urlscan.io logo urlscan.io
SecurityTrails logo

128.140.13.47.sslip.io Open in urlscan Pro
128.140.13.47  Public Scan

Go To Rescan Add Verdict Report
URL: http://128.140.13.47.sslip.io/
Submission: On November 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 44 HTTP transactions. The main IP is 128.140.13.47, located in Germany and belongs to HETZNER-AS, DE. The main domain is 128.140.13.47.sslip.io.
This is the only time 128.140.13.47.sslip.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 128.140.13.47 24940 (HETZNER-AS)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
19 2606:4700:303... 13335 (CLOUDFLAR...)
1 159.127.43.10 25751 (VALUECLICK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2 35.161.33.140 16509 (AMAZON-02)
1 13.224.214.39 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
44 14
4    128.140.13.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.13.140.128.clients.your-server.de
128.140.13.47.sslip.io
3    2607:f8b0:4004:c0b::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
19    2606:4700:3031::ac43:98cf (United States)

ASN13335 (CLOUDFLARENET, US)
flatcolors.net
1    159.127.43.10 (Los Angeles, United States)

ASN25751 (VALUECLICK, US)
www.awltovhc.com
1    2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    35.161.33.140 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-33-140.us-west-2.compute.amazonaws.com
impus.tradedoubler.com
1    13.224.214.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-39.phl50.r.cloudfront.net
img.tradedoubler.com
2    2607:f8b0:4004:c09::65 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
19 flatcolors.net
flatcolors.net
73 KB
4 sslip.io
128.140.13.47.sslip.io
15 KB
3 tradedoubler.com
impus.tradedoubler.com
img.tradedoubler.com — Cisco Umbrella Rank: 82810
1 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
239 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
ajax.googleapis.com — Cisco Umbrella Rank: 364
34 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137
72 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
3 KB
1 awltovhc.com
www.awltovhc.com — Cisco Umbrella Rank: 83045
395 B
0 publicityclerks.com Failed
cdn.publicityclerks.com Failed
44 12
Domain Requested by
19 flatcolors.net 128.140.13.47.sslip.io
ajax.googleapis.com
4 128.140.13.47.sslip.io 128.140.13.47.sslip.io
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 pagead2.googlesyndication.com 128.140.13.47.sslip.io
pagead2.googlesyndication.com
2 www.google-analytics.com 128.140.13.47.sslip.io
www.google-analytics.com
2 impus.tradedoubler.com 1 redirects 128.140.13.47.sslip.io
2 fonts.gstatic.com fonts.googleapis.com
2 maxcdn.bootstrapcdn.com 128.140.13.47.sslip.io
maxcdn.bootstrapcdn.com
1 img.tradedoubler.com 128.140.13.47.sslip.io
1 cdnjs.cloudflare.com 128.140.13.47.sslip.io
1 ajax.googleapis.com 128.140.13.47.sslip.io
1 www.awltovhc.com 128.140.13.47.sslip.io
1 fonts.googleapis.com 128.140.13.47.sslip.io
0 cdn.publicityclerks.com Failed 128.140.13.47.sslip.io
44 14

This site contains links to these domains. Also see Links.

Domain
publicityclerks.com
flatcolors.net
twitter.com
clk.tradedoubler.com
www.kqzyfj.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.qksrv.net
GlobalSign RSA OV SSL CA 2018		 2023-09-21 -
2024-10-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.tradedoubler.com
Amazon RSA 2048 M02		 2023-11-01 -
2024-11-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://128.140.13.47.sslip.io/
Frame ID: 048F910520BF9C5FFACB79C1FB2AC700
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 73D2BAE06C08C3F5E52FC39ED37A5981
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344397474167941&output=html&adk=1812271804&adf=3025194257&lmt=1700786009&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=http%3A%2F%2F128.140.13.47.sslip.io%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&aslcwct=150&asacwct=25&dt=1700786009360&bpp=147&bdt=203&idt=393&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1529448080864&frm=20&pv=2&ga_vid=2011714848.1700786010&ga_sid=1700786010&ga_hid=1832288549&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809316%2C31078301%2C44807763%2C44808148%2C44808284%2C44809057&oid=2&pvsid=1768362644023009&tmod=1578320932&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=425
Frame ID: F314B55AEA80477E8B54F033A30F3E43
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303890891198768&output=html&h=600&slotname=7728218933&adk=4051531417&adf=3636398527&pi=t.ma~as.7728218933&w=300&lmt=1700786009&format=300x600&url=http%3A%2F%2F128.140.13.47.sslip.io%2F&ea=0&wgl=1&dt=1700786009508&bpp=12&bdt=352&idt=287&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529448080864&frm=20&pv=2&ga_vid=2011714848.1700786010&ga_sid=1700786010&ga_hid=1832288549&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=2082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809316%2C31078301%2C44807763%2C44808148%2C44808284%2C44809057&oid=2&pvsid=1768362644023009&tmod=1578320932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=298
Frame ID: 191F30BF7B23DE6703900D16706D3C45
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Flat Colors - Find flat colors & palettes for your next project

