urlscan.io logo urlscan.io
SecurityTrails logo

ayletcecils.shop Open in urlscan Pro
212.117.186.116  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pifansub.net/filipino-scrambled-eggs-recipe/
Effective URL: https://ayletcecils.shop/iluimAugDNFKZtlgqkfVYkELiR/84653/?md=eyJ0dmMiOjAsImEiOjYzODcsInMiOiIxNjAweDEyMDAiLCJiIjoiMTYwMHg...
Submission: On November 23 via api from KR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 16 domains to perform 50 HTTP transactions. The main IP is 212.117.186.116, located in Luxembourg, Luxembourg and belongs to SERVERS-COM, US. The main domain is ayletcecils.shop.
TLS certificate: Issued by R10 on November 4th 2024. Valid for: 3 months.
This is the only time ayletcecils.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 172.67.182.202 13335 (CLOUDFLAR...)
1 212.117.190.201 7979 (SERVERS-COM)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.67.176.34 13335 (CLOUDFLAR...)
3 6 2a02:6b8::1:119 13238 (YANDEX YA...)
1 4 188.114.96.3 13335 (CLOUDFLAR...)
2 23.109.170.27 7979 (SERVERS-COM)
2 172.241.48.106 7979 (SERVERS-COM)
2 212.117.186.116 7979 (SERVERS-COM)
50 11
2    2606:4700:3032::ac43:d065 (United States)

ASN13335 (CLOUDFLARENET, US)
pifansub.net
1    172.67.182.202 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.scontentflow.com
1    212.117.190.201 (Luxembourg, Luxembourg)

ASN7979 (SERVERS-COM, US)
x7r3mk6ldr.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    172.67.176.34 (United States)

ASN13335 (CLOUDFLARENET, US)
tnews.contentraffic.com
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
mc.yandex.ru
mc.yandex.com
4    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
www.yametric.com
ww1.tech4u.app
2    23.109.170.27 (Netherlands)

ASN7979 (SERVERS-COM, US)
xp.soughstreek.com
2    172.241.48.106 (Netherlands)

ASN7979 (SERVERS-COM, US)
hebenonwidegab.top
2    212.117.186.116 (Luxembourg, Luxembourg)

ASN7979 (SERVERS-COM, US)
ayletcecils.shop
Apex Domain
Subdomains		 Transfer
3 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9443
1 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4577 Failed
77 KB
2 ayletcecils.shop
ayletcecils.shop
3 KB
2 hebenonwidegab.top
hebenonwidegab.top — Cisco Umbrella Rank: 153235
678 B
2 soughstreek.com
xp.soughstreek.com
8 KB
2 tech4u.app
ww1.tech4u.app
tech4u.app Failed
1 KB
2 yametric.com
www.yametric.com
26 KB
2 contentraffic.com
tnews.contentraffic.com Failed
2 KB
2 pifansub.net
pifansub.net
65 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
850 B
1 x7r3mk6ldr.com
x7r3mk6ldr.com
57 KB
1 scontentflow.com
assets.scontentflow.com
98 KB
0 gravatar.com Failed
secure.gravatar.com Failed
0 modoro360.com Failed
tg1.modoro360.com Failed
0 greeter.me Failed
jscdn.greeter.me Failed
0 googletagmanager.com Failed
www.googletagmanager.com Failed
50 16
Domain Requested by
3 mc.yandex.com 2 redirects tnews.contentraffic.com
mc.yandex.ru
3 mc.yandex.ru assets.scontentflow.com
tnews.contentraffic.com
2 ayletcecils.shop xp.soughstreek.com
2 hebenonwidegab.top xp.soughstreek.com
2 xp.soughstreek.com
2 ww1.tech4u.app 1 redirects
2 www.yametric.com tnews.contentraffic.com
www.yametric.com
2 tnews.contentraffic.com assets.scontentflow.com
2 pifansub.net pifansub.net
1 fonts.googleapis.com pifansub.net
1 x7r3mk6ldr.com pifansub.net
1 assets.scontentflow.com pifansub.net
0 tech4u.app Failed
0 secure.gravatar.com Failed pifansub.net
0 tg1.modoro360.com Failed pifansub.net
0 jscdn.greeter.me Failed pifansub.net
0 www.googletagmanager.com Failed pifansub.net
50 17

This site contains no links.

Subject Issuer Validity Valid
pifansub.net
WE1		 2024-10-14 -
2025-01-12		 3 months crt.sh
scontentflow.com
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
x7r3mk6ldr.com
ZeroSSL ECC Domain Secure Site CA		 2024-09-20 -
2024-12-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
contentraffic.com
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-20 -
2025-04-01		 5 months crt.sh
yametric.com
WE1		 2024-10-05 -
2025-01-03		 3 months crt.sh
tech4u.app
WE1		 2024-10-14 -
2025-01-12		 3 months crt.sh
xp.soughstreek.com
R11		 2024-10-30 -
2025-01-28		 3 months crt.sh
hebenonwidegab.top
ZeroSSL RSA Domain Secure Site CA		 2024-11-01 -
2025-01-30		 3 months crt.sh
ayletcecils.shop
R10		 2024-11-04 -
2025-02-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ayletcecils.shop/iluimAugDNFKZtlgqkfVYkELiR/84653/?md=eyJ0dmMiOjAsImEiOjYzODcsInMiOiIxNjAweDEyMDAiLCJiIjoiMTYwMHgxMjAwIiwiciI6Imh0dHBzOi8vd3cxLnRlY2g0dS5hcHAvIiwicSI6Imh0dHBzOi8veHAuc291Z2hzdHJlZWsuY29tL2loZ2dCcVhNNG5oZ2FHRC9nVkVRRSIsImgiOjY1MDcsImwiOiJkZS1ERSIsInQiOi02MCwieiI6MjU3LCJrIjo0LCJ1IjoiNjdlMGIzNjU0OTIzODVmZTIyYjM1MSIsImYiOmZhbHNlLCJ3aCI6Im5vdCBpbiBpZnJhbWUiLCJpaCI6IjE2MDB4MTI4NSIsImUiOiIycjk2ZTEzZDUwN3RvcXoiLCJvIjp0cnVlLCJtIjoxNzMyMzk0MzQ0ODA2LCJ3IjoiJTdCJTIydGl0bGUlMjIlM0ElMjIlMjIlMkMlMjJrZXl3b3JkcyUyMiUzQSU1QiU1RCUyQyUyMnRvcHdvcmRzJTIyJTNBJTVCJTIyYWR2ZXJ0aXNlciUzQTElMjIlNUQlN0QiLCJ0cyI6MCwicHIiOjEsImRtIjo4LCJoYyI6MjQsImJsIjoxLCJiYyI6MiwidnYiOiJJbnRlbCBJbmMuIiwidnIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoiNGciLCJjZGxtIjotMSwiY2RsIjoxMCwiY3J0dCI6NTAsInRtcyI6MSwiY2UiOnRydWUsImNkIjoyNCwib3IiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImZzIjpudWxsLCJmc28iOm51bGx9&pdc=SI7tfkAzPLW*GkTlC2ANYD7fDMdBypwogFb_M_0qOuM
Frame ID: 1416847D3481BB8FC87DAA4D2CACD0B5
Requests: 48 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: D8DACB2970CD7248DB1179F9F5F9F7C4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://pifansub.net/filipino-scrambled-eggs-recipe/ Page URL
  2. https://tnews.contentraffic.com/?news Page URL
  3. https://xp.soughstreek.com/ihggBqXM4nhgaGD/gVEQE Page URL
  4. https://ayletcecils.shop/iluimAugDNFKZtlgqkfVYkELiR/84653/?md=eyJ0dmMiOjAsImEiOjYzODcsInMiOiIxNjAweDE... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

