tricitatrania.com Open in urlscan Pro
35.181.189.213 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html
Effective URL:
https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16...
Submission: On June 19 via manual (June 19th 2024, 12:50:03 am UTC) from TW — Scanned from GB

Summary HTTP 44 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 7 countries across 21 domains to perform 44 HTTP transactions. The main IP is 35.181.189.213, located in Paris, France and belongs to AMAZON-02, US. The main domain is tricitatrania.com.
TLS certificate: Issued by R3 on May 23rd 2024. Valid for: 3 months.

This is the only time tricitatrania.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	85.159.213.158 85.159.213.158	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
6	209.151.145.24 209.151.145.24	25697 (UPCLOUDUSA) (UPCLOUDUSA)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	104.20.94.138 104.20.94.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.56.240.127 149.56.240.127	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:2c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	203.161.58.136 203.161.58.136	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	181.214.142.2 181.214.142.2	14670 (WHG-USE1) (WHG-USE1)
2	2606:4700:20:... 2606:4700:20::ac43:44e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:249... 2600:9000:2490:8800:1b:322c:43c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	172.240.108.76 172.240.108.76	7979 (SERVERS-COM) (SERVERS-COM)
1	18.194.54.118 18.194.54.118	16509 (AMAZON-02) (AMAZON-02)
1 3	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
15	35.181.189.213 35.181.189.213	16509 (AMAZON-02) (AMAZON-02)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
44	20

1 85.159.213.158 (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 85-159-213-158.ip.linodeusercontent.com

old.sermitsiaq.ag	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 209.151.145.24 (United States)

ASN25697 (UPCLOUDUSA, US)
PTR: 209-151-145-24.us-sjo1.upcloud.host

xss.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net

sstatic1.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:2c4 (United States)

ASN13335 (CLOUDFLARENET, US)

powerslides.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.161.58.136 (United States)

ASN22612 (NAMECHEAP-NET, US)

www.pikpng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 181.214.142.2 (Buffalo, United States)

ASN14670 (WHG-USE1, GB)
PTR: vegas.servershost.net

www.ciloart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:44e9 (United States)

ASN13335 (CLOUDFLARENET, US)

slidebazaar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

images.presentationgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
recordedthereby.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:8800:1b:322c:43c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.slidemodel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.108.76 (United States)

ASN7979 (SERVERS-COM, US)

www.topcreativeformat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.54.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-54-118.eu-central-1.compute.amazonaws.com

proftrafficcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.243.59.13 (Ashburn, United States) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ballisticforgotten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 35.181.189.213 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com

tricitatrania.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userstatics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	tricitatrania.com tricitatrania.com	637 KB
6	xss.my.id xss.my.id — Cisco Umbrella Rank: 681383	13 KB
3	ballisticforgotten.com 1 redirects ballisticforgotten.com — Cisco Umbrella Rank: 83155	36 KB
2	slidebazaar.com slidebazaar.com — Cisco Umbrella Rank: 492155	122 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 21523 c.statcounter.com — Cisco Umbrella Rank: 12727	13 KB
2	google.com apis.google.com — Cisco Umbrella Rank: 210	77 KB
1	userstatics.com userstatics.com — Cisco Umbrella Rank: 105666	655 B
1	recordedthereby.com recordedthereby.com — Cisco Umbrella Rank: 14482	27 KB
1	proftrafficcounter.com proftrafficcounter.com — Cisco Umbrella Rank: 12681	302 B
1	topcreativeformat.com www.topcreativeformat.com — Cisco Umbrella Rank: 66001	12 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68
1	slidemodel.com cdn.slidemodel.com — Cisco Umbrella Rank: 277897	96 KB
1	presentationgo.com images.presentationgo.com — Cisco Umbrella Rank: 311083	31 KB
1	ciloart.com www.ciloart.com	169 KB
1	pikpng.com www.pikpng.com — Cisco Umbrella Rank: 455655	125 KB
1	powerslides.com powerslides.com — Cisco Umbrella Rank: 532809	45 KB
1	histats.com sstatic1.histats.com — Cisco Umbrella Rank: 32263	163 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	102 KB
1	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 9469	3 KB
1	sermitsiaq.ag old.sermitsiaq.ag	5 KB
0	indiscreetjobroutine.com Failed indiscreetjobroutine.com Failed
44	21

	Domain	Requested by
15	tricitatrania.com	old.sermitsiaq.ag tricitatrania.com
6	xss.my.id	old.sermitsiaq.ag xss.my.id
3	ballisticforgotten.com	1 redirects www.topcreativeformat.com old.sermitsiaq.ag
2	slidebazaar.com	old.sermitsiaq.ag
2	apis.google.com	old.sermitsiaq.ag apis.google.com
1	userstatics.com	tricitatrania.com
1	recordedthereby.com	ballisticforgotten.com
1	proftrafficcounter.com	www.topcreativeformat.com
1	www.topcreativeformat.com	xss.my.id
1	www.google-analytics.com	www.googletagmanager.com
1	c.statcounter.com	www.statcounter.com
1	cdn.slidemodel.com	old.sermitsiaq.ag
1	images.presentationgo.com	old.sermitsiaq.ag
1	www.ciloart.com	old.sermitsiaq.ag
1	www.pikpng.com	old.sermitsiaq.ag
1	powerslides.com	old.sermitsiaq.ag
1	sstatic1.histats.com	old.sermitsiaq.ag
1	www.statcounter.com	xss.my.id
1	www.googletagmanager.com	xss.my.id
1	blogger.googleusercontent.com	old.sermitsiaq.ag
1	old.sermitsiaq.ag
0	indiscreetjobroutine.com Failed	old.sermitsiaq.ag
44	22

This site contains links to these domains. Also see Links.