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

82 %
HTTPS

69 %
IPv6

12
Domains

14
Subdomains

14
IPs

2
Countries

510 kB
Transfer

1298 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://impus.tradedoubler.com/imp?type(inv)g(22793564)a(2887121)170522473 HTTP 302
  • https://img.tradedoubler.com/images/inv.gif

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
128.140.13.47.sslip.io/ 		25 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://128.140.13.47.sslip.io/
Protocol
HTTP/1.1
Server
128.140.13.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.13.140.128.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
ff1ef524ede02b508a79728836c22c2b47d55738fd1ce9ea201767cd221262d4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
82ad8f8bfda44d56-FRA
Cache-Control
private, max-age=0, must-revalidate, no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 24 Nov 2023 00:33:29 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMEFdPKLW3mPqaCXpyTpzjxe9PtAtY6qh0dIG23sRyEcIwvG7XihiRcgdSBbZJcgCA74WUW33e%2Bd%2FpJJ%2BIuIx7xfIYYk5rW6OM04UBqLGwcSuLXo0JOjgogds23L89hGuA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
nginx/1.24.0
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
display
orig_site_sol
expires
Thu, 23 Nov 2023 00:33:29 GMT
pagespeed
off
response
200
vary
Accept-Encoding,User-Agent
x-ezoic-cdn
Hit ds;mm;48b12bc6ff63d6c001eb662c3e0324ca;2-384340-0;6c1ef60e-b5a2-471d-64b7-3314b419ad01
x-middleton-display
orig_site_sol
x-middleton-response
200
x-origin-cache-control
x-sol
orig
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3344397474167941
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d150656e9193ffda1899435acbe0f9eb08737939799314c1064d7d3e4cc4e393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://128.140.13.47.sslip.io/
Origin
http://128.140.13.47.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52712
x-xss-protection
0
server
cafe
etag
18425811143466874716
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 00:33:29 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
900
age
68059
cdn-cachedat
06/23/2022 03:30:59
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c22cef91a61ba421c21c5adec89b9a2c
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
82ad8f8dc9fa4bc7-BUF
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		3 KB
852 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,300,700,900
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 00:09:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Nov 2023 00:33:29 GMT
bootstrap.min.css
flatcolors.net/assets/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/assets/bootstrap.min.css
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
88813
x-ezoic-cdn
Hit ds;ds;05cde9c4d60454267c3e53c8d8907748;2-384340-0;786e40b4-c941-4807-4224-420fd2f1e25b
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Mon, 26 Sep 2016 14:37:59 GMT
server
cloudflare
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0l5zKrKzZBPn2C5CSfp9zdDi07jzOBU7i8kwOEWwNmCF65TVZANePWHThtEc%2BbJtdKbeePBEAZ1UlL4F%2FszWrg9Do4DcSwgRL53SkXBokKlhkeFwtec2jQxyqxfitvYhHL9Bv2jtJlskGs%2BKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
82ad8f8f29894bd8-BUF
custom.css
flatcolors.net/assets/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/assets/custom.css
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4691f494969d4785585a5410211fe3ae04fe021ea5e21125c3f16a948f0fecfe

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
351850
cf-polished
origSize=8795
x-ezoic-cdn
Hit ds;mm;c448c119866f13888e8348e75018f0fc;2-384340-0;9c140580-fee7-4197-433f-bb64a3de3f94
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Mon, 26 Sep 2016 14:37:59 GMT
server
cloudflare
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BKI0CDf5Acd4xwGpOErms8c8Ieq2%2FLtPqTABzRt9NapmmtJc5CLiuLBd3hYNXGHOjSl6u23fSXh2b7XQMqgeiMpCKOaXPTTFN%2BdXEQUSR6qNGznDHfZsILOFVJps7r0EBaCak55VLp4DuPspQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
82ad8f8f298a4bd8-BUF
logo.png
flatcolors.net/assets/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flatcolors.net/assets/img/logo.png
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f31613456ee31fad5b1ad37202d07911167cf34a7be5369968f2341110c20ba