50
Requests

36 %
HTTPS

30 %
IPv6

16
Domains

17
Subdomains

11
IPs

5
Countries

338 kB
Transfer

969 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pifansub.net/filipino-scrambled-eggs-recipe/ Page URL
  2. https://tnews.contentraffic.com/?news Page URL
  3. https://xp.soughstreek.com/ihggBqXM4nhgaGD/gVEQE Page URL
  4. https://ayletcecils.shop/iluimAugDNFKZtlgqkfVYkELiR/84653/?md=eyJ0dmMiOjAsImEiOjYzODcsInMiOiIxNjAweDEyMDAiLCJiIjoiMTYwMHgxMjAwIiwiciI6Imh0dHBzOi8vd3cxLnRlY2g0dS5hcHAvIiwicSI6Imh0dHBzOi8veHAuc291Z2hzdHJlZWsuY29tL2loZ2dCcVhNNG5oZ2FHRC9nVkVRRSIsImgiOjY1MDcsImwiOiJkZS1ERSIsInQiOi02MCwieiI6MjU3LCJrIjo0LCJ1IjoiNjdlMGIzNjU0OTIzODVmZTIyYjM1MSIsImYiOmZhbHNlLCJ3aCI6Im5vdCBpbiBpZnJhbWUiLCJpaCI6IjE2MDB4MTI4NSIsImUiOiIycjk2ZTEzZDUwN3RvcXoiLCJvIjp0cnVlLCJtIjoxNzMyMzk0MzQ0ODA2LCJ3IjoiJTdCJTIydGl0bGUlMjIlM0ElMjIlMjIlMkMlMjJrZXl3b3JkcyUyMiUzQSU1QiU1RCUyQyUyMnRvcHdvcmRzJTIyJTNBJTVCJTIyYWR2ZXJ0aXNlciUzQTElMjIlNUQlN0QiLCJ0cyI6MCwicHIiOjEsImRtIjo4LCJoYyI6MjQsImJsIjoxLCJiYyI6MiwidnYiOiJJbnRlbCBJbmMuIiwidnIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoiNGciLCJjZGxtIjotMSwiY2RsIjoxMCwiY3J0dCI6NTAsInRtcyI6MSwiY2UiOnRydWUsImNkIjoyNCwib3IiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImZzIjpudWxsLCJmc28iOm51bGx9&pdc=SI7tfkAzPLW*GkTlC2ANYD7fDMdBypwogFb_M_0qOuM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10562.dc31k-rxVn94ANYUHds-dEPPvKpN-J02WcAYF5VcxFXlt5_CBEerBz5suN96-P4U.UmU4XH3fXUyJReJnOsxhv4RhJtw%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10562.bZKlV84FyfmblTcuYQR6LCXcRaE_hXJZaU0Bqfyxuh2B-NI-j1A9Wc57ByNV47bRxpLYjn5pWfCbtjXsk7WRVI1BDBXJPXtbejmgE5WEzLHV8i0aG5oubmx_Av4J47HshS543YVZB7b3oiAhsksOoOw-dovFJWhY5xBWLacfGj-7SmfooIpn_-KJOIbahgiAgX-U_MuKCwq1FRVmOs0Qmi79PQwGyP4zTJA5I9Uwsec%2C.36UbzDHqivVLA-I7yYaSKBXyq1g%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10562.pXdlorR7r6xiFmcH7NmcdfO8C6d8E2h8EwzyM6Dch21s5FP8mMd-YcAh13IR4Zyt-TiKy-6Fmfqwk9v3Tbv-Wk6znI3MpZmnVVYxKyl1glgMCEpl3J0yNE69KB8Rykg-UZxqzjfHup5tdlZHr6VI-GcOaDeWKVEzanmk2lFzeTlzvgCvlgATXu6VtfQPiycAWmlCOU4P_p0te2D7aUsBtA%2C%2C.WmoN5KGCYkMHbF2ZHMTEiAUiXCs%2C
Request Chain 39
  • https://mc.yandex.com/watch/97059988?wmode=7&page-url=https%3A%2F%2Ftnews.contentraffic.com%2F%3Fnews&page-ref=https%3A%2F%2Fpifansub.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1530%3Acn%3A1%3Adp%3A0%3Als%3A212902379963%3Ahid%3A501785363%3Az%3A60%3Ai%3A20241123213902%3Aet%3A1732394343%3Ac%3A1%3Arn%3A802551148%3Arqn%3A1%3Au%3A1732394343326816836%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C24%2C50%2C2%2C7%2C0%2C%2C16%2C0%2C%2C%2C%2C105%3Aco%3A0%3Acpf%3A1%3Ans%3A1732394342460%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1732394343%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
  • https://mc.yandex.com/watch/97059988/1?wmode=7&page-url=https%3A%2F%2Ftnews.contentraffic.com%2F%3Fnews&page-ref=https%3A%2F%2Fpifansub.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1530%3Acn%3A1%3Adp%3A0%3Als%3A212902379963%3Ahid%3A501785363%3Az%3A60%3Ai%3A20241123213902%3Aet%3A1732394343%3Ac%3A1%3Arn%3A802551148%3Arqn%3A1%3Au%3A1732394343326816836%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C24%2C50%2C2%2C7%2C0%2C%2C16%2C0%2C%2C%2C%2C105%3Aco%3A0%3Acpf%3A1%3Ans%3A1732394342460%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1732394343%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
Request Chain 40
  • https://ww1.tech4u.app/mpc HTTP 301
  • http://ww1.tech4u.app/mpc/ HTTP 307
  • https://ww1.tech4u.app/mpc/
Request Chain 44
  • https://ww1.tech4u.app/favicon.ico HTTP 302
  • https://tech4u.app/

