urlscan.io logo urlscan.io
SecurityTrails logo

buhitter.com Open in urlscan Pro
35.201.192.156  Public Scan

Go To Rescan Add Verdict Report
URL: https://buhitter.com/
Submission Tags: @phish_report
Submission: On August 28 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 6 countries across 13 domains to perform 49 HTTP transactions. The main IP is 35.201.192.156, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is buhitter.com. The Cisco Umbrella rank of the primary domain is 986068.
TLS certificate: Issued by JPRS Domain Validation Authority - G4 on March 26th 2023. Valid for: a year.
This is the only time buhitter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    35.201.192.156 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 156.192.201.35.bc.googleusercontent.com
buhitter.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
7    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    202.231.228.162 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
fam-8.net
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.no
6    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
pbs.twimg.com
3    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    202.210.188.68 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
img.fam-ad.com
Apex Domain
Subdomains		 Transfer
10 fam-ad.com
img.fam-ad.com — Cisco Umbrella Rank: 599491
232 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
270 KB
6 twimg.com
pbs.twimg.com — Cisco Umbrella Rank: 1054
752 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
10 KB
4 fam-8.net
fam-8.net — Cisco Umbrella Rank: 214034
20 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
region1.google-analytics.com — Cisco Umbrella Rank: 2412
21 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
139 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2782
47 KB
2 buhitter.com
buhitter.com — Cisco Umbrella Rank: 986068
32 KB
1 google.no
www.google.no — Cisco Umbrella Rank: 28984
408 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1120
603 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 736
30 KB
49 13
Domain Requested by
10 img.fam-ad.com fam-8.net
code.jquery.com
7 pagead2.googlesyndication.com buhitter.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 pbs.twimg.com buhitter.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 fam-8.net buhitter.com
fam-8.net
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google.com buhitter.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com buhitter.com
www.googletagmanager.com
2 stackpath.bootstrapcdn.com buhitter.com
2 buhitter.com buhitter.com
1 www.google.no buhitter.com
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 code.jquery.com buhitter.com
49 16

This site contains links to these domains. Also see Links.

Domain
twitter.com
fam-8.net
Subject Issuer Validity Valid
www.buhitter.com
JPRS Domain Validation Authority - G4		 2023-03-26 -
2024-03-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
fam-8.net
FujiSSL Public Validation Authority - G3		 2023-05-17 -
2024-06-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.no
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
img.fam-ad.com
FujiSSL Public Validation Authority - G3		 2023-01-12 -
2024-02-01		 a year crt.sh

This page contains 7 frames:

Primary Page: https://buhitter.com/
Frame ID: AF477895929907D15695624425FF8D9A
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html
Frame ID: 7A33CE63EE39A94124989166953D513D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1496805715999245&output=html&adk=1812271804&adf=3025194257&lmt=1693237563&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fbuhitter.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693248363325&bpp=3&bdt=720&idt=306&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1417050721342&frm=20&pv=2&ga_vid=458247484.1693248363&ga_sid=1693248364&ga_hid=388203156&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44798878%2C44759876%2C31076838%2C31077372%2C31077388%2C21065725&oid=2&pvsid=2856497651485207&tmod=357737825&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=334
Frame ID: 3E5420B6FE88B4DBAEA69994B48E5FA5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1496805715999245&output=html&h=280&slotname=7794631282&adk=341587461&adf=3380050871&pi=t.ma~as.7794631282&w=1140&fwrn=4&fwrnh=100&lmt=1693237563&rafmt=1&format=1140x280&url=https%3A%2F%2Fbuhitter.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693248363328&bpp=2&bdt=723&idt=341&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1417050721342&frm=20&pv=1&ga_vid=458247484.1693248363&ga_sid=1693248364&ga_hid=388203156&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44798878%2C44759876%2C31076838%2C31077372%2C31077388%2C21065725&oid=2&pvsid=2856497651485207&tmod=357737825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Yr70eYBwZw&p=https%3A//buhitter.com&dtd=346
Frame ID: 0F72F886727B579A9F8E1BBF274BDBA7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1496805715999245&output=html&h=280&slotname=2290299721&adk=3344866223&adf=2943865415&pi=t.ma~as.2290299721&w=1140&fwrn=4&fwrnh=100&lmt=1693237566&rafmt=1&format=1140x280&url=https%3A%2F%2Fbuhitter.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693248366921&bpp=19&bdt=4316&idt=19&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D62286440d9dcd10f-22c67b955ede00c6%3AT%3D1693248363%3ART%3D1693248363%3AS%3DALNI_MbluznMdyhNIE-zr0Wn-Da_z4np4w&gpic=UID%3D00000c69ab0cbbda%3AT%3D1693248363%3ART%3D1693248363%3AS%3DALNI_MZO2MkBA6BPXe2hjWeVCqs-Oofnpg&prev_fmts=0x0%2C1140x280&nras=1&correlator=1417050721342&frm=20&pv=1&ga_vid=458247484.1693248363&ga_sid=1693248364&ga_hid=388203156&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=6263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44798878%2C44759876%2C31076838%2C31077372%2C31077388%2C21065725&oid=2&pvsid=2856497651485207&tmod=357737825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=T3MDuwEX8L&p=https%3A//buhitter.com&dtd=22
Frame ID: A125EA74BBAF00BEC785A739E2F72296
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A52897DBA0321ED15580A0D7AB977313
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 43F37789FD69C2100294BD7CADAA20FF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Twitterイラスト検索。Buhitter !

