urlscan.io logo urlscan.io
SecurityTrails logo

www.4humor12.com Open in urlscan Pro
2a00:1450:4001:818::2013  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Submission: On August 03 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 48 HTTP transactions. The main IP is 2a00:1450:4001:818::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.4humor12.com.
This is the only time www.4humor12.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    2a00:1450:4001:818::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.4humor12.com
www.codatey.top
9    2a00:1450:4001:81e::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
1    2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    151.139.237.11 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)
cdn.rawgit.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2.bp.blogspot.com
5    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:809::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
7    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4.bp.blogspot.com
2    2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
8 www.blogger.com 1 redirects www.4humor12.com
www.blogger.com
apis.google.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
7 www.4humor12.com www.4humor12.com
ajax.googleapis.com
5 pagead2.googlesyndication.com www.4humor12.com
pagead2.googlesyndication.com
3 apis.google.com www.4humor12.com
apis.google.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 connect.facebook.net www.4humor12.com
connect.facebook.net
2 fonts.gstatic.com www.4humor12.com
2 maxcdn.bootstrapcdn.com www.4humor12.com
2 fonts.googleapis.com www.4humor12.com
1 www.codatey.top www.4humor12.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 4.bp.blogspot.com www.4humor12.com
1 accounts.google.com 1 redirects
1 resources.blogblog.com www.4humor12.com
1 2.bp.blogspot.com www.4humor12.com
1 ajax.googleapis.com www.4humor12.com
1 cdn.rawgit.com www.4humor12.com
48 20

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
gplus.com
www.blogger.com
www.themexpose.com
www.codatey.top
Subject Issuer Validity Valid
*.blogger.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
rawgit.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-03 -
2022-01-12		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.apis.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
www.codatey.top
GTS CA 1D2		 2020-07-06 -
2020-10-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh

This page contains 11 frames:

Primary Page: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Frame ID: 117045F36FA27B010F64E95976A6E44C
Requests: 39 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=8916587770313254406&pageID=7727392803583379718&blogspotRpcToken=1693469&bpli=1
Frame ID: 6C073D1E4667BED4C562393CE6F27944
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200729/r20190131/zrt_lookup.html
Frame ID: 0B4A5156EA22A942B464ED1ECB06204E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7263345837722844&output=html&h=280&slotname=5179905144&adk=3547284809&adf=554462850&w=662&fwrn=4&fwrnh=100&lmt=1594574180&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=662x280&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1596462460003&bpp=13&bdt=711&idt=230&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8089246231525&frm=20&pv=2&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=145402380&dssz=44&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=469&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=eOsSs52n5c&p=http%3A//www.4humor12.com&dtd=261
Frame ID: 8E3DC429A55840BC03EAB1FA44FB1630
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=8916587770313254406&blogName=gbergbrebre&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.4humor12.com/search&blogLocale=ar&v=2&homepageUrl=http://www.4humor12.com/&targetPageID=7727392803583379718&blogPostOrPageUrl=http://www.4humor12.com/p/redirect.html&vt=-2761325834856403223&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.WuHGBC70tdw.O%2Fam%3DwQc%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNpHoaMoiiRyTFOuGnNuTT-eiD9VA%2Fm%3D__features__
Frame ID: 10A2AB5F8A0215E90A7175573F426C7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7263345837722844&output=html&h=280&slotname=2756917559&adk=859236863&adf=1575086923&w=662&fwrn=4&fwrnh=100&lmt=1594574180&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=662x280&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1596462460016&bpp=4&bdt=723&idt=313&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=662x280&correlator=8089246231525&frm=20&pv=1&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=34505140748&dssz=45&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=469&ady=981&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=B2G9xlIEJQ&p=http%3A//www.4humor12.com&dtd=326
Frame ID: 63F842C8749920640A0C507A5FD1C029
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7263345837722844&output=html&h=280&slotname=9583094714&adk=2560164922&adf=1216382577&w=662&fwrn=4&fwrnh=100&lmt=1594574180&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=662x280&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1596462460020&bpp=2&bdt=727&idt=347&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=662x280%2C662x280&correlator=8089246231525&frm=20&pv=1&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=34505140748&dssz=46&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=469&ady=1770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=xoWFw6nDXS&p=http%3A//www.4humor12.com&dtd=375
Frame ID: 9C29BC6AFB8EA57829D1AEA907BCC4A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7263345837722844&output=html&h=280&slotname=9583094714&adk=3552844105&adf=1583593534&w=662&fwrn=4&fwrnh=100&lmt=1594574180&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=662x280&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1596462460022&bpp=2&bdt=729&idt=396&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=662x280%2C662x280%2C662x280&correlator=8089246231525&frm=20&pv=1&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=34505140748&dssz=46&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=469&ady=2474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OYdbgt76i&p=http%3A//www.4humor12.com&dtd=402
Frame ID: B209D4E6D5EC9BA509C37A4CFEC370F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7263345837722844&output=html&h=280&slotname=5179905144&adk=1176154075&adf=1756335247&w=788&fwrn=4&fwrnh=100&lmt=1594574180&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=788x280&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1596462460024&bpp=2&bdt=731&idt=445&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=662x280%2C662x280%2C662x280%2C662x280&correlator=8089246231525&frm=20&pv=1&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=34505140748&dssz=46&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=406&ady=2798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Q6wLzZqsjD&p=http%3A//www.4humor12.com&dtd=455
Frame ID: 589599643A49DBA78FB7AA49DAF3167A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7263345837722844&output=html&adk=1812271804&adf=3025194257&lmt=1594574180&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1596462460169&bpp=1&bdt=877&idt=428&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=662x280%2C662x280%2C662x280%2C662x280%2C788x280&nras=1&correlator=8089246231525&frm=20&pv=1&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=34505140748&dssz=46&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=5&uci=a!5&fsb=1&dtd=436
Frame ID: 86081FCE82FE21B05FFADC997C2B4AF0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: B391DFEC072948986A25828B0D80E113
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /^Blogger$/i
Overall confidence: 100%
Detected patterns
  • meta generator /^Blogger$/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