Domain
www.be2.es

Subject Issuer	Validity	Valid
old.sermitsiaq.ag R3	`2024-05-27` - `2024-08-25`	3 months	crt.sh
xss.my.id R3	`2024-05-28` - `2024-08-26`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.apis.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
histats.com R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh
powerslides.com GTS CA 1P5	`2024-05-20` - `2024-08-18`	3 months	crt.sh
cpng.pikpng.com R3	`2024-03-23` - `2024-06-21`	3 months	crt.sh
*.ciloart.com R11	`2024-06-13` - `2024-09-11`	3 months	crt.sh
slidebazaar.com GTS CA 1P5	`2024-05-14` - `2024-08-12`	3 months	crt.sh
presentationgo.com E1	`2024-04-30` - `2024-07-29`	3 months	crt.sh
slidemodel.com Sectigo RSA Extended Validation Secure Server CA	`2024-04-30` - `2025-04-30`	a year	crt.sh
topcreativeformat.com R3	`2024-05-19` - `2024-08-17`	3 months	crt.sh
proftrafficcounter.com Amazon RSA 2048 M03	`2023-11-21` - `2024-12-19`	a year	crt.sh
ballisticforgotten.com R3	`2024-06-04` - `2024-09-02`	3 months	crt.sh
recordedthereby.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
tricitatrania.com R3	`2024-05-23` - `2024-08-21`	3 months	crt.sh
userstatics.com E1	`2024-05-26` - `2024-08-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Frame ID: FB243ECCBFEB0F19771D4359173A261E
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

be2 dating

Page URL History Show full URLs

https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html Page URL
https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b348... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

Page Statistics

44
Requests

95 %
HTTPS

42 %
IPv6

21
Domains

22
Subdomains

20
IPs

7
Countries

1515 kB
Transfer

2154 kB
Size

21
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.be2.es/FEES
Title: találja meg

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html Page URL
https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://ballisticforgotten.com/watch.1099301680047.js?key=136d4e249eb5c2ca63d4dd0de8205e70&kw=%5B%22powerpoint%22%2C%22cycle%22%2C%22template%22%5D&refer=https%3A%2F%2Fold.sermitsiaq.ag%2Fen%2Fpowerpoint-cycle-template.html&tz=1&dev=r&res=14.31&uuid=f9274885-7959-4f10-b17c-203dd141fc0e%3A2%3A1 HTTP 307
https://ballisticforgotten.com/watch.1099301680047.js?dev=r&key=136d4e249eb5c2ca63d4dd0de8205e70&kw=%5B%22powerpoint%22%2C%22cycle%22%2C%22template%22%5D&pst=1718758257&refer=https%3A%2F%2Fold.sermitsiaq.ag%2Fen%2Fpowerpoint-cycle-template.html&res=14.31&rmtc=t&shu=cd1fb3fb5410b3f88e0dadb06767a2c8d39240be90c46fd7240292a9abdbc7b123c00077a70eb1af3b76aa824bbb3ee02cd96642a0a3d66c57ffa7d9110c4b93b6cfa7b515075b83d51c7c4f471c984e4bc7305fe312f746fdca69e3702d6c&tz=1&uuid=f9274885-7959-4f10-b17c-203dd141fc0e%3A2%3A1

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 powerpoint-cycle-template.html Show response
old.sermitsiaq.ag/en/ 31 KB
5 KB 177ms
32ms Document
text/html 85.159.213.158
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.159.213.158 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 85-159-213-158.ip.linodeusercontent.com
Software: Apache /
Resource Hash: 9a9ec00644f790f6fc628a885bd9291a3e5861eeb7c9b34f49484087b09f49ab

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 5339
content-type: text/html
date: Wed, 19 Jun 2024 00:49:54 GMT
etag: "7af7-606148747b4c0-gzip"
last-modified: Sun, 24 Sep 2023 05:58:19 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 head.js Show response
xss.my.id/theme/batman/ 172 B
304 B 803ms
358ms Script
application/javascript 209.151.145.24
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL: https://xss.my.id/theme/batman/head.js
Requested by: Host: old.sermitsiaq.ag
URL: https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.151.145.24 , United States, ASN25697 (UPCLOUDUSA, US),
Reverse DNS: 209-151-145-24.us-sjo1.upcloud.host
Software: Apache /
Resource Hash: 8b90117611bb8564ff3e14f13c7034a79977a95e6ffd4dedbdf429cedbfdd1f0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:55 GMT
content-encoding: gzip
last-modified: Fri, 15 Sep 2023 18:46:24 GMT
server: Apache
etag: "ac-6056a359b6324-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 158

GET
H2 200 logo.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFbkYjl-5OYaIpJyH62IHhR68fdlMZ5mBGah4xD5MEzHDqaSUorXmRqkEZ0JcOkuvxyByhS5WyOvMZWNuIwdzVSCDztcezx3v3FMzOSxBY6ujiqUAyNrUKy-iPj0uwyM9JRFkhCxpuOsUWgzQ0... 2 KB
3 KB 438ms
248ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFbkYjl-5OYaIpJyH62IHhR68fdlMZ5mBGah4xD5MEzHDqaSUorXmRqkEZ0JcOkuvxyByhS5WyOvMZWNuIwdzVSCDztcezx3v3FMzOSxBY6ujiqUAyNrUKy-iPj0uwyM9JRFkhCxpuOsUWgzQ0IensxtgZxNmRlP3ut_qUBJZ0D7sM7DcQG6_nWqtM2Sgy/s1600/logo.png

Requested by

Host: old.sermitsiaq.ag
URL: https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ce53fdd708d3236116f1cea88adee6a0ce58511132369a01320936a08dedcb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:55 GMT
x-content-type-options: nosniff
server: fife
etag: "v625"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="logo.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2416
x-xss-protection: 0
expires: Thu, 20 Jun 2024 00:49:55 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 55 KB
21 KB 282ms
76ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: old.sermitsiaq.ag
URL: https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8076b082eadf0cab4a8823dbd7628a0b44f174c17b3221221c0e31e7c60307a2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Jun 2024 00:49:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21325
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "f9177ff6f5150176"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 00:49:55 GMT

GET
H2 200 body.js Show response
xss.my.id/theme/batman/ 662 B
409 B 802ms
358ms Script
application/javascript 209.151.145.24
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL: https://xss.my.id/theme/batman/body.js
Requested by: Host: old.sermitsiaq.ag
URL: https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.151.145.24 , United States, ASN25697 (UPCLOUDUSA, US),
Reverse DNS: 209-151-145-24.us-sjo1.upcloud.host
Software: Apache /
Resource Hash: cdabb4930355af23406648d3ae6e0c6f798bb4b521d1aa87aceb0cd284fe8946

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:55 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 20:36:35 GMT
server: Apache
etag: "296-61705dc1e89e9-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 332

GET
H2 200 headcode.js Show response
xss.my.id/theme/batman/ 2 KB
831 B 254ms
246ms Script
application/javascript 209.151.145.24
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL: https://xss.my.id/theme/batman/headcode.js?v=55741
Requested by: Host: xss.my.id
URL: https://xss.my.id/theme/batman/head.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.151.145.24 , United States, ASN25697 (UPCLOUDUSA, US),
Reverse DNS: 209-151-145-24.us-sjo1.upcloud.host
Software: Apache /
Resource Hash: 565eba1700ab049849db10a39e811abe83ae04d754c259df6ffaebd093b43f6b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:55 GMT
content-encoding: gzip
last-modified: Sat, 06 Apr 2024 22:42:41 GMT
server: Apache
etag: "63a-615754a3ec66d-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 754

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
102 KB 369ms
74ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S5MTG642M7

