915-14
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:131d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01537b6d7ab761bb6d4ebd5fa07271bf5263467be047bb97e3bd4198c6df3f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.torlock2.com/

Response headers

date
Wed, 02 Mar 2022 10:31:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIADcGfiiTQ5fc4dsagFajvnifn9tTLsIQ4mXGZM8QM3Omr7oiur6C1IcpChZ58rXlNDoMF7JmaeRpswrSIIMbRmcwUWjpYkX61ZeaoJQX3Dln2S6aCdwe3Qq0M9IQzyebWeDQv5k3FRPPtnwf1Ibt2%2F"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e5976dc48c283b5-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
nginx/1.17.2
date
Wed, 02 Mar 2022 10:31:43 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FjtwvdylhfrA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1514173&sp=0.048000&spp=1000&se=impression&vi=jtwvdylhfrA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1646217102&utm1=tcb&utm2=798347594-1&utm3=195-21720-0&utm4=0-9529915-14
vary
*
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
ff159683dbce452dbc41714cc48a496d4bb58468-b.js
stream.bantgoau.com/files/ytls/ Frame 10BD 		2 MB
654 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Requested by
Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FjtwvdylhfrA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1514173&sp=0.048000&spp=1000&se=impression&vi=jtwvdylhfrA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1646217102&utm1=tcb&utm2=798347594-1&utm3=195-21720-0&utm4=0-9529915-14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:131d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ee453d906f72a453020fe595995032d10f537ffd711ef742ed12d1034e0812d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FjtwvdylhfrA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1514173&sp=0.048000&spp=1000&se=impression&vi=jtwvdylhfrA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1646217102&utm1=tcb&utm2=798347594-1&utm3=195-21720-0&utm4=0-9529915-14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:42 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Feb 2022 13:23:05 GMT
server
cloudflare
age
69
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqkEFWcZa8zd2tXvMGIpIJfhJqZC11Kq0JA2QQS2EPbPEx3SNIbA3GmK3u0hI%2BqDftVt6WbH9jU%2BeLh58ARraZOM5B%2Fb%2BZ8eVzNF6timA%2FoVg84B%2FLZqJxuiGX7DlEvRpIJl%2BQxjPl0krF0aRc3jYDch"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e5976dcefa10e1e-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff
lh3.googleusercontent.com/ Frame 10BD 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff
Requested by
Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FjtwvdylhfrA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1514173&sp=0.048000&spp=1000&se=impression&vi=jtwvdylhfrA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1646217102&utm1=tcb&utm2=798347594-1&utm3=195-21720-0&utm4=0-9529915-14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.bantgoau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 06:31:50 GMT
x-content-type-options
nosniff
age
14392
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39552
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 02 Mar 2022 18:31:50 GMT
/
vs.bantgoau.com/sts/ Frame 10BD 		2 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FjtwvdylhfrA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1514173&sp=0.048000&spp=1000&se=impression&vi=jtwvdylhfrA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1646217102&utm1=tcb&utm2=798347594-1&utm3=195-21720-0&utm4=0-9529915-14&type=impression&g_referer=https://www.torlock2.com
Requested by
Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:128:7:4777::1 -, , ASN (),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.bantgoau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 02 Mar 2022 10:31:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server
nginx/1.20.1
content-length
2
content-type
application/json
ff159683dbce452dbc41714cc48a496d4bb58468-v.js
stream.bantgoau.com/files/ytls/ Frame 87CC 		151 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Requested by
Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:131d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9978fe4778a52319f20a2dc4744a173ae6c32ef2d905af9f96cc325162e99a43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FjtwvdylhfrA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0020&oid=1514173&sp=0.048000&spp=1000&se=impression&vi=jtwvdylhfrA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1646217102&utm1=tcb&utm2=798347594-1&utm3=195-21720-0&utm4=0-9529915-14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 10:31:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Feb 2022 13:22:57 GMT
server
cloudflare
age
694
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GO5wAccBfryJnL6eJh8dfb5DTVLHvmYbeiPCVGXX5ZcH2JOMzgZYvCupL96fPKIrFQ4Xz%2BZzLIYOvU%2BfGNO2QTykxMVo9drdRHN%2Br0SBedpWu%2Fyuq1rI2VW%2BDM2ALCe4akphxNXMPTNPeg6%2BhkRGx1F%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e5976e1e99d0e1e-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
url
www.google.com/ Frame E990 		603 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/jtwvdylhfrA%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1
Requested by
Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
176d7cbfdc10357d06a4bf1b6e65569997785ba81159d6019ec6220046fb6de7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://stream.bantgoau.com/