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

100 %
HTTPS

81 %
IPv6

13
Domains

16
Subdomains

17
IPs

6
Countries

1556 kB
Transfer

3074 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
buhitter.com/ 		151 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buhitter.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.192.156 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.192.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
65fd07f7d29bc6ee6a791bd8826dd6e98810f65494fb88dd416f1190cde31b91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 28 Aug 2023 18:46:02 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buhitter.com/
Origin
https://buhitter.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
756
age
7156025
cdn-cachedat
12/27/2021 07:28:05
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
03ce6f797d3a14f3dca7053985515bae
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7fdeb6fb4a320b55-OSL
cdn-requestpullsuccess
True
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://buhitter.com/
Origin
https://buhitter.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:02 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d84"
vary
Accept-Encoding
x-hw
1693248362.dop224.sk1.t,1693248362.cds214.sk1.hn,1693248362.cds208.sk1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
bootstrap.bundle.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buhitter.com/
Origin
https://buhitter.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601, 617, 617
age
6682618
cdn-cachedat
2021-08-02 20:29:51
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
52764fb27abbd5a15b105f5ee0c9e620
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7fdeb6fb4a350b55-OSL
cdn-requestpullsuccess
True
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3bcb642e4cf81fec77ce1e26c75d8c77b584f6628d851654583e9484051598f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50946
x-xss-protection
0
server
cafe
etag
11919365298335314210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 18:46:03 GMT
pre-loader.gif
buhitter.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buhitter.com/img/pre-loader.gif
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.201.192.156 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.192.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
07eff9d9f81261e700e6812c2a47f189153f25c1d5bbc8c78af811e4d567a10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Fri, 14 Jul 2023 11:16:07 GMT
server
nginx
etag
"64b12e77-e41"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
max-age=604800
accept-ranges
bytes
content-length
3649
expires
Mon, 04 Sep 2023 18:46:02 GMT
fam8-tagify.min.js
fam-8.net/ad/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fam-8.net/ad/js/fam8-tagify.min.js
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
/
Resource Hash
4bd55f89acdfd8dda416b2e6e81c302be408e8a03b9ff2f5b43f1262604cf395

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 28 Aug 2023 18:46:04 GMT
Last-Modified
Sat, 12 Jan 2019 00:17:54 GMT
ETag
W/"2306-1547252274000"
Content-Type
application/javascript
Access-Control-Allow-Credentials
true
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
2306
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1496805715999245
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d12402b34933c940b02fdac22a9ae353d334e6e23b140aefdf0af739b5fb997f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhitter.com/
Origin
https://buhitter.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51256
x-xss-protection
0
server
cafe
etag
9976604826933570433
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 18:46:03 GMT
gtm.js
www.googletagmanager.com/ 		139 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WH4L999
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9800e875ced34defb383527a33a124ecf27354ccedcc8ce1bd23eada3e11cf4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53785
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Aug 2023 18:46:03 GMT
truncated
/ 		198 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml;charset=utf8
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WH4L999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Aug 2023 17:44:23 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3700
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 28 Aug 2023 19:44:23 GMT
js
www.googletagmanager.com/gtag/ 		252 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-74YKYKK7PB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WH4L999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db9303408aa5a1d62a874e8ddc5a18128b7223888d961abd0c95d937c0af2fe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87620
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 28 Aug 2023 18:46:03 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/ 		392 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1496805715999245&plah=buhitter.com&bust=31077388
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
363cbb3f3e164ad115025664da8e5376b8f2d400c28c996eeaeea60cdabe19fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134499
x-xss-protection
0
server
cafe
etag
3062997360424959208
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 18:46:03 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/ Frame 7A33 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhitter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