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
pifansub.net/filipino-scrambled-eggs-recipe/ 		156 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pifansub.net/filipino-scrambled-eggs-recipe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d065 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2698f46ce9738cd27e4990bcceed512299f1ac29484d203ac2596397879dbe1d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e73f758fb6a3a82-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 23 Nov 2024 20:39:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Avb%2FSA4M9vteXD%2FjruTJkQ3l%2Fm%2FOlejW7GiHGHAqm6b9q9nXqGooZ4ONzqgI3DZSfK3Vk7SQ8P6qHdg20t9%2BSs8Ca8YnghVHDInXiWFyKx4gSLcLWNXFORKkrzlHshUEmhS6zuWRxGqYv94%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=12324&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3921&recv_bytes=2310&delivery_rate=329584&cwnd=253&unsent_bytes=0&cid=5369aa9fb30e876d&ts=796&x=0"
vary
Accept-Encoding,User-Agent
/
assets.scontentflow.com/ 		248 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.scontentflow.com/
Requested by
Host: pifansub.net
URL: https://pifansub.net/filipino-scrambled-eggs-recipe/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3de1748d7326b7eb300e6b4e12b553ef845e25b2db6fb1c178d68fa76d3833c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pifansub.net/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDyGGH%2FbLTJcwaFpvwFv%2BlSh7AnCjkTqMaKfiE7gnIPSa%2BcJHW5QNnTSwK61e46HGj4CxXgA71qOHV7FYNYdbLmkdeRP0VjHWhN1lnh4Vv1CaeQM3o1vh%2Fn1A7CkhNR5NT7Ay5ION6rq9g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e73f75eb903d3a9-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12342&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4138&recv_bytes=4378&delivery_rate=749&cwnd=12000&unsent_bytes=0&cid=748d9d54f23cd9dc&ts=146&x=1", cfHdrFlush;dur=0
date
Sat, 23 Nov 2024 20:39:02 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding
server
cloudflare
8010b281.js
x7r3mk6ldr.com/aas/r45d/vki/1974317/ 		149 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x7r3mk6ldr.com/aas/r45d/vki/1974317/8010b281.js
Requested by
Host: pifansub.net
URL: https://pifansub.net/filipino-scrambled-eggs-recipe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
15e9c2f05773bfef0ebcc1281e71faf9444727897466bd6cb348af7821d1d63f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pifansub.net/

Response headers

timing-allow-origin
*
content-encoding
gzip
etag
W/"673f27a0-256b7"
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
x-js-ab2
current
date
Sat, 23 Nov 2024 20:39:02 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 12:29:20 GMT
server
nginx
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		0
0
style.min.css
pifansub.net/wp-includes/css/dist/block-library/ 		112 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pifansub.net/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: pifansub.net
URL: https://pifansub.net/filipino-scrambled-eggs-recipe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d065 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pifansub.net/filipino-scrambled-eggs-recipe/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f9lRBqSoVfxp4XHZ1cMHy2mpvpsa7RiK7wNSnJA3I8BbsAF1J3yiHQAlJq2YCNU%2Fw23yiUrn1r5tVYMTAslXpoU0KeTutrPprWBovrGoRPydF7rlOH%2BWkPJB%2BGGS7t3Z6ea3oKpRFkPU9yo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e73f75e7fea3a82-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=17913&sent=71&recv=41&lost=0&retrans=0&sent_bytes=55756&recv_bytes=2476&delivery_rate=4608889&cwnd=260&unsent_bytes=0&cid=5369aa9fb30e876d&ts=1215&x=0"
content-length
15177
date
Sat, 23 Nov 2024 20:39:02 GMT
content-type
text/css
last-modified
Tue, 12 Nov 2024 23:05:59 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
screen.min.css
pifansub.net/wp-content/plugins/easy-table-of-contents/assets/css/ 		0
0
style.css
pifansub.net/wp-content/themes/mts_magxp/ 		0
0
font-awesome.min.css
pifansub.net/wp-content/themes/mts_magxp/css/ 		0
0
responsive.css
pifansub.net/wp-content/themes/mts_magxp/css/ 		0
0
jquery.min.js
pifansub.net/wp-includes/js/jquery/ 		0
0
jquery-migrate.min.js
pifansub.net/wp-includes/js/jquery/ 		0
0
ajax.js
pifansub.net/wp-content/themes/mts_magxp/js/ 		0
0
css
fonts.googleapis.com/ 		831 B
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Armata:normal&subset=latin&display=swap
Requested by
Host: pifansub.net
URL: https://pifansub.net/filipino-scrambled-eggs-recipe/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
417e957ecaba51a37e45fbeb48f54fac6a307768063e0cb780fc0ac80de40a3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pifansub.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 23 Nov 2024 20:39:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 23 Nov 2024 20:39:02 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 23 Nov 2024 20:39:02 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
1-1.png.webp
pifansub.net/wp-content/uploads/2022/02/ 		0
0
pifansub.nethead.js
jscdn.greeter.me/ 		0
0
pifansub.netdynamic.js
jscdn.greeter.me/ 		0
0
spt
tg1.modoro360.com/api/adserver/ 		0
0
f2f851134a1e4e955180e2b81974c005
secure.gravatar.com/avatar/ 		0
0
jquery.adrotate.clicktracker.js
pifansub.net/wp-content/plugins/adrotate/library/ 		0
0
postviews-cache.js
pifansub.net/wp-content/plugins/wp-postviews/ 		0
0
comment-reply.min.js
pifansub.net/wp-includes/js/ 		0
0
customscript.js
pifansub.net/wp-content/themes/mts_magxp/js/ 		0
0
layzr.min.js
pifansub.net/wp-content/themes/mts_magxp/js/ 		0
0
js.cookie.min.js
pifansub.net/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/ 		0
0
jquery.sticky-kit.min.js
pifansub.net/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/ 		0
0
front.min.js
pifansub.net/wp-content/plugins/easy-table-of-contents/assets/js/ 		0
0
/
tnews.contentraffic.com/ 		0
0
/
tnews.contentraffic.com/ 		0
0
/
tnews.contentraffic.com/ 		0
0
/
tnews.contentraffic.com/ 		0
0
/
tnews.contentraffic.com/ 		0
0
/
tnews.contentraffic.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tnews.contentraffic.com/?news
Requested by
Host: assets.scontentflow.com
URL: https://assets.scontentflow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd39c8c639c2837badb381ebada18e6294467ba1c934a00278f92a344e0d8760