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
351850
x-ezoic-cdn
Hit ds;mm;ca6865117348e3515153c74f80fe6bee;2-384340-0;4120ac6b-8123-4d7a-6fad-c715372a4c9d
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
content-length
1274
x-ezoic-excludewebp
false
response
200
last-modified
Mon, 26 Sep 2016 14:38:02 GMT
server
cloudflare
x-origin-cache-control
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mc3DSoCQpmLHQOb2L%2FM9n1NcZfK8%2BEB2jJMoEMyV1pRW3wsecYOW80Euewl2hk0a9kXzeQeMUKU781UbQRJoMt84CmHTnW48s10vV7Yv2rFA9row9JmSIGZ1jKKbgXIEHT1%2FhQUtDcIPTs9z8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
82ad8f8f298b4bd8-BUF
im65xjnbhf0929431302159659A02584451227111
www.awltovhc.com/ 		50 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awltovhc.com/im65xjnbhf0929431302159659A02584451227111
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.127.43.10 Los Angeles, United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
Resin/4.0.66 /
Resource Hash
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Nov 2023 00:33:29 GMT
Server
Resin/4.0.66
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
50
Expires
Fri, 24 Nov 2023 00:33:29 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a83c02e6e913f6a2dad10a507973d3f504055e7e51a6179c37bdbe1ff2685810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52667
x-xss-protection
0
server
cafe
etag
16285076885192855174
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 00:33:29 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 22:10:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
440575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33495
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 22:10:34 GMT
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.5/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.5/clipboard.min.js
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
404b016f5c9a369726eec56a280c93478da17a52ed0f1fee116838330772ec70
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2075070
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2618
last-modified
Mon, 04 May 2020 16:09:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e29-2296"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUMcQa1U3u60dauIIvfEcS8%2BLT9fkUuPz%2BDcrF3BR%2FNS8Pqn46V8KzclERYMEal2XAHFGThU6psL8gidxa9aCORuzcZdZqiO1meLsmPN6or8fiSkyzmp%2Btae4r%2FCu0LJ%2B9YDlJTIKMhX9Eac4l6nbfji"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82ad8f8f2b414bc3-BUF
expires
Wed, 13 Nov 2024 00:33:29 GMT
bootstrap.min.js
flatcolors.net/assets/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/assets/js/bootstrap.min.js
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
br
cf-cache-status
MISS
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;mm;32d1203291b5d33a082a06f08cc42865;2-384340-0;7ca44175-7d92-49a9-6aa7-1f98571d67b7
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Mon, 26 Sep 2016 14:38:05 GMT
server
cloudflare
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtmN0jgPEmQAeZqss2bV1B7xZeiUGkjU3C6KvCWgXYRq2E%2BjxtWYYS%2BEghuVjpcBVF3eZIqml6uPk%2FlY6QvFOsI7n0GxJVYlRZhkYpq287LXfnqf5OFsyTXljZ9QbsNDPYxQn9jCmgLMY98XAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
82ad8f8f798d4bd8-BUF
infinite.min.js
flatcolors.net/assets/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/assets/js/infinite.min.js
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e65469fa1cf86c7b0f6a3427bd5f70db640ca3b96c44d67cc1f8ec9ef6d29d3

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
351849
x-ezoic-cdn
Hit ds;mm;a1580a003516e1261b9fa75ca68a1968;2-384340-0;ececf9e0-6445-49e8-444f-e81466cb5cb9
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Mon, 26 Sep 2016 14:38:05 GMT
server
cloudflare
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zq57EgivFHuanCYl9UXE7c%2FOjgRMzjIJOtQkiohlNt9DaFB01nWgdyUfsZEEm08xoQUtD%2FFy3c3A9%2BmO4z2nC%2BPKiJvKLAMhys8QhQY4pATm1pNqmVlKRvAX96K%2Fy2hWw2wu997qNq%2BPa6xfmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
82ad8f8f798e4bd8-BUF
toastr.min.js
flatcolors.net/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/assets/js/toastr.min.js
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f539c525219f3cb09b400f7c014dadad7adc90e2e83df56b2cd4c879290e0d

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
351849
x-ezoic-cdn
Hit ds;mm;db069c05121567ba857aa58e8781dcf5;2-384340-0;00fe8e31-ea87-418c-675e-9123884ee4be
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Mon, 26 Sep 2016 14:38:06 GMT
server
cloudflare
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCNpfR3rDDSyB9IEaH11Bt6HNbW6%2FF30%2F9jOzkVEZtlAZsqtaXGBttJx0v3caLClpHdZTQLwQCP%2FZWt8mBujk1yVSNgm8yzuRbKLFhGz5YQCSpqOx2iLQoSU6c4lbly7Z2zQ1ZimbJ7Bfm%2FL3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
82ad8f8f898f4bd8-BUF
boise.js
128.140.13.47.sslip.io/detroitchicago/ 		913 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://128.140.13.47.sslip.io/detroitchicago/boise.js?gcb=195-0&cb=2
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
HTTP/1.1
Server
128.140.13.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.13.140.128.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
36f2998a5d4419bbab382abed2a0679d2cc64b21e839a636b351786a4c611db0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 24 Nov 2023 00:33:29 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
351849
Cf-Polished
origSize=926
Transfer-Encoding
chunked
x-middleton-display
sol-js
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Server
nginx/1.24.0
Last-Modified
Sun, 19 Nov 2023 22:49:20 GMT
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TALLuEaNE4Ak4MxIW70xV3zuo2BNsycZa%2BxWky2OgaA6iUfiz1%2F4YKyU0PnCslTKdmOCRvnNJQqmFyHEe9H0Knqvtj15UfMWc%2BvZ6Phj9RXbS2AmV26%2FpV8DxoXbdcwcA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
x-robots-tag
noindex
CF-RAY
82ad8f8ffd522c7b-FRA
abilene.js
128.140.13.47.sslip.io/parsonsmaize/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://128.140.13.47.sslip.io/parsonsmaize/abilene.js?gcb=195-0&cb=30
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
HTTP/1.1
Server
128.140.13.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.13.140.128.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
a389f846ebffac00e3890254db6efec3bec77253854a5bfcea683072ce3b0df5