age
19462
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 13:21:41 GMT
etag
9878862242593084568
expires
Mon, 11 Sep 2023 13:21:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-74YKYKK7PB&gtm=45je38n0&_p=388203156&cid=458247484.1693248363&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693248363&sct=1&seg=0&dl=https%3A%2F%2Fbuhitter.com%2F&dt=Twitter%E3%82%A4%E3%83%A9%E3%82%B9%E3%83%88%E6%A4%9C%E7%B4%A2%E3%80%82Buhitter%20!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74YKYKK7PB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 18:46:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhitter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=388203156&t=pageview&_s=1&dl=https%3A%2F%2Fbuhitter.com%2F&ul=en-us&de=UTF-8&dt=Twitter%E3%82%A4%E3%83%A9%E3%82%B9%E3%83%88%E6%A4%9C%E7%B4%A2%E3%80%82Buhitter%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=549496389&gjid=1434970304&cid=458247484.1693248363&tid=UA-115935434-1&_gid=422359199.1693248364&_r=1&_slc=1&gtm=45He38n0n81WH4L999&z=758244642
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://buhitter.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 18:46:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhitter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		391 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=buhitter.com&callback=_gfp_s_&client=ca-pub-1496805715999245
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1496805715999245&plah=buhitter.com&bust=31077388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5d60016649c7c627e695c8311c94114c4cca847437e2d1dd80555fc824f42a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3E54 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1496805715999245&output=html&adk=1812271804&adf=3025194257&lmt=1693237563&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fbuhitter.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693248363325&bpp=3&bdt=720&idt=306&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1417050721342&frm=20&pv=2&ga_vid=458247484.1693248363&ga_sid=1693248364&ga_hid=388203156&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44798878%2C44759876%2C31076838%2C31077372%2C31077388%2C21065725&oid=2&pvsid=2856497651485207&tmod=357737825&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=334
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1496805715999245&plah=buhitter.com&bust=31077388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a51fc02279f0b0b7ef95c89d2a5f6b96d8ee32cd260ddfd3271beb0406b4c4a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhitter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
4279
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 18:46:03 GMT
expires
Mon, 28 Aug 2023 18:46:03 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0F72 		436 B
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1496805715999245&output=html&h=280&slotname=7794631282&adk=341587461&adf=3380050871&pi=t.ma~as.7794631282&w=1140&fwrn=4&fwrnh=100&lmt=1693237563&rafmt=1&format=1140x280&url=https%3A%2F%2Fbuhitter.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693248363328&bpp=2&bdt=723&idt=341&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1417050721342&frm=20&pv=1&ga_vid=458247484.1693248363&ga_sid=1693248364&ga_hid=388203156&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44798878%2C44759876%2C31076838%2C31077372%2C31077388%2C21065725&oid=2&pvsid=2856497651485207&tmod=357737825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Yr70eYBwZw&p=https%3A//buhitter.com&dtd=346
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1496805715999245&plah=buhitter.com&bust=31077388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04238178ee42d537cf6d693a01a116a443f6944c48e2062bb538fcacccf10814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhitter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 18:46:04 GMT
expires
Mon, 28 Aug 2023 18:46:04 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-115935434-1&cid=458247484.1693248363&jid=549496389&gjid=1434970304&_gid=422359199.1693248364&_u=YADAAEAAAAAAACAAI~&z=1189344359
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buhitter.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 28 Aug 2023 18:46:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buhitter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-115935434-1&cid=458247484.1693248363&jid=549496389&_u=YADAAEAAAAAAACAAI~&z=1545409182
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 18:46:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.no/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-115935434-1&cid=458247484.1693248363&jid=549496389&_u=YADAAEAAAAAAACAAI~&z=1545409182
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 18:46:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
latest-version
fam-8.net/ad/p/ 		41 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fam-8.net/ad/p/latest-version
Requested by
Host: fam-8.net
URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
/
Resource Hash
001fca0c70a55362c8ae8e33ac675fe8e5054439537b10ae75de374cd5a68f07