Request headers

Referer
https://pifansub.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e73f760ac62d140-CDG
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 23 Nov 2024 20:39:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
refresh
0;url=https://ww1.tech4u.app/mpc
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qE4ePnN99UvAY7RCqPSbMKwDSD%2FdMC9zI%2Bem3PS20%2FMqhY4UlCm7SBg9S28nXaf%2BeeWNxIe2eAL%2FizkbMb9kE5VeB74tdXhZrNgboyxuhqb19d22121iVwfSt7iABu5UQkD2I8OJmRoLdA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15418&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4143&recv_bytes=4454&delivery_rate=38354&cwnd=12000&unsent_bytes=0&cid=7aae76b2f1d089aa&ts=57&x=1" cfExtPri cfHdrFlush;dur=0
vary
accept-encoding
tag.js
mc.yandex.ru/metrika/ 		0
0
97059986
mc.yandex.ru/watch/ 		0
0
tag.js
mc.yandex.ru/metrika/ 		220 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: tnews.contentraffic.com
URL: https://tnews.contentraffic.com/?news
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
327792de13e41955dc633dd61184895624555a736af01aec05229ed2694f0058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tnews.contentraffic.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
etag
"673e04f1-12b1a"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Sat, 23 Nov 2024 21:39:02 GMT
access-control-allow-origin
*
content-length
76570
date
Sat, 23 Nov 2024 20:39:02 GMT
last-modified
Wed, 20 Nov 2024 15:49:05 GMT
content-type
application/javascript
matomo.js
www.yametric.com/ 		66 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yametric.com/matomo.js
Requested by
Host: tnews.contentraffic.com
URL: https://tnews.contentraffic.com/?news
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tnews.contentraffic.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6700a13b-10784"
age
5762
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L2oFzztRxwk78ghhogH4tXsjmONENO4K6CmalpLeU%2F8347C6TngV%2FQHzQzqFsZq8MNSojtY6O7fjLdqW5lRqqZav5wGVvfPFEu%2BxGyMNYYDaLCaNtOGX7jXOPzFymQMiJXaa"}],"group":"cf-nel","max_age":604800}
cf-ray
8e73f762580ad085-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14878&sent=13&recv=5&lost=0&retrans=3&sent_bytes=7476&recv_bytes=4107&delivery_rate=40721&cwnd=12000&unsent_bytes=0&cid=5e4637d2620b322b&ts=192&x=1", cfHdrFlush;dur=0
date
Sat, 23 Nov 2024 20:39:02 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 05 Oct 2024 02:15:23 GMT
vary
Accept-Encoding
server
cloudflare
matomo.php
www.yametric.com/ 		0
605 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.yametric.com/matomo.php?action_name=&idsite=19&rec=1&r=471138&h=21&m=39&s=2&url=https%3A%2F%2Ftnews.contentraffic.com%2F%3Fnews&urlref=https%3A%2F%2Fpifansub.net%2F&_id=5be19aa3435c26a8&_idn=1&send_image=0&_refts=1732394343&_ref=https%3A%2F%2Fpifansub.net%2F&pv_id=A1au9N&pf_net=30&pf_srv=50&pf_tfr=2&pf_dm1=14&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: www.yametric.com
URL: https://www.yametric.com/matomo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://tnews.contentraffic.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fMH5mWG7nN7ShYvlrGWLiTQnYBj%2FhpDDUaSspHHlgX2%2Fn11uuGJ%2BwJj%2BYk%2FFofilMKGSSWrQMZHA6eMdfa%2BJBM%2FEvVEhD9Ko%2FasjpLhpfzYwqY9zGFY%2F30on7HZc3kH21Scr"}],"group":"cf-nel","max_age":604800}
cf-ray
8e73f762b8b8d085-CDG
access-control-allow-origin
https://tnews.contentraffic.com
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16481&sent=43&recv=12&lost=0&retrans=4&sent_bytes=35559&recv_bytes=5131&delivery_rate=265606&cwnd=24300&unsent_bytes=0&cid=5e4637d2620b322b&ts=322&x=1", cfHdrFlush;dur=0
date
Sat, 23 Nov 2024 20:39:02 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10562.dc31k-rxVn94ANYUHds-dEPPvKpN-J02WcAYF5VcxFXlt5_CBEerBz5suN96-P4U.UmU4XH3fXUyJReJnOsxhv4RhJtw%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10562.bZKlV84FyfmblTcuYQR6LCXcRaE_hXJZaU0Bqfyxuh2B-NI-j1A9Wc57ByNV47bRxpLYjn5pWfCbtjXsk7WRVI1BDBXJPXtbejmgE5WEzLHV8i0aG5oubmx_Av4J47HshS543YVZB7...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10562.pXdlorR7r6xiFmcH7NmcdfO8C6d8E2h8EwzyM6Dch21s5FP8mMd-YcAh13IR4Zyt-TiKy-6Fmfqwk9v3Tbv-Wk6znI3MpZmnVVYxKyl1glgMC...
43 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10562.pXdlorR7r6xiFmcH7NmcdfO8C6d8E2h8EwzyM6Dch21s5FP8mMd-YcAh13IR4Zyt-TiKy-6Fmfqwk9v3Tbv-Wk6znI3MpZmnVVYxKyl1glgMCEpl3J0yNE69KB8Rykg-UZxqzjfHup5tdlZHr6VI-GcOaDeWKVEzanmk2lFzeTlzvgCvlgATXu6VtfQPiycAWmlCOU4P_p0te2D7aUsBtA%2C%2C.WmoN5KGCYkMHbF2ZHMTEiAUiXCs%2C
Requested by
Host: tnews.contentraffic.com
URL: https://tnews.contentraffic.com/?news
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tnews.contentraffic.com/