48
Requests

71 %
HTTPS

94 %
IPv6

15
Domains

20
Subdomains

18
IPs

4
Countries

711 kB
Transfer

1770 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://www.blogger.com/comment-iframe.g?blogID=8916587770313254406&pageID=7727392803583379718&blogspotRpcToken=1693469 HTTP 302
  • https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D8916587770313254406%26pageID%3D7727392803583379718%26blogspotRpcToken%3D1693469%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D8916587770313254406%26pageID%3D7727392803583379718%26blogspotRpcToken%3D1693469%26bpli%3D1&passive=true&go=true HTTP 302
  • https://www.blogger.com/comment-iframe.g?blogID=8916587770313254406&pageID=7727392803583379718&blogspotRpcToken=1693469&bpli=1

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request redirect.html
www.4humor12.com/p/ 		121 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9bb6b8c1ba8c4ef8d5eff9f6b9b372181f37495232a41462cb073418913011df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.4humor12.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html; charset=UTF-8
Expires
Mon, 03 Aug 2020 13:47:39 GMT
Date
Mon, 03 Aug 2020 13:47:39 GMT
Cache-Control
private, max-age=0
Last-Modified
Sun, 12 Jul 2020 17:16:20 GMT
ETag
W/"388448453ff25d960f6d2e484fc126898af524efaa5bd7200b0a4d6b0435a892"
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Length
31303
Server
GSE
3581332597-css_bundle_v2_rtl.css
www.blogger.com/static/v1/widgets/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3581332597-css_bundle_v2_rtl.css
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60ef953a65ae18962106287ddfe709e677844f21fca09bef89fa2de9191669e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 27 Jul 2020 11:59:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 26 Jul 2020 22:20:39 GMT
server
sffe
age
611294
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7986
x-xss-protection
0
expires
Tue, 27 Jul 2021 11:59:25 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
HTTP/1.1
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e5fcb655f0010c419f0efc18e3125d5d2a56186a53848749e27867c4ec883cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 13:47:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 03 Aug 2020 13:47:39 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Mon, 03 Aug 2020 13:47:39 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 13:47:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 12 Dec 2018 18:35:19 GMT
ETag
"1544639719"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
cache-control
public, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
Keep-Alive
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
6241
neo.css
cdn.rawgit.com/Modareb/files/master/fonts/ 		68 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.rawgit.com/Modareb/files/master/fonts/neo.css
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7c2b145505e27d6fbd0d8c3c9523eebea37e854b8c130fcaf8a6fe1a0788e28d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 13:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-cache
HIT
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0452a580cb00003dfa0d3cb200000001
rawgit-cache-status
MISS
x-robots-tag
none
content-type
text/css;charset=utf-8
server
NetDNA-cache/2.2
etag
W/"92be23b1d5d127bfeff4bea731ed251d45e75ce7b46a25f1be979640cf333cc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
sunset
Tue, 01 Oct 2019 00:00:00 GMT
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=86400
cf-ray
5bcad847acde3dfa-PRG
link
<https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
css
fonts.googleapis.com/ 		757 B
472 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Tajawal
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51d6a59ac30da1d138422eca0a828b63510f589379b2df143772bfaaf7d56d3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 03 Aug 2020 13:38:54 GMT
server
ESF
date
Mon, 03 Aug 2020 13:47:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Aug 2020 13:47:39 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 03:26:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
382884
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Jul 2021 03:26:15 GMT
logo-3.png
2.bp.blogspot.com/-mxG7R-NJwBY/Wc4KSfRM5tI/AAAAAAAAKCs/p15hCRe6eOYI-LkBTtSzkeKZvCbAa5xhgCK4BGAYYCw/s1600/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://2.bp.blogspot.com/-mxG7R-NJwBY/Wc4KSfRM5tI/AAAAAAAAKCs/p15hCRe6eOYI-LkBTtSzkeKZvCbAa5xhgCK4BGAYYCw/s1600/logo-3.png
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
016d1fe5453cd0266ac1e05f9f4469c90a288eecb6718483021f3b744c3fa9f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 10:17:17 GMT
X-Content-Type-Options
nosniff
Server
fife
Age
12622
ETag
"v282c"
Vary
Origin
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="logo-3.png"
Timing-Allow-Origin
*
Content-Length
4343
X-XSS-Protection
0
Expires
Fri, 31 Jul 2020 05:36:20 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		119 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a8c12761327cd6864d140a4db0fe1e8965d71f26626015f8c8a427c69d03eb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 13:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
43133
x-xss-protection
0
server
cafe
etag
2170127736980713183
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 03 Aug 2020 13:47:39 GMT
1817618210-comment_from_post_iframe.js
www.blogger.com/static/v1/jsbin/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/jsbin/1817618210-comment_from_post_iframe.js
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8d85376bb865023fa6e9e61440112f1511b8cd2a490ad5aba7bef43c5f732e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 29 Jul 2020 01:05:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Jul 2020 23:53:28 GMT
server
sffe
age
477729
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5130
x-xss-protection
0
expires
Thu, 29 Jul 2021 01:05:30 GMT
icon18_wrench_allbkg.png
resources.blogblog.com/img/ 		475 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 29 Jul 2020 04:55:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 28 Jul 2020 05:20:16 GMT
server
sffe
age
463940
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
475
x-xss-protection
0
expires
Wed, 05 Aug 2020 04:55:19 GMT
plusone.js
apis.google.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09acbe89937043ca22e2edfc75ef19630eb4d7307824ae0f09fd7b07aaba7631
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ltcZTmaUnAU+R77kcoeWzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 13:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"64aa0492568c5e491661cd6e02af970e"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-ltcZTmaUnAU+R77kcoeWzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Mon, 03 Aug 2020 13:47:39 GMT
cookienotice.js
www.4humor12.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.4humor12.com/js/cookienotice.js
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 28 Jul 2020 22:38:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 28 Jul 2020 20:26:55 GMT
Server
sffe
Age
486574
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
Content-Length
2026
X-XSS-Protection
0
Expires
Tue, 04 Aug 2020 22:38:05 GMT
3699474415-widgets.js
www.blogger.com/static/v1/widgets/ 		133 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3699474415-widgets.js
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dba101e6f5518f40c89f565643d81ce8e9c77543b3a32848359f8ffa43129f2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 00:36:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Jul 2020 02:26:19 GMT
server
sffe
age
306686
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49358
x-xss-protection
0
expires
Sat, 31 Jul 2021 00:36:13 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8916587770313254406&zx=b1dcf5fa-8285-4b0d-96b9-cc05db385aae
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 03 Aug 2020 13:47:39 GMT
server
GSE
date
Mon, 03 Aug 2020 13:47:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
Iura6YBj_oCad4k1nzSBC5xLhLFw4Q.woff2
fonts.gstatic.com/s/tajawal/v3/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v3/Iura6YBj_oCad4k1nzSBC5xLhLFw4Q.woff2
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d74cd1d599cd8aca54efc604395358abd1c34f331304aa34cf7b2cc6c80916d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Tajawal
Origin
http://www.4humor12.com