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 28 Aug 2023 18:46:05 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://buhitter.com
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
41
pjs-1.0.3.min.js
fam-8.net/ad/js/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fam-8.net/ad/js/pjs-1.0.3.min.js
Requested by
Host: fam-8.net
URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
/
Resource Hash
3486e75cbcec83fac64b744262840c0cf45746e11e15b158b652bc451c849ab7

Request headers

Referer
https://buhitter.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 28 Aug 2023 18:46:06 GMT
Last-Modified
Wed, 14 Oct 2020 06:13:36 GMT
ETag
W/"14916-1602656016000"
Content-Type
application/javascript
Access-Control-Allow-Credentials
true
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
14916
js
fam-8.net/ad/p/ 		1023 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fam-8.net/ad/p/js?_site=7444&_mloc=35202&_jsasync=1&_ref=&_nocache=1693248366918773025
Requested by
Host: fam-8.net
URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
/
Resource Hash
09ccd3477cbf350fe4b3f8079b506e8196cb1e26194ad84577768f6309e17a7c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 28 Aug 2023 18:46:07 GMT
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
https://buhitter.com
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
1023
ads
googleads.g.doubleclick.net/pagead/ Frame A125 		436 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1496805715999245&output=html&h=280&slotname=2290299721&adk=3344866223&adf=2943865415&pi=t.ma~as.2290299721&w=1140&fwrn=4&fwrnh=100&lmt=1693237566&rafmt=1&format=1140x280&url=https%3A%2F%2Fbuhitter.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693248366921&bpp=19&bdt=4316&idt=19&shv=r20230824&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D62286440d9dcd10f-22c67b955ede00c6%3AT%3D1693248363%3ART%3D1693248363%3AS%3DALNI_MbluznMdyhNIE-zr0Wn-Da_z4np4w&gpic=UID%3D00000c69ab0cbbda%3AT%3D1693248363%3ART%3D1693248363%3AS%3DALNI_MZO2MkBA6BPXe2hjWeVCqs-Oofnpg&prev_fmts=0x0%2C1140x280&nras=1&correlator=1417050721342&frm=20&pv=1&ga_vid=458247484.1693248363&ga_sid=1693248364&ga_hid=388203156&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=6263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44798878%2C44759876%2C31076838%2C31077372%2C31077388%2C21065725&oid=2&pvsid=2856497651485207&tmod=357737825&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=T3MDuwEX8L&p=https%3A//buhitter.com&dtd=22
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1496805715999245&plah=buhitter.com&bust=31077388
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42e8636ad2334dd4ddde2f83c769c055ed5f5a97b67efe71aa3c5e5f1e880bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhitter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 18:46:07 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
o6Ixo-dS_normal.jpg
pbs.twimg.com/profile_images/1621130686890643457/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1621130686890643457/o6Ixo-dS_normal.jpg
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F705) /
Resource Hash
15b46655fc75fc8a9ad81a01ff29a0834947dcbe6a57c487fbea2ff244df828e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:07 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
261887
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
1731
x-response-time
114
surrogate-key
profile_images profile_images/bucket/4 profile_images/1621130686890643457
last-modified
Thu, 02 Feb 2023 12:55:29 GMT
server
ECS (ska/F705)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
38719bbd2ec3f4b8
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
5f817a806a365dcbe550f6a3a294ac67c290c06b37dd464914c1d249897426ac
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
F4k0NpobEAETfco.jpg
pbs.twimg.com/media/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/F4k0NpobEAETfco.jpg
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F718) /
Resource Hash
695b496dc6e7182fcf717e7c1170cd645ad6bd36908468031420c11bcbfdac4a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:07 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
68526
x-cache
MISS
server-timing
x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length
112116
x-response-time
223
surrogate-key
media media/bucket/3 media/1695944143800045569
last-modified
Sun, 27 Aug 2023 23:37:27 GMT
server
ECS (ska/F718)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
43915d1eeccdc5b2
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