Response headers

strict-transport-security
max-age=31536000
content-length
43
date
Sat, 23 Nov 2024 20:39:03 GMT
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10562.pXdlorR7r6xiFmcH7NmcdfO8C6d8E2h8EwzyM6Dch21s5FP8mMd-YcAh13IR4Zyt-TiKy-6Fmfqwk9v3Tbv-Wk6znI3MpZmnVVYxKyl1glgMCEpl3J0yNE69KB8Rykg-UZxqzjfHup5tdlZHr6VI-GcOaDeWKVEzanmk2lFzeTlzvgCvlgATXu6VtfQPiycAWmlCOU4P_p0te2D7aUsBtA%2C%2C.WmoN5KGCYkMHbF2ZHMTEiAUiXCs%2C
date
Sat, 23 Nov 2024 20:39:03 GMT
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: tnews.contentraffic.com
URL: https://tnews.contentraffic.com/?news
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tnews.contentraffic.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
etag
"673e04f1-2b"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Sat, 23 Nov 2024 21:39:02 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Sat, 23 Nov 2024 20:39:02 GMT
last-modified
Wed, 20 Nov 2024 15:49:05 GMT
content-type
image/gif
1
mc.yandex.com/watch/97059988/
Redirect Chain
  • https://mc.yandex.com/watch/97059988?wmode=7&page-url=https%3A%2F%2Ftnews.contentraffic.com%2F%3Fnews&page-ref=https%3A%2F%2Fpifansub.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A...
  • https://mc.yandex.com/watch/97059988/1?wmode=7&page-url=https%3A%2F%2Ftnews.contentraffic.com%2F%3Fnews&page-ref=https%3A%2F%2Fpifansub.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%...
0
0
/
ww1.tech4u.app/mpc/
Redirect Chain
  • https://ww1.tech4u.app/mpc
  • http://ww1.tech4u.app/mpc/
  • https://ww1.tech4u.app/mpc/
0
675 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ww1.tech4u.app/mpc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tnews.contentraffic.com/?news
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e73f764ef649b63-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 23 Nov 2024 20:39:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
refresh
0; url=https://xp.soughstreek.com/ihggBqXM4nhgaGD/gVEQE
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WwvIkt0oYuACMkWjwjblJiu73LQZtGhWcXMTAyEo%2FR61kLAtaYIACbnQ%2BFVFXiLvtjtSXbAz3nV%2FjGAnxM9P9HfKdz3%2B4vrS1JcwyPS%2BfRUNK%2FXh%2BC%2BdO9jy4ps6lW0b8g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=6175&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5042&recv_bytes=4925&delivery_rate=32222&cwnd=12000&unsent_bytes=0&cid=63775d957e7060aa&ts=73&x=1" cfExtPri cfHdrFlush;dur=0
vary
accept-encoding

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://ww1.tech4u.app/mpc/
Non-Authoritative-Reason
HSTS
favicon.ico
tnews.contentraffic.com/ 		571 B
832 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tnews.contentraffic.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://tnews.contentraffic.com/?news

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c4Tg3J1xepdkr5WHDXIh%2BdP2PR7WYkAoOyfrozSpBm6iKRD%2FRPaD9OKc4I7KtN5wGdVbfdsf7rL%2BoGb9x8%2F9nPNzLZogzJ3PVlMoVgTHgXm2Lg7nSjaWYuDKFLat7NbY0gQ2Ez2SYb05ww%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e73f7649dccd140-CDG
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15459&sent=14&recv=12&lost=0&retrans=0&sent_bytes=5527&recv_bytes=5059&delivery_rate=41037&cwnd=12000&unsent_bytes=0&cid=7aae76b2f1d089aa&ts=684&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 23 Nov 2024 20:39:03 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
metrika_match.html
mc.yandex.com/metrika/ Frame D8DA 		0
0
gVEQE
xp.soughstreek.com/ihggBqXM4nhgaGD/ 		12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xp.soughstreek.com/ihggBqXM4nhgaGD/gVEQE
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.27 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
0b5f3391164e8283dbc4fa419dd2ed549c1803d7f72bc207f0489809818dddb4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ww1.tech4u.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Nov 2024 20:39:03 GMT
Keep-Alive
timeout=20
Server
nginx
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
/
tech4u.app/
Redirect Chain
  • https://ww1.tech4u.app/favicon.ico
  • https://tech4u.app/
0
0
/
hebenonwidegab.top/cuid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hebenonwidegab.top/cuid/?f=https%3A%2F%2Fxp.soughstreek.com
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
172.241.48.106 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xp.soughstreek.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://xp.soughstreek.com
Access-Control-Max-Age
600
Connection
keep-alive
Content-Length
0
Date
Sat, 23 Nov 2024 20:39:03 GMT
Keep-Alive
timeout=20
Server
nginx
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
/
hebenonwidegab.top/cuid/ 		32 B
678 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hebenonwidegab.top/cuid/?f=https%3A%2F%2Fxp.soughstreek.com
Requested by
Host: xp.soughstreek.com
URL: https://xp.soughstreek.com/ihggBqXM4nhgaGD/gVEQE
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
172.241.48.106 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
93de8c76a36cbfd5237a24f39b12cda861048d44c4ed79b23d3b42b062bd1522
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://xp.soughstreek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=1
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
https://xp.soughstreek.com
Content-Length
32
Keep-Alive
timeout=20
Date
Sat, 23 Nov 2024 20:39:04 GMT
Content-Type
application/json
Server
nginx
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
favicon.ico
xp.soughstreek.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xp.soughstreek.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.27 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xp.soughstreek.com/ihggBqXM4nhgaGD/gVEQE