Response headers

location
https://www.youtube.com/embed/jtwvdylhfrA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
cache-control
private
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
bfcache-opt-in
unload
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
date
Wed, 02 Mar 2022 10:31:44 GMT
server
gws
content-length
603
x-xss-protection
0
expires
Wed, 02 Mar 2022 10:31:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
jtwvdylhfrA
www.youtube.com/embed/ Frame E990 		59 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/jtwvdylhfrA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/jtwvdylhfrA%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
f39e9e1980b110bf48d536c3cd26d42358d7e7cdfaa692bf37c4ce7d428c17b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 02 Mar 2022 10:31:44 GMT
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
statusReport
warden.arc.io/mailbox/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://warden.arc.io/mailbox/statusReport
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.223.141.84 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-141-84.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.torlock2.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 02 Mar 2022 10:31:44 GMT
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
strict-transport-security
max-age=15724800; includeSubDomains
www-player.css
www.youtube.com/s/player/9c1a7c38/ Frame E990 		337 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9c1a7c38/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jtwvdylhfrA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
45c67371fc975034b335d906590ca4e1e6582c7c1688ae575f42f1f393df438e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/jtwvdylhfrA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 04:32:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
21545
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47097
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 01:15:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 02 Mar 2023 04:32:39 GMT
www-embed-player.js
www.youtube.com/s/player/9c1a7c38/www-embed-player.vflset/ Frame E990 		280 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9c1a7c38/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jtwvdylhfrA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9af8518816c349312932da9a972ead7bb0dd48f05145e23233cd582626efe1f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/jtwvdylhfrA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 15:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
153538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88134
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 01:15:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 28 Feb 2023 15:52:46 GMT
base.js
www.youtube.com/s/player/9c1a7c38/player_ias.vflset/de_DE/ Frame E990 		2 MB
541 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9c1a7c38/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jtwvdylhfrA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9de0bf06234ea3226284d918b2f19d4f1a4f325bfb54c0094c6df44b072924a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/jtwvdylhfrA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 15:52:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
153559
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553551
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 01:15:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 28 Feb 2023 15:52:25 GMT
fetch-polyfill.js
www.youtube.com/s/player/9c1a7c38/fetch-polyfill.vflset/ Frame E990 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9c1a7c38/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jtwvdylhfrA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/jtwvdylhfrA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 15:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
153538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3338
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 01:15:41 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 28 Feb 2023 15:52:46 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E990 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jtwvdylhfrA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 17:06:41 GMT
x-content-type-options
nosniff
age
62703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Mar 2023 17:06:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.torlock2.com
URL
https://www.torlock2.com/ps/lJjVnN.js
Domain
www.torlock2.com
URL
https://www.torlock2.com/arc-sw.js?propertyId=zPbLYYHC&seeder=true
Domain
tracker.arc.io
URL
https://tracker.arc.io/

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| structuredClone object| oncontextlost object| oncontextrestored function| R function| X object| zarazData object| zaraz object| dataLayer object| __cfQR object| __cfBeacon object| __adFormats object| __formatsGetters object| AdManager object| a3klsam object| activesInpages function| __fp-init function| __banner-init function| tcpusher function| $ function| jQuery object| Modernizr object| Sentry object| __arc__ object| arc object| a6_0x7dfa function| a6_0x5308 function| s2ss32ff boolean| s2ss32 undefined| json undefined| parsedData undefined| ip undefined| city undefined| country string| platform object| ui object| spobuttons boolean| __cfRLUnblockHandlers object| a9_0x1e2e function| a9_0x23bd boolean| utm32 string| utsid-send object| __SENTRY__ object| arcWidgetJsonp