Requested by

Host: xss.my.id
URL: https://xss.my.id/theme/batman/headcode.js?v=55741

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0945fe3a61695442eb768ac7aa14a649c4b25bfb8faab8359207846fa45331c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103745
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Jun 2024 00:49:56 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 35 KB
13 KB 336ms
49ms Script
application/javascript 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: xss.my.id
URL: https://xss.my.id/theme/batman/headcode.js?v=55741
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6b293451a19dfb0f68649e5ceabac93b2d4155e64fe7f3e3af21a19984e2368

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2024 18:18:17 GMT
server: cloudflare
age: 38067
etag: W/"6669e669-8c17"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 895f85a68e2263db-LHR
expires: Wed, 19 Jun 2024 02:15:29 GMT

GET
H2 200 style.css
xss.my.id/theme/batman/ 77 KB
11 KB 292ms
291ms Stylesheet
text/css 209.151.145.24
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL: https://xss.my.id/theme/batman/style.css
Requested by: Host: xss.my.id
URL: https://xss.my.id/theme/batman/headcode.js?v=55741
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.151.145.24 , United States, ASN25697 (UPCLOUDUSA, US),
Reverse DNS: 209-151-145-24.us-sjo1.upcloud.host
Software: Apache /
Resource Hash: 0e88d273060f60e43f87739e8c7ea3fea2bbb58addee6efc8217863ea88e2c49

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:56 GMT
content-encoding: gzip
last-modified: Fri, 15 Sep 2023 18:47:55 GMT
server: Apache
etag: "135fe-6056a3b1155c5-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 11058

GET
H/1.1 200
OK 0.gif
sstatic1.histats.com/ 43 B
163 B 471ms
174ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sstatic1.histats.com/0.gif?4270884&101
Requested by: Host: old.sermitsiaq.ag
URL: https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:56 GMT
Connection: close
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/ 160 KB
56 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7316c367fe324e0a4122c50a7b5df1bac93928e82643dbbddf18be9576c91ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56667
x-xss-protection: 0
last-modified: Mon, 06 May 2024 15:31:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jun 2025 14:52:52 GMT

GET
H2 200 banner-loading.js Show response
xss.my.id/ads/ 298 B
304 B 170ms
169ms Script
application/javascript 209.151.145.24
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL: https://xss.my.id/ads/banner-loading.js
Requested by: Host: xss.my.id
URL: https://xss.my.id/theme/batman/body.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.151.145.24 , United States, ASN25697 (UPCLOUDUSA, US),
Reverse DNS: 209-151-145-24.us-sjo1.upcloud.host
Software: Apache /
Resource Hash: b10a2e374b31717f9c73e7c4f034bf231eda994cebeffa719d688b20c06006d3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:56 GMT
content-encoding: gzip
last-modified: Fri, 26 Apr 2024 16:58:39 GMT
server: Apache
etag: "12a-61702d0bb7bab-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 229

GET
H2 200 lekinapotencje.js Show response
xss.my.id/ads/ 2 KB
795 B 169ms
169ms Script
application/javascript 209.151.145.24
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL: https://xss.my.id/ads/lekinapotencje.js
Requested by: Host: xss.my.id
URL: https://xss.my.id/theme/batman/body.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.151.145.24 , United States, ASN25697 (UPCLOUDUSA, US),
Reverse DNS: 209-151-145-24.us-sjo1.upcloud.host
Software: Apache /
Resource Hash: a81dbf53c56ae1f6ec66d2d7d6f153c09003a3f3459d84e166ec0b3482ce6f86

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:56 GMT
content-encoding: gzip
last-modified: Sun, 28 Apr 2024 18:34:54 GMT
server: Apache
etag: "690-6172c649e64ff-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 717

GET
H2 200 Slide43-5.jpg
powerslides.com/wp-content/uploads/2018/04/ 45 KB
45 KB 179ms
38ms Image
image/webp 2606:4700:20::681a:2c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powerslides.com/wp-content/uploads/2018/04/Slide43-5.jpg
Requested by: Host: old.sermitsiaq.ag
URL: https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b8ea2a51ec8f81286d5a610788610f861ed83ed100e09b1ca9e6087bb597b8d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131169
cf-polished: qual=85, origFmt=jpeg, origSize=57815
x-proxy-cache-info: DT:1
content-disposition: inline; filename="Slide43-5.webp"
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 45768
cf-bgj: imgq:85,h2pri
last-modified: Thu, 27 May 2021 02:35:18 GMT
server: cloudflare
etag: "60af0566-e1d7"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2FD%2FzC1ZKcnaX%2BinP8rbpD6FDyI%2FClRL5u4LoXAx1psf0IIiYB2M6IMySiqRu9FfGDgS%2FZqqo%2B6iWU29kladUab%2BgZtfeLFyCmWAoVIlnj7bVy4tzBbIcSLc67RFRFdrPh1yMVm2UiMoFvVoMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 895f85a7afac953e-LHR
expires: Tue, 17 Jun 2025 12:23:47 GMT

GET
H/1.1 200
OK 536-5360031_cycle5-768x771-powerpoint-life-cycle-template-clipart.png
www.pikpng.com/pngl/m/ 165 KB
125 KB 1195ms
698ms Image
image/png 203.161.58.136
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pikpng.com/pngl/m/536-5360031_cycle5-768x771-powerpoint-life-cycle-template-clipart.png
Requested by: Host: old.sermitsiaq.ag
URL: https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.161.58.136 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 4f8fb36b023b5c3534b31781900ee7c0e912c3af79130414a36a98322f5040da

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Dec 2019 17:20:43 GMT
Server: nginx/1.14.0
ETag: W/"5e063d6b-293d4"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
Connection: keep-alive

GET
H2 200 cycle-arrow-folded-6-phases-powerpoint-diagram.jpg
www.ciloart.com/files/ 169 KB
169 KB 915ms
194ms Image
image/jpeg 181.214.142.2
WHG-USE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ciloart.com/files/cycle-arrow-folded-6-phases-powerpoint-diagram.jpg

Requested by

Host: old.sermitsiaq.ag
URL: https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

181.214.142.2 Buffalo, United States, ASN14670 (WHG-USE1, GB),

Reverse DNS

vegas.servershost.net

Software

LiteSpeed /

Resource Hash

5ed361139eddb634e14734940c22ff5a1e285d9b90e60066e652905229e1e451

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Oct 2020 12:06:37 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 173098
expires: Wed, 26 Jun 2024 00:49:57 GMT

GET
H2 200 Six-Stage-Cycle-Powerpoint-and-Keynote-template.jpg
slidebazaar.com/wp-content/uploads/2016/11/ 29 KB
30 KB 393ms
226ms Image
image/jpeg 2606:4700:20::ac43:44e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://slidebazaar.com/wp-content/uploads/2016/11/Six-Stage-Cycle-Powerpoint-and-Keynote-template.jpg