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 24 Nov 2023 00:33:29 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1012406
Cf-Polished
origSize=6323
Transfer-Encoding
chunked
x-middleton-display
sol-js
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Server
nginx/1.24.0
Last-Modified
Sun, 12 Nov 2023 07:20:03 GMT
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNQAwb3fv3CcVK1cYk9uK25fIFjMcx4RRj7Jt0GtiLBJvUESwcppu%2BXGur%2BWBbr0TuX0bi7yMmN2HikGThQEPQ7HAuqLAj1k9kB%2Fmt2DZzWQmb56wGQkyqW1xXnii08WLA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
x-robots-tag
noindex
CF-RAY
82ad8f909c18913c-FRA
et.js
128.140.13.47.sslip.io/porpoiseant/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://128.140.13.47.sslip.io/porpoiseant/et.js?gcb=195-0&cb=2
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
HTTP/1.1
Server
128.140.13.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.13.140.128.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 24 Nov 2023 00:33:29 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
640424
Transfer-Encoding
chunked
x-middleton-display
sol-js
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Server
nginx/1.24.0
Last-Modified
Thu, 16 Nov 2023 14:39:45 GMT
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhHf%2BgcVXm36xTKAWyUEqWCebJLod7dGS1ahzgwXMpznHgNl%2BAcA7c%2Fk%2B2hk0NfujuWFW7%2BvvouR7xfYbKtlieyHfE1FZzdH56WFnuHP7Ctp1LErh3sPGy6upL35S0o1Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
x-robots-tag
noindex
CF-RAY
82ad8f90acf83a3e-FRA
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3344397474167941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8f69294cb3228695da3ba9b677db613089da1f680cc7daba635881b6e6554af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138484
x-xss-protection
0
server
cafe
etag
12696593722970998856
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 00:33:29 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 73D2 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3344397474167941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://128.140.13.47.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
36039
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 14:32:50 GMT
etag
16674218716276178799
expires
Thu, 07 Dec 2023 14:32:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://128.140.13.47.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 05:21:21 GMT
x-content-type-options
nosniff
age
69128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 05:21:21 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin
http://128.140.13.47.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
1067
cdn-cachedat
10/31/2023 18:59:54
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
66624
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"db812d8a70a4e88e888744c1c9a27e89"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
4625761e66abe026b59103f7bede470a
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
82ad8f8fc8ac4bc6-BUF
cdn-requestpullsuccess
True
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://128.140.13.47.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 06:37:49 GMT
x-content-type-options
nosniff
age
64540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 06:37:49 GMT
imp
impus.tradedoubler.com/ 		1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://impus.tradedoubler.com/imp?type(img)g(22793598)a(2887121)376698851
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.33.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-33-140.us-west-2.compute.amazonaws.com
Software
TXServerHttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 00:33:29 GMT
referrer-policy
origin
server
TXServerHttp
content-type
text/html; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
private, max-age=0
content-length
1
inv.gif
img.tradedoubler.com/images/
Redirect Chain
  • https://impus.tradedoubler.com/imp?type(inv)g(22793564)a(2887121)170522473
  • https://img.tradedoubler.com/images/inv.gif
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.tradedoubler.com/images/inv.gif
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
HTTP/1.1
Server
13.224.214.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-39.phl50.r.cloudfront.net
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Tue, 21 Nov 2023 07:34:57 GMT
Via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
PHL50-C1
Age
233959
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 19 Nov 2004 15:35:04 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/gif
Accept-Ranges
bytes
X-Amz-Cf-Id
h7yoA5ac246g23S7G4B11UvIO-NQSwlMv64y46F1wFX_NyViJ-g_-Q==