Response headers

date
Tue, 21 Jul 2020 15:29:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:32:27 GMT
server
sffe
age
1117117
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8556
x-xss-protection
0
expires
Wed, 21 Jul 2021 15:29:02 GMT
Iura6YBj_oCad4k1nzGBC5xLhLE.woff2
fonts.gstatic.com/s/tajawal/v3/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v3/Iura6YBj_oCad4k1nzGBC5xLhLE.woff2
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4be25ab4a6eb0ef8d5f28549009adc9b41459aa6fd16687d437b2f8575c47b99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Tajawal
Origin
http://www.4humor12.com

Response headers

date
Tue, 28 Jul 2020 01:04:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:32:30 GMT
server
sffe
age
564185
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10204
x-xss-protection
0
expires
Wed, 28 Jul 2021 01:04:34 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin
http://www.4humor12.com

Response headers

Date
Mon, 03 Aug 2020 13:47:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 12 Dec 2018 18:36:18 GMT
ETag
"1544639778"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
font/woff2
Access-Control-Allow-Origin
*
cache-control
public, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
Keep-Alive
Accept-Ranges
bytes
timing-allow-origin
*
Content-Length
66632
authorization.css
www.blogger.com/dyn-css/ 		1 B
111 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8916587770313254406&zx=b1dcf5fa-8285-4b0d-96b9-cc05db385aae
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 03 Aug 2020 13:47:40 GMT
server
GSE
date
Mon, 03 Aug 2020 13:47:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
comment-iframe.g
www.blogger.com/ Frame 6C07
Redirect Chain
  • https://www.blogger.com/comment-iframe.g?blogID=8916587770313254406&pageID=7727392803583379718&blogspotRpcToken=1693469
  • https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D8916587770313254406%26pageID%3D7727392803583379718%26blogspotRpcToken%3D1693469%26bpli%3D1&follow...
  • https://www.blogger.com/comment-iframe.g?blogID=8916587770313254406&pageID=7727392803583379718&blogspotRpcToken=1693469&bpli=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/comment-iframe.g?blogID=8916587770313254406&pageID=7727392803583379718&blogspotRpcToken=1693469&bpli=1
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/1817618210-comment_from_post_iframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/comment-iframe.g?blogID=8916587770313254406&pageID=7727392803583379718&blogspotRpcToken=1693469&bpli=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