Requested by

Host: old.sermitsiaq.ag
URL: https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5598568c6c5805f506c72a656a728cdaf65d9bbf3e4f49c7e2c286ebddf42bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:56 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 30045
cf-bgj: imgq:100,h2pri
last-modified: Tue, 20 Jun 2017 04:31:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dtA3EFL9puLU%2BLK5H2aUaGh8bmfD0a7cxm3JLQWlM9XA9fXFRJhka78lU0wlnkBIG%2BY67IPYHVc%2FgO115WhAJzNKkjuKIN8Ry%2FC3qsaOAy7Fzk%2BBt6udNYiyotqJP5AssI88hnHh7CKi0U3FHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 895f85a7d8217767-LHR
expires: Sun, 08 Dec 2024 05:49:43 GMT

GET
H3 200 6-Step-Cycle-PowerPoint.png
images.presentationgo.com/2017/02/ 30 KB
31 KB 870ms
729ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.presentationgo.com/2017/02/6-Step-Cycle-PowerPoint.png
Requested by: Host: old.sermitsiaq.ag
URL: https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99208b16ce2000cafc77206b055d8960948e5e7090e6fbef909f7d43e7b8a1a7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Z6YYGV8MC4118JGV
alt-svc: h3=":443"; ma=86400
content-length: 31174
x-amz-id-2: bRxjE1zn+3MookV2bbxC8WvklG957R+50ZPN9hnEp6uI41SQMrg8XuDrJI7diD6DkEIIYKz/FpI=
last-modified: Wed, 30 Jun 2021 17:26:08 GMT
server: cloudflare
etag: "ad51c34ba71c87dc6e650a49c1d7b02c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xMVao8nFkOx1QxOnfFYW%2BeB003wJ6ndudluMPauUH0rByVF0CPDg6wG4tWYBC3m%2BcMfklQ6GZBHgimnZdXd9HVyrGgXnJdpNdj9eLs4zLfLcVvBCgQ0mzRGtYuFi5DG6LaGQkv56E6koZZLabNxUov1J3MUIAbAY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 895f85a7aca463ce-LHR
expires: Thu, 30 Jun 2022 17:26:07 GMT

GET
H2 200 FF00150-01-6-stage-diagram-powerpoint-template-16x9-1.jpg
cdn.slidemodel.com/wp-content/uploads/ 96 KB
96 KB 258ms
47ms Image
image/jpeg 2600:9000:2490:8800:1b:322c:43c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slidemodel.com/wp-content/uploads/FF00150-01-6-stage-diagram-powerpoint-template-16x9-1.jpg

Requested by

Host: old.sermitsiaq.ag
URL: https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8800:1b:322c:43c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

29850812a0eb2a0df2f6a9be636a447e811eeee4c6fafe8ca38688a242a39804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 12:40:55 GMT
strict-transport-security: max-age=31536000
via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
last-modified: Thu, 26 Oct 2017 20:08:58 GMT
server: LiteSpeed
x-amz-cf-pop: FRA56-P6
age: 821341
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1864000, public
accept-ranges: bytes
content-length: 98301
x-amz-cf-id: ETFLgKQJixxtKkkfHlfTc1C1CmJ8lMDeEzr7esVskOdZzC7sWF6Vxw==
expires: Mon, 08 Jul 2024 11:07:35 GMT

GET
H2 200 Cycle-Process-Template-Ppt.jpg
slidebazaar.com/wp-content/uploads/2020/06/ 92 KB
92 KB 425ms
259ms Image
image/jpeg 2606:4700:20::ac43:44e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://slidebazaar.com/wp-content/uploads/2020/06/Cycle-Process-Template-Ppt.jpg

Requested by

Host: old.sermitsiaq.ag
URL: https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e3dae6d83faf1aeaa50beb99fda4b0eb19ac81f11f102e89ffff6b2414b4033

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:56 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=106057
alt-svc: h3=":443"; ma=86400
content-length: 93988
cf-bgj: imgq:100,h2pri
last-modified: Thu, 25 Jun 2020 05:58:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MC1PCiYzM0NUM%2FSlUFNZ2GSX5mPLaxiudg5YphWvqJIOzLR1u5LFC7queM5l7hmnLHpYS8eGGqjyU6R%2BlRPp%2FmjY5%2FVnUyUlCSGSqtg%2Fn3gilBZF5cne2NnrruJ5myVBzUEz904bxJ1QTfkP5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 895f85a7d8237767-LHR
expires: Sat, 14 Dec 2024 00:40:43 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
572 B 172ms
162ms XHR
application/json 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12561151&u1=1867310997674FA6B818624684D4A349&java=1&security=46479202&sc_snum=1&sess=99b877&p=0&pv=10&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//old.sermitsiaq.ag/en/powerpoint-cycle-template.html&t=Powerpoint%20Cycle%20Template&invisible=1&sc_rum_e_s=1613&sc_rum_e_e=1619&sc_rum_f_s=0&sc_rum_f_e=1609&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://old.sermitsiaq.ag
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 895f85a6fe4163db-LHR
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 408ms
64ms Fetch
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S5MTG642M7&gtm=45je46h0v9165285043za200&_p=1718758195943&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=512155448.1718758196&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718758196&sct=1&seg=0&dl=https%3A%2F%2Fold.sermitsiaq.ag%2Fen%2Fpowerpoint-cycle-template.html&dt=Powerpoint%20Cycle%20Template&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1753&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S5MTG642M7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 19 Jun 2024 00:49:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://old.sermitsiaq.ag
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK invoke.js Show response
www.topcreativeformat.com/136d4e249eb5c2ca63d4dd0de8205e70/ 31 KB
12 KB 554ms
212ms Script
application/javascript 172.240.108.76
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://www.topcreativeformat.com/136d4e249eb5c2ca63d4dd0de8205e70/invoke.js

Requested by

Host: xss.my.id
URL: https://xss.my.id/ads/banner-loading.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

dbfaf0072052a28b352b6d531486945a9cc7a6346a719b72c2b00664694f34dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 19 Jun 2024 00:49:56 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: 4e7d2a4d8612d25312b65a78bc42ebce
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
302 B 240ms
63ms XHR
text/html 18.194.54.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: www.topcreativeformat.com
URL: https://www.topcreativeformat.com/136d4e249eb5c2ca63d4dd0de8205e70/invoke.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.54.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-54-118.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 5a1baa4a134cea273f14e9b8f79f7636d6d2c5b256fe4bada9d0c8a23786f842