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 00:33:29 GMT
referrer-policy
origin
server
TXServerHttp
content-type
text/html; charset=ISO-8859-1
location
https://img.tradedoubler.com/images/inv.gif
access-control-allow-origin
*
cache-control
private, max-age=0
content-length
248
2609
cdn.publicityclerks.com/core/ad2/9316/ 		0
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::65 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 22:48:47 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6282
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 24 Nov 2023 00:48:47 GMT
index.php
flatcolors.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/index.php?page=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
http://128.140.13.47.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
82ad8f911f8a6aed-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 24 Nov 2023 00:33:32 GMT
display
orig_site_sol
expires
Thu, 23 Nov 2023 00:33:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed
off
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkSp4SnxmG0d1aeAt8VRZuw16kuRbSY8OoqPyrtsndwziIpPlxYZukMj%2B7TB7NOsMhtPR80GFCWb1W3vpznEri6sxOD8uYdO5ZynI%2FOar6YEfeXbesWhf%2FZd6KMoAP%2BrRGXkyz7vr1eD5L0nAA%3D%3D"}],"group":"cf-nel","max_age":604800}
response
200
server
cloudflare
vary
Accept-Encoding
x-ezoic-cdn
Miss
x-middleton-display
orig_site_sol
x-middleton-response
200
x-origin-cache-control
x-sol
orig
index.php
flatcolors.net/ 		0
0
status.png
flatcolors.net/assets/img/ 		624 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flatcolors.net/assets/img/status.png
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c38dadc8343d59aeddeed10c100efaa6e0c1ea13ec0cacc33b319252905d6226

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-ezoic-cdn
Hit ds;mm;9f8319cc28f072d57d0aced83638ab0d;2-384340-0;1b7f5ae6-d535-4c24-7fb5-a4e8bc2123bd
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
content-length
624
x-ezoic-excludewebp
false
response
200
last-modified
Mon, 26 Sep 2016 14:38:02 GMT
server
cloudflare
x-origin-cache-control
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17VCjFiF%2B1PTQhInjZuuqT5m4jmE14IFm4dDIZ7FCW497Eb%2Bd%2BQsSxyMqv2bsMwZQLHSjh87iG56ClFu9PQgr8cl2lKu%2BUUKy8iprsxgg2glIv0%2FDRFInAEJ2%2FKPFUSzjFw8khCkfehnDy%2FpfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
82ad8f904f716aed-BUF
drake.js
flatcolors.net/beardeddragon/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/beardeddragon/drake.js?gcb=0&cb=6
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2e9642ce4893f96c168bd664e248170d5de361db3ae3a0280089d72b29dd20

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88813
cf-polished
origSize=4247
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 22 Nov 2023 23:53:16 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhtSgPfK4FIfwv%2BqNJBAQDZxNHVu7LHuO1%2FRglPgowraNjeppIIjBtmX6fGa50V5FOkzSmqBv5vETXYXRljGoDd3P037cmcq7PoyOAruSIOmYpbDIFYYRHOb4xiR0r%2F%2BF5pdB04D3iCQZUN%2FTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82ad8f904f736aed-BUF
jellyfish.js
flatcolors.net/porpoiseant/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/porpoiseant/jellyfish.js?a=a&cb=11&dcb=195-0&shcb=34
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8845f7fdd88e956fb192f1eef85e4afa6b7c59d2bae22b6058f4ca620d67312