8 Cookies

Domain/Path Name / Value
a.adtng.com/ Name: adtool_guid
Value: Ch5KAmIfR4s4N3BvQG8YAg==
a.adtng.com/ Name: RNLBSERVERID
Value: ded6973
tenthsfrumpy.com/ Name: GL_UI4
Value: eJw9jVtOhDAYhYFycTJCPAkLcAlFZJRH4yJ8JH9pYepAOyl1iLu3MdGn8%2BVccqIoSuoK8S1nYF%2FU4fEkeuK87dtJNCf%2BIjhJatruiU%2BvzTOJDge9DZ7EonyK%2B1kZ5fQ4jFaqEg8h%2BnMuxu4mRSYcGVkiW0NjKVEIZ%2FdNuZohNbQq5O9nZ4NmK31ah6TvA2oTMOZI7Faz6oDiQxsZdtURScOrMo9wvC7kJ%2BvWQcs8RjY7kgrxG%2B5G8mq27huFVNvF2ytgFzn8939v2d5w5FLd9Bi%2BrT8r9wMevUpU
tenthsfrumpy.com/ Name: GL_GI10
Value: eJxljNGKwjAURGuqVVFcBvyA%2FoAFa0F81u76oN8QQr2VIM0NSRTr11sVloV9G87MmSiKxHwGoS2my80qy9fZssjyAvGZGGJXYlrx1QTXSqMawvCHXKNMi8TRWbOB2JeYfLKs%2BEQY7MrFH%2Fa2BnvyntCvdGiBb6fMpb66kKomPSptMH4VH33e6f8HsfYWo2NerNNDOGFsKEhvibq4ZWfZqUCY%2FdL3VRJjpL20ju9t0sNX0A092JDkuvYUOtS7JeIJhP5MTw%3D%3D
core.arc.io/ Name: _immortal|Arc_nodeId
Value: T6MJL7L3nTxSqQdgMHELBG
.arc.io/ Name: widgetOptState
Value: {%22state%22:%22UNDECIDED%22%2C%22date%22:%222022-03-02T10:31:40.097Z%22%2C%22dismissedAt%22:null}
tcimp.zog.link/ Name: 750.0
Value: 1
tb.baimgfroggd.site/ Name: 1816.1514173
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://www.torlock2.com/TORRENT/1969117/STEP-UP-REVOLUTION[]BRRIP.HTML
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