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://old.sermitsiaq.ag
date: Wed, 19 Jun 2024 00:49:57 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK 84932d40653827795625f2179d43ab52.js Show response
ballisticforgotten.com/84/93/2d/ 82 KB
31 KB 552ms
108ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ballisticforgotten.com/84/93/2d/84932d40653827795625f2179d43ab52.js

Requested by

Host: www.topcreativeformat.com
URL: https://www.topcreativeformat.com/136d4e249eb5c2ca63d4dd0de8205e70/invoke.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

9f9a4c2c31f080dd51aa193317b994263dcf60c45784621e53f5049bdba6ae7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Wed, 19 Jun 2024 00:49:57 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: 227a0d76c2af9522bf8e1bbca9c6c300
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1

200
OK

watch.1099301680047.js
ballisticforgotten.com/
Redirect Chain

https://ballisticforgotten.com/watch.1099301680047.js?key=136d4e249eb5c2ca63d4dd0de8205e70&kw=%5B%22powerpoint%22%2C%22cycle%22%2C%22template%22%5D&refer=https%3A%2F%2Fold.sermitsiaq.ag%2Fen%2Fpowe...
https://ballisticforgotten.com/watch.1099301680047.js?dev=r&key=136d4e249eb5c2ca63d4dd0de8205e70&kw=%5B%22powerpoint%22%2C%22cycle%22%2C%22template%22%5D&pst=1718758257&refer=https%3A%2F%2Fold.serm...

2 KB
2 KB

344ms
273ms

XHR
text/html

192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ballisticforgotten.com/watch.1099301680047.js?dev=r&key=136d4e249eb5c2ca63d4dd0de8205e70&kw=%5B%22powerpoint%22%2C%22cycle%22%2C%22template%22%5D&pst=1718758257&refer=https%3A%2F%2Fold.sermitsiaq.ag%2Fen%2Fpowerpoint-cycle-template.html&res=14.31&rmtc=t&shu=cd1fb3fb5410b3f88e0dadb06767a2c8d39240be90c46fd7240292a9abdbc7b123c00077a70eb1af3b76aa824bbb3ee02cd96642a0a3d66c57ffa7d9110c4b93b6cfa7b515075b83d51c7c4f471c984e4bc7305fe312f746fdca69e3702d6c&tz=1&uuid=f9274885-7959-4f10-b17c-203dd141fc0e%3A2%3A1

Requested by

Host: old.sermitsiaq.ag
URL: https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html

Protocol

HTTP/1.1

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://old.sermitsiaq.ag/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 19 Jun 2024 00:49:57 GMT
Custom-Referer: https://old.sermitsiaq.ag
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
X-Request-ID: ed1e9fc41c89612328348863e9b5fb5a
Pragma: no-cache
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/html
Access-Control-Allow-Origin: https://old.sermitsiaq.ag
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date: Wed, 19 Jun 2024 00:49:57 GMT
Custom-Referer: https://old.sermitsiaq.ag
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0
X-Request-ID: aeb2b1c2b9aad017fa916e153108a1b9
Pragma: no-cache
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/html
Access-Control-Allow-Origin: https://old.sermitsiaq.ag
Location: https://ballisticforgotten.com/watch.1099301680047.js?dev=r&key=136d4e249eb5c2ca63d4dd0de8205e70&kw=%5B%22powerpoint%22%2C%22cycle%22%2C%22template%22%5D&pst=1718758257&refer=https%3A%2F%2Fold.sermitsiaq.ag%2Fen%2Fpowerpoint-cycle-template.html&res=14.31&rmtc=t&shu=cd1fb3fb5410b3f88e0dadb06767a2c8d39240be90c46fd7240292a9abdbc7b123c00077a70eb1af3b76aa824bbb3ee02cd96642a0a3d66c57ffa7d9110c4b93b6cfa7b515075b83d51c7c4f471c984e4bc7305fe312f746fdca69e3702d6c&tz=1&uuid=f9274885-7959-4f10-b17c-203dd141fc0e%3A2%3A1
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 sfp.js
recordedthereby.com/ 83 KB
27 KB 239ms
123ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedthereby.com/sfp.js

Requested by

Host: ballisticforgotten.com
URL: https://ballisticforgotten.com/84/93/2d/84932d40653827795625f2179d43ab52.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://old.sermitsiaq.ag/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:57 GMT
strict-transport-security: max-age=0; includeSubdomains
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
x-request-id: 2c0e62f2d47aea949365d0891e7a4a53
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vx1PUPEVLHM9j8iQt6Us2OkkWMdO2fAKuR0kvRLxDWV670NZIWlVi5HTDEnAweAWlIA3gr0hMMiQkuuzTxZ87yK7uCnb2TI%2F0LmFcnj33Q9kvzBhteukku07n8SDsA31rrIuKVOMyiXdxhM9jtLZmLEL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, max-age=0, private, no-cache
cf-ray: 895f85b01b89539f-LHR
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET purst
indiscreetjobroutine.com/pixel/ 0
0

GET
H/1.1 200
OK Primary Request click.php Show response
tricitatrania.com/ 40 KB
14 KB 276ms
119ms Document
text/html 35.181.189.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Requested by: Host: old.sermitsiaq.ag
URL: https://old.sermitsiaq.ag/en/powerpoint-cycle-template.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.189.213 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: d1e770c7496be0559bbd294a8e10b207e196c2397b3671816d240390f7c6d5cd

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://old.sermitsiaq.ag/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 19 Jun 2024 00:49:58 GMT
Server: nginx/1.24.0
Transfer-Encoding: chunked

GET
H/1.1 200
OK css_2t9Mj64Q9a3_lbnbuG4qfdMnqfFHL1vGlAm53Pai8QI.css
tricitatrania.com/landers/8a27d99a68/css/ 154 KB
154 KB 40ms
38ms Stylesheet
text/css 35.181.189.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tricitatrania.com/landers/8a27d99a68/css/css_2t9Mj64Q9a3_lbnbuG4qfdMnqfFHL1vGlAm53Pai8QI.css
Requested by: Host: tricitatrania.com
URL: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.189.213 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 5cf44280599030b1d50e6d265d8d47786445c1306867e7025a6d7c1f64a6d11d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:58 GMT
Last-Modified: Mon, 15 Jan 2024 15:22:31 GMT
Server: nginx/1.24.0
ETag: "65a54db7-268f0"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 157936

GET
H/1.1 200
OK analytics.js Show response
tricitatrania.com/landers/8a27d99a68/js/ 541 B
792 B 224ms
106ms Script
application/javascript 35.181.189.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tricitatrania.com/landers/8a27d99a68/js/analytics.js
Requested by: Host: tricitatrania.com
URL: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.189.213 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 8c17a51c5a7319e3c3f85b493fee48cfee1c2467c61fa8b0de964e5d85cf72ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:58 GMT
Last-Modified: Mon, 15 Jan 2024 15:22:31 GMT
Server: nginx/1.24.0
ETag: "65a54db7-21d"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 541