3f3ed6875a771434105003a575474ee67c8a11f2984e36f5efe563bc0f69c036
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
vndu-ZJN_normal.jpg
pbs.twimg.com/profile_images/1690303671396188160/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1690303671396188160/vndu-ZJN_normal.jpg
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F718) /
Resource Hash
c0cb7d297605b3142c1b5fcbd4eb18e7f5c8715bb4d0d7a267c0a26b84a5d172
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:07 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
191653
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
1959
x-response-time
118
surrogate-key
profile_images profile_images/bucket/0 profile_images/1690303671396188160
last-modified
Sat, 12 Aug 2023 10:04:14 GMT
server
ECS (ska/F718)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
8ec9238f2ca96737
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
baaefecc94627e6ef5d6f1783d67d2e918b543cefecdfbca818a8d71db661ba0
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
F4koUp0bYAACBuW.jpg
pbs.twimg.com/media/ 		339 KB
339 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/F4koUp0bYAACBuW.jpg
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F705) /
Resource Hash
7352c4bc8e2a276dae7dfbf4452410179066f43193fc09bb1b9a1018511c2d3b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:07 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
71799
x-cache
MISS
server-timing
x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length
346949
x-response-time
240
surrogate-key
media media/bucket/7 media/1695931069969948672
last-modified
Sun, 27 Aug 2023 22:45:30 GMT
server
ECS (ska/F705)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
5037651b24758641
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
37e10cd77c36e889854ecedb4a257697af4ca841c8110feb332a0b5828069250
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
RPCTRIJV_normal.jpg
pbs.twimg.com/profile_images/1591958200118644736/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1591958200118644736/RPCTRIJV_normal.jpg
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F6FC) /
Resource Hash
8ae7250a914cac69836da1cce6e1dfd7f8a2b37bd7717674bd3647011c75d271
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:07 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
117837
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
2339
x-response-time
113
surrogate-key
profile_images profile_images/bucket/2 profile_images/1591958200118644736
last-modified
Mon, 14 Nov 2022 00:54:26 GMT
server
ECS (ska/F6FC)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
bcc6ea06d9b0b9e0
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
ea27b3e15822e48172c0c3aec5a47288ca3fb0f0cadd810d709437825d0bf9ed
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
F4kffPYb0AAvmH6.jpg
pbs.twimg.com/media/ 		296 KB
296 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/F4kffPYb0AAvmH6.jpg
Requested by
Host: buhitter.com
URL: https://buhitter.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F716) /
Resource Hash
5f42b5f912151ace72e80ed85d8f65aa2614d99b6f0acc4acaa22c7605219c1b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:07 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
74161
x-cache
MISS
server-timing
x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length
303036
x-response-time
229
surrogate-key
media media/bucket/6 media/1695921356247126016
last-modified
Sun, 27 Aug 2023 22:06:54 GMT
server
ECS (ska/F716)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
011bfd5280b37ba1
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
e918bc25948b2ba5955b583a690f9aea3035d99761f29ec7cd877f29f7ab27c8
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230824&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1496805715999245&plah=buhitter.com&bust=31077388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
007888d272c7f81cea3cb3d4b9b202cf16af7df92c2a5f3b1fee96bb80d25d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11777
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1496805715999245&plah=buhitter.com&bust=31077388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Aug 2023 18:46:07 GMT
scrbnr.js
img.fam-ad.com/img/admin/js/fam-plugin/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.fam-ad.com/img/admin/js/fam-plugin/scrbnr.js
Requested by
Host: fam-8.net
URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.68 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
2ac1d549c7d95a290ca499512fd9e0f85752e3f6d4c15c5c6a1a1fa656fa17dd