Response headers

Strict-Transport-Security
max-age=1
Cache-Control
max-age=86400
ETag
"67408542-57e"
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Sun, 24 Nov 2024 20:39:03 GMT
Accept-Ranges
bytes
Content-Length
1406
Keep-Alive
timeout=20
Date
Sat, 23 Nov 2024 20:39:03 GMT
Content-Type
application/octet-stream
Last-Modified
Fri, 22 Nov 2024 13:21:06 GMT
Server
nginx
Primary Request /
ayletcecils.shop/iluimAugDNFKZtlgqkfVYkELiR/84653/ 		52 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ayletcecils.shop/iluimAugDNFKZtlgqkfVYkELiR/84653/?md=eyJ0dmMiOjAsImEiOjYzODcsInMiOiIxNjAweDEyMDAiLCJiIjoiMTYwMHgxMjAwIiwiciI6Imh0dHBzOi8vd3cxLnRlY2g0dS5hcHAvIiwicSI6Imh0dHBzOi8veHAuc291Z2hzdHJlZWsuY29tL2loZ2dCcVhNNG5oZ2FHRC9nVkVRRSIsImgiOjY1MDcsImwiOiJkZS1ERSIsInQiOi02MCwieiI6MjU3LCJrIjo0LCJ1IjoiNjdlMGIzNjU0OTIzODVmZTIyYjM1MSIsImYiOmZhbHNlLCJ3aCI6Im5vdCBpbiBpZnJhbWUiLCJpaCI6IjE2MDB4MTI4NSIsImUiOiIycjk2ZTEzZDUwN3RvcXoiLCJvIjp0cnVlLCJtIjoxNzMyMzk0MzQ0ODA2LCJ3IjoiJTdCJTIydGl0bGUlMjIlM0ElMjIlMjIlMkMlMjJrZXl3b3JkcyUyMiUzQSU1QiU1RCUyQyUyMnRvcHdvcmRzJTIyJTNBJTVCJTIyYWR2ZXJ0aXNlciUzQTElMjIlNUQlN0QiLCJ0cyI6MCwicHIiOjEsImRtIjo4LCJoYyI6MjQsImJsIjoxLCJiYyI6MiwidnYiOiJJbnRlbCBJbmMuIiwidnIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoiNGciLCJjZGxtIjotMSwiY2RsIjoxMCwiY3J0dCI6NTAsInRtcyI6MSwiY2UiOnRydWUsImNkIjoyNCwib3IiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImZzIjpudWxsLCJmc28iOm51bGx9&pdc=SI7tfkAzPLW*GkTlC2ANYD7fDMdBypwogFb_M_0qOuM
Requested by
Host: xp.soughstreek.com
URL: https://xp.soughstreek.com/ihggBqXM4nhgaGD/gVEQE
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
212.117.186.116 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
927676bdf7f1bdcd71f06cc0d9fa573791b12c905629d806851624687c4b4a0d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://xp.soughstreek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 23 Nov 2024 20:39:04 GMT
Keep-Alive
timeout=20
Server
nginx
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
favicon.ico
ayletcecils.shop/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ayletcecils.shop/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
212.117.186.116 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ayletcecils.shop/iluimAugDNFKZtlgqkfVYkELiR/84653/?md=eyJ0dmMiOjAsImEiOjYzODcsInMiOiIxNjAweDEyMDAiLCJiIjoiMTYwMHgxMjAwIiwiciI6Imh0dHBzOi8vd3cxLnRlY2g0dS5hcHAvIiwicSI6Imh0dHBzOi8veHAuc291Z2hzdHJlZWsuY29tL2loZ2dCcVhNNG5oZ2FHRC9nVkVRRSIsImgiOjY1MDcsImwiOiJkZS1ERSIsInQiOi02MCwieiI6MjU3LCJrIjo0LCJ1IjoiNjdlMGIzNjU0OTIzODVmZTIyYjM1MSIsImYiOmZhbHNlLCJ3aCI6Im5vdCBpbiBpZnJhbWUiLCJpaCI6IjE2MDB4MTI4NSIsImUiOiIycjk2ZTEzZDUwN3RvcXoiLCJvIjp0cnVlLCJtIjoxNzMyMzk0MzQ0ODA2LCJ3IjoiJTdCJTIydGl0bGUlMjIlM0ElMjIlMjIlMkMlMjJrZXl3b3JkcyUyMiUzQSU1QiU1RCUyQyUyMnRvcHdvcmRzJTIyJTNBJTVCJTIyYWR2ZXJ0aXNlciUzQTElMjIlNUQlN0QiLCJ0cyI6MCwicHIiOjEsImRtIjo4LCJoYyI6MjQsImJsIjoxLCJiYyI6MiwidnYiOiJJbnRlbCBJbmMuIiwidnIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoiNGciLCJjZGxtIjotMSwiY2RsIjoxMCwiY3J0dCI6NTAsInRtcyI6MSwiY2UiOnRydWUsImNkIjoyNCwib3IiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImZzIjpudWxsLCJmc28iOm51bGx9&pdc=SI7tfkAzPLW*GkTlC2ANYD7fDMdBypwogFb_M_0qOuM