GET
H/1.1 200
OK gtm.js Show response
tricitatrania.com/landers/8a27d99a68/js/ 105 KB
105 KB 66ms
66ms Script
application/javascript 35.181.189.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tricitatrania.com/landers/8a27d99a68/js/gtm.js
Requested by: Host: tricitatrania.com
URL: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.189.213 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 561157e9ea36b47537dbf374877e8944ffda592059bc67bbd945ebfb12c86658

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:58 GMT
Last-Modified: Mon, 15 Jan 2024 15:22:31 GMT
Server: nginx/1.24.0
ETag: "65a54db7-1a4c1"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107713

GET
H/1.1 200
OK js_ZI6_2vj7mAcmt7DET3cTysQ2vWx4KgSI8F9BXCO6MLs.js Show response
tricitatrania.com/landers/8a27d99a68/js/ 92 KB
92 KB 116ms
37ms Script
application/javascript 35.181.189.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tricitatrania.com/landers/8a27d99a68/js/js_ZI6_2vj7mAcmt7DET3cTysQ2vWx4KgSI8F9BXCO6MLs.js
Requested by: Host: tricitatrania.com
URL: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.189.213 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: fbff9139cb77cbcef29a9f6179e2aae674292c808566025b722044216831d70a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:58 GMT
Last-Modified: Mon, 15 Jan 2024 15:22:31 GMT
Server: nginx/1.24.0
ETag: "65a54db7-16f2e"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93998

GET
H/1.1 200
OK js_wbviaf1FnuQC2z3Y-u2wQ9z9JS0xoIogDzgx8KwoTZ4.js Show response
tricitatrania.com/landers/8a27d99a68/js/ 3 KB
3 KB 162ms
49ms Script
application/javascript 35.181.189.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tricitatrania.com/landers/8a27d99a68/js/js_wbviaf1FnuQC2z3Y-u2wQ9z9JS0xoIogDzgx8KwoTZ4.js
Requested by: Host: tricitatrania.com
URL: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.189.213 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 4d61cf55582333a23de05816f96e82390fcee7c35add5b503085d9886e700d96

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:58 GMT
Last-Modified: Mon, 15 Jan 2024 15:22:31 GMT
Server: nginx/1.24.0
ETag: "65a54db7-b36"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2870

GET
H/1.1 200
OK js_YLWuL2jVmX05BvljwCY5OjBnwmflh27GaADXDn5p9aU.js Show response
tricitatrania.com/landers/8a27d99a68/js/ 2 KB
2 KB 165ms
52ms Script
application/javascript 35.181.189.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tricitatrania.com/landers/8a27d99a68/js/js_YLWuL2jVmX05BvljwCY5OjBnwmflh27GaADXDn5p9aU.js
Requested by: Host: tricitatrania.com
URL: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.189.213 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 2e35593e9b492c38e8287f5c6316852a6d1ee501c6cc0ac41d134488e905f470

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:58 GMT
Last-Modified: Mon, 15 Jan 2024 15:22:31 GMT
Server: nginx/1.24.0
ETag: "65a54db7-63d"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1597

GET
H/1.1 200
OK js_hRt9nuR541NL2XmVwwPNNYbGrnLKvzdgbgPZAG0m4bs.js Show response
tricitatrania.com/landers/8a27d99a68/js/ 120 KB
121 KB 176ms
59ms Script
application/javascript 35.181.189.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tricitatrania.com/landers/8a27d99a68/js/js_hRt9nuR541NL2XmVwwPNNYbGrnLKvzdgbgPZAG0m4bs.js
Requested by: Host: tricitatrania.com
URL: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.189.213 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 5b2efeda3ce387a0de94badabdef7de3939128d49e6751e6ebb2d8a9da4a7535

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:58 GMT
Last-Modified: Mon, 15 Jan 2024 15:22:31 GMT
Server: nginx/1.24.0
ETag: "65a54db7-1e195"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 123285

GET
H/1.1 200
OK warning-symbol.png
tricitatrania.com/landers/8a27d99a68/images/ 673 B
911 B 146ms
107ms Image
image/png 35.181.189.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tricitatrania.com/landers/8a27d99a68/images/warning-symbol.png
Requested by: Host: tricitatrania.com
URL: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.189.213 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: ec1c5ab997ef021ea898e6dae7a23b33910de2d0d61daa884087972a2761926e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:58 GMT
Last-Modified: Mon, 15 Jan 2024 15:22:31 GMT
Server: nginx/1.24.0
ETag: "65a54db7-2a1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 673

GET
H/1.1 200
OK bg-image-dsktp-es.jpg
tricitatrania.com/landers/8a27d99a68/images/ 137 KB
137 KB 61ms
60ms Image
image/jpeg 35.181.189.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tricitatrania.com/landers/8a27d99a68/images/bg-image-dsktp-es.jpg
Requested by: Host: tricitatrania.com
URL: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.189.213 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: bad9d0886ee4a4e704dadc9b11c3542d6bde36dd5f320c5f3379ad8a1950ba71

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:58 GMT
Last-Modified: Mon, 15 Jan 2024 15:22:31 GMT
Server: nginx/1.24.0
ETag: "65a54db7-22314"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 140052

GET
H/1.1 200
OK badgesecure_83x73_es_2x.png
tricitatrania.com/landers/8a27d99a68/images/ 541 B
541 B 45ms
44ms Image
image/png 35.181.189.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tricitatrania.com/landers/8a27d99a68/images/badgesecure_83x73_es_2x.png
Requested by: Host: tricitatrania.com
URL: https://tricitatrania.com/landers/8a27d99a68/css/css_2t9Mj64Q9a3_lbnbuG4qfdMnqfFHL1vGlAm53Pai8QI.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.189.213 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tricitatrania.com/landers/8a27d99a68/css/css_2t9Mj64Q9a3_lbnbuG4qfdMnqfFHL1vGlAm53Pai8QI.css
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:58 GMT
Last-Modified: Mon, 15 Jan 2024 15:22:31 GMT
Server: nginx/1.24.0
ETag: "65a54db7-21d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 541