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 28 Aug 2023 18:51:18 GMT
Last-Modified
Wed, 26 Apr 2023 03:40:13 GMT
Server
Apache
ETag
"12fd26b-d51-5fa34ff5bc140"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
3409
scrbnr.css
img.fam-ad.com/img/admin/js/fam-plugin/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.fam-ad.com/img/admin/js/fam-plugin/scrbnr.css
Requested by
Host: fam-8.net
URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.68 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
42795b45ac2186fafec12a53dbfa90a6e812829c99291fbd265b5889095f20c3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 28 Aug 2023 18:51:19 GMT
Last-Modified
Wed, 21 Dec 2022 03:42:24 GMT
Server
Apache
ETag
"12fd26a-b5f-5f04e57296800"
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
2911
1000x1300_004.jpg
img.fam-ad.com/img/admin/movie_ad/plusmate/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.fam-ad.com/img/admin/movie_ad/plusmate/1000x1300_004.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.68 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
d1a58a76b610781dcbf878176e702045d25c23409d7cb02c672e8ae751d121a2

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 28 Aug 2023 18:51:19 GMT
Last-Modified
Wed, 04 Jan 2023 03:50:03 GMT
Server
Apache
ETag
"1318bc6-c1ca-5f168144c70c0"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
49610
heart_icon.png
img.fam-ad.com/img/admin/material/scrbnr/plusmate/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.fam-ad.com/img/admin/material/scrbnr/plusmate/heart_icon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.68 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
e013257163cd808f303e9052d64aaae842d175c39454ab0626fcf48ae97bca1a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 28 Aug 2023 18:51:20 GMT
Last-Modified
Tue, 27 Dec 2022 06:01:42 GMT
Server
Apache
ETag
"1318bbf-1354-5f0c8fc629d80"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
4948
arrow_icon.png
img.fam-ad.com/img/admin/material/scrbnr/plusmate/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.fam-ad.com/img/admin/material/scrbnr/plusmate/arrow_icon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.68 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
1ce890b1bfb464aa3e64141758deb02dda7f6f255d1743039ec585237e684cdc

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 28 Aug 2023 18:51:20 GMT
Last-Modified
Tue, 27 Dec 2022 06:01:42 GMT
Server
Apache
ETag
"1318bbe-1118-5f0c8fc629d80"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
4376
txt004.png
img.fam-ad.com/img/admin/material/scrbnr/plusmate/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.fam-ad.com/img/admin/material/scrbnr/plusmate/txt004.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.68 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
afed1604667af65fc17e3951212f7ba68e6856d63c3683b8e8b72d10a1c301e6

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 28 Aug 2023 18:51:21 GMT
Last-Modified
Fri, 28 Apr 2023 04:49:55 GMT
Server
Apache
ETag
"1318e10-183c6-5fa5e344ec2c0"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
99270
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A528 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://buhitter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
2265
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 18:08:26 GMT
expires
Tue, 27 Aug 2024 18:08:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 43F3 		829 B
979 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
84c64f89ff69e88fe3aca3c4e66033dd9c4f8303d4f6498daca6de0d0d700940
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-_5dndlyQuhgW2YeA3yNo_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buhitter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
535
content-security-policy
script-src 'nonce-_5dndlyQuhgW2YeA3yNo_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 18:46:11 GMT
expires
Mon, 28 Aug 2023 18:46:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 43F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230824&jk=2856497651485207&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers
oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
pagead2.googlesyndication.com/bg/ Frame A528 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 27 Aug 2023 19:55:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
82251
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14795
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Aug 2024 19:55:20 GMT
generate_204
tpc.googlesyndication.com/ Frame A528 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?VVTYmA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 28 Aug 2023 18:46:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230824&jk=2856497651485207&bg=!AQKlAk3NAAYkVgHwBFY7ADQBe5WfOJAMQ3NLPLCAc94IiWkN9RKqo5a4YLQ3kPp5xzKxTPDhnev0BOdM035GiS9VYSCbAgAAAIJSAAAACmgBBwoAaZkSjPbyYrCFDpudUGfTsDnHeg3LXk7DjRdpasfgmA-mZerwNzsPSXXwc5lOPxAfUWk0JVLrC_qsLfm30zvJ9zkfVu-_jddkSOQQMtRm_ExVvdaohsHi-R8Kg0GrTU0pmweOFajzbpgWLpkCqtkGeK57_W6FTQxkvhfVEv1oUVvW6Am3rFsl3YZnDzsaW--G2gekQxFFZFBSzwTRlsPVsg2nHW9gHTpQwflX3ejq_7dyO31i0nT1J2hQQVaZcm7HaxyIlZQHns6IJzAIXt7-j9Dh9x3-En928c3ap4By-Au22wfnb3F2EQ6Xosr2QnOSi41TGxDOQMuMv__qbMOOCYIZwRifODCLPgly-f9UpVWo7EMBFiFRRZzDJ3C6PdGCNwXxIlP3QbI_1x8k0Fc2bYkO857-OV1FOpgAPwjAV0rmhZny9doJvP-V9_e3qnx8MhVomTJwZqUIn_wSwOE-QQpHblxRP-1cVvdiZQ9xdF31OLndzSWXnviOPpIaLrDw6WhkH4qF1RNTg28YjerhF6zpAGFCKYYHcczWawuWtT-fr_Y-OJZQyHkXplc3W5km-c8ZFFpQMRIexctxHoEUWjQGsTBNCce64nhNlI9XPGMldjDoPlH0aHbTbd_P-tWJJABnG-62K_liGnw4QeEP0nvngjfusOHeAnHYe36Da6zpGNExiV02bO3cbMAGBl0jE0RUpaO2g84C5Nh2i3pbxdY7XLXdCuBx2nvgOK83WtMoOYaF5e79OH44eqyBu8eQT3xUxjrajygfim2FJv2VYopcKWkFZdb5XaHJnpvcoZqlXF1945GU_N94Jdkdko6XeSxvPS3E0Q2NU7YLCFZmfmn6jyga0f_TLy_JtbwOjnP33bw9y2YHlQAejsRYNXnBU5nzc0nJq62ZgI3J0BQamJoq7cpon_mhWRDN9BT7Y5ZV15kO1VVdxPfGW7irO5DtbLmDqgzw6_yTXmSH-Jh33ZXTOv2lEQZ2gOUNkxF6fStkxKsvJkKv8tMvf2GYYU8F6znvj_hvz_tCqJogi_e9FAMoPjwBnis
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers
1000x1300_004.jpg
img.fam-ad.com/img/admin/movie_ad/plusmate/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.fam-ad.com/img/admin/movie_ad/plusmate/1000x1300_004.jpg
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.68 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
d1a58a76b610781dcbf878176e702045d25c23409d7cb02c672e8ae751d121a2