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88813
cf-polished
origSize=37593
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 22 Nov 2023 23:53:16 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbcXVshD%2BWuT3YBXB%2FLB9ZwWckSP7Dyn%2B2pDzqtf5ixKbc6SPuLczv7EKYJgoaqgHk19Dwnw2nzVSHoK40bDR7dLc88rwg7ZL5gc3njvCXSpZy9Wd55xUHE7FLsNShMNtXT7NrrxUcJgFx60Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82ad8f905f746aed-BUF
index.php
flatcolors.net/ 		0
0
index.php
flatcolors.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/index.php?page=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
http://128.140.13.47.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
82ad8f911f896aed-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 24 Nov 2023 00:33:29 GMT
display
orig_site_sol
expires
Thu, 23 Nov 2023 00:33:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed
off
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBgc8LNf2glaQlbFmXiW90HDpT4yH4I%2B%2FA1f9luX1LYDwNEB6EvVMyvV4MB35EwnHYbrhWaCfRIEx8oywr9DBt%2BmdIjMwfg3k3nSBVVD6HlZUWuIBLduAdHV7sekUdbscTb1gYyjPqZfV2yRZA%3D%3D"}],"group":"cf-nel","max_age":604800}
response
200
server
cloudflare
vary
Accept-Encoding
x-ezoic-cdn
Miss
x-middleton-display
orig_site_sol
x-middleton-response
200
x-origin-cache-control
x-sol
orig
collect
www.google-analytics.com/j/ 		3 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1832288549&t=pageview&_s=1&dl=http%3A%2F%2F128.140.13.47.sslip.io%2F&ul=en-us&de=UTF-8&dt=Flat%20Colors%20-%20Find%20flat%20colors%20%26%20palettes%20for%20your%20next%20project&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1021462202&gjid=263221437&cid=2011714848.1700786010&tid=UA-45179557-29&_gid=138144096.1700786010&_r=1&_slc=1&z=1236144001
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::65 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://128.140.13.47.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 00:33:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://128.140.13.47.sslip.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F314 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344397474167941&output=html&adk=1812271804&adf=3025194257&lmt=1700786009&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=http%3A%2F%2F128.140.13.47.sslip.io%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&aslcwct=150&asacwct=25&dt=1700786009360&bpp=147&bdt=203&idt=393&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1529448080864&frm=20&pv=2&ga_vid=2011714848.1700786010&ga_sid=1700786010&ga_hid=1832288549&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809316%2C31078301%2C44807763%2C44808148%2C44808284%2C44809057&oid=2&pvsid=1768362644023009&tmod=1578320932&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=425
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://128.140.13.47.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 00:33:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 191F 		603 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303890891198768&output=html&h=600&slotname=7728218933&adk=4051531417&adf=3636398527&pi=t.ma~as.7728218933&w=300&lmt=1700786009&format=300x600&url=http%3A%2F%2F128.140.13.47.sslip.io%2F&ea=0&wgl=1&dt=1700786009508&bpp=12&bdt=352&idt=287&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529448080864&frm=20&pv=2&ga_vid=2011714848.1700786010&ga_sid=1700786010&ga_hid=1832288549&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=2082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809316%2C31078301%2C44807763%2C44808148%2C44808284%2C44809057&oid=2&pvsid=1768362644023009&tmod=1578320932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=298
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://128.140.13.47.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 00:33:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
mulvane.js
flatcolors.net/parsonsmaize/ 		989 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/parsonsmaize/mulvane.js?gcb=195-0&cb=5
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
782a4a092a51a3691abc98068868f2a968aa27976791e8403c9e693921246c6b

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
351849
cf-polished
origSize=1002
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 19 Nov 2023 22:49:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBBmLPBruOT%2BrCfGYAAsOini%2BRUkM%2BDqBuilPTBd%2BhY50io8ZCs%2FY1%2FZEnijowxOKSzN9QTuraQJ7zm4rKlDfszmTpCBb77e35WxkC%2Fou4L5OAfbJlf9xIdls0KjFbsMMTNmskLpeQkFbnckGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82ad8f916fa36aed-BUF
raleigh.js
flatcolors.net/detroitchicago/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/detroitchicago/raleigh.js?gcb=195-0&cb=6
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10c5779cae461daba4b2f636f90df6cbf420e8c3dbe5a326bd937e7392c2b8df

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 24 Nov 2023 00:33:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDw6kJsJvImbf4NHyAKuxO%2BYQ19oG16aHDi5C%2FZ7FEkjMQIgRyRRJz%2FHIJkZpq8Hp8Odj6Iy9zrkdDqT3MbBZe28x1Tr7HZvkb1l3ZSariRGTkrRnMti4ngM5ZohlYgQMVBfA8lMTvYZTI%2F42g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82ad8f916fa46aed-BUF
alt-svc
h3=":443"; ma=86400
vista.js
flatcolors.net/detroitchicago/ 		1 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/detroitchicago/vista.js?gcb=195-0&cb=5
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
079f59405da9aed3725440b658577d5b8f974dc7cc3a87f9cbe0dc82d235c13d

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 24 Nov 2023 00:33:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gn3Q%2FgaVo8C40am1HSnf2RJLjK1B7zBwcj5FOTDb6CFmAK9YZJ2056%2B7B503HyOF4U5aliBkcH4VV3LDlMvC10qz%2Bxh4vQL9zWp01cvLU%2FEKrTRcN2%2FX%2BrKcDU7lLJsv2Z%2FhpBS%2Fel9lxFHulg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82ad8f916fa56aed-BUF
alt-svc
h3=":443"; ma=86400
tampa.js
flatcolors.net/detroitchicago/ 		976 B
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/detroitchicago/tampa.js?gcb=195-0&cb=5
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7af805fc2bda263e9826c3433adb07b0e8881afecb62d611961d767d68c3ac05

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 24 Nov 2023 00:33:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhSutaq8UEwh0%2FT%2FbSX%2Bg19%2BOFyCe791WCAN0cQRKjbHj8a76YDaUGLtC2Ecul3AAP9JvCIZdkyxJ0ZCesfkh12k%2BjwCiB%2Bt%2FYUR%2B37IwxPKgopcjiEctqxk62CoEavCNZl3HvkV6yojsvL8zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82ad8f916fa66aed-BUF
alt-svc
h3=":443"; ma=86400
olathe.js
flatcolors.net/parsonsmaize/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/parsonsmaize/olathe.js?gcb=195-0&cb=23
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cebc0ded9f2ef3dd4e3c6d6010538dee890c24a070d6ba991e0c93e451d96ccd