status
200
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 03 Aug 2020 13:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1908
server
GSE
set-cookie
S=blogger=xQjvECx2W01nd8CsYzXizC18yckS0eu9E8Uu0RWGqhU; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
302
content-type
text/html; charset=UTF-8
x-frame-options
DENY
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 03 Aug 2020 13:47:40 GMT
location
https://www.blogger.com/comment-iframe.g?blogID=8916587770313254406&pageID=7727392803583379718&blogspotRpcToken=1693469&bpli=1
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
script-src 'report-sample' 'nonce-pj+crgM2VCxU1Y4FdqOoRg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
258
server
GSE
set-cookie
GAPS=1:YSy4qBsRLTrH6PiOecQuw56K43CWiA:pURhyhM1a5tLuIaB;Path=/;Expires=Wed, 03-Aug-2022 13:47:40 GMT;Secure;HttpOnly;Priority=HIGH __Host-GAPS=1:YSy4qBsRLTrH6PiOecQuw56K43CWiA:pURhyhM1a5tLuIaB;Path=/;Expires=Wed, 03-Aug-2022 13:47:40 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/ 		223 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d42fc1c349e1ff511ae471d2fce211a3787212180217093d826e2f30006a10d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 13:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
85405
x-xss-protection
0
server
cafe
etag
4188947787779617085
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Aug 2020 13:47:40 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200729/r20190131/ Frame 0B4A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200729/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200729/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 29 Jul 2020 21:56:39 GMT
expires
Wed, 12 Aug 2020 21:56:39 GMT
content-type
text/html; charset=UTF-8
etag
1809543571055990350
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4277
x-xss-protection
0
cache-control
public, max-age=1209600
age
402661
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.WuHGBC70tdw.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCNpHoaMoiiRyTFOuGnNuTT-eiD9VA/ 		142 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.WuHGBC70tdw.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCNpHoaMoiiRyTFOuGnNuTT-eiD9VA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96105f82e18bd3a362787a75d60cbde93e64584708a0b589894fafc7a8245dc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 22 Jul 2020 21:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Jul 2020 03:40:17 GMT
server
sffe
age
1010259
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50722
x-xss-protection
0
expires
Thu, 22 Jul 2021 21:10:01 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.WuHGBC70tdw.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCNpHoaMoiiRyTFOuGnNuTT-eiD9VA/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.WuHGBC70tdw.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCNpHoaMoiiRyTFOuGnNuTT-eiD9VA/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ec6c185e2db6c0b1450e1062cce4c671999e85656b153e2c986066b9f5f2f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 20 Jul 2020 17:02:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Jul 2020 03:40:17 GMT
server
sffe
age
1197886
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17153
x-xss-protection
0
expires
Tue, 20 Jul 2021 17:02:54 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
HTTP/1.1
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 28 Jul 2020 02:48:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
557978
ETag
13036835877489095579
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
public, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
67
X-XSS-Protection
0
Expires
Tue, 11 Aug 2020 02:48:02 GMT
truncated
/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b0c3142b1cc662f819943afaa390f1ce056bc2772cd898b13354d5f80d8337e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin
http://www.4humor12.com