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://buhitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 28 Aug 2023 18:51:21 GMT
Last-Modified
Wed, 04 Jan 2023 03:50:03 GMT
Server
Apache
ETag
"1318bc6-c1ca-5f168144c70c0"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
49610
1000x1300_004.mp4
img.fam-ad.com/img/admin/movie_ad/plusmate/ 		32 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://img.fam-ad.com/img/admin/movie_ad/plusmate/1000x1300_004.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.68 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://buhitter.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Range
bytes=0-

Response headers

Date
Mon, 28 Aug 2023 18:51:21 GMT
Last-Modified
Wed, 04 Jan 2023 03:50:03 GMT
Server
Apache
ETag
"1318bc7-5d335-5f168144c70c0"
Content-Type
video/mp4
Content-Range
bytes 0-381748/381749
Connection
close
Accept-Ranges
bytes
Content-Length
381749
1000x1300_004.mp4
img.fam-ad.com/img/admin/movie_ad/plusmate/ 		21 KB
21 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://img.fam-ad.com/img/admin/movie_ad/plusmate/1000x1300_004.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.68 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash
74ee1052dbfd4332ea5e1dbbbd14968d9bdca05c3b7801547d61647285934c6c

Request headers

Referer
https://buhitter.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Range
bytes=360448-

Response headers

Date
Mon, 28 Aug 2023 18:51:22 GMT
Last-Modified
Wed, 04 Jan 2023 03:50:03 GMT
Server
Apache
ETag
"1318bc7-5d335-5f168144c70c0"
Content-Type
video/mp4
Content-Range
bytes 360448-381748/381749
Connection
close
Accept-Ranges
bytes
Content-Length
21301
1000x1300_004.mp4
img.fam-ad.com/img/admin/movie_ad/plusmate/ 		341 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://img.fam-ad.com/img/admin/movie_ad/plusmate/1000x1300_004.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.210.188.68 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://buhitter.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Range
bytes=32768-

Response headers

Date
Mon, 28 Aug 2023 18:51:23 GMT
Last-Modified
Wed, 04 Jan 2023 03:50:03 GMT
Server
Apache
ETag
"1318bc7-5d335-5f168144c70c0"
Content-Type
video/mp4
Content-Range
bytes 32768-381748/381749
Connection
close
Accept-Ranges
bytes
Content-Length
348981

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| dataLayer object| adsbygoogle object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| _classCallCheck string| FAM8_TAG_URL number| HTTP_DEFAULT_PORT number| HTTPS_DEFAULT_PORT function| _possibleConstructorReturn function| _inherits function| fam8_js_async string| ADMAGE_JQUERY_URL object| Fam8Plugin function| fam8_js_sync function| fam8_js_ml_sync function| $ function| jQuery object| bootstrap object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
buhitter.com/ Name: PHPSESSID
Value: sf0fkc33j51thbknmrc0kfsis9
.buhitter.com/ Name: _ga_74YKYKK7PB
Value: GS1.1.1693248363.1.0.1693248363.0.0.0
.buhitter.com/ Name: _ga
Value: GA1.2.458247484.1693248363
.buhitter.com/ Name: _gid
Value: GA1.2.422359199.1693248364
.buhitter.com/ Name: _gat_UA-115935434-1
Value: 1
.buhitter.com/ Name: __gads
Value: ID=62286440d9dcd10f-22c67b955ede00c6:T=1693248363:RT=1693248363:S=ALNI_MbluznMdyhNIE-zr0Wn-Da_z4np4w
.buhitter.com/ Name: __gpi
Value: UID=00000c69ab0cbbda:T=1693248363:RT=1693248363:S=ALNI_MZO2MkBA6BPXe2hjWeVCqs-Oofnpg
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