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 24 Nov 2023 00:33:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1czUOsvU2DIPj7YhAi6RlsO%2B7nxpR73BGhBf5YwDZw6yl7TcSBhqsLhB07fSwC4oanHHVx1IOcPFvm9fqaT%2BTpAwOdWgCEcT2JD1km%2F4%2FXKswBPHrVBeaoIx9vO%2B9IcMHK%2FZ8jiV6gP7ZlfxVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82ad8f93efca6aed-BUF
alt-svc
h3=":443"; ma=86400
vitals.js
flatcolors.net/tardisrocinante/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/tardisrocinante/vitals.js?gcb=0&cb=3
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
549bd3e9e2cfe91e355ba68c1fe15c0af27e0391123630b9ccfbbbd559cdba47

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 24 Nov 2023 00:33:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gt2AoHJhRz8jJU%2BlyhPzhZikjsCzqtcQvWv8%2FJVJT2mB6OSbNLZBifr7fJfyUggDiv7CKQoaSKSOiIbhZyanJk9%2FDy2NNqNSY%2Bo9NUrt5LtLmIXk9RoVYS9Ow5NBgkpFGHYiQxir6vnqJmVshA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82ad8f93efcc6aed-BUF
alt-svc
h3=":443"; ma=86400
chanute.js
flatcolors.net/parsonsmaize/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/parsonsmaize/chanute.js?a=a&cb=7&dcb=195-0&shcb=34
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a1eb6123c7c46f878fef314ed06c507b2a9933c4b439af7a872b7861c52d72f

Request headers

accept-language
en-US,en;q=0.9
Referer
http://128.140.13.47.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:33:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
351849
cf-polished
origSize=21681
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 19 Nov 2023 22:49:21 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BV%2FBNhlEV%2BkwJ%2F5slXiJu3jsehizryxekxtGDL9HGJNyvxIVA%2BnUrLwt300V7GWoxYYuhZvQR0tlpMQgu3OkbIPs0ea0rb87fHPfAd%2FzsMZXG6ZT3inDrh8lUzdkraP6td5xl10ojJIzN%2F6Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
82ad8f93efcd6aed-BUF
imp.gif
flatcolors.net/detroitchicago/ 		43 B
639 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://flatcolors.net/detroitchicago/imp.gif?ez_orig=1
Requested by
Host: 128.140.13.47.sslip.io
URL: http://128.140.13.47.sslip.io/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:98cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
http://128.140.13.47.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Nov 2023 00:33:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display
imp_sol
alt-svc
h3=":443"; ma=86400
content-length
43
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
http://128.140.13.47.sslip.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BInqlxE5mAN3MeLnSzvtbiFskJ0DcJo1LNngdMbHB8uclAeqiafSpbtP0ttixV3pKKR4D7J%2Bs956HzdxuT9KKOp6EPiNZoGnpP%2BtUHoa1Nkbe9e6aWjyQZLzJnRHDKHcQJtrk%2FID%2FhjPc%2Be%2B%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
cf-ray
82ad8f94bfe26aed-BUF
access-control-allow-headers
Content-Type
expires
Thu, 23 Nov 2023 00:33:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.publicityclerks.com
URL
https://cdn.publicityclerks.com/core/ad2/9316/2609?r=67203
Domain
flatcolors.net
URL
https://flatcolors.net/index.php?page=2
Domain
flatcolors.net
URL
https://flatcolors.net/index.php?page=2

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| __ez object| _ezaq object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| ezoTemplate string| ezouid string| ezoFormfactor string| soc_app_id number| did string| ezdomain number| ezoicSearchable string| _ezExtraQueries function| create_ezolpl function| attach_ezolpl function| google_spfd number| google_unique_id object| google_sv_map string| uri string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| Clipboard object| jQuery111207705438969306124 function| IASCallbacks function| IASHistoryExtension function| IASNoneLeftExtension function| IASPagingExtension function| IASSpinnerExtension function| IASTriggerExtension object| toastr object| ias object| clipboard string| _audins_dom number| _audins_did undefined| __ez_dims undefined| hREED object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ct object| ezdent object| ezDenty object| ezua object| ezuxgoals function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| _ezfd function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| __ezDotData function| getEzErrorURL function| reportEzError function| initEzux object| riveted object| ezux object| metricNameMap function| ezlogVital object| webVitals number| ez_tos_track_count number| ez_last_activity_count