Response headers

Strict-Transport-Security
max-age=1
Cache-Control
max-age=86400
ETag
"67408546-57e"
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Sun, 24 Nov 2024 20:39:04 GMT
Accept-Ranges
bytes
Content-Length
1406
Keep-Alive
timeout=20
Date
Sat, 23 Nov 2024 20:39:04 GMT
Content-Type
application/octet-stream
Last-Modified
Fri, 22 Nov 2024 13:21:10 GMT
Server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=UA-221426834-1
Domain
pifansub.net
URL
https://pifansub.net/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css
Domain
pifansub.net
URL
https://pifansub.net/wp-content/themes/mts_magxp/style.css
Domain
pifansub.net
URL
https://pifansub.net/wp-content/themes/mts_magxp/css/font-awesome.min.css
Domain
pifansub.net
URL
https://pifansub.net/wp-content/themes/mts_magxp/css/responsive.css
Domain
pifansub.net
URL
https://pifansub.net/wp-includes/js/jquery/jquery.min.js
Domain
pifansub.net
URL
https://pifansub.net/wp-includes/js/jquery/jquery-migrate.min.js
Domain
pifansub.net
URL
https://pifansub.net/wp-content/themes/mts_magxp/js/ajax.js
Domain
pifansub.net
URL
https://pifansub.net/wp-content/uploads/2022/02/1-1.png.webp
Domain
jscdn.greeter.me
URL
https://jscdn.greeter.me/pifansub.nethead.js
Domain
jscdn.greeter.me
URL
https://jscdn.greeter.me/pifansub.netdynamic.js
Domain
tg1.modoro360.com
URL
https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=63d11b4912ca63fefc045804&AV_PUBLISHERID=635fb7c8aaabfe5a8338ee52
Domain
secure.gravatar.com
URL
https://secure.gravatar.com/avatar/f2f851134a1e4e955180e2b81974c005?s=100&d=mm&r=g
Domain
pifansub.net
URL
https://pifansub.net/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Domain
pifansub.net
URL
https://pifansub.net/wp-content/plugins/wp-postviews/postviews-cache.js
Domain
pifansub.net
URL
https://pifansub.net/wp-includes/js/comment-reply.min.js
Domain
pifansub.net
URL
https://pifansub.net/wp-content/themes/mts_magxp/js/customscript.js
Domain
pifansub.net
URL
https://pifansub.net/wp-content/themes/mts_magxp/js/layzr.min.js
Domain
pifansub.net
URL
https://pifansub.net/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js
Domain
pifansub.net
URL
https://pifansub.net/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js
Domain
pifansub.net
URL
https://pifansub.net/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js
Domain
tnews.contentraffic.com
URL
https://tnews.contentraffic.com/?news
Domain
tnews.contentraffic.com
URL
https://tnews.contentraffic.com/?news
Domain
tnews.contentraffic.com
URL
https://tnews.contentraffic.com/?news
Domain
tnews.contentraffic.com
URL
https://tnews.contentraffic.com/?news
Domain
tnews.contentraffic.com
URL
https://tnews.contentraffic.com/?news
Domain
mc.yandex.ru
URL
https://mc.yandex.ru/metrika/tag.js
Domain
mc.yandex.ru
URL
https://mc.yandex.ru/watch/97059986
Domain
mc.yandex.com
URL
https://mc.yandex.com/watch/97059988/1?wmode=7&page-url=https%3A%2F%2Ftnews.contentraffic.com%2F%3Fnews&page-ref=https%3A%2F%2Fpifansub.net%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1530%3Acn%3A1%3Adp%3A0%3Als%3A212902379963%3Ahid%3A501785363%3Az%3A60%3Ai%3A20241123213902%3Aet%3A1732394343%3Ac%3A1%3Arn%3A802551148%3Arqn%3A1%3Au%3A1732394343326816836%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A6%2C24%2C50%2C2%2C7%2C0%2C%2C16%2C0%2C%2C%2C%2C105%3Aco%3A0%3Acpf%3A1%3Ans%3A1732394342460%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1732394343%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
Domain
mc.yandex.com
URL
https://mc.yandex.com/metrika/metrika_match.html
Domain
tech4u.app
URL
https://tech4u.app/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: yashr
Value: 4358420191732394342
tnews.contentraffic.com/ Name: _pk_ref.19.6b5a
Value: %5B%22%22%2C%22%22%2C1732394343%2C%22https%3A%2F%2Fpifansub.net%2F%22%5D
tnews.contentraffic.com/ Name: _pk_id.19.6b5a
Value: 5be19aa3435c26a8.1732394343.
tnews.contentraffic.com/ Name: _pk_ses.19.6b5a
Value: 1
.contentraffic.com/ Name: _ym_uid
Value: 1732394343326816836
.contentraffic.com/ Name: _ym_d
Value: 1732394343
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2228877674fake
.yandex.com/ Name: i
Value: mCcCya8WqnNgERmTBpikNI0OxyO1Y1i1LfJJ8DoNqPg5t+v0FkG4is4n2e+08IE8HelxcVXI6G74T09aE87a2Hy8MIA=
.yandex.com/ Name: yandexuid
Value: 8973991451732394342
.yandex.com/ Name: yashr
Value: 3603816061732394342
.contentraffic.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3271389181fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 8973991451732394342
.yandex.ru/ Name: yuidss
Value: 8973991451732394342
.yandex.ru/ Name: i
Value: mCcCya8WqnNgERmTBpikNI0OxyO1Y1i1LfJJ8DoNqPg5t+v0FkG4is4n2e+08IE8HelxcVXI6G74T09aE87a2Hy8MIA=
.yandex.ru/ Name: yp
Value: 1732480743.yu.3599719521732394342
.yandex.ru/ Name: ymex
Value: 1734986343.oyu.3599719521732394342
mc.yandex.com/ Name: yabs-sid
Value: 992254101732394343
.yandex.com/ Name: yuidss
Value: 8973991451732394342
.yandex.com/ Name: ymex
Value: 1763930343.yrts.1732394343
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MA==
xp.soughstreek.com/ Name: GL_UI4
Value: eJw9jVtugzAQRSFgkrSBdiQW0CVAns1nld%2FuwTLjgbgBT2Qc0u6%2BbqX26z50dG8URbPyCeIpW0JyUzt4oUOF1f74ut8S1kjUHnbrDa4Rj822blHD0ozSq6Ynn8JiHJTz0k8prDqy5AxKZE05PAfqr7lYvtsUROOU1TmIIRB9DvPG8X0kVyaQWjUQZKez46BiUB%2FsIKk3VfDGBh9XMOOxTIoHEO%2FG3j6LVRYVRRbB47VXvmU3SKNDFJ1TmiB%2BgwUqTx27L5hrGi%2BerwDca%2FnP%2F36K%2FmcNMk2TwRDZn8l9Ayg%2FTvw%3D
xp.soughstreek.com/ Name: GL_GI10
Value: eJwVi00KwjAUBpMHVgRBPuwBcoJCDEW3%2FnfjyhOEGCVI0%2FASC97euphZDIwQguolKCSs9K5tNto0um0nDOQLdDqDXMT86rm38QvJoG5qHDHrfM4e0gEXtvH9%2FHBRtlc3GyJkAIzWW6PunsfgfFb7AyhmLI4Dp4FtmdZUSVAZ%2Fs6PWkCO1foHHx8hjA%3D%3D
.hebenonwidegab.top/ Name: a97fa794a0f9
Value: 67e0b365492385fe22b351
ayletcecils.shop/ Name: GL_UI4
Value: eJw9jVtugzAQRSFgkrSBdiQW0CVAns1nld%2FuwTLjgbgBT2Qc0u6%2BbqX26z50dG8URbPyCeIpW0JyUzt4oUOF1f74ut8S1kjUHnbrDa4Rj822blHD0ozSq6Ynn8JiHJTz0k8prDqy5AxKZE05PAfqr7lYvtsUROOU1TmIIRB9DvPG8X0kVyaQWjUQZKez46BiUB%2FsIKk3VfDGBh9XMOOxTIoHEO%2FG3j6LVRYVRRbB47VXvmU3SKNDFJ1TmiB%2BgwUqTx27L5hrGi%2BerwDca%2FnP%2F36K%2FmcNMk2TwRDZn8l9Ayg%2FTvw%3D
ayletcecils.shop/ Name: GL_GI10
Value: eJwVi00KwjAUBpMHVgRBPuwBcoJCDEW3%2FnfjyhOEGCVI0%2FASC97euphZDIwQguolKCSs9K5tNto0um0nDOQLdDqDXMT86rm38QvJoG5qHDHrfM4e0gEXtvH9%2FHBRtlc3GyJkAIzWW6PunsfgfFb7AyhmLI4Dp4FtmdZUSVAZ%2Fs6PWkCO1foHHx8hjA%3D%3D