2 Console Messages

Source Level URL
Text
javascript warning URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://fam-8.net/ad/js/pjs-1.0.3.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://fam-8.net/ad/js/pjs-1.0.3.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buhitter.com
code.jquery.com
fam-8.net
googleads.g.doubleclick.net
img.fam-ad.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
region1.google-analytics.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.no
www.googletagmanager.com
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2b
202.210.188.68
202.231.228.162
2606:2800:134:1a0d:1429:742:782:b6
2606:4700::6812:bcf
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2001
2a00:1450:4001:812::200e
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9d
35.201.192.156
001fca0c70a55362c8ae8e33ac675fe8e5054439537b10ae75de374cd5a68f07
007888d272c7f81cea3cb3d4b9b202cf16af7df92c2a5f3b1fee96bb80d25d89
04238178ee42d537cf6d693a01a116a443f6944c48e2062bb538fcacccf10814
07eff9d9f81261e700e6812c2a47f189153f25c1d5bbc8c78af811e4d567a10f
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09ccd3477cbf350fe4b3f8079b506e8196cb1e26194ad84577768f6309e17a7c
15b46655fc75fc8a9ad81a01ff29a0834947dcbe6a57c487fbea2ff244df828e
1ce890b1bfb464aa3e64141758deb02dda7f6f255d1743039ec585237e684cdc
2ac1d549c7d95a290ca499512fd9e0f85752e3f6d4c15c5c6a1a1fa656fa17dd
3486e75cbcec83fac64b744262840c0cf45746e11e15b158b652bc451c849ab7
363cbb3f3e164ad115025664da8e5376b8f2d400c28c996eeaeea60cdabe19fc
42795b45ac2186fafec12a53dbfa90a6e812829c99291fbd265b5889095f20c3
42e8636ad2334dd4ddde2f83c769c055ed5f5a97b67efe71aa3c5e5f1e880bf8
4bd55f89acdfd8dda416b2e6e81c302be408e8a03b9ff2f5b43f1262604cf395
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
5f42b5f912151ace72e80ed85d8f65aa2614d99b6f0acc4acaa22c7605219c1b
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65fd07f7d29bc6ee6a791bd8826dd6e98810f65494fb88dd416f1190cde31b91
695b496dc6e7182fcf717e7c1170cd645ad6bd36908468031420c11bcbfdac4a
7352c4bc8e2a276dae7dfbf4452410179066f43193fc09bb1b9a1018511c2d3b
74ee1052dbfd4332ea5e1dbbbd14968d9bdca05c3b7801547d61647285934c6c
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
84c64f89ff69e88fe3aca3c4e66033dd9c4f8303d4f6498daca6de0d0d700940
8ae7250a914cac69836da1cce6e1dfd7f8a2b37bd7717674bd3647011c75d271
9800e875ced34defb383527a33a124ecf27354ccedcc8ce1bd23eada3e11cf4e
9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
a51fc02279f0b0b7ef95c89d2a5f6b96d8ee32cd260ddfd3271beb0406b4c4a8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afed1604667af65fc17e3951212f7ba68e6856d63c3683b8e8b72d10a1c301e6
c0cb7d297605b3142c1b5fcbd4eb18e7f5c8715bb4d0d7a267c0a26b84a5d172
d12402b34933c940b02fdac22a9ae353d334e6e23b140aefdf0af739b5fb997f
d1a58a76b610781dcbf878176e702045d25c23409d7cb02c672e8ae751d121a2
db9303408aa5a1d62a874e8ddc5a18128b7223888d961abd0c95d937c0af2fe6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e013257163cd808f303e9052d64aaae842d175c39454ab0626fcf48ae97bca1a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d60016649c7c627e695c8311c94114c4cca847437e2d1dd80555fc824f42a3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3bcb642e4cf81fec77ce1e26c75d8c77b584f6628d851654583e9484051598f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d