Response headers

Content-Type
font/woff
default
www.4humor12.com/feeds/posts/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.4humor12.com/feeds/posts/default?alt=json-in-script&callback=jQuery1110014382804712751773_1596462459585&_=1596462459586
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
1de06b9da1b1200f7769512f1f8c9ba0476e3ccbeddb0f92f735cbea40941d9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 13:47:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 12 Jul 2020 17:16:20 GMT
Server
blogger-renderd
ETag
W/"6e2c99b4c37abc3369239720b07f858a49a566d55a8b900f15bbded81142eb62"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, must-revalidate, proxy-revalidate, max-age=1
Content-Length
702
X-XSS-Protection
0
Expires
Mon, 03 Aug 2020 13:47:41 GMT
default
www.4humor12.com/feeds/posts/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.4humor12.com/feeds/posts/default?alt=json-in-script&callback=jQuery1110014382804712751773_1596462459587&_=1596462459588
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
782f3410dc1d9bafc6be699c257acb1700b53217a6aafbf08a656f67b54972e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 13:47:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 12 Jul 2020 17:16:20 GMT
Server
blogger-renderd
ETag
W/"6e2c99b4c37abc3369239720b07f858a49a566d55a8b900f15bbded81142eb62"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, must-revalidate, proxy-revalidate, max-age=1
Content-Length
701
X-XSS-Protection
0
Expires
Mon, 03 Aug 2020 13:47:41 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
HTTP/1.1
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0def3059d235a1dff7b190b3e8bf5c93f8de6fe2a73ed1b728c11c060912946f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; preload; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-MD5
4RNgRgFttE/08WpmDv5AzQ==
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length
1779
ETag
"05982e8b3a8ac1472f5e9cbd4e50d7eb"
X-FB-Debug
LgByLLaMDMbP6AD4/vaH5jg2F3AddFng0tK12ntJTJV5sw6T/zA+voJQY/NebZXFgrXZxWpG2zyEKqMcyDiO9A==
X-FB-TRIP-ID
2087493949
x-fb-content-md5
acee7196a5f57c3878add0fdfad26cb2
X-Frame-Options
DENY
Date
Mon, 03 Aug 2020 13:47:40 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-FB-Content-MD5
Cache-Control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
Expires
Mon, 03 Aug 2020 13:55:30 GMT
menu.png
4.bp.blogspot.com/-XmVTbf5RQLY/VmT4NfoMGOI/AAAAAAAACSI/F2sRS-yCpPI/s1600-r/ 		321 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://4.bp.blogspot.com/-XmVTbf5RQLY/VmT4NfoMGOI/AAAAAAAACSI/F2sRS-yCpPI/s1600-r/menu.png
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
HTTP/1.1
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
63ccf0f33e466c1549a076ed85324b64ae5b5b095ed2518a2c6f9ad35eb2be9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 11:19:48 GMT
X-Content-Type-Options
nosniff
Server
fife
Age
8872
ETag
"v923"
Vary
Origin
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="menu.png"
Timing-Allow-Origin
*
Content-Length
321
X-XSS-Protection
0
Expires
Wed, 29 Jul 2020 17:20:35 GMT
redirect.html
www.4humor12.com/p/ 		121 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9bb6b8c1ba8c4ef8d5eff9f6b9b372181f37495232a41462cb073418913011df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 13:47:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 12 Jul 2020 17:16:20 GMT
Server
GSE
ETag
W/"388448453ff25d960f6d2e484fc126898af524efaa5bd7200b0a4d6b0435a892"
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=0
Content-Length
31303
X-XSS-Protection
1; mode=block
Expires
Mon, 03 Aug 2020 13:47:40 GMT
redirect.html
www.4humor12.com/p/ 		121 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9bb6b8c1ba8c4ef8d5eff9f6b9b372181f37495232a41462cb073418913011df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 13:47:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 12 Jul 2020 17:16:20 GMT
Server
GSE
ETag
W/"388448453ff25d960f6d2e484fc126898af524efaa5bd7200b0a4d6b0435a892"
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=0
Content-Length
31303
X-XSS-Protection
1; mode=block
Expires
Mon, 03 Aug 2020 13:47:40 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.4humor12.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Aug 2020 13:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.4humor12.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Aug 2020 13:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8E3D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7263345837722844&output=html&h=280&slotname=5179905144&adk=3547284809&adf=554462850&w=662&fwrn=4&fwrnh=100&lmt=1594574180&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=662x280&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1596462460003&bpp=13&bdt=711&idt=230&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8089246231525&frm=20&pv=2&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=145402380&dssz=44&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=469&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=eOsSs52n5c&p=http%3A//www.4humor12.com&dtd=261
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7263345837722844&output=html&h=280&slotname=5179905144&adk=3547284809&adf=554462850&w=662&fwrn=4&fwrnh=100&lmt=1594574180&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=662x280&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1596462460003&bpp=13&bdt=711&idt=230&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8089246231525&frm=20&pv=2&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=145402380&dssz=44&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=469&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=eOsSs52n5c&p=http%3A//www.4humor12.com&dtd=261
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 03 Aug 2020 13:47:40 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 03-Aug-2020 14:02:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		71 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a6a77d4af8485f801196e0abb887d745c1ebaf38df310027cf720ad7517e9b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 13:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1596194598985842"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27106
x-xss-protection
0
expires
Mon, 03 Aug 2020 13:47:40 GMT
navbar.g
www.blogger.com/ Frame 10A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar.g?targetBlogID=8916587770313254406&blogName=gbergbrebre&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.4humor12.com/search&blogLocale=ar&v=2&homepageUrl=http://www.4humor12.com/&targetPageID=7727392803583379718&blogPostOrPageUrl=http://www.4humor12.com/p/redirect.html&vt=-2761325834856403223&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.WuHGBC70tdw.O%2Fam%3DwQc%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNpHoaMoiiRyTFOuGnNuTT-eiD9VA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.WuHGBC70tdw.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCNpHoaMoiiRyTFOuGnNuTT-eiD9VA/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/navbar.g?targetBlogID=8916587770313254406&blogName=gbergbrebre&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.4humor12.com/search&blogLocale=ar&v=2&homepageUrl=http://www.4humor12.com/&targetPageID=7727392803583379718&blogPostOrPageUrl=http://www.4humor12.com/p/redirect.html&vt=-2761325834856403223&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.WuHGBC70tdw.O%2Fam%3DwQc%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNpHoaMoiiRyTFOuGnNuTT-eiD9VA%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3