GET
H/1.1 200
OK videochat_badge_es_2x.png
tricitatrania.com/landers/8a27d99a68/images/ 541 B
541 B 44ms
43ms Image
image/png 35.181.189.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tricitatrania.com/landers/8a27d99a68/images/videochat_badge_es_2x.png
Requested by: Host: tricitatrania.com
URL: https://tricitatrania.com/landers/8a27d99a68/css/css_2t9Mj64Q9a3_lbnbuG4qfdMnqfFHL1vGlAm53Pai8QI.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.189.213 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tricitatrania.com/landers/8a27d99a68/css/css_2t9Mj64Q9a3_lbnbuG4qfdMnqfFHL1vGlAm53Pai8QI.css
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:58 GMT
Last-Modified: Mon, 15 Jan 2024 15:22:31 GMT
Server: nginx/1.24.0
ETag: "65a54db7-21d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 541

GET
H/1.1 200
OK logo-claim_es.svg
tricitatrania.com/landers/8a27d99a68/images/ 4 KB
4 KB 43ms
42ms Image
image/svg+xml 35.181.189.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tricitatrania.com/landers/8a27d99a68/images/logo-claim_es.svg
Requested by: Host: tricitatrania.com
URL: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.189.213 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: e7fe075616191aa2f30eff1cfe6bac66c731139f0c09213a8cfc30c8a7856f7a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:58 GMT
Last-Modified: Mon, 15 Jan 2024 15:22:31 GMT
Server: nginx/1.24.0
ETag: "65a54db7-f62"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3938

GET
H/1.1 200
OK advantages-tick.png
tricitatrania.com/landers/8a27d99a68/images/ 860 B
1 KB 45ms
44ms Image
image/png 35.181.189.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tricitatrania.com/landers/8a27d99a68/images/advantages-tick.png
Requested by: Host: tricitatrania.com
URL: https://tricitatrania.com/landers/8a27d99a68/css/css_2t9Mj64Q9a3_lbnbuG4qfdMnqfFHL1vGlAm53Pai8QI.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.189.213 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 4c14dfde23d9aaa5b5fae2d06f93eb72ec43006329bd6fa1a85b7bbd25d05b12

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tricitatrania.com/landers/8a27d99a68/css/css_2t9Mj64Q9a3_lbnbuG4qfdMnqfFHL1vGlAm53Pai8QI.css
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:58 GMT
Last-Modified: Mon, 15 Jan 2024 15:22:31 GMT
Server: nginx/1.24.0
ETag: "65a54db7-35c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 860

GET
H/1.1 404
Not Found favicon.ico
tricitatrania.com/ 555 B
373 B 42ms
39ms Other
text/html 35.181.189.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tricitatrania.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.181.189.213 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-181-189-213.eu-west-3.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 00:49:58 GMT
Content-Encoding: gzip
Server: nginx/1.24.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H3 200 script.js Show response
userstatics.com/get/ 133 B
655 B 171ms
63ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userstatics.com/get/script.js?referrer=https://tricitatrania.com/click.php?key=zcj577mijkktt8hxj5lm&SUB_ID_SHORT=3c773bb7fcb663e51f7de4c9b3481cf8&PLACEMENT_ID=16248985&CAMPAIGN_ID=1028156&PUBLISHER_ID=72626&ZONE_ID=1546399
Requested by: Host: tricitatrania.com
URL: https://tricitatrania.com/landers/8a27d99a68/js/gtm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://tricitatrania.com/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 00:49:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://tricitatrania.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I9IvLoSx1rZlWTJwfymtZnt05qO%2B84scNy7ts7pGMh1%2BZFq%2BpG%2BpWzHJ21hKNRodueqQcsOEYjXMM9522Gh8PYq2fo9fmNqlNYxjqcDdD1gMEsxg1X0L3hrQyi1XEfjOlKQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 895f85bb2f30948a-LHR
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: indiscreetjobroutine.com
URL: https://indiscreetjobroutine.com/pixel/purst?dl=0&th=0&sc=0&rs=2968.099998474121&rd=2968.099998474121&fd=646.2000045776367&bv=24.5.8221&tmpl=136

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ballisticforgotten.com/84/93/2d	1970-01-20 21:46:07	Name: 4b4e7ab587d59b22ad7bcd2439afc363_FEATURES-1829_new Value: 0
.old.sermitsiaq.ag/	1970-01-21 07:01:58	Name: sc_is_visitor_unique Value: rx12561151.1718758196.1867310997674FA6B818624684D4A349.1.1.1.1.1.1.1.1.1
.sermitsiaq.ag/	1970-01-21 07:01:58	Name: _ga Value: GA1.1.512155448.1718758196
.statcounter.com/	1970-01-21 07:01:58	Name: is_unique Value: sc12561151.1718758196.0
.statcounter.com/	1970-01-21 07:01:58	Name: is_visitor_unique Value: 1718758196260385098
proftrafficcounter.com/	1970-01-21 07:01:58	Name: uid_id2 Value: f9274885-7959-4f10-b17c-203dd141fc0e:2:1
old.sermitsiaq.ag/	1970-01-20 21:36:02	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: f9274885-7959-4f10-b17c-203dd141fc0e%3A2%3A1
ballisticforgotten.com/	1970-01-20 21:27:24	Name: u_pl Value: 16248985
ballisticforgotten.com/	1970-01-20 21:25:58	Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI0ODk4NSwiayI6IjEzNmQ0ZTI0OWViNWMyY2E2M2Q0ZGQwZGU4MjA1ZTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ2Mzk5LCJwaWQiOjcyNjI2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM1LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJmOTZlcHllbSIsImNwa3MiOnsiMjgiOiI4NDkzMmQ0MDY1MzgyNzc5NTYyNWYyMTc5ZDQzYWI1MiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjQ3ODQxNDQwLCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTMzNDY4LCJibiI6IkNocm9tZSIsImJ2IjoiMTI2Iiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6NzcsImMiOiJHQiIsIm4iOiJVbml0ZWQgS2luZ2RvbSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJyaXRpc2ggVGVsZWNvbW11bmljYXRpb25zIFBMQyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vb2xkLnNlcm1pdHNpYXEuYWcvZW4vcG93ZXJwb2ludC1jeWNsZS10ZW1wbGF0ZS5odG1sIiwiYXIiOltdfX0.H5xrtj66XcAm1kD3fDnBYJLb4nGZB7KIUtxcoXU9hTM
old.sermitsiaq.ag/	1970-01-20 21:26:01	Name: pp_show_on_84932d40653827795625f2179d43ab52 Value: 1
ballisticforgotten.com/	1970-01-20 21:36:02	Name: uid_id2 Value: f9274885-7959-4f10-b17c-203dd141fc0e:2:1
ballisticforgotten.com/	1970-01-20 21:27:24	Name: iprc35c7ebd8404558c9f6cc405e966b0a2b Value: 5196785
ballisticforgotten.com/	1970-01-20 21:27:24	Name: pdhtkv Value: true
ballisticforgotten.com/	1970-01-20 21:27:24	Name: uncs Value: 1
ballisticforgotten.com/	1970-01-20 21:27:24	Name: pdhtkv23 Value: true
ballisticforgotten.com/	1970-01-20 21:27:24	Name: uncs23 Value: 1
tricitatrania.com/	1970-01-20 21:27:24	Name: uclick Value: q5e2a6a50
tricitatrania.com/	1970-01-20 21:27:24	Name: uclickhash Value: q5e2a6a50-q5e2a6a50-2tyd-e2ci-dvej-h9hqi4-h9hqfe-cec839
.sermitsiaq.ag/	1970-01-21 07:01:58	Name: _ga_S5MTG642M7 Value: GS1.1.1718758196.1.0.1718758198.0.0.0
tricitatrania.com/	1969-12-31 23:59:59	Name: has_js Value: 1
tricitatrania.com/	1970-01-20 21:26:37	Name: PHPREFS Value: full