6 Cookies

Domain/Path Name / Value
128.140.13.47.sslip.io/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
128.140.13.47.sslip.io/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
.sslip.io/ Name: _ga
Value: GA1.2.2011714848.1700786010
.sslip.io/ Name: _gid
Value: GA1.2.138144096.1700786010
.sslip.io/ Name: _gat
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

6 Console Messages

Source Level URL
Text
javascript error URL: http://128.140.13.47.sslip.io/
Message:
Access to XMLHttpRequest at 'https://flatcolors.net/index.php?page=2' from origin 'http://128.140.13.47.sslip.io' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://flatcolors.net/index.php?page=2
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344397474167941&output=html&adk=1812271804&adf=3025194257&lmt=1700786009&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=http%3A%2F%2F128.140.13.47.sslip.io%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&aslcwct=150&asacwct=25&dt=1700786009360&bpp=147&bdt=203&idt=393&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1529448080864&frm=20&pv=2&ga_vid=2011714848.1700786010&ga_sid=1700786010&ga_hid=1832288549&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809316%2C31078301%2C44807763%2C44808148%2C44808284%2C44809057&oid=2&pvsid=1768362644023009&tmod=1578320932&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=425
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2303890891198768&output=html&h=600&slotname=7728218933&adk=4051531417&adf=3636398527&pi=t.ma~as.7728218933&w=300&lmt=1700786009&format=300x600&url=http%3A%2F%2F128.140.13.47.sslip.io%2F&ea=0&wgl=1&dt=1700786009508&bpp=12&bdt=352&idt=287&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1529448080864&frm=20&pv=2&ga_vid=2011714848.1700786010&ga_sid=1700786010&ga_hid=1832288549&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=2082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809316%2C31078301%2C44807763%2C44808148%2C44808284%2C44809057&oid=2&pvsid=1768362644023009&tmod=1578320932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=298
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: http://128.140.13.47.sslip.io/
Message:
Access to XMLHttpRequest at 'https://flatcolors.net/index.php?page=2' from origin 'http://128.140.13.47.sslip.io' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://flatcolors.net/index.php?page=2
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

128.140.13.47.sslip.io
ajax.googleapis.com
cdn.publicityclerks.com
cdnjs.cloudflare.com
flatcolors.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.tradedoubler.com
impus.tradedoubler.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
www.awltovhc.com
www.google-analytics.com
cdn.publicityclerks.com
flatcolors.net
128.140.13.47
13.224.214.39
159.127.43.10
2606:4700:3031::ac43:98cf
2606:4700::6811:190e
2606:4700::6812:acf
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::65
2607:f8b0:4004:c0b::9d
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c1b::5e
35.161.33.140
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
079f59405da9aed3725440b658577d5b8f974dc7cc3a87f9cbe0dc82d235c13d
10c5779cae461daba4b2f636f90df6cbf420e8c3dbe5a326bd937e7392c2b8df
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
36f2998a5d4419bbab382abed2a0679d2cc64b21e839a636b351786a4c611db0
404b016f5c9a369726eec56a280c93478da17a52ed0f1fee116838330772ec70
4691f494969d4785585a5410211fe3ae04fe021ea5e21125c3f16a948f0fecfe
549bd3e9e2cfe91e355ba68c1fe15c0af27e0391123630b9ccfbbbd559cdba47
5a1eb6123c7c46f878fef314ed06c507b2a9933c4b439af7a872b7861c52d72f
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6e65469fa1cf86c7b0f6a3427bd5f70db640ca3b96c44d67cc1f8ec9ef6d29d3
782a4a092a51a3691abc98068868f2a968aa27976791e8403c9e693921246c6b
7af805fc2bda263e9826c3433adb07b0e8881afecb62d611961d767d68c3ac05
8e2e9642ce4893f96c168bd664e248170d5de361db3ae3a0280089d72b29dd20
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9f31613456ee31fad5b1ad37202d07911167cf34a7be5369968f2341110c20ba
a389f846ebffac00e3890254db6efec3bec77253854a5bfcea683072ce3b0df5
a83c02e6e913f6a2dad10a507973d3f504055e7e51a6179c37bdbe1ff2685810
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f539c525219f3cb09b400f7c014dadad7adc90e2e83df56b2cd4c879290e0d
b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905
c38dadc8343d59aeddeed10c100efaa6e0c1ea13ec0cacc33b319252905d6226
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
cebc0ded9f2ef3dd4e3c6d6010538dee890c24a070d6ba991e0c93e451d96ccd
d150656e9193ffda1899435acbe0f9eb08737939799314c1064d7d3e4cc4e393
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f8845f7fdd88e956fb192f1eef85e4afa6b7c59d2bae22b6058f4ca620d67312
f8f69294cb3228695da3ba9b677db613089da1f680cc7daba635881b6e6554af
ff1ef524ede02b508a79728836c22c2b47d55738fd1ce9ea201767cd221262d4
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995