Response headers

status
200
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 03 Aug 2020 13:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
2605
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 63F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7263345837722844&output=html&h=280&slotname=2756917559&adk=859236863&adf=1575086923&w=662&fwrn=4&fwrnh=100&lmt=1594574180&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=662x280&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1596462460016&bpp=4&bdt=723&idt=313&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=662x280&correlator=8089246231525&frm=20&pv=1&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=34505140748&dssz=45&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=469&ady=981&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=B2G9xlIEJQ&p=http%3A//www.4humor12.com&dtd=326
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7263345837722844&output=html&h=280&slotname=2756917559&adk=859236863&adf=1575086923&w=662&fwrn=4&fwrnh=100&lmt=1594574180&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=662x280&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1596462460016&bpp=4&bdt=723&idt=313&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=662x280&correlator=8089246231525&frm=20&pv=1&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=34505140748&dssz=45&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=469&ady=981&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpoeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&fsb=1&xpc=B2G9xlIEJQ&p=http%3A//www.4humor12.com&dtd=326
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 03 Aug 2020 13:47:40 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
IDE=AHWqTUnra2HH5svTJqoRTxehpqSc9jUPVW0R3GAOC1-ieYf_l99cku1XlBB6Ukvm; expires=Sat, 28-Aug-2021 13:47:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
sdk.js
connect.facebook.net/en_US/ 		199 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=c8680b9f4570ae1d06a6afec5459f948&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
68f0983115b1b51480069fddc7a91a266799179b398292eaa209abd1b361cf3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Origin
http://www.4humor12.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
sP0dQ5YC7W3vEum98J+lFw==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
61371
etag
"a83a281e64a796a7f1b8f254284fa7ab"
x-fb-debug
MQLgBMesmdMNAyo880+nFRnn1OYmlWc7DKYFX4knCFyD331AFfyOg+S73J7yChIXgLIYaq7kWREew3ydIlrDcQ==
x-fb-trip-id
664085054
x-fb-content-md5
2e1013d74a87f87e173ea6b8820df557
x-frame-options
DENY
date
Mon, 03 Aug 2020 13:47:40 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Tue, 03 Aug 2021 12:24:15 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9C29 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7263345837722844&output=html&h=280&slotname=9583094714&adk=2560164922&adf=1216382577&w=662&fwrn=4&fwrnh=100&lmt=1594574180&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=662x280&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1596462460020&bpp=2&bdt=727&idt=347&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=662x280%2C662x280&correlator=8089246231525&frm=20&pv=1&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=34505140748&dssz=46&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=469&ady=1770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=xoWFw6nDXS&p=http%3A//www.4humor12.com&dtd=375
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7263345837722844&output=html&h=280&slotname=9583094714&adk=2560164922&adf=1216382577&w=662&fwrn=4&fwrnh=100&lmt=1594574180&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=662x280&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1596462460020&bpp=2&bdt=727&idt=347&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=662x280%2C662x280&correlator=8089246231525&frm=20&pv=1&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=34505140748&dssz=46&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=469&ady=1770&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=xoWFw6nDXS&p=http%3A//www.4humor12.com&dtd=375
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 03 Aug 2020 13:47:40 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
IDE=AHWqTUmpSgJm3P4SA9ECqPND47l9YYg_WBay8rTwsXgA-KIwixKCVIrxf6f86u48; expires=Sat, 28-Aug-2021 13:47:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame B209 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7263345837722844&output=html&h=280&slotname=9583094714&adk=3552844105&adf=1583593534&w=662&fwrn=4&fwrnh=100&lmt=1594574180&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=662x280&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1596462460022&bpp=2&bdt=729&idt=396&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=662x280%2C662x280%2C662x280&correlator=8089246231525&frm=20&pv=1&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=34505140748&dssz=46&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=469&ady=2474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OYdbgt76i&p=http%3A//www.4humor12.com&dtd=402
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7263345837722844&output=html&h=280&slotname=9583094714&adk=3552844105&adf=1583593534&w=662&fwrn=4&fwrnh=100&lmt=1594574180&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=662x280&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1596462460022&bpp=2&bdt=729&idt=396&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=662x280%2C662x280%2C662x280&correlator=8089246231525&frm=20&pv=1&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=34505140748&dssz=46&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=469&ady=2474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OYdbgt76i&p=http%3A//www.4humor12.com&dtd=402
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnra2HH5svTJqoRTxehpqSc9jUPVW0R3GAOC1-ieYf_l99cku1XlBB6Ukvm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 03 Aug 2020 13:47:40 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 5895 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7263345837722844&output=html&h=280&slotname=5179905144&adk=1176154075&adf=1756335247&w=788&fwrn=4&fwrnh=100&lmt=1594574180&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=788x280&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1596462460024&bpp=2&bdt=731&idt=445&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=662x280%2C662x280%2C662x280%2C662x280&correlator=8089246231525&frm=20&pv=1&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=34505140748&dssz=46&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=406&ady=2798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Q6wLzZqsjD&p=http%3A//www.4humor12.com&dtd=455