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://xss.my.id/theme/batman/head.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xss.my.id/theme/batman/headcode.js?v=55741, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/theme/batman/head.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xss.my.id/theme/batman/headcode.js?v=55741, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/theme/batman/body.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xss.my.id/ads/banner-loading.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/theme/batman/body.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xss.my.id/ads/banner-loading.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/theme/batman/body.js(Line 16) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://xss.my.id/ads/lekinapotencje.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/ads/banner-loading.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/136d4e249eb5c2ca63d4dd0de8205e70/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://xss.my.id/ads/banner-loading.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.topcreativeformat.com/136d4e249eb5c2ca63d4dd0de8205e70/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://tricitatrania.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
ballisticforgotten.com
blogger.googleusercontent.com
c.statcounter.com
cdn.slidemodel.com
images.presentationgo.com
indiscreetjobroutine.com
old.sermitsiaq.ag
powerslides.com
proftrafficcounter.com
recordedthereby.com
slidebazaar.com
sstatic1.histats.com
tricitatrania.com
userstatics.com
www.ciloart.com
www.google-analytics.com
www.googletagmanager.com
www.pikpng.com
www.statcounter.com
www.topcreativeformat.com
xss.my.id
indiscreetjobroutine.com
104.20.94.138
149.56.240.127
172.240.108.76
18.194.54.118
181.214.142.2
188.114.97.3
192.243.59.13
203.161.58.136
209.151.145.24
2600:9000:2490:8800:1b:322c:43c0:93a1
2606:4700:20::681a:2c4
2606:4700:20::ac43:44e9
2a00:1450:4001:808::200e
2a00:1450:4001:81d::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2001
2a06:98c1:3120::3
35.181.189.213
85.159.213.158
0945fe3a61695442eb768ac7aa14a649c4b25bfb8faab8359207846fa45331c5
0e88d273060f60e43f87739e8c7ea3fea2bbb58addee6efc8217863ea88e2c49
29850812a0eb2a0df2f6a9be636a447e811eeee4c6fafe8ca38688a242a39804
2e35593e9b492c38e8287f5c6316852a6d1ee501c6cc0ac41d134488e905f470
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf
3e3dae6d83faf1aeaa50beb99fda4b0eb19ac81f11f102e89ffff6b2414b4033
4c14dfde23d9aaa5b5fae2d06f93eb72ec43006329bd6fa1a85b7bbd25d05b12
4d61cf55582333a23de05816f96e82390fcee7c35add5b503085d9886e700d96
4f8fb36b023b5c3534b31781900ee7c0e912c3af79130414a36a98322f5040da
5598568c6c5805f506c72a656a728cdaf65d9bbf3e4f49c7e2c286ebddf42bac
561157e9ea36b47537dbf374877e8944ffda592059bc67bbd945ebfb12c86658
565eba1700ab049849db10a39e811abe83ae04d754c259df6ffaebd093b43f6b
5a1baa4a134cea273f14e9b8f79f7636d6d2c5b256fe4bada9d0c8a23786f842
5b2efeda3ce387a0de94badabdef7de3939128d49e6751e6ebb2d8a9da4a7535
5cf44280599030b1d50e6d265d8d47786445c1306867e7025a6d7c1f64a6d11d
5ed361139eddb634e14734940c22ff5a1e285d9b90e60066e652905229e1e451
7316c367fe324e0a4122c50a7b5df1bac93928e82643dbbddf18be9576c91ffa
7b8ea2a51ec8f81286d5a610788610f861ed83ed100e09b1ca9e6087bb597b8d
8076b082eadf0cab4a8823dbd7628a0b44f174c17b3221221c0e31e7c60307a2
8b90117611bb8564ff3e14f13c7034a79977a95e6ffd4dedbdf429cedbfdd1f0
8c17a51c5a7319e3c3f85b493fee48cfee1c2467c61fa8b0de964e5d85cf72ce
99208b16ce2000cafc77206b055d8960948e5e7090e6fbef909f7d43e7b8a1a7
9a9ec00644f790f6fc628a885bd9291a3e5861eeb7c9b34f49484087b09f49ab
9f9a4c2c31f080dd51aa193317b994263dcf60c45784621e53f5049bdba6ae7d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a6b293451a19dfb0f68649e5ceabac93b2d4155e64fe7f3e3af21a19984e2368
a81dbf53c56ae1f6ec66d2d7d6f153c09003a3f3459d84e166ec0b3482ce6f86
b10a2e374b31717f9c73e7c4f034bf231eda994cebeffa719d688b20c06006d3
bad9d0886ee4a4e704dadc9b11c3542d6bde36dd5f320c5f3379ad8a1950ba71
cdabb4930355af23406648d3ae6e0c6f798bb4b521d1aa87aceb0cd284fe8946
ce53fdd708d3236116f1cea88adee6a0ce58511132369a01320936a08dedcb45
d1e770c7496be0559bbd294a8e10b207e196c2397b3671816d240390f7c6d5cd
dbfaf0072052a28b352b6d531486945a9cc7a6346a719b72c2b00664694f34dc
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7fe075616191aa2f30eff1cfe6bac66c731139f0c09213a8cfc30c8a7856f7a
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ec1c5ab997ef021ea898e6dae7a23b33910de2d0d61daa884087972a2761926e
fbff9139cb77cbcef29a9f6179e2aae674292c808566025b722044216831d70a

tricitatrania.com Open in urlscan Pro 35.181.189.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

95 %HTTPS

42 %IPv6

21 Domains

22 Subdomains

20 IPs

7 Countries

1515 kBTransfer

2154 kBSize

21 Cookies

1 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

tricitatrania.com Open in urlscan Pro
35.181.189.213 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

95 %
HTTPS

42 %
IPv6

21
Domains

22
Subdomains

20
IPs

7
Countries

1515 kB
Transfer

2154 kB
Size

21
Cookies

44 HTTP transactions
0 data transactions