3 Console Messages

Source Level URL
Text
network error URL: https://tnews.contentraffic.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://xp.soughstreek.com/ihggBqXM4nhgaGD/gVEQE(Line 12)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A00048016C0A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript warning URL: https://ayletcecils.shop/iluimAugDNFKZtlgqkfVYkELiR/84653/?md=eyJ0dmMiOjAsImEiOjYzODcsInMiOiIxNjAweDEyMDAiLCJiIjoiMTYwMHgxMjAwIiwiciI6Imh0dHBzOi8vd3cxLnRlY2g0dS5hcHAvIiwicSI6Imh0dHBzOi8veHAuc291Z2hzdHJlZWsuY29tL2loZ2dCcVhNNG5oZ2FHRC9nVkVRRSIsImgiOjY1MDcsImwiOiJkZS1ERSIsInQiOi02MCwieiI6MjU3LCJrIjo0LCJ1IjoiNjdlMGIzNjU0OTIzODVmZTIyYjM1MSIsImYiOmZhbHNlLCJ3aCI6Im5vdCBpbiBpZnJhbWUiLCJpaCI6IjE2MDB4MTI4NSIsImUiOiIycjk2ZTEzZDUwN3RvcXoiLCJvIjp0cnVlLCJtIjoxNzMyMzk0MzQ0ODA2LCJ3IjoiJTdCJTIydGl0bGUlMjIlM0ElMjIlMjIlMkMlMjJrZXl3b3JkcyUyMiUzQSU1QiU1RCUyQyUyMnRvcHdvcmRzJTIyJTNBJTVCJTIyYWR2ZXJ0aXNlciUzQTElMjIlNUQlN0QiLCJ0cyI6MCwicHIiOjEsImRtIjo4LCJoYyI6MjQsImJsIjoxLCJiYyI6MiwidnYiOiJJbnRlbCBJbmMuIiwidnIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoiNGciLCJjZGxtIjotMSwiY2RsIjoxMCwiY3J0dCI6NTAsInRtcyI6MSwiY2UiOnRydWUsImNkIjoyNCwib3IiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImZzIjpudWxsLCJmc28iOm51bGx9&pdc=SI7tfkAzPLW*GkTlC2ANYD7fDMdBypwogFb_M_0qOuM
Message:
Scripts may close only the windows that were opened by them.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.scontentflow.com
ayletcecils.shop
fonts.googleapis.com
hebenonwidegab.top
jscdn.greeter.me
mc.yandex.com
mc.yandex.ru
pifansub.net
secure.gravatar.com
tech4u.app
tg1.modoro360.com
tnews.contentraffic.com
ww1.tech4u.app
www.googletagmanager.com
www.yametric.com
x7r3mk6ldr.com
xp.soughstreek.com
jscdn.greeter.me
mc.yandex.com
mc.yandex.ru
pifansub.net
secure.gravatar.com
tech4u.app
tg1.modoro360.com
tnews.contentraffic.com
www.googletagmanager.com
172.241.48.106
172.67.176.34
172.67.182.202
188.114.96.3
212.117.186.116
212.117.190.201
23.109.170.27
2606:4700:3032::ac43:d065
2a00:1450:4001:800::200a
2a02:6b8::1:119
0b5f3391164e8283dbc4fa419dd2ed549c1803d7f72bc207f0489809818dddb4
15e9c2f05773bfef0ebcc1281e71faf9444727897466bd6cb348af7821d1d63f
2698f46ce9738cd27e4990bcceed512299f1ac29484d203ac2596397879dbe1d
327792de13e41955dc633dd61184895624555a736af01aec05229ed2694f0058
3de1748d7326b7eb300e6b4e12b553ef845e25b2db6fb1c178d68fa76d3833c1
417e957ecaba51a37e45fbeb48f54fac6a307768063e0cb780fc0ac80de40a3a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
927676bdf7f1bdcd71f06cc0d9fa573791b12c905629d806851624687c4b4a0d
93de8c76a36cbfd5237a24f39b12cda861048d44c4ed79b23d3b42b062bd1522
a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e
cd39c8c639c2837badb381ebada18e6294467ba1c934a00278f92a344e0d8760
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d