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7263345837722844&output=html&h=280&slotname=5179905144&adk=1176154075&adf=1756335247&w=788&fwrn=4&fwrnh=100&lmt=1594574180&rafmt=1&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=788x280&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1596462460024&bpp=2&bdt=731&idt=445&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=662x280%2C662x280%2C662x280%2C662x280&correlator=8089246231525&frm=20&pv=1&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=34505140748&dssz=46&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=406&ady=2798&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Q6wLzZqsjD&p=http%3A//www.4humor12.com&dtd=455
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 03 Aug 2020 13:47:40 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 03-Aug-2020 14:02:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
default
www.4humor12.com/feeds/posts/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.4humor12.com/feeds/posts/default?alt=json-in-script&max-results=3&callback=jQuery1110014382804712751773_1596462459587&_=1596462459589
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
0f4b9307b7a880078e55bb28a02db841faeda624ec6f84c987b71b0d5a2887ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 13:47:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 12 Jul 2020 17:16:20 GMT
Server
blogger-renderd
ETag
W/"15f0e92ac7f37eda46c449d3c76e44bbaf5e467bbf694734ebc76c9171c2e857"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, must-revalidate, proxy-revalidate, max-age=1
Content-Length
713
X-XSS-Protection
0
Expires
Mon, 03 Aug 2020 13:47:41 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8608 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7263345837722844&output=html&adk=1812271804&adf=3025194257&lmt=1594574180&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1596462460169&bpp=1&bdt=877&idt=428&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=662x280%2C662x280%2C662x280%2C662x280%2C788x280&nras=1&correlator=8089246231525&frm=20&pv=1&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=34505140748&dssz=46&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=5&uci=a!5&fsb=1&dtd=436
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7263345837722844&output=html&adk=1812271804&adf=3025194257&lmt=1594574180&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=http%3A%2F%2Fwww.4humor12.com%2Fp%2Fredirect.html%3Furl%3D_http%253A%252F%252Fbeva.fun%252FrFAdL3&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1596462460169&bpp=1&bdt=877&idt=428&shv=r20200729&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=662x280%2C662x280%2C662x280%2C662x280%2C788x280&nras=1&correlator=8089246231525&frm=20&pv=1&ga_vid=259176385.1596462460&ga_sid=1596462460&ga_hid=1106439028&ga_fc=0&iag=0&icsg=34505140748&dssz=46&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358%2C21066922%2C21066612%2C21066393&oid=3&pvsid=4032285691544808&pem=346&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=5&uci=a!5&fsb=1&dtd=436
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 03 Aug 2020 13:47:40 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUnuUsLXT2RtlniakMcDDuFLHGZ0KV3dDWT2u_6ZbHeYn6UgoN_X52bqpNeW; expires=Sat, 28-Aug-2021 13:47:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 03 Aug 2020 13:47:40 GMT
cache-control
private
cr
www.codatey.top/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.codatey.top/cr
Requested by
Host: www.4humor12.com
URL: http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200729&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e80a7465aa08540b6716e38e578d963ce1c3541d2a2b3dffdf4ca2435fe915b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Aug 2020 13:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5623
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200729/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 13:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Mon, 03 Aug 2020 13:47:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame B391 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Mon, 03 Aug 2020 13:11:15 GMT
expires
Tue, 03 Aug 2021 13:11:15 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2186
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200729&jk=4032285691544808&bg=!yMuly9NYAEUzx62E8joCAAAAWlIAAAAlCgAo7TFxLqQbH_WWRXwUs9XLU90RwfoU3cwAaQ0_yS10rAdIZt6kjoiI-JkBhvNN-YlPSykE8mU0AdD27Nt1x3wdKEZ4qoRYD6iq6s5rSzZas0ZHMJEJRa9djgJdzdzXCO0LphiA960pBiDPtJSOVVVKYG0g-sU1pmj2jXC72cw9q6H2Xq25AMoDj82cqjm5yYA078yHkE-qtK1tGypG_XQMmI_dpajrWSiuLmqAtmXpVmAs2mGvwYmhy-DSS31OLnNfmRhn-J2azGobxGlX34H01W_qBvM6AU3cdgTXXIIlP1gtpjJAKiMUe_5lRpYb6M8lIlK-STBnbO-WuwQ6hKzyAPBf4wnoEnR8-uYAAIvnnIY2tXGEQFwTFNxa6mJF93XA-UkGjhyfl2vBaEpYp3lbwTI3g6AWsCj6YAmZyoh_YdJte8klVoRjQUHA_6HFtC6lwmJnVb9QOKG_yudm5XgWV-9inAFHnvetM_Zy1EB7Zj6WsSWzUBl5kekC3hjR_Yu9sCmLgTYiUqyo3KuwdsqQfucN8Bwn3vZfRFsMj3FYdmbHV_aV2IDWrIFZOwet385feg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.4humor12.com/p/redirect.html?url=_http%3A%2F%2Fbeva.fun%2FrFAdL3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Aug 2020 13:47:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| text_month string| no_image_url number| feat1_number number| related_number object| adsbygoogle number| recentposts_number number| randomposts_number number| postperpage object| jQuery1110014382804712751773 string| stickyWork string| FstickyWork function| label_pick object| styly object| readMore function| BLOG_CMT_createIframe string| page_redirect string| redirect_width string| redirect_color string| redirect_border string| redirect_T_Configure string| redirect_T_ready string| redirect_T_err string| redirect_timer string| redirect_match string| redirect_ads_href string| redirect_ads_rel string| redirect_ads_content function| radialTimer object| Settingsredirect string| style object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| setAttributeOnload object| gapi object| ___jsl string| due string| eud string| eeu string| uee function| selectnav string| cue string| euc string| feu string| uef string| geu string| z string| aue string| eua string| bue string| eub object| tdc string| mtdchi number| mttdchi function| avion string| tdcid object| cidt string| mtdc string| mtdch string| cmtdc number| c2 number| c1 undefined| jQuery1110014382804712751773_1596462459585 undefined| jQuery1110014382804712751773_1596462459587 number| numshowpage string| upPageWord string| downPageWord string| urlactivepage string| home_page function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired boolean| google_empty_script_included object| gadgets object| osapi object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ object| FB function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnuUsLXT2RtlniakMcDDuFLHGZ0KV3dDWT2u_6ZbHeYn6UgoN_X52bqpNeW
.blogger.com/ Name: S
Value: blogger=xQjvECx2W01nd8CsYzXizC18yckS0eu9E8Uu0RWGqhU