78103830d6.5206a9500e.com
a.adtng.com
arc.io
befirstcdn.com
browser.sentry-cdn.com
cdnjs.cloudflare.com
core.arc.io
dd610896b5.5206a9500e.com
fonts.gstatic.com
ht-cdn2.adtng.com
hw-cdn2.adtng.com
js.cabnnr.com
js.wpadmngr.com
js.wpshsdk.com
l.0cdn.xyz
lh3.googleusercontent.com
nereserv.com
notification.tubecup.net
ntvpforever.com
rtbbnr.com
sentry.arc.io
static.arc.io
static.bookmsg.com
static.cloudflareinsights.com
stream.bantgoau.com
tb.baimgfroggd.site
tcimp.zog.link
tenthsfrumpy.com
tracker.arc.io
vs.bantgoau.com
warden.arc.io
www.google.com
www.torlock2.com
www.youtube.com
youradexchange.com
tracker.arc.io
www.torlock2.com
104.31.16.9
13.225.73.82
168.119.25.22
18.223.141.84
209.197.3.25
23.109.87.67
2606:4700:3032::6815:131d
2606:4700:3037::ac43:c883
2606:4700::6810:125e
2606:4700::6810:5f41
2606:4700::6811:970c
2620:1ec:bdf::44
2a00:1450:4001:808::2003
2a00:1450:4001:810::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a01:4f8:c0:33d8::1
2a01:4f8:e0:19cb::1
2a02:128:7:4777::1
2a02:128:7:5241::2
2a02:128:7:5917::2
2a04:4e42:400::729
35.190.41.116
45.133.44.24
45.133.44.25
66.254.114.171
66.254.122.19
78.47.181.156
88.198.209.36
018bf2df18045310caf4e39045e316645302e600d44d3d826c1b9ef8224f6052
063f1a317f86cccf0394f7902b67c83f4796b441b40bff2d7e394357f3f83a60
0b0ccab5c33b6a68fdde04836a4c4ea787c32a69915bfe75e906f15cb67f7b39
1530691d7096753c4a33ff3d11be983fbec896774cffe9a3555c2c81e6f18906
173e4d6538ab5a79b417e9922c7cfd78bc2a96a6f0774850dd760a99d2a86bf3
176d7cbfdc10357d06a4bf1b6e65569997785ba81159d6019ec6220046fb6de7
187a5e0bc9badf1f52db4ac8a96a470b7abfc7a57b06b2037039137b281fcf00
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e
1ee453d906f72a453020fe595995032d10f537ffd711ef742ed12d1034e0812d
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56
2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014
3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0
33ce22ca84a63bc33e85d9bbe4f41538791d496cef1c991933f1914f8e8d5e1b
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707
39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e
3c082f814dd75ad08dae22b237414d4b789dab5248c6b50953e1a60ad106c814
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b
45c67371fc975034b335d906590ca4e1e6582c7c1688ae575f42f1f393df438e
4720daad8daba83ee3b0e5e453f6b9d6d021b2ed5ef662c7dd801998c133b96d
4b7fdbeb531715826ebf2618f069646619aa0d9241f939587befbc2c1701bea7
506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58f8df702bdbb99eab4bb4c1288d70c738619c08efa0bb1ee52cacbd33fdc25a
60fd85e530eb023e27bd400ed37ac2ed22abee395816e3a05e42e5312dd4a5b7
629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca
65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a
6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7
6bbfdebcfc2568412d851a7de0def80e6e12bbf31716f940d9f5bfcf354344a6
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
7b9d9766b5a9ddbaba5a4cafdb4d5eba275e352373babac2a8e139474277ac20
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69
84f8061a68058b0dd35d1c7c2bd4b475e6ab38d4374dc9f8394257be457570cb
862c8a19133e887922efcd1878fc67439ea730f72d063522af67dfa18c0a7fd3
8636d7f343b1c33fcace18db2835cbcbfecbf1b893304b61bd2e6754221978f8
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2
90e33e454dd362ec6e01ad6afeed51d0ccf095d68ca27cadc6e3404e0bad2d14
9978fe4778a52319f20a2dc4744a173ae6c32ef2d905af9f96cc325162e99a43
9af8518816c349312932da9a972ead7bb0dd48f05145e23233cd582626efe1f8
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6
9de0bf06234ea3226284d918b2f19d4f1a4f325bfb54c0094c6df44b072924a0
9e4ec6c93ef0d7cd64261073f94c17cf1adacebb677fceeede040db1edcb3f51
9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e
a222ed6fc63d91d555c29e1880905ca4340fa8c23a1f6d2d58c6048b14ee3d96
a8f8deafae2e699c5369b612da4b5d43b187446bae2e92eb59b079dbc8089c79
a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb
b01537b6d7ab761bb6d4ebd5fa07271bf5263467be047bb97e3bd4198c6df3f8
b30fe38e38d00c23fce64391abfb7fe43a3d0179a64c02ecdf20c235e13103cf
b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62
ba89161f62c517bdd776996943f3e26ed2b92d749178f1c24da07c8db904e27c
bbc681269a3666550c117af977e2344e33ca7f131acfeb800c0d3f7a35b8d51c
bc0623aafcb711370af9ad89d48a6785f57c3b8cc6b22d793032b5559f9a6d61
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bf2f02ca5526f806f735035723f16f187119b693e592a43b1777a66e915bc81c
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
c2bf26771ea7f60b2ca0d9e62e42349d920abc78fa993c9e7cf7312c0ab231da
c7659ffb0d3df377c1234d14b4070c72e387079e938702120b7c4dd2be608f8d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d110d37fdfe0532151ebb863fc482395f03391d47b130e5e211321863ee5cc58
ddbc26bd547a35aca44f975aeda2f1bd46e3a9d06d347cca40a66046ce21db6c
dff43e1b1eb8a3b878a02c0d8c6870b42a2347fd7744ff488e916d279e1820d7
e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17
e24ee213782f6ed0de472f2a8b9374799b9a79643d466133d7a10a81383aa039
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e
ede777ff1a1db097d4ff59e47bf648597dae763c9c6d058ce52126b9fdc0c7e0
f2a7e5ade77d712f4303757e9c0c3185f72f24cfa5f5da33bcabc63abd376a1b
f39e9e1980b110bf48d536c3cd26d42358d7e7cdfaa692bf37c4ce7d428c17b3
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443
f9daa48a3c618bb638706d320e646320b4123ffdd3c5a4a8a9a8df505de6fac7
fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505