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
4.bp.blogspot.com
accounts.google.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
apis.google.com
cdn.rawgit.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
resources.blogblog.com
tpc.googlesyndication.com
www.4humor12.com
www.blogger.com
www.codatey.top
www.googletagservices.com
151.139.237.11
2001:4de0:ac19::1:b:3a
2a00:1450:4001:800::2001
2a00:1450:4001:801::2001
2a00:1450:4001:801::200a
2a00:1450:4001:801::200e
2a00:1450:4001:806::2002
2a00:1450:4001:809::200d
2a00:1450:4001:817::2002
2a00:1450:4001:818::2013
2a00:1450:4001:819::2002
2a00:1450:4001:819::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:81e::2009
2a00:1450:4001:81e::200a
2a00:1450:4001:824::2003
2a00:1450:4001:825::2002
2a03:2880:f01c:8012:face:b00c:0:3
016d1fe5453cd0266ac1e05f9f4469c90a288eecb6718483021f3b744c3fa9f2
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
09acbe89937043ca22e2edfc75ef19630eb4d7307824ae0f09fd7b07aaba7631
0a8c12761327cd6864d140a4db0fe1e8965d71f26626015f8c8a427c69d03eb8
0def3059d235a1dff7b190b3e8bf5c93f8de6fe2a73ed1b728c11c060912946f
0e80a7465aa08540b6716e38e578d963ce1c3541d2a2b3dffdf4ca2435fe915b
0f4b9307b7a880078e55bb28a02db841faeda624ec6f84c987b71b0d5a2887ff
1b0c3142b1cc662f819943afaa390f1ce056bc2772cd898b13354d5f80d8337e
1de06b9da1b1200f7769512f1f8c9ba0476e3ccbeddb0f92f735cbea40941d9e
1ec6c185e2db6c0b1450e1062cce4c671999e85656b153e2c986066b9f5f2f12
2e5fcb655f0010c419f0efc18e3125d5d2a56186a53848749e27867c4ec883cf
3d42fc1c349e1ff511ae471d2fce211a3787212180217093d826e2f30006a10d
4be25ab4a6eb0ef8d5f28549009adc9b41459aa6fd16687d437b2f8575c47b99
51d6a59ac30da1d138422eca0a828b63510f589379b2df143772bfaaf7d56d3e
60ef953a65ae18962106287ddfe709e677844f21fca09bef89fa2de9191669e4
63ccf0f33e466c1549a076ed85324b64ae5b5b095ed2518a2c6f9ad35eb2be9a
68f0983115b1b51480069fddc7a91a266799179b398292eaa209abd1b361cf3e
6a6a77d4af8485f801196e0abb887d745c1ebaf38df310027cf720ad7517e9b2
782f3410dc1d9bafc6be699c257acb1700b53217a6aafbf08a656f67b54972e2
7c2b145505e27d6fbd0d8c3c9523eebea37e854b8c130fcaf8a6fe1a0788e28d
96105f82e18bd3a362787a75d60cbde93e64584708a0b589894fafc7a8245dc4
9bb6b8c1ba8c4ef8d5eff9f6b9b372181f37495232a41462cb073418913011df
a8d85376bb865023fa6e9e61440112f1511b8cd2a490ad5aba7bef43c5f732e6
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d74cd1d599cd8aca54efc604395358abd1c34f331304aa34cf7b2cc6c80916d0
dba101e6f5518f40c89f565643d81ce8e9c77543b3a32848359f8ffa43129f2e
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995